Chapter 12—Business Ethics, Fraud, and Fraud Detection

TRUE/FALSE

1. The ethical principle of justice asserts that the benefits of the decision should be
distributed fairly to those who share the risks.

ANS: T PTS: 1

2. The ethical principle of informed consent suggests that the decision should be
implemented so as to minimize all of the risks and to avoid any unnecessary risks.

ANS: F PTS: 1

3. Employees should be made aware of the firm’s commitment to ethics.

ANS: T PTS: 1

4. Business ethics is the analysis of the nature and social impact of computer technology,
and the corresponding formulation and justification of policies for the ethical use of such technology.

ANS: F PTS: 1

5. Para computer ethics is the exposure to stories and reports found in the popular media
regarding the good or bad ramifications of computer technology.

ANS: F PTS: 1

6. Computer programs are intellectual property.

ANS: T PTS: 1

7. Copyright laws and computer industry standards have been developed jointly and
rarely conflict.

ANS: F PTS: 1

8. Business bankruptcy cases always involve fraudulent behavior.

ANS: F PTS: 1

9. Defalcation is another word for financial fraud.

ANS: T PTS: 1

10. The trend toward distributed data processing increases the exposure to fraud from
remote locations.

ANS: T PTS: 1

11. Of the three fraud factors (situational pressure, ethics, and opportunity), situational
pressure is the  factor that actually facilitates the act.
 ANS: F PTS: 1

12. Ethical issues and legal issues are essentially the same.

ANS: F PTS: 1

13. Internal control systems are recommended but not required to prevent fraud.

ANS: F PTS: 1

14. Collusion among employees in the commission of a fraud is difficult to prevent but
easy to detect.

ANS: F PTS: 1

15. Database management fraud includes altering, updating, and deleting an

organization’s data.

ANS: F PTS: 1

16. The fraud triangle represents a geographic area in Southeast Asia where international
fraud is prevalent.

ANS: F PTS: 1

17. Situational pressure includes personal or job related stresses that could coerce an
individual to act dishonestly.

ANS: T PTS: 1

18. Opportunity involves direct access to assets and/or access to information that controls
assets.

ANS: T PTS: 1

19. Cash larceny involves stealing cash from an organization before it is recorded on the organiza-
tion’s books and records.

ANS: F PTS: 1

20. Skimming involves stealing cash from an organization after it is recorded on the organization’s
books and records

ANS: F PTS: 1

21. The most common access point for perpetrating computer fraud is at the data collection stage.

ANS: T PTS: 1
22. Changing the Hours Worked field in an otherwise legitimate payroll transaction to increase the
amount of the paycheck is an example of data collection fraud.

ANS: T PTS: 1

23. Scavenging is a form of fraud in which the perpetrator uses a computer program to search for
key terms in a database and then steal the data.

ANS: F PTS: 1

24. The objective of SAS 99 is to seamlessly blend the auditor’s consideration of fraud
into all phases of the audit process.

ANS: T PTS: 1

MULTIPLE CHOICE

1. Which ethical principle states that the benefit from a decision must outweigh the risks,
and that there is no alternative decision that provides the same or greater benefit with less risk?
a. minimize risk
b. justice
c. informed consent
d. proportionality
ANS: D PTS: 1

2. Individuals who acquire some level of skill and knowledge in the field of computer
ethics are involved in which level of computer ethics?
a. para computer ethics
b. pop computer ethics
c. theoretical computer ethics
d. practical computer ethics
ANS: A PTS: 1

3. All of the following are factors in the fraud triangle except

a. Ethical behavior of an individual
b. Pressure exerted on an individual at home and job related
c. Materiality of the assets
d. Opportunity to gain access to assets
ANS: C PTS: 1

4. Which characteristic is not associated with software as intellectual property?

a. uniqueness of the product
b. possibility of exact replication
c. automated monitoring to detect intruders
 d. ease of dissemination
ANS: C PTS: 1

5. For an action to be called fraudulent, all of the following conditions are required
except
a. poor judgment
b. false representation
c. intent to deceive
d. injury or loss
ANS: A PTS: 1

6. One characteristic of employee fraud is that the fraud

a. is perpetrated at a level to which internal controls do not apply
b. involves misstating financial statements
c. involves the direct conversion of cash or other assets to the employee’s personal benefit
d. involves misappropriating assets in a series of complex transactions involving third parties
ANS: C PTS: 1

7. Forces which may permit fraud to occur do not include

a. a gambling addiction
b. lack of segregation of duties
c. centralized decision making environment
d. questionable integrity of employees
ANS: C PTS: 1

8. Which of the following best describes lapping?

a. applying cash receipts to a different customer’s account in an attempt to conceal previous
thefts of funds
b. inflating bank balances by transferring money among different bank accounts
c. expensing an asset that has been stolen
d. creating a false transaction
ANS: A PTS: 1

9. Skimming involves
a. stealing  cash  from  an  organiza1on  before  it  is  recorded
b. Stealing  cash  from  an  organiza1on  a5er  it  has  been  recorded  
c. manufacturing  false  purchase  orders,  receiving  reports,  and  invoices
d. A clerk pays a vendor twice for the same products and cashes the reimbursement check
issued by the vendor.

ANS: A PTS: 1

10. Which of the following controls would best prevent the lapping of accounts
receivable?

a. Segregate duties so that the clerk responsible for recording in the accounts receivable
subsidiary ledger has no access to the general ledger.
b. Request that customers review their monthly statements and report any unrecorded
cash payments.
c. Require customers to send payments directly to the company’s bank.
d. Request that customers make the check payable to the company.
ANS: C PTS: 1

11. In balancing the risks and benefits that are part of every ethical decision, managers
receive guidance from each of the following except
a. justice
b. self interest
c. risk minimization
d. proportionality
ANS: B PTS: 1

12. Cash larceny involves

a. stealing  cash  from  an  organiza1on  before  it  is  recorded
b. Stealing  cash  from  an  organiza1on  a5er  it  has  been  recorded  
c. manufacturing  false  purchase  orders,  receiving  reports,  and  invoices
d. A clerk pays a vendor twice for the same products and cashes the reimbursement check
issued by the vendor.

ANS: B PTS: 1

13. Employee fraud involves three steps. Of the following, which is not involved?
a. concealing the crime to avoid detection
b. stealing something of value
c. misstating financial statements
d. converting the asset to a usable form
ANS: C PTS: 1

14. What fraud scheme is similar to the “borrowing from Peter to pay Paul” scheme?

a. expense account fraud

b. kiting
c. lapping
d. transaction fraud
ANS: C PTS: 1

15. A shell company fraud involves

a. stealing  cash  from  an  organiza1on  before  it  is  recorded
b. Stealing  cash  from  an  organiza1on  a5er  it  has  been  recorded  
c. manufacturing  false  purchase  orders,  receiving  reports,  and  invoices
d. A clerk pays a vendor twice for the same products and cashes the reimbursement check
issued by the vendor.

ANS: C PTS: 1

16. When certain customers made cash payments to reduce their accounts receivable, the
bookkeeper embezzled the cash and wrote off the accounts as uncollectible. Which control procedure
would most likely prevent this irregularity?
a. segregation of duties
 b. accounting records
c. accounting system
d. access controls
ANS: A PTS: 1

17. Business ethics involves

a. how managers decide on what is right in conducting business
b. how managers achieve what they decide is right for the business
c. both a and b
d. none of the above
ANS: C PTS: 1

18. All of the following are conditions for fraud except

a. false representation
b. injury or loss
c. intent
d. material reliance
ANS: D PTS: 1

19. The four principal types of fraud include all of the following except
a. bribery
b. gratuities
c. conflict of interest
d. economic extortion
ANS: B PTS: 1

20. Which of the following is not an issue to be addressed in a business code of ethics
required by the SEC?
a. Conflicts of interest
b. Full and Fair Disclosures
c. Legal Compliance
d. Internal Reporting of Code Violations
e. All of the above are issues to be addressed
ANS: E PTS: 1

21. Operations fraud includes

a. altering program logic to cause the application to process data incorrectly
b. misusing the firm’s computer resources
c. destroying or corrupting a program’s logic using a computer virus
d. creating illegal programs that can access data files to alter, delete, or insert values
ANS: B PTS: 1
22. Computer fraud can take on many forms, including each of the following except
a. theft or illegal use of computer-readable information
b. theft, misuse, or misappropriation of computer equipment
c. theft, misuse, or misappropriation of assets by altering computer-readable records and files
d. theft, misuse, or misappropriation of printer supplies
ANS: D PTS: 1

23. What does the underlying assumption of reasonable assurance regarding implementation of
internal control mean?
a. Auditor’s are reasonably assured that fraud has not occurred in the period.
b. Auditor’s are reasonably assured that employee carelessness can weaken an internal control
structure.
c. Implementation of the control procedure should not have a significant adverse effect on
efficiency or profitability.
d. Management assertions about control effectiveness should provide auditors with reasonable

assurance.

ANS: C PTS: 1

24. The importance to the accounting profession of the Sarbanes-Oxley Act of 2002 is that
a. bribery will be eliminated.
b. management will not be able to override the company’s internal controls.
c. firms are required to have an effective internal control system.
d. firms will not be exposed to lawsuits.
SHORT ANSWER

1. What are the main issues to be addressed in a business code of ethics required by the
SEC?

ANS:
Conflicts of interest, Full and Fair Disclosures, Legal Compliance, Internal Reporting of Code
Violations, Accountability

PTS: 1

2. What are the five conditions necessary for an act to be considered fraudulent?

ANS:
false representation, material fact, intent, justifiable reliance, and injury or loss

PTS: 1

3. What is the objective of SAS 99?

ANS:
The objective of SAS 99 is to seamlessly blend the auditor’s consideration of fraud into all phases of
the audit process.

PTS: 1

4. Distinguish between exposure and risk.

ANS:
Exposure is the absence or weakness of a control which increases the firm’s risk of financial loss or
injury. Risk is the probability of incurring such a loss or injury.

PTS: 1

5. Explain the characteristics of management fraud.

ANS:
Management fraud typically occurs at levels above where the internal control system is effective.
Financial statements are frequently modified to make the firm appear more healthy than it actually is.
If any misappropriation of assets occurs, it is usually well hidden.

PTS: 1

6. __________________________ are intentional mistakes while

__________________________ are unintentional mistakes.

ANS:
Irregularities, Errors
PTS: 1

7. The text discusses many questions about personal traits of executives which might
help uncover fraudulent activity. What are three?

ANS:
executives: with high personal debt, living beyond their means, engaged in habitual gambling, appear
to abuse alcohol or drugs, appear to lack personal codes of ethics, appear to be unstable, close
associations with suppliers

PTS: 1

8. Give two examples of employee fraud and explain how the theft might occur.

ANS:
Charges to expense accounts: Cash could be stolen and charged to a miscellaneous expense account.
Once the account is closed, detection would be more difficult.

Lapping: This involves converting cash receipts to personal use. If a customer’s check is taken, his/her
balance will not reflect a payment and will be detected when a statement is sent. In order to conceal
this fraud, a later payment is used to cover the stolen check. This is in effect a small scale Ponzi
scheme.

PTS: 1

9. What are the six broad classes of physical control activities defined by SAS
78?

ANS:
Transaction authorization, segregation of duties, supervision, access controls, accounting records,
independent verification

PTS: 1

10. Explain the pass through fraud.

ANS:
The perpetrator creates a false vendor and issues purchases orders to it for inventory or
supplies. The false vendor then purchases the needed inventory from a legitimate vendor. The false
vendor charges the victim company a much higher than market price for the items, but pays only the
market price to the legitimate vendor. The difference is the profit that the perpetrator pockets.

11. Explain the Pay and Return scheme.

ANS:
A pay-and-return scheme involves a clerk with check-writing authority who pays a vendor
twice for the same products (inventory or supplies) received. The vendor, recognizing that its customer
made a double payment, issues a reimbursement to the victim company. The clerk intercepts and
cashes the reimbursement check.

12. What is check tampering?

ANS:
Check tampering involves forging or changing in some material way a check that the
organization has written to a legitimate payee. One example of this is an employee who steals an
outgoing check to a vendor, forges the payee’s signature, and cashes the check. A variation on this is an
employee who steals blank checks from the victim company makes them out to himself or an
accomplice.

13. What is program fraud?

ANS:
Program fraud involves making unauthorized changes to parts of a program for the purpose of
committing an illegal act.

PTS: 1

14. Explain the shell company fraud.

ANS:
A shell company fraud first requires that the perpetrator establish a false supplier on the books
of the victim company. The fraudster then manufactures false purchase orders, receiving reports, and
invoices in the name of the vendor and submits them to the accounting system, which creates the
allusion of a legitimate transaction. Based on these documents, the system will set up an account
payable and ultimately issue a check to the false supplier (the fraudster).

15. Name three forms of computer fraud.

ANS:
Computer fraud includes:
The theft, misuse, or misappropriation of assets by altering computer-readable records and files.
The theft, misuse, or misappropriation of assets by altering the logic of computer software.
The theft or illegal use of computer-readable information.
The theft, corruption, illegal copying, or intentional destruction of computer software.
The theft, misuse, or misappropriation of computer hardware.

PTS: 1

16. Name three types of program fraud.

ANS:
Program fraud includes:
(1) creating illegal programs that can access data files to alter, delete, or insert values into
accounting records;
(2) destroying or corrupting a program’s logic using a computer virus; or
(3) altering program logic to cause the application to process data incorrectly.

PTS: 1

17. Define operational fraud.

ANS:
Operations fraud is the misuse or theft of the firm’s computer resources. This often involves
using the computer to conduct personal business.

PTS: 1
18. Define database management fraud.

ANS:
Database management fraud includes altering, deleting, corrupting, destroying, or stealing an
organization’s data.

PTS: 1

19. What is scavenging?

ANS:
Scavenging involves searching through the trash of the computer center for discarded output.

PTS: 1

20. As a form of computer fraud, what is eavesdropping?

ANS:
Eavesdropping involves listening to output transmissions over telecommunications lines.

PTS: 1

ESSAY

1. What fraud detection responsibilities (if any) are imposed on auditors by the Sarbanes-
Oxley Act?

ANS:
Standard No. 2 places responsibility on auditors to detect fraudulent activity. The standard emphasizes
the importance of controls designed to prevent or detect fraud that could lead to material misstatement
of the financial statements. Management is responsible for implementing such controls and auditors
are expressly required to test them.

PTS: 1

2. Contrast management fraud with employee fraud.

ANS:
Employee fraud is usually designed to directly convert cash or other assets to the employee’s personal
benefit.

Management fraud involves less of a direct benefit to the perpetrator. Management fraud may involve
an attempt to misstate financial performance in order to gain additional compensation or to earn a
promotion. Management fraud may also involve an attempt to misstate financial performance in order
to increase the price of the company’s stock or to reduce the cost of debt. Management fraud is more
insidious than employee fraud because it often escapes detection until the organization has suffered
irreparable damage or loss. Management fraud usually does not involve the direct theft of assets.

PTS: 1

3. Why are the computer ethics issues of privacy, security, and property ownership of
interest to accountants?
ANS:
Privacy is a concern because the nature of computer data files makes it possible for unauthorized
individuals to obtain information without it being recognized as “missing” from its original location.

Security is a concern because its absence makes control from a privacy viewpoint questionable. In
addition lack of security may permit unauthorized changes to data, therefore distorting information
that is reported.

Property ownership raises issues of legitimacy of organizational software, valuation of assets, and
questions of lost revenues.

PTS: 1

4. According to common law, there are five conditions that must be present for an act to
be deemed fraudulent. Name and explain each.

ANS:
In order for an act to be deemed fraudulent under common law, it must possess the following
characteristics:
false representation, meaning some misrepresentation or omission must have occurred,
material facts, meaning that the facts must influence someone’s actions,
intent, meaning there must have been the intention to deceive others,
justifiable reliance, meaning it did affect someone’s decision, and
injury or loss must have occurred.

PTS: 1

5. Management fraud is regarded as more serious than employee fraud. Three special
characteristics have been discussed for management fraud. What are they? Explain.

ANS:
Management fraud is more insidious than employee fraud because it often escapes detection until the
organization has suffered irreparable damage or loss.
It usually occurs at levels above the normal internal control system.
There is typically an intent to present a better picture of the business than is valid, often to deceive
creditors and/or shareholders.
If assets are misappropriated, the route is quite devious involving a maze of business transactions.

PTS: 1

6. Four principal types of corruption are discussed. Name all four and explain at least
two.

ANS:
Corruption involves an executive, manager, or employee of a business working in collusion with an
outsider. The four principal types of corruption are: bribery, illegal gratuities, conflicts of interest, and
economic extortion.

Bribery involves giving, offering, soliciting, or receiving things of value to influence an official in the
performance of his or her lawful duties.

An illegal gratuity involves giving. receiving, offering, or soliciting something of value because of an
official act that has been taken.
A conflict of interest occurs when an employee acts on behalf of a third party during the discharge of
his or her duties or has self-interest in the activity being performed.

Economic extortion is the use (or threat) of force (including economic sanctions) by an individual or
organization to obtain something of value.

PTS: 1

7. Misappropriation of assets can involve various schemes: expense reimbursement

fraud, lapping, and payroll fraud. Explain each and give an example.

ANS:
Expense reimbursement fraud involve fictitious charges to such accounts as miscellaneous expense
to offset theft of an asset. Because the expense account is closed to revenue at the end of the period,
the period in which it could be detected is short.

Lapping is a technique whereby an early theft is covered up by a later one, i.e., with the moves
“lapping” over each other. The simplest example involves taking a customer’s payment. A later
payment is then credited to the first customer’s account, not the second. And on it goes. This requires
some control over billing to avoid tipping off the last customer.

Payroll fraud is the distribution of fraudulent paychecks to existent and/or nonexistent employees.
PTS: 1

8. Distinguish between skimming and cash larceny. Give an example of each

ANS:
Skimming involves stealing cash from an organization before it is recorded on the organiza-
tion’s books and records. One example of skimming is an employee who accepts payment
from a customer but does not record the sale. Another example is mail room fraud in which
an employee opening the mail steals a customer’s check and destroys the associated remit-
tance advice.
Cash larceny involves schemes in which cash receipts are stolen from an organization after
they have been recorded in the organization’s books and records. An example of this is
lapping, in which the cash receipts clerk first steals and cashes a check from Customer A. To
conceal the accounting imbalance caused by the loss of the asset, Customer A’s account is not
credited. Later (the next billing period), the employee uses a check received from Customer B
and applies it to Customer A’s account. Funds received in the next period from Customer C
are then applied to the account of Customer B, and so on

PTS: 1

9. Explain why collusion between employees and management in the commission of a

fraud is difficult to both prevent and detect.

ANS:
Collusion among employees in the commission of a fraud is difficult to both prevent and detect. This is
particularly true when the collusion is between managers and their subordinate employees. Manage-
ment plays a key role in the internal control structure of an organization. They are relied upon to
prevent and detect fraud among their subordinates. When they participate in fraud with the employees
over whom they are supposed to provide oversight, the organization’s control structure is weakened, or
completely circumvented, and the company becomes more vulnerable to losses.
PTS: 1

10. Since all fraud involves some form of financial misstatement, how is Fraudulent
Statement fraud different?

ANS:
Fraudulent statements are associated with management fraud. While all fraud involves some form of
financial misstatement, to meet the definition under this class of fraud scheme, the statement itself
must bring direct or indirect financial benefit to the perpetrator. In other words, the statement is not
simply a vehicle for obscuring or covering a fraudulent act. For example, misstating the cash account
balance to cover the theft of cash does not fall under this class of fraud scheme. On the other hand,
understating liabilities to present a more favorable financial picture of the organization to drive up
stock prices does qualify.

PTS: 1

11. Explain the problems associated with lack of auditor independence.

ANS:
Auditing firms who are also engaged by their clients to perform non-accounting activities such as
actuarial services, internal audit outsourcing services, and consulting lack independence. They are
essentially auditing their own work. This risk is that as auditors they will not bring to management’s
attention detected problems that may adversely affect their consulting fees. For example, Enron’s
auditors – Arthur Andersen – were also their internal auditor’s and their management consultants.

PTS: 1

12. Explain the problems associated with lack of director independence

ANS:
Many boards of directors are comprised of individuals who are not independent. Examples of lack of
independence are directors who: have a personal relationship by serving on the boards of other
directors companies; have a business trading relationship as key customers or suppliers of the
company; have a financial relationship as primary stockholders or have received personal loans from
the company; have an operational relationship as employees of the company.

PTS: 1

13. Explain the problems associated with Questionable Executive Compensation Schemes

ANS:
A survey by Thompson Financial revealed the strong belief that executives have abused stock-based
compensation. The consensus is that fewer stock options should be offered than currently is the
practice. Excessive use of short-term stock options to compensate directors and executives may result
in short term thinking and strategies aimed at driving up stock prices at the expense of the firm’s long-
term health. In extreme cases, financial statement misrepresentation has been the vehicle to achieve the
stock price needed to exercise the option.

PTS: 1

14. Explain the problems associated with inappropriate accounting practices.

ANS:
The use of inappropriate accounting techniques is a characteristic common to many financial statement
fraud schemes. Enron made elaborate use of Special Purpose Entities (SPE) to hide liabilities through
off balance sheet accounting. WorldCom management transferred transmission line costs from current
expense accounts to capital accounts. This allowed them to defer some operating expenses and report
higher earnings. Also, they reduced the book value of hard assets of MCI by $3.4 billion and increased
goodwill by the same amount. Had the assets been left at book value, they would have been charged
against earnings over four years. Goodwill, on the other hand, was amortized over much longer period.

PTS: 1

15. Computer fraud is easiest at the data collection stage. Why?

ANS:
Computer fraud is easiest at the data collection stage because much of what occurs after the data
collection or input stage is not visible to human eyes. Once entered, the system will presume that the
input is legitimate and will process it as all others.

PTS: 1

16. Describe the factors that constitute the fraud triangle. Why is it important to auditors?

ANS:
The fraud triangle consists of three factors that contribute to or are associated with manage-
ment and employee fraud. These are:
(1) situational pressure, which includes personal or job related stresses that could coerce an
individual to act dishonestly;
(2) opportunity, which involves direct access to assets and/or access to information that
controls assets, and;
(3) ethics, which pertains to one’s character and degree of moral opposition to acts of
dishonesty.

An individual with a high level of personal ethics, who is confronted by low pressure and
limited opportunity to commit fraud, is more likely to behave honestly than one with weaker
personal ethics, who is under high pressure and exposed to greater fraud opportunities.

Research by forensic experts and academics has shown that the auditor’s evaluation of fraud is
enhanced when the fraud triangle factors are considered.

PTS: 1

17. Distinguish between errors and irregularities. Which are of greatest concern to auditors?

ANS:
Errors are unintentional mistakes; while irregularities are intentional misrepresentations to perpetrate a
fraud or mislead users of financial statements. Errors are a concern if they are numerous or sizable
enough to cause the financial statements to be materially misstated. All processes that involve human
actions are highly susceptible to human error. Computer processes are subject to program errors,
faulty systems operating procedures and system malfunction. Errors are typically easier to uncover
than misrepresentations, thus auditors typically are more concerned about detecting all irregularities.
Also, under SAS No. 99 and Sarbanes-Oxley, auditors are specifically charged with fraud detection.

PTS: 1