...Curbing Fraud Through Risk Assessments Abstract The purpose of this paper is to discuss the psychology behind why people commit fraud and how a risk assessment can be used to mitigate fraud and risk towards a given organization. The risk assessments portion of the paper will discuss areas such as a process for an effective fraud risk assessment which includes defining a risk scope, risk treatments (acceptance, avoidance, transfer, mitigate, or a combination approach), and most importantly risk monitoring and review through controls. The paper then discusses in detail the importance of proper risk modeling then finished with an analysis on an actual fraudulent activity around the abuses with SNAP benefits. Risk Assessments: Merriam-Webster defines fraud as the “intentional perversion of truth in order to induce another to part with something of value or to surrender a legal right.” Some type of fraud scheme or business exploit is in the news headlines every day. Anything from employees stealing money out of cash register to multibillion dollar pyramid schemes is seeming becoming a common segment on the news right next to this week’s weather forecast. The opportunity for a common person or company to fall victim to fraud is paramount. Often times a business simply doesn’t know where their most susceptible operations reside. This limitation causes billions of dollars of fraud to commence every year, and often times the company won’t know they aren’t being scammed until it’s...
Words: 3549 - Pages: 15
...detecting fraud are to perform risk assessment procedures, such as inquiries of management and others, analytical procedures, and observation and inspection. Then the auditor must develop tests to determine any misstatements in the account balances or transactions. In order to identify the risks of material misstatements, the auditor must discuss with the audit team in regards to the risks of material statement due to fraud, inquire of management about the risks of fraud and how it is addressed, consideration of any unusual or unexpected relationships when performing analytical procedures, and understand the client’s period-end closing process and investigate unexpected period-end adjustments. The three conditions that are generally present when fraud occurs are management or employees have an incentive or are under pressure to commit the fraud, an opportunity to carry out the fraud, and those who commit the fraud are able to rationalize committing a fraud. In addition, individuals possess an attitude that allows them to intentionally commit the fraudulent act. The objective of brainstorming meet is to talk about the entity’s financial statements’ susceptibility to material misstatements. In depth, their objectives are to share insights about the entity, its environment, and the entity’s business risks, discuss how and when the entity is susceptible to fraud, and emphasize professional skepticism while performing the audit. The documents needed for identified risk factors are...
Words: 303 - Pages: 2
....................................................................8 COBIT..........................................................................................................................11 Responsibility for Internal Control System .................................................................13 Conclusion ...................................................................................................................14 3. TOP-DOWN, RISK-BASED APPROACH 3.1 3.2 3.3 3.4 3.5 Introduction ..................................................................................................................15 Risk Identification........................................................................................................17 Controls Identification .................................................................................................18 Execution and Evaluation ............................................................................................21 Roadmap for Implementation of a Top-Down, Risk Based...
Words: 45404 - Pages: 182
...large emphasis on financial risk assessments. The risk assessment process is needed to identify risks that need to be treated within an organization, as well as to provide strategies and methods that are most appropriate to treat these risks. Because many organizations are poorly aligned between their risk exposure and their risk appetite, it is important to engage in the risk assessment procedures. These procedures can help an organization prevent risk exposure and determine if their current operations will result in an increase or decrease of market value and owners’ wealth. As a result of the economic crisis, and the recent increase in corporate failures, organizations can now learn from the mistakes of others. This paper will discuss the mistakes that lead WorldCom, a telecom company that was once the fourth-ranked in Fortune 500, to bankruptcy in 2002, in an effort to demonstrate the importance of successful risk assessment and alignment implementation. Keywords: corporate failure, risk analysis, risk assessment, risk management, WorldCom Over the past years, and as a result of high profile firm failures, the economic crisis, and increased regulatory pressure, many organizations have placed a large emphasis on financial risk assessments. Risk assessment is the process where risk managers analyze the risks of an organization and identify risks that need to be treated (Tarantino & Cernauskas, 2011, p.47). In addition, a risk assessment provides strategies and...
Words: 4331 - Pages: 18
...number of views or the number of clicks depending on the type of the contract. The company acquired Corporate Collaborations this entity manages private and public social media networks that earn its revenue providing corporate social network development and hosting services. The audit committee of the company has requested the company to hire a new audit firm with a better experience in auditing of public technology companies. 2. Auditing and reporting issues: Miss Kristine Drew is the senior auditor for this company and is responsible for auditing revenue. She should start by asking for reviews from the predecessor audit firm in order to identify any problems they faced and to incorporate appropriate actions in order to minimize those risks. Ms. Drew should start off by initially accessing the controls of the activity reports. If the controls are strong and the data could not be manipulated, then it can be presumed that the data is accurate if this is not the case, then Ms. Drew should take up the services of a professional to figure out a way and if it is still not possible then she should state the facts on the audit report. The existing customers with hosting contracts of three years are changed to five-year contract, the revenues from this change have to be accounted prospectively. The revenue recognition for the new contracts for hosting that is for five years with three months free service, at the end of the five-year tenure the revenue should be charged over five years...
Words: 5302 - Pages: 22
...evaluating this case using the three elements of the fraud triangle I have concluded that the potential pressures for Chris to commit fraud are greater than for others. The pressure is from Chris himself because he wants what others have or what he doesn’t have. This is due to the fact that Chris is young and impressionable may feel as though he doesn’t make enough money to obtain the material possession he desires or see others with. He may also be of the mindset that “he wants it now” it being the latest technology. This younger generation seems to feel entitlement instead of working and earn it. This may be due to their upbringing. Although my generation had things we worked for them and with our parents/families help we were able to obtain those things we wanted. We live in a technology savvy society so if you don’t have the last gadget then you may be looked upon as not having the means to acquire these things or not technologically savvy enough to want or have these items. Having the latest gadgets is a societal status symbol, the more you have…. the more you have meaning money. Chris may have friends that have the latest and greatest technology and he maybe envious of them and desire to acquire those things as well but not on his salary in his mind. So he must find a way to get either more money or a way to acquire the latest and the greatest in technology. The potential opportunities for Chris to commit fraud are great. He has access to a fake credit card which...
Words: 1080 - Pages: 5
...maintained throughout the course on Blackboard (go to http://www.unt.edu/ and click the link at the top for “Blackboard”). Course materials such as notes will be available on Blackboard. You are responsible for anything that I note through Blackboard emails and announcements. Course Description: Introduction to auditing and the professional responsibilities of a career in any specialty of the accounting profession. Topics include the legal and ethical responsibilities of accountants; professional auditing standards; the audit risk model; the acquisition, evaluation and documentation of audit evidence; reports on the results of the audit engagement. Learning Objectives: When you complete this course, you should: Understand the audit process, including audit procedures, and audit reports Understand the professional responsibilities of CPAs Understand audit risk assessments and planning Be able to research auditing standards Be able to identify fraud red flags Methods of Instruction: Lecture, discussion, and application. Course...
Words: 1658 - Pages: 7
...Case 3.4 Sunbeam: Incentive and Pressures to Commit Fraud Case 3.4 Sunbeam: Incentives and Pressure to Commit Fraud 1. Consult paragraph 9 of PCAOB Auditing Standard No. 5. Based on your understanding of inherent risk assessment and the case information. Identify three specific factors about Sunbeam that might cause you to elevate inherent risk. The fact that the structure of the organization was in major flux and that the employees were probably in chaos mode with all the terminations in management, I am sure that the overall tone from the top was not a good one. I would assume that employees felt that fraud would be accepted if it meant the bottom line numbers were impressive so this would definitely cause me to elevate the inherent risk level. Especially since replacement employees were given strong monetary incentives to have stock prices raise. There is also rapid change happening in the entity. Not only was there a huge turnover of staff but there was also the elimination of 87% of products. Headquarters were even closed and consolidated into one. On top of all of that there were huge sales projections along with the introduction of new products. This rapid change should set up a red flag for any auditor and cause them to continue to raise the inherent risk level. All of these changes and projections caused the stock prices to rise. Since it was known that top management had a personal stake in these stock prices this would also cause an alarm to go off...
Words: 305 - Pages: 2
...The importance of internal control systems is to provide an effective risk management system as well as corporate control. Every organization is subject to some kind of risks depending upon its products and services it sell, the market in which it functions, its financial sources, and the way it operates its resources. It is important to coordinate every aspect of a business organization in an effective way. A good internal control has now become an essential part of risk management. Internal controls are designed to protect companies from fraud and inaccurate data recording. By incorporating the fundamentals of internal control such as risk assessment and employees' role assignments, companies can set up an effective system to monitor, analyze and protect their reports. Businesses need to maintain track of essential financial activities and with internal control protection a company can set well-defined goals and make accurate projections. The primary purpose of internal control is to promote efficient operations that go with the objectives of an organization and to ensure whether the company's activities are in accordance with laws and regulations. The procedure in the operation of a good internal control system would be the supervision of activities in connection with authorizations and reconciliations, reviewing of employee performance, security of assets, and segregation of duties. Internal controls prevent errors and loopholes by detecting them in a timely manner, therefore...
Words: 271 - Pages: 2
...Fitness Inc. 2 Risk assessment: 2 1、Current situation 2 2、New Risk 2 ①Risk 2 ②Risk level 3 ③Risk treatment[We will give more details later.] 3 Solution 4 1、 Management Structure(personnel and cultural control) 4 2、Progress(Action control) 5 ①Between Rosemary and the non-instructor manager: 5 ②Among the manager, instructors and clients: 5 ③A whistle-blower program 6 3、Motivation and punishment (Result control) 6 Since Private Fitness Inc. is located in an upscale community and provides specific classes to customers, each instructor is valuable and we think Rosemary should forgive Kate and still employ her as an instructor. But Kate is not qualified for the manager position because what she did is a serious ethical problem. Rosemary should hire a non-instructor manager outside, considering the risk we analyzed that a person take instructor and manager position at the same time. For the solution, our group first made a risk assessment and according to this, we will give details in the later part of the article. Objectives of Private Fitness Inc. First, we should identify the overall objective of the Private Fitness Inc., which is a small entity with only 5 employees, is to operate at a profit. Second, we need identify that the problem that Rosemary need to face with is to resolve the fraud made by Kate, which both contributes to the dishonesty and motivation of herself and the available chance to make use of. Risk assessment: 1、Current situation ...
Words: 1850 - Pages: 8
...Strategically Managing Risk in Today’s Perilous Markets. Topic: Risk Assessment and Prevention Cost Risk assessment is very important function in management activities. By understanding and valuing each department risk level, management can reduce or control the prevention cost. The reason for that is management could know which department in the company needs to improve to reduce any predictable cost that can happen in the future. However, ERM is one of the management tools that can help any organization to manage and control risk assessment. By applying ERM, management could know where in the company’s departments they should improve the quality of the activities. That improvement will help to prevent any extra cost. Also, this improvement will proved stable work environment in the company. Moreover, ERM would be a very helpful tool for management in making operational and strategies decisions. One of the great benefits in ERM is involving every employee in the company in planning and decision making. Everyone will do some effort in the company management. Article: “Creating an Ethical Culture: Values-Based ethics programs can help employees judge right from wrong” By Gebler, David Topic: Accounting fraud. According to “Creating an Ethical Culture: Values-based ethics programs can help employees judge right from wrong” By David Gebler, The author presented the Culture Risk Assessment Model. This model would help companies to reduce the risk of unethical conduct...
Words: 398 - Pages: 2
...Internal Control and Risk Evaluation – Kudler Fine Foods Lisa Cook University of Phoenix ACC/542 August 15, 2011 Internal Control and Risk Evaluation Internal controls and risk assessments are an integral part for a company to be successful. Management at Kudler Fine Foods has reviewed the flowcharts prepared and is requesting information on controls that will be required. Risks are none to be a negative event occurring in a company’s productivity. Internal controls are the policies and procedures put in place to reduce unforeseen occurrences associated with the risks. This brief will discuss the risks of Kudler Fine Food’s current Accounting Information System (AIS) evaluated by Team B and incorporate the controls into the flowcharts, design internal controls to mitigate risks to the systems, evaluate the application of internal controls to the systems, and discuss other controls, outside the system, that Kudler Fine Foods may need. Risks in the Systems According to Hunton, Bryant, & Bagranoff (2004), “business enterprises face a variety of risks, including business, audit, security, and continuity risks” (pg. 48). When analyzing Kudler Fine Foods current information system the team found that Kudler lacked internal controls and risk evaluations required to run their information system. Several concerns were brought up as major potential risks. The three risks focused on are those of business, security, and continuity. Several of Kudler’s risks within the system...
Words: 923 - Pages: 4
...objectives and purpose. To achieve this end, it is necessary to conduct a background analysis of the HIPAA breach notification rules. In addition, an evaluation of these rules will be highlighted. Moreover, the impact of the Final Omnibus Rule (FOR) of 2013 on breach notification rules will be emphasized. Finally, the way head will be underscored. Background In August 1996, President Bill Clinton signed HIPAA, which is the single most significant federal legislation affecting the U.S. health care industry since the creation of the Medicare and Medicaid programs in 1965. The five primary goals of the HIPAA legislation are: 1. To improve portability and continuity of health insurance coverage for individuals and groups. 2. To combat fraud, waste, and abuse in the health care industry. 3. To promote the use of medical savings accounts. 4. To improve access to long-term health care services and coverage. 5. To establish standards for administrative simplification (HIPAA, 1996). The Interim Final Rule for Breach Notification for Unsecured Protected Health Information, issued pursuant to the Health Information Technology for Economic and Clinical Health (HITECH) Act, which enacted as part of the American Recovery and Reinvestment Act (ARRA) of 2009, was published in the Federal Register on August 24, 2009 by the Department of Health and Human Services (HHS), and became effective on September 23, 2009. During the sixty-day public comment period on the Interim Final...
Words: 1771 - Pages: 8
...Risk Management Overview February 21, 2011 FIN/415 Risk Management Overview Paper Risk management is a systematic process of managing the exposure of the organization to a variety of risks. This process has become increasingly important for the success of any organization in current competitive markets. The successful identification of threats and opportunities is crucial in risk management as it allows to create the processes and procedures allowing the company to maximize opportunities and minimize threats. Many organizations treat risk management seriously and create separate department responsible solely for risk management. Royal Caribbean Cruise Line incorporated risk management department into its structure. This step allowed this organization to improve the risk assessment procedures and introduce the necessary processes to minimize the impact of threats. The organizational risk relates to the organizational governance, operations, and information systems. The organizational risk management “provides assurance for reliable and accurate financial and operational information and reporting, effectiveness and efficiency of operations, and safeguarding of assets, as well as compliance with regulations, contracts, and the organization’s code of ethics” (Aghili, 2010, p. 23). Organizational risk management treats the relates to the organization as one entity and...
Words: 940 - Pages: 4
...Fencing Inc. (Case 13-9 handout) Account Scoping and Risk Assessment Account Balance and Disclosure: Revenue Class of Transaction: Recording Sales Risk #1 All orders shipped are not recorded as revenue. Completeness. No. No. Control #1: Sales are automatically recorded and invoices are automatically generated upon the release of the order in the Warehouse K-Series System. Orders are not released until the goods have been confirmed for shipping in the system (which occurs when the goods are scanned as they are loaded in the shipping area). No. Identification of risk of misstatement ("what could go wrong") Relevant assertion Significant risk? Risk of material misstatement because of fraud? Control activity that addresses risk of misstatement Does the control rely on information produced by the entity (or IPE)? If yes, list relevant information N/A Will we obtain audit evidence of the accuracy and completeness of information produced by the entity by testing controls or by performing procedures directly on the information? Is the control automated? Relevant application system (if we are testing information produced by the entity through tests of controls or the control is automated) Yes. Warehouse K System, which is subject to IT controls performed by management and tested within the IT controls workpaper. On the basis of the following factors, we concluded that the control is appropriately designed to address the stated risk of material misstatement: 1. The control is the automation...
Words: 1959 - Pages: 8