Gathering Information Flashcards

Question

Which of the following statements concerning court records is MOST ACCURATE? A. In most countries, court records are not public records and require judicial authorization to access. B. In most countries, reliable court records are best obtained from the court in which the case was heard or tried. C. There are multiple databases that contain a comprehensive database of court documents from all court cases in every country. D. When searching for records for a particular court case, a fraud examiner needs only to search the central/federal court records, as they serve as a repository for all cases heard at all court levels.

Answer 1

B. In most countries, reliable court records are best obtained from the court in which the case was heard or tried. | See pages 3.609-3.611 in the Fraud Examiner's Manual ## Footnote A great deal of litigation occurs each year, and many people might be subject to judicial action, voluntarily or not. Court records are a common direct or indirect source of information for fraud examinations. Many jurisdictions allow fraud examiners to search court records, and there are also a variety of services that compile and search such records. To perform court records searches, fraud examiners need to be familiar with the structure of the jurisdiction’s court system. Many jurisdictions implement a tiered court structure in which minor offenses and causes of action (e.g., small claims) are held in one set of courts while more serious offenses or issues are held in another set. Similarly, a jurisdiction might have courts that are divided based on local/municipal, state/provincial, and central/federal levels of government. Court records are typically maintained by a clerk or administrative office of the court that heard the case. However, there might be an agency that maintains records from multiple court levels. Therefore, to conduct a thorough search of court records, fraud examiners might need to search at multiple court levels. It is rare for there to be a central public database that maintains all court records at every level of a jurisdiction, and there are no parties that maintain a comprehensive database of court records on a global basis (despite what some records merchants might claim).

Answer 2

C. Refuse to pay the cash without a receipt, even if it means the informant will not aid Spencer | See pages 3.520 in the Fraud Examiner's Manual ## Footnote If the fraud examiner decides to pay an informant or source, then they should make the payment in cash and obtain a receipt for documentation purposes. If the source will not sign a receipt, then the fraud examiner should not pay them. There have been numerous instances where a receipt was not obtained, so the informant subsequently denied receiving funds or challenged the amount paid. If this happens, the fraud examiner will have to defend themselves without proof; indeed, some investigators have been accused of embezzling the payments. Payments should only be made after the informant has delivered the information.

Answer 3

D. All of the above | See pages 3.920 in the Fraud Examiner's Manual ## Footnote To open a business account for a corporation, the opening party must provide a signature card, or similar document, and copies of corporate resolutions of the board of directors authorizing the opening of the bank account and naming the person who may authorize payments on the account. Also, the bank might require a copy of the company’s organizational or business filings (such as articles of incorporation). These documents should indicate who the company’s corporate officers are and the company’s date of incorporation.

Answer 4

A. Voter registration records | See pages 3.607-3.609 in the Fraud Examiner's Manual ## Footnote There are many public records often found at the local level that can help fraud examiners gather various types of information. To determine who owns a particular property, there might be direct information or leads found in the records of several agencies, including health and fire departments. Many local health or fire departments conduct routine inspections of businesses for health and safety code or fire code violations. These inspection records might contain valuable information about the business and its occupants, including its operations, employees, and owners. If a business or an individual constructs a new building or makes improvements to an existing building, there should be a building permit on file with the local building authority. In addition, before most businesses may begin conducting business, local agencies might require that they possess certain permits. In many cases, the person applying for permits will be the owner or someone traceable to the owner. Voter registration records are not public in all jurisdictions, but if they are available, they might contain useful information. Usually, much of the information contained in such records is withheld from the public for privacy purposes, but voter registration records might contain a person’s date of birth, mailing address, and political affiliation. However, this information is less likely than the other sources listed to identify the owner of a commercial building.

Answer 5

D. All of the above | See pages 3.933 in the Fraud Examiner's Manual ## Footnote If a fraud examination involves a loan with proceeds that have been disposed, the fraud examiner should trace the disposition of the loan’s proceeds. A fraud examiner can trace loan proceeds to determine if hidden accounts were used for loan payments or if the proceeds were deposited into hidden accounts. Also, because loans might be secured by hidden assets or co-signed by previously unknown cohorts, tracing loan proceeds can uncover hidden assets or unknown witnesses. Moreover, if the subject has taken out a loan for someone else, tracing the disposition of the loan proceeds will uncover those leads.

Answer 6

B. False | See pages 3.626 in the Fraud Examiner's Manual ## Footnote In the case of consumer (individual) credit records and personal data, a growing number of jurisdictions regulate how such information is collected and stored, as well as who may access this information and for what purpose. In many cases, the consumer must be notified and must consent to the use of the report. In jurisdictions that regulate credit information and personal data, a fraud examiner will generally need a legally acceptable reason for accessing such information from third parties. However, simply suspecting an individual of fraud is generally insufficient grounds for obtaining credit and personal data regarding the person from a reporting agency or data controller. The specific exceptions for allowing the processing and dissemination of credit and personal data vary, but some common circumstances include when: * The individual has given consent. * It is necessary for the extension of credit or to enter into a contract with the subject. * It is necessary to protect the subject’s vital interest. * It is necessary to comply with other legal requirements. * An employer is conducting a background check for hiring or other employment purposes. (Consent is still required in many jurisdictions.) * It is necessary to serve the public interest.

Answer 7

B. False | See pages 3.626 in the Fraud Examiner's Manual ## Footnote In the case of consumer (individual) credit records and personal data, a growing number of jurisdictions regulate how such information is collected and stored, as well as who may access this information and for what purpose. In many cases, the consumer must be notified and must consent to the use of the report. In jurisdictions that regulate credit information and personal data, a fraud examiner will generally need a legally acceptable reason for accessing such information from third parties. However, simply suspecting an individual of fraud is generally insufficient grounds for obtaining credit and personal data regarding the person from a reporting agency or data controller. Some jurisdictions provide an exception to this rule when a party is conducting a background check for employment purposes, but because the suspect in this case is not an employee of the investigating party, the exception would not apply.

Answer 8

C. Entrapment | See pages 3.505 in the Fraud Examiner's Manual ## Footnote Many jurisdictions recognize the legal defense of entrapment. Entrapment occurs when law enforcement officers or government agents induce a person to commit a crime that they are not previously disposed to commit. Entrapment also poses a legal problem in covert operations, particularly in undercover operations, because the defendant might not be found liable if it appears that they were improperly induced to commit the crime. Therefore, it is imperative that proper predication exists before the operation is commenced. The law enforcement officer or government agent must act based on more than mere suspicion. For example, if the officer received a reliable tip that a suspect committed fraud, then that could serve as proper predication. Covert operations must not be used for aimless searches for information performed without notions of what might be uncovered.

Answer 9

D. All of the above | See pages 3.958-3.959 in the Fraud Examiner's Manual ## Footnote Any type of asset can be hidden (e.g., real property, jewelry, stocks, bonds, vehicles, cash), and there are many techniques that a fraudster might use to hide ill-gotten gains. Some common techniques for hiding assets include transferring assets into foreign trusts, overpaying taxes, prepaying on a home mortgage, obtaining a life insurance policy, and transferring assets into someone else’s name.

Answer 10

D. All of the above | See pages 3.643-3.644 in the Fraud Examiner's Manual ## Footnote The main limitations of conducting searches for public records using online databases include: * Online availability of public records varies widely across jurisdictions, and therefore, there are many degrees of accessibility to public records between jurisdictions. * Online public records searches are limited in the area they cover. Therefore, when looking for information on a subject, fraud examiners often must search for public records in multiple jurisdictions. * Often, online public records are brief abstracts of the original public record. * The source of the information compiled in an online database must be reliable. * Fraud examiners must validate information retrieved from online databases to determine if it is accurate and up to date. * The public records compiled in an electronic format might cover only a limited period. * Online searches can be erratic in the information they return.

Answer 11

B. False | See pages 3.501 in the Fraud Examiner's Manual ## Footnote A covert operation is an investigation technique designed to obtain evidence by use of agents whose true intentions are not communicated to the target. Covert operations must be undertaken carefully. When considering a covert operation, fraud examiners must consider privacy laws, the potential cost of human and technological resources, any source or informant’s motivations and expectations regarding their participation, and the potential to alert suspects to the existence of an investigation. Therefore, fraud examiners should only resort to covert operations after conventional methods of gathering evidence have been exhausted and proven unsuccessful.

Answer 12

D. All of the above | See pages 3.640 in the Fraud Examiner's Manual ## Footnote The following is a list of tips and guidelines for searching the internet for information: * Use more than one search engine. Everyone has a favorite search engine, but relying on one search engine is insufficient because every search engine collects and catalogs information differently. * Be clear about what is being searched for. Define the search topic as clearly and succinctly as possible. * Use unique, specific keywords. Be specific when entering search terms. * Use nouns for keywords. * Use format terms (e.g., transcript, document, report, statistics, pdf, policy, dictionary) in addition to subject words. * Exclude articles (e.g., a, an, the) and pronouns (e.g., he, she, it, they) from search terms unless they are part of a key phrase. * Use correct spelling and include alternative spellings (e.g., colour OR color). * Use filters to focus searches. Filters tell search engines to screen out specified types of pages or files. * Check all the tips and features of any search engine to be used and utilize them. * Increase the number of results displayed per page. * Customize searches using advanced search operators, such as the minus (-) operator and quotation marks, to narrow the search results. * Search for phrases. Search for a sequence of words in a specific order, using quotation marks around the phrase. * Search for base words (do not include suffixes) to avoid excluding relevant pages. * Use metasearch engines if early searches are unsuccessful. * Set a time limit for searching, and when the set amount of time has elapsed, stop and try another method. * Use a browser's find feature to find a word or phrase on a web page and help navigate search results.

Answer 13

C. Websites without any links pointing to them | See pages 3.647-3.649 in the Fraud Examiner's Manual ## Footnote The deep web (also known as the invisible web) refers to web content that is not indexed by standard search engines. There are numerous reasons why the deep web exists. For instance, there are websites where web crawling programs cannot enter. Web crawlers are scripts that create copies of visited web pages that are indexed by a search engine to provide faster searches. These deep web resources include websites without any links pointing to them, certain file formats that search engines cannot handle, websites that have been blocked from web crawler access, password-protected websites, and information stored in databases. Also, search engines limit the depth of their crawl on a website. Moreover, web crawlers cannot crawl as quickly as pages are added or updated. Alternatively, the term internet archives refers to archived versions of web pages that have since been updated or are no longer available online. The most popular tool for searching the internet archives is the Wayback Machine, located at https://archive.org. The Wayback Machine allows users to see archived versions of web pages throughout time. Fraud examiners can use the Wayback Machine to find historical information, such as: * A photo posted on a website that has been removed * Content, views, writing, and opinions rescinded by an author * A company's old job ads, statements, affiliations, or product lines

Answer 14

D. All of the above | See pages 3.615 in the Fraud Examiner's Manual ## Footnote Real property records are extremely important, and in many jurisdictions, they are relatively easy to access and contain a vast amount of information. It is common for real property records to be found at the local level of government, but some jurisdictions might keep them at the national level of government or a centralized location. When an individual purchases real estate, they become a registrant in real property records, property tax records, and tax assessor records (if applicable).

Answer 15

D. The market value of any real property owned | See pages 3.926-3.927 in the Fraud Examiner's Manual ## Footnote The term electronic payments (or e-payments) refers to any type of noncash payment that does not involve a paper check. Electronic payment records can reveal: * Assets the subject has purchased * The locations of the subject’s assets (e.g., through the payment of real estate taxes, broker’s fees, or utility payments) * The locations of the subject’s residences and businesses (e.g., through analyzing the payments of utility bills) * Loans the subject has obtained (e.g., through analyzing loan payments) * Payments made to nonexistent employees with direct deposit * The cities and countries in which the subject conducts business (e.g., through analyzing the payments for carrier services to deliver packages) * Transfers of funds between individuals without an established business relationship * Assets ostensibly owned by family members or close associates but effectively controlled, held, or gifted by the subject * Hotel payments * The true owner of a property (e.g., through analyzing the mortgage payments and payments for homeowner's insurance)

Answer 16

B. A bankruptcy file typically contains the bankruptcy petition or filing document | See pages 3.614 in the Fraud Examiner's Manual ## Footnote Many jurisdictions provide bankruptcy records to the authorized parties or the general public. Bankruptcy proceedings generally occur in the jurisdiction in which the debtor resides. It is common for countries to have separate bankruptcy courts that handle most or all such cases. The information available in bankruptcy records varies, but common items include: * The bankruptcy petition or other type of filing document, which might include the subject’s government identification number; street address and primary place of business; location of principal assets of business; type of business; name of legal representative; estimated amount of assets; estimated number of creditors, liabilities, and employees; financial data; and a list of corporate shareholders * Claim documents by creditors listing the amounts that the debtor allegedly owes * A final accounting that shows which claims were paid * A descriptive list of the debtor’s property at the time of filing (real estate, personal property, investments, accounts receivables, etc.) * Filings that describe the debtor’s income and expenditures * The bankruptcy plan (Some jurisdictions allow bankrupt parties to reorganize businesses or participate in a debt reduction plan, as opposed to liquidating all assets.) * Details from a fraud examination if the bankrupt party was suspected of bankruptcy fraud

Answer 17

A. The thumbprint of the person opening the account | See pages 3.918-3.919 in the Fraud Examiner's Manual ## Footnote To open a personal account, an individual must provide a signature card, or similar document, evidencing a contract between the customer and bank. The signature card is a source of valuable information. Although its form varies, the card usually contains the person’s name, address, telephone number, identification number, amount of the opening deposit (and possibly the source of the opening deposit), and security data (e.g., mother’s maiden name). The person’s identification information might be significant, especially if the depositor used an alias. Also, a fraud examiner might be able to trace the opening deposit through the bank’s records to disclose a source of income. While a bank signature card evidencing a contract between the customer and bank contains several important pieces of identifying information, it typically does not contain the fingerprints of the account holder.

Answer 18

C. The asset method | See pages 3.943, 3.950, 3.953, 3.955 in the Fraud Examiner's Manual ## Footnote The asset method, the expenditures method, and the bank deposit analysis method can all be used to establish a subject’s sources of income using circumstantial proof. The asset method allows the fraud examiner to prove income circumstantially by showing that the subject’s assets for a given period exceed those that can be accounted for from known or admitted sources of income. Fraud examiners should use the asset method when it is suspected that the subject has accumulated wealth and acquired assets or paid down debts with illicit proceeds, which causes the subject’s net worth—the difference between a person’s assets and liabilities at a particular point in time—to increase from year to year. The expenditures method (also known as the sources and application of funds method) compares the suspect’s known expenditures and known sources of funds during a given period of time. That is, this analysis seeks to quantify the cost of the subject’s lifestyle and determine whether the subject’s reported income is sufficient to support their lifestyle. The expenditures method is best used when the subject spends illicit income on consumables (e.g., travel and entertainment) that would not cause an increase in net worth. The bank deposit analysis method of tracing illicit funds is recommended as a primary method of proof when most of the subject’s income is deposited and the accounting and business records of their company or employer are unavailable, withheld, incomplete, or maintained on a cash basis. The income correlation method is not a method of tracing illicit funds.

Answer 19

A. True | See pages 3.629 in the Fraud Examiner's Manual ## Footnote The simplest way to obtain relevant documents, such as bank records, is to request them. This usually works for fraud examiners representing large organizations that are important customers to the party with the information. Vendors and other customers of the company conducting the investigation might cooperate voluntarily if they have nothing to hide (or think that incriminating evidence cannot be found) and are anxious to maintain good relations with the company. A subject can consent to produce the records or execute a written consent for the fraud examiner to obtain such records from banks, credit agencies, or the taxing authority. If the business does not voluntarily provide the records, fraud examiners may pursue them through subpoenas and other legal processes.

Answer 20

B. The recipient's government identification number | See pages 3.924 in the Fraud Examiner's Manual ## Footnote The information contained on a wire transfer will generally include the following items: * The amount of the transfer * The date of the transfer * The purpose of the transfer * The name of the sender or originator * The routing number of the originating bank or financial institution * The identity of the designated beneficiary or receiver of the funds * The routing number of the recipient bank However, the government identification number for the recipient is not typically included in most wire transfer records.

Answer 21

D. All of the above | See pages 3.901 in the Fraud Examiner's Manual ## Footnote Often, Certified Fraud Examiners (CFEs) are tasked with tracing illicit transactions to assist: * A victim of fraud who wants a tracing search to facilitate the recovery of criminal proceeds * A potential plaintiff who wants a tracing search to determine if the potential defendant can pay a court-ordered sum if a judgment is ordered * A judgment creditor who needs to identify the judgment debtor’s assets

Answer 22

B. A process by which countries request and provide assistance in law enforcement matters | See pages 3.974-3.975 in the Fraud Examiner's Manual ## Footnote Mutual legal assistance (MLA) is a process by which countries request and provide assistance in law enforcement matters, such as gathering information, obtaining provisional remedies, and enforcing foreign orders and judgments. To obtain assistance from a foreign government, the government seeking assistance makes an MLA request. An MLA request is a written request to the government of a foreign country that is used to obtain assistance in law enforcement matters. Generally, MLA can be used to obtain assistance in matters such as conducting searches, gathering evidence, compelling sworn testimony and the production of documents, issuing search warrants, issuing subpoenas, serving process, exchanging affidavits, obtaining provisional remedies, and providing assistance in forfeiture proceedings.

Answer 23

B. The record of contents contained in the safe deposit box | See pages 3.937 in the Fraud Examiner's Manual ## Footnote Banks keep no record of safe deposit box contents and rarely know what the boxes contain, but generally, banks maintain the following related records: * Rental contract records * Access records and entry logs A safe deposit box’s rental contract records identify the renters, the person or people who have access to the box, their signatures, and the dates of the original agreements and later renewals. They also might contain other identifying information, including the name of the initiating bank officer. The officer’s name could be significant if the subject (who might have used an alias in renting the box) must be identified. Records showing access to the boxes vary from bank to bank, but they generally contain the signatures of the people entering the boxes and usually the dates and times of entry. The entry records are filed in box-number order. The frequency of entry and the times and dates of entries might be significant and correspond to the times and dates of deposits, withdrawals from other accounts, and the purchases and sales of securities or property. Of course, proper authorization must be obtained before the bank will turn over any such records.

Answer 24

D. All of the above | See pages 3.601 in the Fraud Examiner's Manual ## Footnote A large amount of information and documentary evidence can be gathered from external sources. External sources can be particularly crucial in helping investigators locate missing assets; locate witnesses and suspects; determine ownership in vendors, competitors, and other related parties; research the suspects' assets and financial condition; and document the suspects' lifestyle and background information. All this information will help an investigator build a case and will provide the basis for conducting interviews and obtaining confessions later in the investigation.

Answer 25

A. True | See pages 3.653 in the Fraud Examiner's Manual ## Footnote Generally, documentary evidence, including digital evidence, will not be admitted in a legal proceeding or not be given much weight unless it is established as authentic (i.e., the evidence is what it purports to be and is in the same condition as when it was seized). There are numerous techniques to authenticate information from social media. Often, authenticity can be established through the testimony of a witness who verifies that the exhibit at issue accurately reflects what they observed on the site, and typically, the witness is the party who collected the evidence. Consequently, fraud examiners who collect evidence from social media often become a form of eyewitness, and for this reason, fraud examiners must capture, download, and preserve any useful information as soon as they discover it. They must memorialize each step of the collection process, creating a record of what they see at any point in the investigation.

Answer 26

B. False | See pages 3.501 in the Fraud Examiner's Manual ## Footnote A covert operation is an investigation technique designed to obtain evidence by use of agents whose true intentions are not communicated to the target. Covert operations must be undertaken carefully. With proper planning and precautions, such operations can prove very beneficial to an investigation. However, mistakes made during a covert operation can cause irreparable damage to an investigation and result in physical harm to the investigator. Moreover, the investigator might incur reputational, financial, and legal consequences.

Answer 27

C. Signature card | See pages 3.918-3.919 in the Fraud Examiner's Manual ## Footnote To open a personal account, an individual must provide a signature card, or similar document, evidencing a contract between the customer and bank. The signature card is a source of valuable information. Although its form varies, the card usually contains the person’s name, address, telephone number, identification number, amount of the opening deposit (and possibly the source of the opening deposit), and security data (e.g., mother’s maiden name). The person’s identification information might be significant, especially if the depositor used an alias. Also, a fraud examiner might be able to trace the opening deposit through the bank’s records to disclose a source of income.

Answer 28

D. A property owner’s credit report | See pages 3.615-3.616 in the Fraud Examiner's Manual ## Footnote Real property records are extremely important, and in many jurisdictions, they are relatively easy to access and contain a vast amount of information. It is common for real property records to be found at the local level of government, but some jurisdictions might keep them at the national level of government or a centralized location. When an individual purchases real estate, they become a registrant in real property records, property tax records, and tax assessor records (if applicable). Most jurisdictions have a land registry office that maintains various information on real property and its owner(s). Both the level of government where these records are found and the information they contain will vary by jurisdiction, but the following information is often present: * Documents pertaining to real estate transactions—including deeds, grants, real estate transfers and mortgages, releases of mortgages, powers of attorney, and leases that have been acknowledged or approved * Mortgages on real property * Security interests or liens on property * Wills admitted to probate * Official bonds * Notices of mechanic’s liens * Transcripts of judgments that are made liens on real estate * Notices of attachment on real estate * Land cadastre (i.e., a registry of land surveys that specifically details each plot of real estate in an area and contains information about value, ownership rights, and other details) * Papers in connection with bankruptcy * Certified copies of decrees and judgments of courts of record * Other documents permitted by law to be recorded * Historical sale prices * Residences and addresses of the buyer and seller * Identity of the party financing the property if applicable * Improvements to a property A credit report involves a third party’s assessment of a person’s credit history and capacity to take out and repay debt; this information is not found in public property records.

Answer 29

A. Public records are valuable for obtaining background information on individuals. | See pages 3.602, 3.624 in the Fraud Examiner's Manual ## Footnote Public records are documents that a governmental agency is required to keep by law or that are necessary to discharge the duties imposed by law. Public records, which can generally be accessed by the public and are thus available to anyone who wishes to use them, can be useful to fraud examiners for numerous reasons. They can supply invaluable background information on entities, employees, suspects, and witnesses. They can also be used to corroborate or refute witness statements, help investigators track the flow of stolen money or other assets, and aid efforts to recover losses. Banking and health records are typically nonpublic information.

Answer 30

B. The officer acted based on a tip from a reliable source | See pages 3.505 in the Fraud Examiner's Manual ## Footnote Many jurisdictions recognize the legal defense of entrapment. Entrapment occurs when law enforcement officers or government agents induce a person to commit a crime that they are not previously disposed to commit. Entrapment also poses a legal problem in covert operations, particularly in undercover operations, because the defendant might not be found liable if it appears that they were improperly induced to commit the crime. Therefore, it is imperative that the operation be properly predicated. The law enforcement officer or government agent must act based on more than mere suspicion. For example, if the officer received a reliable tip that a suspect committed fraud, then that could serve as proper predication. Covert operations must not be used for aimless searches for information performed without notions of what might be uncovered.

Answer 31

B. The fraud examiner should use symbols to denote the source’s identity. | See pages 3.520 in the Fraud Examiner's Manual ## Footnote It is recommended that all contact with informants and sources be reported on a memorandum, but the confidential source or informant’s identity should not be included in the report. Instead of including the source or informant’s identity, the fraud examiner should use symbols to denote the source’s identity. It is further recommended that sources be preceded with an S, followed by a unique identifier. For example, source #1 would be "S-1," and source #2 would be "S-2." The symbols for informants would then be "I-1" and "I-2."

Answer 32

C. The complete books and records of the company | See pages 3.622 in the Fraud Examiner's Manual ## Footnote While jurisdictions treat the concept of securities differently, governments or self-regulatory bodies generally set rules for the issuing and trading of certain types of securities. Among the most common and important rules are disclosure requirements for companies with publicly traded securities. These rules are designed to make sure that investors are reasonably informed about stock that they purchase. Beyond helping investors, these disclosures are typically made public, and they can provide a wealth of information about the filing company, including its type of business, history, organizational structure, auditor, balance sheets, and income statements. Different securities regulators have varying disclosure requirements, but regulatory securities records might include the following information: * Corporate financial statements * Identification of officers and directors * Identification of significant owners (e.g., those with more than 10% of a business’s stock) * A description of the registrant’s properties and businesses * A description of the significant provisions of the security to be offered for sale and its relationship to the registrant’s other capital securities * Identification of events of interest to investors * Identification of accountants and attorneys * A history of the business The complete books and records of a company, however, are not available in securities records searches.

Answer 33

D. All of the above | See pages 3.504-3.505 in the Fraud Examiner's Manual ## Footnote Many jurisdictions have laws that impose restrictions on electronic audio or video recording that are generally based on individuals’ right to privacy. The factors determining the legality of electronic audio or video recordings might include one or more of the following: * The consenting party—For a recording of a private conversation to be permissible, most jurisdictions require consent from at least one of the parties involved in the conversation. Jurisdictions with higher standards of privacy might require the consent of multiple or, in some cases, all parties. Fraud examiners operating in jurisdictions that allow recordings in which there is only one consenting party will generally have more options available to them in terms of electronic recordings of video and/or audio in private or in public. * The setting—Restrictions on recording might depend on whether the conversation or interaction to be recorded occurs in public or in private. For example, a fraud examiner might be allowed to record a conversation between two unsuspecting individuals on a busy street corner but not a conversation between two unsuspecting individuals in one of their residences. Alternatively, a conversation between two people in one of their residences might be permissible if one party consented to the recording. Additionally, the legality of electronically recording the interaction might depend on whether it occurs in person, over the phone, or on the internet. * A combination of audio and video—In some jurisdictions, including the United States, fraud examiners might only be allowed to record audio or video of a public interaction between two or more unsuspecting parties but not audio and video.

Answer 34

A. The subject’s phone records | See pages 3.605, 3.624 in the Fraud Examiner's Manual ## Footnote Nonpublic records—financial or otherwise—might be needed to prove fraud or to provide leads in a fraud examination. Nonpublic records include information about a person or business considered to be private and confidential. Nonpublic records are not available to everyone, and because fraud examiners do not have an absolute right to see these personal records, obtaining access might be difficult or impossible. Some of the most valuable types of personal records include: * Banking records * Tax records * Credit records of individuals * Phone records * Credit card account records * Personal health care records * Internet service provider records

Answer 35

C. A surveillance operation | See pages 3.501 in the Fraud Examiner's Manual ## Footnote The two main forms of covert operations are undercover operations and surveillance operations. Undercover operations often use deception and disguise to obtain evidence directly from those involved in the illicit activity. Agents engaged in undercover operations actively attempt to elicit the desired information. In contrast, surveillance operations use observation to gather information about individuals suspected of misconduct. For example, a surveillance operation might involve observing a suspect from afar while they meet with a potential co-conspirator. Alternatively, the investigator might pose as the co-conspirator’s agent and engage the suspect in conversation to gather information; this would be an example of an undercover operation.

Answer 36

B. False | See pages 3.502 in the Fraud Examiner's Manual ## Footnote Before conducting a covert operation, it is essential that the basis for the operation be committed to writing, preferably in a memorandum. The memorandum should clearly state: * The information upon which the covert operation will be based * The information that is expected to be gained from the operation * The identities of suspects, if known * Operatives under the fraud examiner's care, custody, or control (confidential sources’ identities should not be disclosed, but such sources should be referred to with a symbol)

Answer 37

B. False | See pages 3.630 in the Fraud Examiner's Manual ## Footnote Broadly defined, pretexting is the act of impersonating someone else or making false or misleading statements to obtain, sell, or buy information about a person or organization. Under the broad definition, pretexting for nonfraudulent purposes is not always illegal, but it should be used with caution. For example, if a fraud examiner is trying to find a witness or a suspect, they might call the person’s relative and pretend to be an old friend who is requesting the individual’s phone number. This type of pretexting might be permissible. However, it is more often illegal to use pretexting to obtain certain types of information, such as financial records and phone history records.

Answer 38

A. True | See pages 3.504 in the Fraud Examiner's Manual ## Footnote For a recording of a private conversation to be permissible, most jurisdictions require consent from at least one of the parties involved in the conversation. Jurisdictions with higher standards of privacy might require the consent of multiple or, in some cases, all parties. Fraud examiners operating in jurisdictions that allow recordings in which there is only one consenting party will generally have more options available to them in terms of electronic recordings of video and/or audio in private or in public.

Answer 39

B. Income tax records | See pages 3.624, 3.656 in the Fraud Examiner's Manual ## Footnote Some of the searches useful in developing background information for employment purposes are listed below (where permitted by law): * Credit header searches are useful in confirming address and national identification number information. * Civil court records can be searched to determine if candidates are or have been involved in legal actions. * Criminal court records may be used to uncover past criminal problems. * Tax court liens can be searched to determine if candidates have been sued by tax authorities. * Aircraft mechanics, airmen, medical licenses, and other licenses are available to ensure that basic job requirements are met in the appropriate circumstance. * Consumer credit reports may be used for employee selection, retention, and promotion. * Bankruptcy filings, tax liens, and judgments may be used to identify adverse financial matters that can serve as potential motivators for fraud, defamation, and embezzlement. * Where a prospective or current employee's position requires them to drive a personally owned vehicle or an employer-owned vehicle, such activity might expose the employer to liability for damages; therefore, driving records must be checked in such circumstances. * A candidate’s prior education and employment can be verified by conducting education and employment verification searches. In most jurisdictions, income tax records are not public records and cannot be accessed for pre-employment purposes.

Answer 40

A. True | See pages 3.501 in the Fraud Examiner's Manual ## Footnote A covert operation is an investigation technique designed to obtain evidence by use of agents whose true intentions are not communicated to the target.

Answer 41

C. The fraudster’s bank records | See pages 3.912 in the Fraud Examiner's Manual ## Footnote Records obtained from financial institutions are perhaps the single most important financial source available to a fraud examiner for asset-tracing purposes. They can be used as evidence for fraud, as well as to: * Identify witnesses and other evidence. * Uncover criminal profits. * Identify criminal assets. * Locate assets that can be used to satisfy a judgment. * Identify locations where assets are stored. * Determine the lifestyle of an account holder. * Determine the financial health of an organization. * Determine the source of funds placed into an account. * Determine the use of the funds from an account.

Answer 42

A. The information from social media sites should be preserved so that it can be established as authentic if used in court. | See pages 3.653 in the Fraud Examiner's Manual ## Footnote Generally, documentary evidence, including digital evidence, will not be admitted in a legal proceeding or not be given much weight unless it is established as authentic (i.e., the evidence is what it purports to be and is in the same condition as when it was seized). There are numerous techniques to authenticate information from social media. Often, authenticity can be established through the testimony of a witness who verifies that the exhibit at issue accurately reflects what they observed on the site, and typically, the witness is the party who collected the evidence. Consequently, fraud examiners who collect evidence from social media often become a form of eyewitness, and for this reason, fraud examiners must capture, download, and preserve any useful information as soon as they discover it. They must memorialize each step of the collection process, creating a record of what they see at any point in the investigation.

Answer 43

A. Cryptographic addresses | See pages 3.962-3.963 in the Fraud Examiner's Manual ## Footnote A cryptocurrency is a type of digital currency that uses public or private key encryption in the currency’s creation and transfer. While cryptocurrency transactions can be difficult and complicated to trace, most cryptocurrencies rely on public blockchains that provide visibility into every transaction that takes place. A blockchain is a digital ledger, or database, of transactions that allows data to be distributed and stored on multiple computer systems at once. Although blockchain entries do not include direct identifying information, they do contain senders’ and recipients’ cryptographic addresses for each transaction. Therefore, by carefully examining blockchain data, fraud examiners can identify patterns that link certain users to criminal activity.

Answer 44

C. An undercover operation | See pages 3.501 in the Fraud Examiner's Manual ## Footnote The two main forms of covert operations are undercover operations and surveillance operations. Undercover operations often use deception and disguise to obtain evidence directly from those involved in the illicit activity. Agents engaged in undercover operations actively attempt to elicit the desired information. In contrast, surveillance operations use observation to gather information about individuals suspected of misconduct. For example, a surveillance operation might involve observing a suspect from afar while they meet with a potential co-conspirator. Alternatively, the investigator might pose as the co-conspirator’s agent and engage the suspect in conversation to gather information; this would be an example of an undercover operation.

Answer 45

B. False | See pages 3.958 in the Fraud Examiner's Manual ## Footnote Generally, asset hiders look to conceal their assets with financial products that have certain characteristics. Asset hiders want products that are difficult to trace or are untraceable. With such instruments, asset hiders can break or obscure links between the initial receipt of the assets and their final disposition. Also, asset hiders want products that are secure, accessible, and liquid.

Answer 46

A. The fraud examiner acted with proper predication. | See pages 3.505 in the Fraud Examiner's Manual ## Footnote Many jurisdictions recognize the legal defense of entrapment. Entrapment occurs when law enforcement officers or government agents induce a person to commit a crime that they are not previously disposed to commit. Entrapment also poses a legal problem in covert operations, particularly in undercover operations, because the defendant might not be found liable if it appears that they were improperly induced to commit the crime. Therefore, it is imperative that proper predication exists before the operation is commenced. The law enforcement officer or government agent must act based on more than mere suspicion. For example, if the officer received a reliable tip that a suspect committed fraud, then that could serve as proper predication. Covert operations must not be used for aimless searches for information performed without notions of what might be uncovered.

Answer 47

B. False | See pages 3.951 in the Fraud Examiner's Manual ## Footnote When computing a subject’s net worth, these issues should be considered: * All assets should be valued at their historical cost, not fair market value. Subsequent appreciation or depreciation of assets should be ignored. * The amount of funds available to the subject from legitimate sources should be estimated or computed generously. * The subject should be interviewed to identify all alleged sources of funds and to negate defenses that they might raise later.

Answer 48

D. All of the above | See pages 3.932-3.933 in the Fraud Examiner's Manual ## Footnote Generally, fraud examiners should look for loans with unusual repayments and trace them. Lump-sum payments, payments in odd amounts, accelerated payments, and large paydowns are unusual. These are all considered red flags indicating that an individual is seeking to conceal ill-gotten assets through a loan repayment, and loans with any such red flag should be investigated further.

Answer 49

C. Yes, because Alex may attempt to protect the whistleblower’s confidentiality but cannot guarantee it. | See pages 3.521 in the Fraud Examiner's Manual ## Footnote When dealing with a confidential informant, the fraud examiner cannot offer unqualified confidentiality. Therefore, any promises made to the informant should be qualified with the caveat that no absolute assurances of confidentiality can be given. The fraud examiner should explain to the informant that all possible steps will be taken to ensure complete confidentiality.

Answer 50

B. False | See pages 3.610-3.611 in the Fraud Examiner's Manual ## Footnote To perform court records searches, fraud examiners need to be familiar with the structure of a jurisdiction’s court system. Most jurisdictions implement a tiered court structure in which minor offenses and causes of action (e.g., small claims) are held in one set of courts while more serious offenses or issues are held in another set. Similarly, a jurisdiction might have courts that are divided based on local/municipal, state/provincial, and central/federal levels of government. Court records are typically maintained by a clerk or administrative office of the court that heard the case. However, there might be an agency that maintains records from multiple court levels. Therefore, to conduct a thorough search of court records, fraud examiners might need to search at multiple court levels. It is rare for there to be a central public database that maintains all court records at every level of a jurisdiction, and there are no parties that maintain a comprehensive database of court records on a global basis (despite what some records merchants might claim).

Answer 51

B. False | See pages 3.630 in the Fraud Examiner's Manual ## Footnote There are several ways to obtain nonpublic information. An organization may demand that a supplier, vendor, or agent turn over relevant documents as a condition of continued business. Taking this action is legal in appropriate circumstances. Of course, management and counsel should be consulted before such demands are made, particularly if the other party has a contractual relationship with the demanding organization. An audit clause allows parties that are engaged in a contract the right to access another party's books. Often, audit clauses are too narrow to provide useful information. However, if properly constructed, an audit clause can be a powerful method by which on-book information can be obtained.

Answer 52

B. Building a financial profile | See pages 3.901 in the Fraud Examiner's Manual ## Footnote Although the procedures performed during a tracing investigation vary depending on the circumstances, an actual investigation to trace transactions should generally involve the following elements: * Collect information. * Profile the subject (i.e., assemble the personal—financial and behavioral—profile). * Review information for leads and prioritize leads. * Trace the illicit transactions. * Evaluate recovery options.

Answer 53

A. The onion router (Tor) | See pages 3.647-3.648 in the Fraud Examiner's Manual ## Footnote Websites that are only accessible through specialized web browsers meant to anonymize the origins of user traffic make up the dark web. The most popular of these programs is Tor, although the Invisible Internet Project (I2P) has gained popularity in recent years. Tor is an acronym derived from “the onion router,” which is software that layers encrypted communications (like the layers of an onion) and offers increased anonymity to users. Tor hides where internet traffic originates, but it does not necessarily anonymize a user’s identity. Users’ communications are transmitted through various nodes in a distributed network of computers around the world, making it exceedingly difficult to determine who is requesting particular data from a website. It prevents someone who is monitoring the user’s internet traffic from knowing what sites the person visits and prevents the visited sites from learning the user’s location. Sites with a .onion address are designed to only be accessible by people using a Tor web browser.

Answer 54

D. All of the above | See pages 3.657 in the Fraud Examiner's Manual ## Footnote To locate people using online records, fraud examiners should adhere to three principles. First, when searching for an individual, the fraud examiner should obtain a past address of the subject, and search activities should begin with that information. Second, the fraud examiner should consider the cost effectiveness of the search activity and avoid ordering online searches that yield unnecessary or impractical information. Third, the fraud examiner should know the most powerful and useful types of searches.

Answer 55

C. The institution’s tax statements | See pages 3.926 in the Fraud Examiner's Manual ## Footnote Due to risks of illicit transactions, such as money laundering, most jurisdictions require financial institutions to obtain information from other financial institutions with which they maintain a foreign correspondent relationship. The information to be obtained might include the institution’s ownership details, the identities of agents authorized to conduct business on the institution’s behalf, the institution’s anti-money laundering (AML) and know-your-customer (KYC) processes, and the institution’s licenses or certifications. Fraud examiners might be able to obtain this information through court orders although some jurisdictions only require financial institutions to make foreign correspondent relationship records available to law enforcement agencies.

Answer 56

A. Transferring assets into another person’s name | See pages 3.958-3.959 in the Fraud Examiner's Manual ## Footnote Any type of asset can be hidden (e.g., real property, jewelry, stocks, bonds, vehicles, cash), and there are many techniques that a fraudster might use to hide ill-gotten gains. Some common techniques for hiding assets include transferring assets into foreign trusts, overpaying taxes, prepaying on a home mortgage, obtaining a life insurance policy, and transferring assets into someone else’s name.

Answer 57

B. False | See pages 3.962-3.963 in the Fraud Examiner's Manual ## Footnote Cryptocurrencies are stored and transmitted through digital wallets, which act as financial accounts that securely hold and organize a user’s payment information, passwords, and transaction history. Digital wallets are used to make and receive cryptocurrency payments. Many digital wallet providers now record identifying information about their clients that can be useful in tracing efforts. Due to money laundering risks associated with cryptocurrencies, most jurisdictions require cryptocurrency exchanges, digital wallet providers, and cryptocurrency automated teller machine (ATM) operators to comply with customer due diligence (CDD) or know-your-customer (KYC) regulations. These requirements generally involve recording personal information about clientele, such as name, date of birth, or address. If a subject’s digital wallet can be identified, the blockchain’s public ledger can usually be used to uncover associated transactions and trace the funds. However, fraud examiners must go through appropriate legal channels to obtain access to such information.

Answer 58

B. The dark web | See pages 3.647-3.648 in the Fraud Examiner's Manual ## Footnote Websites that are only accessible through specialized web browsers meant to anonymize the origins of user traffic make up the dark web. The most popular of these programs is Tor, although the Invisible Internet Project (I2P) has gained popularity in recent years. Tor is an acronym derived from “the onion router,” which is software that layers encrypted communications (like the layers of an onion) and offers increased anonymity to users. Tor hides where internet traffic originates, but it does not necessarily anonymize a user’s identity. Users’ communications are transmitted through various nodes in a distributed network of computers around the world, making it exceedingly difficult to determine who is requesting particular data from a website. It prevents someone who is monitoring the user’s internet traffic from knowing what sites the person visits and prevents the visited sites from learning the user’s location. Sites with a .onion address are designed to only be accessible by people using a Tor web browser.

Answer 59

A. True | See pages 3.626-3.627 in the Fraud Examiner's Manual ## Footnote In the case of consumer (individual) credit records and personal data, a growing number of jurisdictions regulate how such information is collected and stored, as well as who may access this information and for what purpose. In many cases, the consumer must be notified and must consent to the use of the report. Agencies that process and disseminate such information are called credit reporting agencies, data controllers, and similar names, depending on the jurisdiction. Information on a business organization's creditworthiness may also be obtained from credit reporting agencies. The responses for such searches might include payment trends from creditors, public records, banking information, and key facts as to the type of business and ownership. But unlike consumer credit information, business credit information is generally not subject to the same legal protections that individuals have.

Answer 60

D. Acme should register as a business entity in any foreign jurisdiction in which it wishes to conduct business. | See pages 3.618 in the Fraud Examiner's Manual ## Footnote Many jurisdictions, but not all, require corporations to register as foreign corporations if they wish to transact business in a jurisdiction that is different from the one in which they initially incorporated. A corporation would register as a foreign corporation in the foreign jurisdiction (i.e., not in the initial jurisdiction in which it was incorporated). For example, if a corporation that was chartered in Country A wishes to transact business in Country B, then it must create a business organization filing in Country B.

Answer 61

B. False | See pages 3.950, 3.953 in the Fraud Examiner's Manual ## Footnote The expenditures method (also known as the sources and application of funds method) compares the suspect’s known expenditures and known sources of funds during a given period of time. That is, this analysis seeks to quantify the cost of the subject’s lifestyle and determine whether the subject’s reported income is sufficient to support their lifestyle. The expenditures method is best used when the subject spends illicit income on consumables (e.g., travel and entertainment) that would not cause an increase in net worth. Identifying assets previously acquired, identifying current liabilities, and taking the difference between the two is the process involved in the asset method, not the expenditures method.

Answer 62

D. All of the above | See pages 3.622 in the Fraud Examiner's Manual ## Footnote While jurisdictions treat the concept of securities differently, governments or self-regulatory bodies generally set rules for the issuing and trading of certain types of securities. Among the most common and important rules are disclosure requirements for companies with publicly traded securities. These rules are designed to make sure that investors are reasonably informed about stock that they purchase. Beyond helping investors, these disclosures are typically made public, and they can provide a wealth of information about the filing company, including its type of business, history, organizational structure, auditor, balance sheets, and income statements. Different securities regulators have varying disclosure requirements, but regulatory securities records might include the following information: * Corporate financial statements * Identification of officers and directors * Identification of significant owners (e.g., those with more than 10% of a business’s stock) * A description of the registrant’s properties and businesses * A description of the significant provisions of the security to be offered for sale and its relationship to the registrant’s other capital securities * Identification of events of interest to investors * Identification of accountants and attorneys * A history of the business

Answer 63

A. True | See pages 3.935 in the Fraud Examiner's Manual ## Footnote Credit card records are important in tracing assets because they reveal a great deal of personal and business information about the account holder or cardholder. Credit card records show card purchasing limits, previous payment history, account balance, when and where the subject has traveled, restaurants frequented by the subject, and assets the subject has acquired. In short, these records show the movements and habits of the person to whom the records pertain.

Answer 64

D. All of the above | See pages 3.502 in the Fraud Examiner's Manual ## Footnote Before conducting a covert operation, it is essential that the basis for the operation be committed to writing, preferably in a memorandum. The memorandum should clearly state: * The information upon which the covert operation will be based * The information that is expected to be gained from the operation * The identities of suspects, if known * Operatives under the fraud examiner's care, custody, or control (confidential sources’ identities should not be disclosed, but such sources should be referred to with a symbol)

Answer 65

B. “Is the suspect guilty of the fraudulent act that they are being charged for?” | See pages 3.979 in the Fraud Examiner's Manual ## Footnote As an investigator or other nonlegal professional concerned with fraud detection and recovery, a fraud examiner must often be able to evaluate the potential for recovery. It is common for fraudsters to spend most, if not all, of their ill-gotten gains, leaving little to recover. Accordingly, the following questions should be considered before commencing a legal action: * Are there nonlegal recovery methods or remedies available? * Will the case be referred for criminal prosecution? * Do one or more defendants have sufficient property or money to satisfy a money judgment? * Can property be recovered from one or more defendants who are the subjects of a rescission, restitution, or forfeiture judgment? * Are pretrial attachment procedures available, and should they be invoked to protect and ensure the plaintiff’s ability to satisfy a money judgment at a later time? * Could the assets be protected against enforcement of a judgment?

Answer 66

D. The credit or loan file | See pages 3.932 in the Fraud Examiner's Manual ## Footnote Loan records can provide important information regarding a subject. When a bank makes a commercial loan to an individual, it requires detailed statements of assets and liabilities from the borrower, and these records will be contained in the loan records. The loan file also might include the results of credit inquiries regarding paying habits, loan amounts, and present unpaid balances. A bank credit department generally maintains the following basic records: * The credit or loan file—This file includes the customer's loan application, financial statements, and general economic history. * The liability ledger—This contains the customer’s past and present liability to the bank. These sheets also contain information such as the loan date, note number, amount of the loan, interest rate, due date, and payments. * The collateral file—This contains a complete description of the items pledged as security for loans. Records of such collateral can provide valuable information about a subject’s assets.

Answer 67

A. Personal telephone records | See pages 3.628 in the Fraud Examiner's Manual ## Footnote Generally, a person’s private phone lines, such as home phone and personal mobile devices, will be considered private. Therefore, to access the records for these lines, investigators will need consent from subjects, a warrant or subpoena, or another legal order.

Answer 68

C. The company’s business filings | See pages 3.605, 3.617, 3.624 in the Fraud Examiner's Manual ## Footnote Nonpublic records—financial or otherwise—might be needed to prove fraud or to provide leads in a fraud examination. Nonpublic records include information about a person or business considered to be private and confidential. Nonpublic records are not available to everyone, and because fraud examiners do not have an absolute right to see these personal records, obtaining access might be difficult or impossible. Generally, individuals do not willingly give their private records to a fraud examiner, and often, the authority of institutions to disclose nonpublic records is restricted by law. Some of the most valuable types of personal records include: * Banking records * Tax records * Credit records of individuals * Phone records * Credit card account records * Personal health care records * Internet service provider records Basic business organization—whether for businesses with a single owner or large corporations—is generally governed under the laws of the country in which the entity is organized. Most jurisdictions require business entities to file various types of records that contain information that might be useful in a fraud examination, and generally, such filings are available to the public.

Answer 69

A. True | See pages 3.629 in the Fraud Examiner's Manual ## Footnote A wronged organization may make a criminal referral so that records can be subpoenaed by the government or obtained by a legal order (e.g., a search warrant). Records obtained while executing a search warrant or similar legal order are usually only available to the government during the underlying investigation and perhaps thereafter if they are not disclosed at trial. In addition, law enforcement agencies may also subpoena records but, depending on the jurisdiction, might not disclose the contents of such records with the victim or third parties.

Answer 70

A. Content posted on a website that has been removed | See pages 3.647-3.649 in the Fraud Examiner's Manual ## Footnote The term internet archives refers to archived versions of web pages that have since been updated or are no longer available online. The most popular tool for searching the internet archives is the Wayback Machine, located at https://archive.org. The Wayback Machine allows users to see archived versions of web pages throughout time. Fraud examiners can use the Wayback Machine to find historical information, such as: * A photo posted on a website that has been removed * Content, views, writing, and opinions rescinded by an author * A company's old job ads, statements, affiliations, or product lines Alternatively, the deep web (also known as the invisible web) refers to web content that is not indexed by standard search engines. There are numerous reasons why the deep web exists. For instance, there are websites where web crawling programs cannot enter. Web crawlers are scripts that create copies of visited web pages that are indexed by a search engine to provide faster searches. These deep web resources include websites without any links pointing to them, certain file formats that search engines cannot handle, websites that have been blocked from web crawler access, password-protected websites, and information stored in databases. Also, search engines limit the depth of their crawl on a website. Moreover, web crawlers cannot crawl as quickly as pages are added or updated.

Answer 71

B. False | See pages 3.521-3.522 in the Fraud Examiner's Manual ## Footnote Whether working in private or government sectors, fraud examiners cannot offer unqualified confidentiality to informants. Therefore, any promises made to an informant or source should be qualified with the caveat that no absolute assurances of confidentiality can be given. For example, a fraud examiner might say that they cannot guarantee that the source's identity will be kept secret but that they will do so if possible. In the case of a fraud examiner who is employed by a governmental agency, there might be an absolute duty not to hold sources and informants in confidence. In many law enforcement agencies, an investigator may not have informants or sources who are unknown to the agency. Investigative agencies also regularly share information on criminal investigations with prosecutors, including the identity of the source of information. The same regulations and considerations could govern business entities.

Answer 72

B. False | See pages 3.606 in the Fraud Examiner's Manual ## Footnote The General Data Protection Regulation (GDPR) applies to organizations that are based in the European Union (EU) that collect or process the personal data of any person, regardless of where the person is located. The GDPR also applies to organizations that are not based in the EU if they collect or process the personal data of any person located in the EU for the purpose of: * Offering goods or services to the person, regardless of whether payment is required * Monitoring the person’s behavior Therefore, the GDPR applies to most companies that have customers in the EU even if the companies have no physical presence in the EU. The GDPR could limit the availability of personal information for fraud examiners whether they or their organization is collecting that information or attempting to access personal information collected and disclosed by other organizations.

Answer 73

D. All of the above | See pages 3.501 in the Fraud Examiner's Manual ## Footnote A covert operation is an investigation technique designed to obtain evidence by use of agents whose true intentions are not communicated to the target. Covert operations must be undertaken carefully. With proper planning and precautions, such operations can prove very beneficial to an investigation. However, mistakes made during a covert operation can cause irreparable damage to an investigation and result in physical harm to the investigator. Moreover, the investigator might incur reputational, financial, and legal consequences.

Answer 74

B. Foreign correspondent relationship | See pages 3.925-3.926 in the Fraud Examiner's Manual ## Footnote A correspondent banking relationship is generally defined as an arrangement in which one bank maintains a correspondent account at another bank for the purpose of settling transactions for itself or its customers. In other words, one financial institution has the authority to provide certain financial services on another institution’s behalf. A foreign correspondent relationship involves a correspondent banking relationship between foreign and domestic institutions.

Answer 75

D. All of the above | See pages 3.613-3.614 in the Fraud Examiner's Manual ## Footnote Some jurisdictions have separate probate courts to determine the dispersal of assets after a subject’s death. The probate court investigates to verify any debts owed by an individual’s estate and sees to the dispersal of assets after all debts are paid. Probate court records include documents filed to show the dispersal of assets after a subject’s death. The debts left in an individual’s estate will give the investigator information on the following: * Names of individuals with an interest in the deceased’s estate * The subject’s financial position at the time of death The dispersal of assets will reveal: * The names and addresses of heirs to the deceased * Some indication of the value of the property willed to them

Answer 76

B. Using circumstantial evidence to analyze the relationship between a suspect’s receipt and subsequent disposition of funds or assets | See pages 3.910 in the Fraud Examiner's Manual ## Footnote Generally, fraud examiners can trace illicit transactions using a direct method or an indirect method. An indirect method employs circumstantial evidence to analyze the relationship between a suspect’s receipt and subsequent disposition of funds or assets. In contrast, a direct method uses the subject’s books and records (or financial transaction records belonging to third parties) to analyze the relationship between a suspect’s receipt and subsequent disposition of funds or assets.

Answer 77

D. All of the above | See pages 3.963 in the Fraud Examiner's Manual ## Footnote Fraud examiners who believe a suspect might be hiding illicit proceeds through cryptocurrency ownership can potentially identify cryptocurrency assets held by subjects through analysis of bank statements that feature transactions involving cryptocurrency exchanges. Alternatively, statements made by investigation subjects on social media or in casual conversation with friends, family members, or colleagues could reveal ownership of cryptocurrency assets. Such statements can be discovered through open-source intelligence gathering or interviews. Fraud examiners might also be able to obtain information about cryptocurrency ownership or transactions through court orders targeting cryptocurrency exchanges, digital wallet providers, and cryptocurrency automated teller machine (ATM) operators.

Answer 78

D. Transparency | See pages 3.958 in the Fraud Examiner's Manual ## Footnote Generally, asset hiders look to conceal their assets with financial products that have certain characteristics. Asset hiders want products that are difficult to trace or are untraceable. With such instruments, asset hiders can break or obscure links between the initial receipt of the assets and their final disposition. Also, asset hiders want products that are secure, accessible, and liquid.

Answer 79

B. False | See pages 3.958 in the Fraud Examiner's Manual ## Footnote Generally, asset hiders look to conceal their assets with financial products that have certain characteristics. Asset hiders want products that are difficult to trace or are untraceable. With such instruments, asset hiders can break or obscure links between the initial receipt of the assets and their final disposition. Also, asset hiders want products that are secure, accessible, and liquid.

Answer 80

D. Madelyn could be liable for violating Chloe's privacy rights if she hacks or breaks into areas of the social media site Chloe has designated as private. | See pages 3.651 in the Fraud Examiner's Manual ## Footnote Social media sites might contain valuable information. Fraud examiners are free to search and extract information from a subject’s page if it is open to the public, but there are limitations to the information fraud examiners can access on a social media site due to privacy settings and anonymity. Many users set their privacy settings in a way that prevents anyone besides their friends, or users with whom they have connected on the site, from seeing their profile information, and this creates several issues of legal access and privacy rights. Accessing information that is set to private could result in claims under privacy laws. Thus, accessing information on social media sites that is restricted by privacy settings could result in liability for fraud examiners due to violation of users’ privacy rights. Privacy rights, however, vary between countries.

Answer 81

D. All of the above | See pages 3.607 in the Fraud Examiner's Manual ## Footnote The following information is generally available through a municipal or regional building inspector’s office: * Building permits showing the names of the applicants, the address of construction, the estimated costs, and the name of the builder or contractor * Blueprints and plans showing construction details that are often submitted with applications for building permits * Building inspectors’ reports containing information regarding compliance with construction specifications

Answer 82

B. Requesting the records from the bank and threatening to sue the bank president for impeding justice if the bank does not turn over the records | See pages 3.629-3.630 in the Fraud Examiner's Manual ## Footnote Fraud examiners might be able to obtain nonpublic records even if the subject does not volunteer the records. Subpoenas and other legal processes, such as depositions and document requests, are available if a civil or criminal action is filed. For example, a wronged organization may file a civil or administrative action or make a criminal referral so that records can be subpoenaed or obtained by a legal order (e.g., a search warrant). In a civil case, both private and public parties may obtain nonpublic records such as bank account, brokerage account, travel, credit card, credit agency, and telephone toll records by subpoena or other legal order. However, records obtained while executing a search warrant or similar legal order are usually only available to the government during the underlying investigation and perhaps thereafter if they are not disclosed at trial. In addition, law enforcement agencies may also subpoena records but, depending on the jurisdiction, might not disclose the contents of such records with the victim or third parties. In most jurisdictions, third-party organizations that maintain nonpublic records, such as banks and hospitals, are usually prohibited from revealing such records without express authorization from the subject or a legal order.

Answer 83

A. The expenditures method | See pages 3.953 in the Fraud Examiner's Manual ## Footnote The expenditures method (also known as the sources and application of funds method) compares the suspect’s known expenditures and known sources of funds during a given period of time. That is, this analysis seeks to quantify the cost of the subject’s lifestyle and determine whether the subject’s reported income is sufficient to support their lifestyle. The expenditures method is best used when the subject spends illicit income on consumables (e.g., travel and entertainment) that would not cause an increase in net worth.

Answer 84

A. True | See pages 3.963 in the Fraud Examiner's Manual ## Footnote Fraud examiners who believe a suspect might be hiding illicit proceeds through cryptocurrency ownership can potentially identify cryptocurrency assets held by subjects through analysis of bank statements that feature transactions involving cryptocurrency exchanges. Alternatively, statements made by investigation subjects on social media or in casual conversation with friends, family members, or colleagues could reveal ownership of cryptocurrency assets. Such statements can be discovered through open-source intelligence gathering or interviews. Fraud examiners might also be able to obtain information about cryptocurrency ownership or transactions through court orders targeting cryptocurrency exchanges, digital wallet providers, and cryptocurrency automated teller machine (ATM) operators.

Gathering Information Flashcards

(108 cards)