17 terms

Fraud Detection: Red Flags & Targeted Risk Assessment Ch.7


Terms in this set (...)

SAS #1
Management is responsible for adopting sound accounting policies and for establishing and maintaining internal control
Internal controls cannot prevent...
senior management override and collusion
Role of external auditor
is to provide reasonable assurance that the F/S are free from MATERIAL misstatements and attest to the fairness of managements representation of the financial info
8 steps in considering risk of fraud
1) staff discussion.

2) obtain info to identify risks.

3) identify risks.

4) assess identified risks.

5) respond to result of the risk assessment

6) evaluate audit evidence

7) communicate about fraud.

8) Document steps 1-7
Earnings Management
1) deliberate actions by management. to meet certain earning objectives generally for private gain.

2) if done in one period may lead to fraud the next period

3) does not have to be material to be fraud
Responsibility of Board Of Directors
oversee management
Audit Committee responsibilities
direct the internal auditor and the external auditor
Internal Auditors obligated to notify who
management or the BOARD OF DIRECTORS when the incidence of fraud has been established to a certain degree
Almost half of frauds are detected by
Behavioral Red Flags
Lifestyle changes like buying new cars, homes, boats, jewelry
Analytical Anomalies
1) unusual items, missing items, larger than usual items.

2) no pattern when you expect one.

3) round & even transaction amounts.

4) cash transactions instead of payments by check.
Accounting Anomalies
1) unusual activities that seem to violate normal expectations for the accounting system

2) irregular undocumented journal entries

3) missing documents

4) common names, addresses, or phone numbers of payees or customers indicate false customers
Targeted Fraud Risk Assessment should be able to answer questions such as:
1) How is the scheme perpetrated?

2)Where would I find the fraud or where might it be located?

3)What attributes are involved in the act?

4)How would the act be concealed?

5) What red flags would be generated if the scheme were perpetrated?
Steps to Targeted Fraud Risk Assessment
1. identify & understand firms operating environment and the pressure that exist.

2. identify business processes and consider.

differences in those processes in other branches
3. identify the "process owner" for each of the significant processes

4. review past fraud experience within the company

5. identify how fraud might occur in each process & each location

6 .identify parties with ability to commit the fraud

7. evaluate likelihood that each of the frauds occurring without considerations of controls

8. determine existence of "Residual Fraud Risk"

9. investigat potential fraud manifestations within each process that "Residual Fraud Risk" exists

10. fix fraud risk schemes by designing control activities to mitigate the unmitigated fraud scheme risk
computer-aiding auditing tools and techniques.
What are CAATTs used for?
date extraction and analysis
Data mining
allow for a large amount of data to be evaluated quickly for symptoms of fraud and provide evidence of the fraud act or concealment of the fraud