Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Prevention and Deterrence > FRAUD RISK ASSESSMENT > Flashcards

FRAUD RISK ASSESSMENT Flashcards

1
Q

factors that influence how at risk an organisation is to fraud

A
  • The business it is in
  • The environment in which it operates
  • The effectiveness of the internal controls within the business processes
  • The ethics and values of the company and the people within it
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Fraud Risk Assessment

A

a process aimed at proactively identifying and addressing an organisation’s vulnerabilities to internal and external fraud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Objective of a Fraud Risk Assessment

A

the objective of a fraud risk assessment is to help an organisation identify what makes it most vulnerable to fraud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Why Should Organisations Conduct Fraud Risk Assessments?

A

Improve Communication and Awareness About Fraud
Identify What Activities Are the Most Vulnerable to Fraud
Know Who Puts the Organisation at the Greatest Risk
Develop Plans to Mitigate Fraud Risk
Develop Techniques to Determine If Fraud Has Occurred in High-Risk Areas

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What Makes a Good Fraud Risk Assessment?

A

A good fraud risk assessment is one that fits within the culture of the organisation, is
sponsored and supported by the right people, encourages everyone to be open in his participation, and is generally embraced throughout the business as an important and valuable process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Engendered Trust

A

If the organisation and its employees do not trust the people leading and conducting the
fraud risk assessment, they will not be open and honest about the realities of the business, its culture, and its vulnerability to fraud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The Ability to Think the Unthinkable

A

A good fraud risk assessment has to allow for the people leading and conducting
the assessment to be expansive in their consideration and evaluation of fraud risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A Plan to Keep It Alive and Relevant

A

The organisation should strive to keep
the process alive and relevant through ongoing dialogue, active management of action plans, and development of procedures to ensure the assessment is maintained on a current basis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Considerations for Developing an Effective Fraud Risk Assessment

A

Packaging It Right
One Size Does Not Fit All
Keeping It Simple

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The goals of the preparation the Company for a Fraud Risk Assessment should be to:

A
  • Assemble the right team to lead and conduct the fraud risk assessment.
  • Determine the best techniques to use in conducting the fraud risk assessment.
  • Obtain the sponsor’s agreement on the work to be performed.
  • Educate the organisation and openly promote the process.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Techniques to Use to Conduct the Fraud Risk Assessment. Interviews

A

Interviews can be an effective way to conduct a candid one-on-one conversation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Techniques to Use to Conduct the Fraud Risk Assessment. Focus Groups

A

Focus groups enable the assessor to observe the interactions of employees as they discuss a question or issue.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Techniques to Use to Conduct the Fraud Risk Assessment. Surveys

A

Surveys can be anonymous or directly attributable to individuals. Sometimes people will share more openly when they feel protected behind a computer or paper questionnaire.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Techniques to Use to Conduct the Fraud Risk Assessment. Anonymous Feedback Mechanisms

A

In some organisations, anonymous suggestion boxes or similar mechanisms are used to encourage and solicit frequent employee feedback. Additionally, use
of an anonymous feedback mechanism can also be effective in an environment where people are less likely to be open and honest through other methods and techniques.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Obtain the Sponsor’s Agreement on the Work to be Performed

A

Before the fraud risk assessment procedures begin, the sponsor and the fraud risk assessment team need to agree on:
• The scope of work that will be performed
• The methods that will be used to conduct the work (e.g., surveys, interviews, focus
groups, anonymous feedback mechanisms)
• The individuals who will participate in the chosen methods
• The content of the chosen methods
• The form of output for the assessment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Educate the Organisation and Openly Promote the Process

A

The fraud risk assessment process should be visible and communicated throughout the business.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Sample Fraud Risk Assessment Framework #1

A
  1. Identify potential inherent fraud risks.
  2. Assess the likelihood of occurrence of the identified fraud risks.
  3. Assess the significance to the organisation of the fraud risks.
  4. Evaluate which people and departments are most likely to commit fraud and identify the methods they are likely to use.
  5. Identify and map existing preventive and detective controls to the relevant fraud risks.
  6. Evaluate whether the identified controls are operating effectively and efficiently.
  7. Identify and evaluate residual fraud risks resulting from ineffective or nonexistent
    controls.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Sample Fraud Risk Assessment Framework #1 Identify Potential Inherent Fraud Risks

A

Brainstorming should include discussions regarding the following areas:
• Incentive programs and how they may affect employees’ behaviour when conducting business or applying professional judgment
• Pressures on individuals to achieve performance or other targets and how such pressures may influence employees’ behaviour
• Opportunities to commit fraud that arise from weak internal controls, such as a lack of segregation of duties
• Management personnel within the organisation generally know the controls and standard operating procedures that are in place to prevent fraud.
• Individuals who are intent on committing fraud may use their knowledge of the
organisation’s controls to do it in a manner that will conceal their actions.

19
Q

Fraud risks can be classified into three major areas:

A

fraudulent financial reporting, asset

misappropriation, and corruption.

20
Q

Potential fraudulent financial reporting risks include:

A
  • Inappropriately reported revenues, expenses, or both
  • Inappropriately reflected balance sheet amounts, including reserves
  • Inappropriately improved or masked disclosures
  • Concealed misappropriation of assets
  • Concealed unauthorized receipts, expenditures, or both
  • Concealed unauthorized acquisition, disposition, or use of assets
21
Q

Potential asset misappropriation risks include misappropriation of:

A
  • Tangible assets
  • Intangible assets
  • Proprietary business opportunities
22
Q

Potential corruption risks include:

A
  • Payment of bribes or gratuities to companies, private individuals, or public officials
  • Receipt of bribes, kickbacks, or gratuities
  • Aiding and abetting of fraud by outside parties, such as customers or vendors
23
Q

Certain other types of risks that can affect or be affected by each of the major areas of fraud risks include

A

regulatory and legal misconduct, reputation risk, and risk to information
technology (IT)

24
Q

The likelihood of occurrence of each fraud risk can be classified as

A

remote, reasonably possible,

or probable

25
Q

The fraud risk assessment team should consider the following factors in assessing
the likelihood of occurrence of each fraud risk:

A
  • Past instances of the particular fraud occurring at the organisation
  • Prevalence of the fraud risk in the organisation’s industry
  • Internal controls environment of the organisation
  • Resources available to address fraud
  • Support of fraud prevention efforts by management
  • Ethical standards of the organisation
  • Number of individual transactions involved
  • Complexity of the fraud risk
  • Number of people involved in reviewing or approving a relevant process
  • Unexplained losses
  • Complaints by customers or vendors
  • Information from fraud surveys such as ACFE’s Report to the Nation on Occupational Fraud & Abuse
26
Q

The fraud risk assessment team should consider qualitative and quantitative factors when assessing the fraud risks to the organisation. The significance of each potential fraud can be classified as

A

immaterial, significant, or material.

27
Q

In assessing the significance of each fraud risk, the fraud risk assessment team should consider the following factors:

A
  • Financial statement and monetary significance
  • Financial condition of the organisation
  • Value of the threatened assets
  • Criticality of the threatened assets to the organisation
  • Revenue generated by the threatened assets
  • Significance to the organisation’s operations, brand value, and reputation
  • Criminal, civil, and regulatory liabilities
28
Q

Evaluate Which People and Departments Are Most Likely to Commit Fraud and
Identify the Methods They Are Likely to Use

A

In identifying potential fraud risks, the risk assessment team will have evaluated the
incentives and pressures on individuals and departments to commit fraud. The team should use the information gained in that process to identify the individuals and departments most likely to commit fraud and the methods they are likely to use

29
Q

Identify and Map Existing Preventive and Detective Controls to the Relevant
Fraud Risks

A

After identifying and assessing fraud risks for likelihood of occurrence and for significance,
the fraud risk assessment team should identify and map existing preventive and detective
controls to the relevant fraud risks.

30
Q

PREVENTIVE CONTROLS

A

• Bringing awareness to personnel throughout the organisation of the fraud risk
management program in place
• Performing background checks on employees
• Hiring competent personnel and providing them with anti-fraud training
• Conducting exit interviews
• Implementing policies and procedures
• Segregating duties
• Ensuring proper alignment between an individual’s authority and his level
of responsibility
• Reviewing third-party and related-party transactions

31
Q

DETECTIVE CONTROLS

A

• Establishing and marketing the presence of a confidential reporting system, such as a whistleblower hotline
• Implementing proactive fraud detection process controls, such as reconciliations,
independent reviews, physical inspections/counts, analysis, and audits
• Implementing proactive fraud detection procedures, such as data analysis, continuous auditing techniques, and other technology tools
• Performing surprise audits

32
Q

Evaluate Whether the Identified Controls Are Operating Effectively and Efficiently

A

Such an assessment requires:
• Review of the accounting policies and procedures in place
• Consideration of the risk of management’s override of controls
• Interviews with management and employees
• Observation of control activities
• Sample testing of controls compliance
• Review of previous audit reports
• Review of previous reports on fraud incidents, shrinkage, and unexplained shortages

33
Q

Identify and Evaluate Residual Fraud Risks Resulting from Ineffective or
Nonexistent Controls

A

Consideration of the internal control structure may reveal certain residual fraud risks, including management’s override of established controls that has not been adequately mitigated due to:
• Lack of appropriate prevention and detection controls
• Noncompliance with established prevention and control measures

These residual fraud risks should be evaluated by the fraud risk assessment team in the
development of the fraud risk response for likelihood and significance of occurrence.

34
Q

Sample Fraud Risk Assessment Framework #2—Fraud Risk Index

A

The following is a suggested framework that has two components: the Fraud Risk Index,
which looks at indicators of areas that put the organisation at risk for fraud, and the
Leadership Risk Profile, which examines the way business leaders operate to help determine
if they behave or conduct business in a way that can increase the company’s risk of fraud.

35
Q

Fraud Risk Index

A

The Fraud Risk Index is the overall assessment of fraud risk for the organisation based on three components:
• The Environmental Risk Index
• The Culture Quotient
• The Prevent/Detect Index

36
Q

Fraud Risk Index. THE ENVIRONMENTAL RISK INDEX

A

The Environmental Risk Index is an assessment of macro-level fraud risk indicators that can affect the organisation’s vulnerability to fraud. These include factors such as pressures on the business, the organisation’s system of internal controls, the tone at the top, and the overall
quality of the mechanisms that the company has in place to prevent and detect fraud.

37
Q

Fraud Risk Index. The Culture Quotient

A

he Culture Quotient is an assessment of how the organisation and its people behave or are perceived to behave. The Culture Quotient includes: Tolerance Index, Entitlement Index, Notification Index

38
Q

Tolerance Index

A

an assessment of the organisation’s tolerance for bad behaviour.

39
Q

Entitlement Index

A

an assessment that helps determine whether people in the company display or promote a sense of entitlement

40
Q

Notification Index

A

an assessment of how likely it is that employees will come forward
when they suspect something is wrong.

41
Q

Prevent/Detect Index

A

assesses the quality of the specific mechanisms that the organisation has in place to prevent or detect potential fraud, particularly those fraud schemes for which the company is at the greatest risk

42
Q

To calculate the Prevent/Detect Index

A

a standard, comprehensive population of fraud schemes, such as the ACFE Occupational Fraud Classification System, is used to evaluate each scheme that applies to the business and determine which schemes are the high-risk
schemes that the organisation should focus on. For those fraud schemes that apply to the company, an evaluation of each scheme should be performed to identify:
• The likelihood that the scheme could be perpetrated
• The significance of the fraud risk to the company
• Whether there are preventive or detective internal controls in place to moderate the risk to a sufficient level

43
Q

Leadership Risk Profile

A

The Leadership Risk Profile is developed to provide a macro-level organisational view of
which business leaders, if any, increase the organisation’s vulnerability to fraud through their:
• Leadership style
• Operating behaviours
• Decision-making practices

44
Q

As part of this evaluation, the team should consider any information that indicates unique pressures on or incentives for each leader that could increase the organisation’s fraud risk.
Such pressures and incentives can include, but are not limited to:

A
  • A significant amount of personal net worth invested in the company
  • A large portion of compensation tied to activities that the leader can manipulate (e.g., sales volumes or other business performance measures)
  • A pending divorce
  • Recent organisational changes that have either greatly expanded or reduced/eliminated the leader’s span of control
  • Living larger than life
  • Dependence on drugs or alcohol
  • Gambling problems

Prevention and Deterrence (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions