Fraud Prevention / Deterrence

Question 1

The two whistleblower protections established by SOX

Answer 1

• Establishes civil liability for retaliation against a whistleblower at a publicly traded company
• Establishes criminal sanctions for retaliating when the whistleblower provides information regarding an alleged federal offense to a law enforcement officer

Question 2

The four items that must be addressed in an internal control report within a Company’s annual report

Answer 2

1- A statement that management is responsible for establishing and maintaining adequate internal control over financial reporting (ICOFR)

2- A statement identifying the framework used by management in performing the assessment of the effectiveness of ICOFR

3- Management’s assessment of the effectiveness of the company’s ICOFR

4- A statement that the independent auditor has issued an attestation report on the effectiveness of the company’s ICOFR

Question 3

The five fraud risk management principles described in Fraud Risk Management Guide

Answer 3

1- risk governance [establish communicate program]
2- risk assessment [identify specific schemes/risks]
3- control activities
4- investigation and corrective action
5- risk management monitoring [ongoing evaluations]

Question 4

Government Accountability Office’s (GAO) Yellow Book standards apply to which types of engagements?

Answer 4

Standards provide guidance to auditors of government entities and entities that receive government awards.

Question 5

The Social Control Theory

Answer 5

States that the more important that social relationships are to a person, the less likely it is that the person will commit crimes

eg, “what will my mom think if she finds out?”

Question 6

The three key objectives of a Fraud Risk Management Program

Answer 6

1- Prevent fraud (assess risks, remediate risks)
2- Detect fraud (identify occurrences and limit damage)
3- Respond to identified fraud (punish perp, rebuild stakeholder confidence)

Question 7

To condone

Answer 7

To accept, allow or approve of

Question 8

Who derived the Fraud Triangle hypothesis?

Answer 8

Donald Cressey

Question 9

What’s the most effective way to assess an organization’s corporate culture?

Answer 9

It’s outcome (not checklist items)

Question 10

Enterprise Risk Management

Answer 10

the culture, capabilities, and practices, integrated with strategy-setting and its performance, that organizations rely on to manage risk in creating, preserving, and realizing value

Question 11

The two types of anti-fraud controls

Answer 11

1- preventative (eg, separation of duties, hiring policies)

2- detective (eg, continuous auditing, hotline)

Question 12

Punishment

Answer 12

a behavioral response that involves withdrawing a positive stimulus or applying a negative stimulus in response to an undesired behavior

Question 13

The three categories of objectives for an internal control system According to the Committee of Sponsoring Organizations of the Treadway Commission (COSO)

Answer 13

1- Operations ( effectiveness and efficiency of the organization’s operations)
2- Reporting (reporting of financial and nonfinancial information to internal and external parties)
3- Compliance ( adherence to the laws and regulations)

Question 14

Differential Reinforcement Theory

Answer 14

States that people learn social behavior by operant conditioning

Behavior is reinforced when positive rewards are gained (positive reinforcement) or punishment is avoided (negative reinforcement). It is weakened by negative stimuli (punishment) and loss of reward (negative punishment)

Question 15

Most experts agree that it is much easier to ___ fraud than it is to ___ it.

Answer 15

Easier to PREVENT fraud than it is to DETECT it

Question 16

In an ideal situation, the ideal sponsor of a fraud risk assessment would be…..

Answer 16

an independent board director or audit committee member

-want someone senior enough to command respect and will have a commitment to learning the truth about the company is vulnerable

Question 17

Who holds holds the primary responsibility for designing, implementing, monitoring, and improving the fraud risk management program?

Answer 17

Senior management

-the board is responsible for developing the organization’s fraud risk management strategy

Question 18

Inherent risks

Answer 18

Risks that are present before the effect of internal controls

Question 19

Residual risks

Answer 19

risks that remain after the effect of internal controls

Question 20

Cressey’s two components of the perceived opportunity to commit fraud

Answer 20

1- General information about how the company might be defrauded

2- technical skill needed to commit the violation

Question 21

Under SOX, what does the “independence” of audit committee members mean?

Answer 21

1- that they receive fees only for their service on the board and cannot be paid by the company for any other consulting or advisory work

2- no “affiliation” with the company, meaning that they are not an executive or owner of over 10% of voting stock

Question 22

According to Fraud Risk Management Guide, a joint publication by COSO and the ACFE, who has responsibility for managing fraud risk?

Answer 22

Personnel at all levels of the organization

Question 23

“Avoiding the risk”

Answer 23

when, in a fraud risk assessment, management decides to discontinue an activity because the control measures required to protect the organization against the identified threat are too expensive

Question 24

Under USSG, how much can a corporate policy towards fraud impact the culpability of a base fine?

Answer 24

If bad, can increase by as much as 400%

if good, can decrease by as much as 95%

Question 25

According to criminologist Charles McCaghy, _____________ is the single most compelling factor behind deviance by organizations.

Answer 25

profit pressure

Question 26

What was the purpose of establishing the Treadway Commission?

Answer 26

to define the responsibility of the auditor in preventing and detecting fraud.

Question 27

White-collar defendants are ___ likely to insist on a trial than other offenders.

Answer 27

More Not as much of a need to plead guilty, avoiding the expense and effort of a trial.

Question 28

The Private Securities Litigation Reform Act

Answer 28

Sets forth responsibilities for independent auditors of public companies Requires procedures designed to provide reasonable assurance of detecting illegal acts that would have a direct and material effect on the determination of financial statement amounts.

Question 29

Basis for Diane Vaughan's fraud theories

Answer 29

that organizations can be criminogenic because they encourage loyalty.

Question 30

the three legs of Cressey's fraud triangle

Answer 30

1- perceived non-sharable financial need 2- perceived opportunity 3- rationalization

Question 31

The standards for a response to an indicator of fraud for the auditor in a government performance audit

Answer 31

Deemed significant -> extend audit steps to determine if fraud is likely to have occurred Deemed significant AND likely to have occurred -> extend audit steps to determine effect on audit findings Deemed insignificant -> perform additional work as a separate engagement or refer matter to authorities

Question 32

The three effective responses for addressing the risk of material misstatement due to fraud during a financial statement audit

Answer 32

Assigning specialists to assist regarding a particularly technical issues Using differing sampling methods when collecting data for audit testing Implementing auditing procedures on an unannounced basis

Question 33

The 4 principles involved in the risk assessment process, as laid out by the Committee of Sponsoring Organizations of the Treadway Commission

Answer 33

C-Clear objectives R- Risk identification to achieving objectives A- Assessing impact of changes on internal controls P- potential for fraud

Question 34

The 5 interrelated components of a company's internal control system, as laid out by the Treadway Commission

Answer 34

``` M- Monitoring A- Activities (for controls) R -Risk Assessment I- Information and communication E- Environment (for controls) ```

Question 35

The 5 components of the enterprise risk management (ERM) framework under the Treadway Commission

Answer 35

Goal - come to "GRIPS" with the org risk portfolio ``` G- governance/ culture R- review/ revision I - information/communication P- performance S - strategy/ objective setting ```

Question 36

Crimogenic

Answer 36

prone to committing crime

Question 37

The two primary strategies to control corporate criminal behavior

Answer 37

Compliance - stop violations before they can occur | Detection - detect and punish violations

Question 38

According to Dr. Steve Albrecht's Fraud Scale model, the variables that drive the occurrence of occupational fraud include

Answer 38

P- personal integrity O -opportunities S -situational pressures

Question 39

The theory of differential association

Answer 39

states that criminal behavior is learned and acquired through participation with intimate personal groups

Question 40

The 4 core principles of sound corporate governance

Answer 40

F- Fairness A- accountability R- responsibility T- transparency