Fighting Fraud: the Shared Responsibility of Management and ...

Fighting Fraud: the Shared Responsibility of Management and ...

Fighting Fraud: the Shared Responsibility of Management and Auditors Globally Presenters: Dan Torpey, Leader, EY Fraud Investigation & Dispute Services Practice for the Southwest Region Jeffrey Klink, CEO, Klink & Company, University of Pittsburgh Dr. Barry Jay Epstein, Principal, Epstein + Nach, Chicago Dr. Sridhar Ramamoorti, Associate Professor of Accounting, Kennesaw State University and Director, Corporate Governance Center Moderator:

Dr. Mark Holtzblatt, Associate Professor of Accounting, Cleveland State University International Accounting Section Mid-Year Meeting Workshop, AAA and IAAER, New Orleans, February 18, 2016 Agenda 1. Introduction to the Workshop Topic and Presenters 2. Overview of Components of Anti-Fraud Program and where Companies are Challenged 3. Investigation Case Studies 4. Remediation/Resolution 5. Questions, Discussion & Coffee Break 6. Detection of Fraud: Training and Techniques

7. Fraud Theory: Models and Tools to Assess Fraud Risk 8. Questions, Discussion and Closing Remarks 1. Introduction to the Workshop Topic and Presenters 2. Overview of Components of Anti-Fraud Program and where Companies are Challenged 3. Investigation Case Studies 4. Remediation/Resolution 5. Questions, Discussion & Coffee Break 6. Detection of Fraud: Training and Techniques 7. Fraud Theory: Models and Tools to

Assess Fraud Risk 8. Questions, Discussion and Closing Remarks Recent studies and statistics show the growing problem of global fraud and corruption 1. 2. 3. 4. 5. 2014 ACFE Global Fraud Study 2015-2016 Kroll Global Fraud Study

2016 White Collar Crime and Fraud Risk Study 2015 Corruption Perceptions Index of Transparency International Increasing Global Fines and Penalties for Bribery and Corruption 2014 ACFE Global Fraud Study The Association of Certified Fraud Examiners' (ACFE) 2014 Global Fraud Study revealed that the typical organization loses a median of 5% of revenues each year due to fraud. Given the narrow net margins for many businesses, there is enormous up-side

potential for corporate profits if fraud can be reduced. 2015-2016 Kroll Global Fraud Report 2016 White Collar Crime and Fraud Risk Study (Protiviti and Utica College) Findings: 2016 White Collar Crime and Fraud Risk Study(Protiviti & Utica College) 1. The majority of organizations are not well-positioned to conduct investigations, as they are under-resourced and are spending more time putting out fires than focusing on fraud detection and applying a consistent investigative approach.

2. Most companies are still reactive, rather than proactive, in managing fraud risk and responding to fraud and corruption once issues have been identified because they lack resources and strategy. 3. Few companies are availing themselves of the best practices for mitigating fraud risk. 4. Third party fraud and corruption risk is barely on the radar of most organizations. Dan Torpey, CPA and EY Partner and Leader of Fraud Investigation & Dispute Services Practice - Southwest U.S Daniel Torpey is a Forensic Accountant, CPA and former auditor with over 30 years of Public Accounting experience. Mr. Torpey has testified as an expert witness in state, federal and international proceedings. In his current role Mr. Torpey oversees the data analysis and information gathering on some of the

largest forensic investigations and, disputes in the industry. He began his career investigating insurance claims for insurance carriers. Mr. Torpey has published lead cover articles in Fraud Magazine, Internal Auditor, Claims Magazine and Risk Management. Also published or quoted in Business Insurance, National Underwriter, Claims Magazine, Corporate Legal Times, The Dallas Morning News, and The Los Angeles Times, Mr. Torpey has helped clients in many industries in the US and abroad. Mr. Torpey has presented several times on fraud investigation, the use of predictive modeling in claims and other forensic investigative topics to the FBIs Accountants in Training program including instructing sessions at Quantico, Virginia, The FBIs training facility. Mr. Torpey earned his B.S. in Accountancy at St. Johns University, Jamaica, NY and has attended the Kellogg School of Management Executive Program at Northwestern University. Mr. Torpey recently served on the board of the AICPA Forensic & Litigation Services Section and is a board member for LIFT, a Texas non-profit to assist in Adult Literacy. He is a member of the Dallas Business Ethics Forum and is a Certified USA Olympic Weightlifting Sports Performance Coach. He is

married and the father of four children all teenagers. When not accounting for numbers or lifting weights, Mr. Torpey participates in Medieval Martial Arts, studying and practicing the art of battle from manuscript written by a 14th Century Italian Martial Arts expert who trained Knights and Noblemen. Jeffrey M. Klink, President and Chief Executive Officer, Klink & Co. Inc. Faculty, University of Pittsburgh Jeffrey Klink is a former United States Department of Justice prosecutor and a recognized expert on fraud, employee misconduct, and FCPA compliance. Klink & Co. is a global risk consultancy that performs FCPA compliance services, due diligence, and fraud investigations. The firm works in over 100 countries every year, and has special expertise in China, Russia, India, and throughout Africa. Klink created and teaches a dedicated course on FCPA compliance for the University of

Pittsburgh Katz Graduate School of Business. Mr. Klink has personally trained hundreds of employees and third-party vendors on bribery and trade compliance in Asia, Europe, the Middle East and the Americas. Mr. Klink has performed dozens of large, complex kickback investigations for multinational organizations involving the corrupt payment of hundreds of millions of dollars from vendors to employees of global public companies. Klink has been a guest on the Bloomberg network, Fox, ABC, and other media outlets. He has been published in multiple publications, including the American Corporate Counsel Associations Docket magazine, where he was co-author of a cover article on resolving fraud and compliance risks for corporations, and the National Law Journal. Barry Jay Epstein, Ph.D., CPA Principal, Epstein & Nach, Chicago

Dr. Epstein, after an initial several year stint in college teaching, has concentrated the rest of his career to public accounting, first in roles as technical (quality control) officer and training director, and, for the past thirty-plus years, as a litigation specialist serving as consultant and testifying expert on accounting, auditing and financial reporting matters for private litigants and such agencies as SEC, CFTC and DOJ, in over 150 cases across the country. Among the high-profile cases he has consulted on were Peregrine Financial, Enron and WorldCom. He was also a founding author of Wileys popular GAAP and IFRS handbooks and long-time author of RIA Checkpoints Handbook of Accounting and Auditing, and has written or coauthored over 50 articles on fraud, GAAP, and other topics for leading law and accounting publications. He has delivered hundreds of professional education and college lectures in the US, Canada, the Middle East, and East Asia, including 2015 forensic accounting programs in Singapore and Cambodia. He recently completed a term on the academic advisory board at Roosevelt University, and has been active in financially supporting faculty research at DePaul University (where he earned his B.S.C.) and the University of Pittsburgh (Ph.D.).

Sridhar Ramamoorti, Ph.D., CPA Associate Professor of Accounting, Kennesaw State University, Director, Corporate Governance Center Dr. Sridhar Ramamoorti, ACA, CPA, CITP, CFF, CGMA, CIA, CFE, CFSA, CGAP, CGFM, CICA, CRP, CRMA, MAFF, is currently an Associate Professor in the School of Accountancy and Director, Center for Corporate Governance at Kennesaw State University. Dr. Ramamoorti has a unique, blended academic-practitioner background with over 30 years of experience in academia, auditing, and consulting. After finishing his Ph.D. in quantitative psychology from The Ohio State University, Dr. Ramamoorti served as an Accountancy faculty member of the University of Illinois. Subsequently, he was a principal with Andersen, National Sarbanes-Oxley Advisor at EY, and a corporate governance partner with Grant Thornton. He has also published in academic and professional journals such as Management Science,

European Management Journal, Journal of Information Systems, Internal Auditor, and Fraud Magazine. His co-authored book, A.B.C.s of Behavioral Forensics, on the psychology of fraud, won the 2015 Coles College Publication Prize and was presented to the FBI Academy. Active in the profession, he is currently a member of the Standing Advisory Group of the Public Company Accounting Oversight Board (PCAOB) and a Board member of the Institute for Truth in Accounting and Ascend. Dr. Ramamoorti has spoken at Conferences and events in 14 countries. 1. Introduction to the Workshop Topic and Presenters 2. Overview of Components of Anti-Fraud Program and where Companies are Challenged 3. Investigation Case Studies 4. Remediation/Resolution

5. Questions, Discussion & Coffee Break 6. Detection of Fraud: Training and Techniques 7. Fraud Theory: Models and Tools to Assess Fraud Risk 8. Questions, Discussion and Closing Remarks Current environment The perfect storm for fraud & business corruption Companies are decentralized which has an immediate effect on

internal controls Lack of infrastructure and controls in many foreign countries Layoffs unemployment and unease continue Budgets are decreasing. Companies and organizations are doing more with less.

Internal and External Pressure Pressure Anti-bribery regulatory focus increased globally Large government contracts Stressed and disaffected employees may have

greater ability to rationalize improper actions Opportunity to Commit Fraud Personal retirement plans and market levels remain low Page 17

Opportunity Internal Controls Rationalization Employees are working in countries with perception of bribery Who Owns Fraud Components of an effective antifraud program Page 18

Components of an anti-fraud & corruption compliance program Setting the Proper Tone Elements of a successful corporate antifraud, bribery and corruption program Code of Ethics

Fraud and Corruption Prevention Policies Proactive Communication and Training Risk Assessment Reactive

Controls Monitoring and Analytics Incident Response Plan Management Ownership and Involvement Anti-fraud, bribery and corruption

key activities Page 19 Corporate compliance assessment Corporate compliance design Gap analysis Future state design session Discovery response planning Records and information management Who owns fraud?

Assign roles and responsibilities Fraud and risk committee formulation Customized training Corporate governance Design sessions Corporate anti-fraud road map FCPA / anti-bribery compliance assessments Fraud risk assessment Targeted anti-fraud analytics

Anti-bribery and corruption analytics M&A Due Diligence 3rd Party Due Diligence Vendor Risk profiling Vendor Vetting -Level I, II, III background checks Investigations Fraud response planning Forensic data analytics Discovery and document review

How is fraud detected? Source: ACFE 2010Report to the Nation On Occupational Fraud Page 20 1. Introduction to the Workshop Topic and Presenters 2. Overview of Components of Anti-Fraud Program and where Companies are Challenged 3. Investigation Case Studies 4. Remediation/Resolution 5. Questions, Discussion & Coffee Break 6. Detection of Fraud: Training and Techniques

7. Fraud Theory: Models and Tools to Assess Fraud Risk 8. Questions, Discussion and Closing Remarks Investigation Case Studies Fraud investigations require multi-disciplinary resources, including, but not limited to computer forensics, accountants, surveillance, research analysts, and effective interviewers. a) Who owns the investigation b) What is the purpose of the investigation? c) What parties are involved. d) Leading practices on investigations.

1. Introduction to the Workshop Topic and Presenters 2. Overview of Components of Anti-Fraud Program and where Companies are Challenged 3. Investigation Case Studies 4. Remediation/Resolution 5. Questions, Discussion & Coffee Break 6. Detection of Fraud: Training and Techniques 7. Fraud Theory: Models and Tools to Assess Fraud Risk 8. Questions, Discussion and Closing Remarks Remediation/Resolution

a) Financial recovery through insurance and other parties b) Enforcement actions Assisting the authorities in prosecuting fraud typical role of CPA, investigator, other parties involved c) Remediation within the company Fixing the weaknesses identified by occurrence of frauds what does the company do post-investigation to improve their controls/address issues d) Why frauds are not often acknowledged 1. Introduction to the Workshop Topic and Presenters 2. Overview of Components of Anti-Fraud Program and where Companies are Challenged 3. Investigation Case Studies 4. Remediation/Resolution

5. Questions, Discussion & Coffee Break 6. Detection of Fraud: Training and Techniques 7. Fraud Theory: Models and Tools to Assess Fraud Risk 8. Questions, Discussion and Closing Remarks 1. Introduction to the Workshop Topic and Presenters 2. Overview of Components of Anti-Fraud Program and where Companies are Challenged 3. Investigation Case Studies 4. Remediation/Resolution 5. Questions, Discussion & Coffee Break

6. Detection of Fraud: Training and Techniques 7. Fraud Theory: Models and Tools to Assess Fraud Risk 8. Questions, Discussion and Closing Remarks Fighting Fighting Fraud: Fraud: AAShared SharedResponsibility Responsibilityof

ofManagement Managementand andAuditors AuditorsGlobally Globally Barry Barry Jay Jay Epstein, Epstein, Ph.D., Ph.D., CPA, CPA, CFF CFF

Epstein Epstein++Nach NachLLC LLC Chicago IL Chicago IL [email protected] [email protected] Fraud Manipulation Schemes Selected Materials from the Workshop Hand Out

Fraud Manipulation Schemes Financial Reporting Fraud and Detection Methods Fraud Manipulation Schemes Financial Reporting Fraud and Detection Methods Analyses of Major Frauds Adelphia Communications (2002) Added $9 billion in debt to make acquisitions, putting pressure on co. Controlling familys huge spending habits, from company funds Round tripped company funds disguised as new infusions by owners Desired EBITDA target determined, then back into fraudulently

Bogus transactions with related unconsolidated entities Auditors missed $2.3 billion in family expenditures, related party transactions, $1.6 billion in hidden debt, $875 million phony equity Cost to auditors: $50 million to SEC, $375 million to shareholders Analyses of Major Frauds Parmalat (2003, litigation against auditors settled 2015) The biggest business accounting fraud of all time, $18 billion Massive fraud for over 15 years; collusion by auditors facilitated this Came to light only when company defaulted on $185 million bonds

Phony $4.9 billion cash account in West Indies was revealed Actual outstanding debts found to be 8 X amounts reported Auditors missed red flags including West Indies implausible cash balances, huge fictitious milk purchases and sales Corrupt auditors went to prison together with corporate CEO, others Importance of common sense: are transactions plausible at all? Analyses of Major Frauds WorldCom (late 1990s to early 2002) $11 billion in fictitious revenues or hidden expenditures

Purpose was to exaggerate performance so stock could be used to make further acquisitions Resulted from misapplication of three simple accounting rules First: charging current expenditures against unrelated reserves Second: capitalize operating costs to spread expense over future Third: accrue revenues from cancellation fees never charged Auditors missed all of these for many years, but not complicit In desperation move, indicted CFO created his own GAAP standard Importance of auditors thorough GAAP knowledge is lesson Analyses of Major Frauds Enron (late 1990s to early 2002) $11 billion in fictitious earnings or hidden debts over several years

Inflated stock value used for business acquisitions Creative (criminal) use of special purpose entities (SPEs) based on deliberate mis-reading of actual permissible use Auditors and outside legal counsel were complicit in creation of SPEs Probable example of dark triad personalities of CEO, CFO Lesson: in-depth knowledge of complex GAAP required Lesson: importance of independent technical review of audits Auditor skepticism and independence are vital traits, cannot risk being compromised Analyses of Major Frauds Lehman Brothers (2008)

Deliberate misapplication of GAAP to hide repurchase agreements Cash from mis-reported REPOs used to pay down other debt Distortion of quarter-end leveraging caused risks to be missed Invented concepts of REPO 105s and REPO 108s violated GAAP Auditors bought clients GAAP logic, in spite of rules to the contrary Auditors missed red flag of inability to obtain US true sale legal opinion on the transactions Not only was the company destroyed, this triggered financial panic in US and across the world, followed by deep recession Analyses of Major Frauds MF Global (2011)

Deliberate misapplication of GAAP to hide repurchase agreements Dark triad personality of chief executive a missed clue Invented concept of REPO to maturity used to effect the fraud Use of customer funds to pay other debts when crunch finally happened Auditors bought clients GAAP logic, in spite of rules to the contrary Auditor skepticism and independence are vital traits, cannot risk being compromised Analyses of Major Frauds Xerox (late 1990s/early 2000s) Several accounting frauds occurred here Most serious: misapplication of lessor accounting By deliberately warping fair value allocations among product, services

and supplies, overallocated to sale of machines, for greater immediate profit recognition ($3 billion revenue, $1.4 billion profit) Auditors were sanctioned by SEC, as was the company Analyses of Major Frauds Global Crossing (2002) One of several accounting frauds in telecom boom era Created revenue by cross-leasing dark cable to other telecoms All parties had immediate revenue, deferred costs based on bogus theory Auditors (now defunct) had sold SEC on the bogus accounting idea Subsequently many companies in the industry had large write-offs Litigation involved many firms, telecom companies, for years thereafter

Analyses of Major Frauds ZZZZ Best (1986) Implausible story of high school student creating publicly-held fire and water office building restoration business, raised $100 million Forged documents desktop published and accepted by auditors Auditors went years without ever doing physical inspection Auditors eventually visited one site, but at night, when perpetrator could collude with security involvement

guard to put up signage supporting Analyses of Major Frauds Phar-Mor (1992) Rapidly growing discount drug and household goods chain Profits created by overstatement of inventory Fictitious inventory hidden in those stores (of the 300 total) that auditors announced would not be visited and tested Auditors yielded the very important element of surprise Bookkeeping entries to move fictitious inventory to locations not to be tested were blatant red

flags, but ignored, general journal entries Another lesson: all general journal entries must be reviewed Auditors had to pay $300 million in damages Analyses of Major Frauds Peregrine Financial Services (2011) $200 million stolen by chief executive over two decades Thefts concealed by creation (by CEO) of bogus monthly bank statements by desktop publishing them after receiving monthly statements unopened by clerical staff

Auditors failed to react to this gross breach of controls, having unopened statements given to person having signing authority Auditors failed to verify mailing address for annual confirmation of cash, which went to CEO- controlled PO box, and confirmed by him The auditors failed to appreciate dark triad personality of CEO Again the lesson: it is the long-time, trusted employee who can steal

Analyses of Major Frauds Dixon, Illinois (USA) city government (2013) $53 million embezzled from town having only a $20 million budget Long-serving controller/finance chief created side bank accounts, authorized transactions, and stole over a 15+ year period ($11 million over final 2.5 years!!) Enjoyed a high profile lifestyle in rural area where this was obvious, but nobody noticed or believed it was based on lottery winnings Lesson: key internal control principle of having asset (cash) handled by those not having bookkeeping access was violated, arguably as an economy move suggested by Ms. Crundwell

Another lesson: it is the long-time, trusted employee who can steal The auditors had to cover most of the amount lost Three Words to Remember When Looking for Fraud General Journal Entries Basic Ratio Analysis for Forensic Exams Already known to most auditors, required for most audit exams Can be powerful diagnostic, if simplistic last year/this year model is dispensed with

Common screening ratios Operating margin (net margin) focused on time patterns Gross profit margin Sales return volume and pattern Accounts receivable turnover Bad debts as percentage of sales (including time patterns) Shipping costs as percentage of sales Current ratio Acid test ratio Abnormal Accruals Model Also known as discretionary accruals model Much academic research has used this to flag financial frauds

The modified Jones model is most popular approach Accruals t = a (1/Assets t-1 ) + b Sales t + c PPE t + d ROA t + Accruals

t Assets = total assets at the beginning of fiscal year t t-1 t = income before extraordinary items minus cash flow from operations Sales = change in sales in year t versus prior year t-1

PPE t = gross property, plant and equipment at the end of fiscal year t ROA t = return on assets in year t a, b, c, d = regression coefficients Modified Jones Model of Accruals Accruals t = a (1/Assets t-1

) + b Sales t + c PPE t + d ROA t + t Computed accruals, based on several years data history, compared to actual current year data, to identify unusual accruals indicative of possible fraud Manipulation of discretionary accruals a relatively easy fraud A major goal is income smoothing or creation of cookie-jar reserves This analysis can be useful even for routine audit applications Discretionary Accruals Model Abuse of discretionary accruals most common when there are a range of

such accruals (e.g., warranty obligations) available Used not just to boost earnings, but often also to suppress them Minor, subtle abuses might not be observed using this approach This analysis can be useful even for routine audit applications Beneish M-Score Model Mathematical model to flag earnings management actions Uses eight ratios that capture financial statement distortions that result from either actual

manipulations or proclivity to engage in earnings manipulation Research shows that this does have use in fraud audits, and even in routine financial statement examinations Beneish M-Score Model M = - 4.84 + 0.920 DSR + 0.528 GMI + 0.404 AQI + 0.892 SGI + 0.115 DEPI - 0.172 SGAI + 4.679 TATA - 0.327 LEVI Where

(details of computations are in workshop hand out material) DSR = change in days sales in receivables GMI = change in gross margin on sales AQI = change in asset quality index SGI = sales growth index DEPI = change in depreciation rate index SGAI = change in selling, general and administrative costs index TATA = change total accruals to total assets index LEVI = change in leverage index If M > 2.22, there is indication of manipulation

Altman Z-Score Model Mathematical model to predict insolvency risk, developed in 1960s Insolvency risk an issue even for routine audits, because of need to flag in going concern uncertainty opinion Because fraud is a good leading indicator of insolvency (many victim companies become insolvent and fail), this is useful as fraud detection

device Has been shown to be 80% to 90% effective Altman Z-Score Model for Public Co. Z = 1.2 X1 + 1.4 X2 + 3.3 X3 + 0.6 X4 + 0.999 X5 Where X1 X2 X3 X4 X5 =

= = = = (details of computations are in hand out course materials) working capital index retained earnings index earnings index leverage index (using market values) asset turnover index

If Z < 1.81, there is indication that entity is or will become insolvent If Z > 2.99, there is indication that entity is not at risk of near term insolvency Altman Z-Score Model for Non-Public Co. Z = 0.717 X1 + 0.847 X2 + 3.107 X3 + 0.420 X4 + 0.999 X5 Where X1 X2 X3 X4 X5 =

= = = = (details of computations are in hand out course materials) working capital index retained earnings index earnings index leverage index (using book values) asset turnover index

If Z < 1.23, there is indication that entity is or will become insolvent If Z > 2.90, there is indication that entity is not at risk of near term insolvency Zmijewski Probit Model of Distress Mathematical model to predict bankruptcy within two years Uses only three explanatory variables Employs technique called probit analysis, yielding binary result Score > 50% means high probability of default Zmijewski Score = - 4.336 - 4.513*(Net Income Total Assets) + 5.679*(Total Liabilities Total Assets) + 0.004*(Current Assets Current Liabilities)

Ohlson Logit Model of Distress Mathematical model to predict bankruptcy related to probit models Uses nine explanatory variables, including two dummies Employs technique called probit analysis, yielding binary result Score > 50% means high probability of default Studies show over 96% effectiveness O-score = 1.32 0.407*AS + 6.03*LM 1.43*WCM + 0.757*ICR 2.37*ROA 1.83*FTDR -1.72*DCLM + 0.285*DCRA 0.521*CINI Ohlson Logit Model of Distress Where

(details of computations are in hand out workshop material) AS = adjusted size LM = leverage measure WCM = working capital measure ICR = inverse current ratio ROA = return on assets FTDR = funds to debt ratio DCLM = discontinuity correction for leverage measure DCRA = discontinuity correction for return on assets CINI = change in net income Effective Specific Tools

Four column bank reconciliations (proof of cash) re: kiting Review of deposit tickets (to seek evidence of lapping) Close examination of non-cash credits to customer accounts Reviewing ALL general journal entries Confirming terms of customer transactions, not just balances Follow up (telephonic, personal) interviews with customers, vendors Accrual reviews Confirming all non-standard transactions, including loans, capital infusions Examination of all board authorizations, meeting minutes Surprise inventory observations Management Override, Skepticism, and Other Matters

Dealing with risk of management override Always a risk to be addressed in audit planning Common component of many financial reporting frauds Cant be fully controlled even by the strictest IC systems Common purposes of management override of controls Recording fictitious business events or transactions Establishing or reversing reserves, including from business acquisitions Altering records to conceal significant or unusual transactions Controlling Risk of Management Override Maintaining requisite professional skepticism Strengthening oversight by those responsible for governance

Members of board need to be financially literate Members need to understand the business and its risks Need to appreciate factors that threaten managements ability to accomplish its legitimate goals and strategies Engaging in brainstorming to flush out risk factors Imposing and monitoring compliance with code of conduct Cultivating whistle-blower behaviors Developing broad information and feedback networks Professional Skepticism Required under professional auditing standards (ISA 200) Fundamental to successful completion of all audits

Reviews of failed audits (and others) finds deficit of skepticism The single biggest threat to auditing (followed by insufficient evidence) Key to fraud detection Skepticism as Sine Qua Non of Auditing Indispensible attitude that must be exhibited by entire team How to teach, train young auditors a research question? Congruent behavior traits might eliminate some would-be auditors In practice, very often missing or insufficient (e.g., Enron, Parmalat) Must be encouraged by upper level team members May result in over auditing by lower ranks, but accepted as cost If staff are disciplined for being too skeptical, long-term impact is bad Kings new clothes syndrome fear of upsetting clients (e.g., Enron)

Trust but verify must become standard approach for all audits Even routine items (on sample basis) must be challenged Auditors must maintain element of surprise, despite push-back or costs The Lack of Professional Skepticism Findings of the (US) PCAOBs inspections: Observations from the PCAOBs oversight activities continue to raise concerns about whether auditors consistently and diligently apply professional skepticism. Certain circumstances can impede the appropriate application of professional skepticism and allow unconscious biases to prevail, including incentives and pressures from certain conditions inherent in the audit environment, scheduling and workload demands, or an inappropriate level of confidence or trust in management.

The Lack of Professional Skepticism Findings from UK Financial Reporting Council . . . We are concerned to see insufficient evidence of firms applying professional skepticism, robustly challenging managements assumptions, or requesting that adjustments be made to the financial statements. Findings from Canadian Public Accountability Board An engaged auditor is an important component to a high quality audit. If the auditor approaches the audit with an appropriate degree of professional skepticism, engages the right specialists, develops and implements an effective audit plan, and challenges management throughout the process, it will have done its part to ensure a quality audit. Research on Auditor Skepticism

An encouraging research paper, Training Auditors to Think Skeptically (by Plumlee, Rixon, and Rosman), supported by a grant from the Center for Audit Quality (CAQ), was exposed in April 2012 Suggests that auditors can be trained to think skeptically Represents skepticism as diagnostic reasoning process, incorporating both divergent and convergent thinking processes Somewhat similar to the already-required brainstorming act Training to Think Skeptically See details in workshop hand out material at pp. 35-6 Training to Think Skeptically

Training to Think Skeptically Training to Think Skeptically Research on Auditor Skepticism In her 2001 paper, Development of an Instrument to Measure Professional Skepticism, R. Kathy Hurtt (University of Wisconsin Madison) developed a 30-item instrument for measuring whether a person possesses the characteristics of a skeptic See p. 36 of workshop hand out material Research on Auditor Skepticism

Auditor Skepticism Can Be Developed Exposure to a forensic accounting course can improve skepticism inclinations among newly emerging auditors Must be reinforced once into the real world by firm culture and ethics Actions by firms can help sustain this training Referring to clients as auditees to reinforce relative roles Staff rewards must be congruent with desired behaviors Use of anonymous surveys among staff re: partner behaviors Review of key audit decisions at challenge meetings PCAOB on Operationalizing Skepticism Attributes

Performance by persons having relevant training and proficiency Assignment to tasks based on levels of knowledge, experience Mindset No preconceptions about management honesty Keeping risk of fraud front of mind at all time Actions Gathering and objectively evaluating audit evidence by considering the competency and sufficiency of the evidence, throughout the entire audit process Operationalizing Skepticism

Thank Thank you you for for your your attention attention 1. Introduction to the Workshop Topic and Presenters 2. Overview of Components of Anti-Fraud Program and where Companies are Challenged 3. Investigation Case Studies 4. Remediation/Resolution 5. Questions, Discussion & Coffee Break

6. Detection of Fraud: Training and Techniques 7. Fraud Theory: Models and Tools to Assess Fraud Risk 8. Questions, Discussion and Closing Remarks Fraud Panel Dr. Sridhar Ramamoorti ACA, CPA/CITP/CFF/CGMA, CIA, CFE, CFSA, CGAP, CGFM, CRMA, CICA, CRP, MAFF 2016 AAA International Accounting Section Midyear Meeting Workshop

Thursday, February, 18, 2016 New Orleans, Louisiana DISCLAIMER! Dr. Sridhar Ramamoorti Member, PCAOB Standing Advisory Group Views expressed in this presentation and during 2015 AAA-Chicago meeting panel participation are my own and should not be attributed to nor assumed endorsed by either the PCAOB or rest of SAG membership. 78

On Austensible Comprehension & Comprehensibility The most incomprehensible fact about the universe is that it is comprehensible. --Albert Einstein, Physics Nobel Laureate The most comprehensible fact about human behavior is that it is incomprehensible. --David Fisher, Professor of Cosmochemistry, University of Miami 79 OVERVIEW

1. Bringing Freud to Fraud or Behavioral Forensics is about understanding the mind of the fraudster 2. Anticipating and Responding to their Modus Operandi: Think like a crook to catch a crook 3. A-B-C Theory: Bad Apple, Bad Bushel, Bad Crop 4. Human factors pot pourri: Behavioral/integrity risks in the C-suite, tone from the top/culture, professional skepticism/attitude, performance metrics, response to bad behavior (10-80-10), emotional manipulation, fraudster personalities, etc. 80 BRINGING FREUD TO FRAUD:

THINK LIKE A CROOK TO CATCH A CROOK 81 The hands manipulate the sword, the mind manipulates the hands. Cultivate the mind and do not be deceived by tricks, feints, and schemes. They are the properties of the magician, not the samurai. Saito Yakuro, 19th century Japanese swordsman

82 INSIGHTS FROM BEHAVIORAL SCIENCES Ramamoorti, 2008, a paper in Issues in Accounting Education, a AAA journal, advocated the inclusion of behavioral sciences in fraud/forensic accounting courses Ramamoorti, Koletar, & Morrison, IFP 2009/JFIA 2014 Bringing Freud to Fraud: Understanding the State-ofMind of the White Collar Criminal (Focus on C-Suite, an IFP-sponsored 2009 study that inspired the ABC book) Underlying psycho(logical) decision calculus-Perpetration of fraud is a very human endeavor, involving deception, purposeful intent, intensity of desire, risk of apprehension, violation of trust, rationalization, etc. 83

BRINGING FREUD TO FRAUD Fraud, or violation of trust, is all about human behavior! Not about the controls, accounting, or technology. It is about PEOPLE and TRUSTand MONEY. 1. 2. Internal controls are process-oriented and peopleneutral (need re-purposing on behavioral/integrity risks) Internal controls completely ineffective against collusion, but fraud is a teamsport and culture is an enabler: a. b.

c. In 89% of the cases studied, the CEO & CFO colluded (COSO) CEOs pressuring CFOs to cook books (Conference Board, 2011) Wall Street culture has come under scrutiny (Dudley, 2014) THINK: How can we afford to ignore ? 84 FINANCIAL & BEHAVIORAL FORENSICS Following the work of Dorrell & Gadawski (2012), financial and behavioral forensics encompass: the ART and SCIENCE of investigating

PEOPLE, MONEY, and associated PATTERNS whether or not presented before a trier-of-fact or an adjudicated forum When knowledge cannot be transferred or replicated, there is no science, only subjective art. No amount of experience will make a subjective valuation objective. Without a set of reasoned principles, there is nothing to light our way. (Larry Kasper, CPA, 1997) 85 ANTICIPATING AND RESPONDING TO FRAUDSTERS MODUS

OPERANDI 86 Fraudster Modus Operandi --On Lying: Suggestio falsi, Suppressio veri --Cialdinis (Ph.D., Columbia) pioneering work since 1984 on the science of persuasion and the six basic principles of influence: reciprocity, commitment and consistency, social proof, liking, authority, and scarcity --Social Engineering: Why human beings are the weakest link in security chain (Kevin Mitnick, 2000) --Art of Spinning: Felon Samuel Antar on spinning

--Industrial psychopathsSnakes in Suits (Babiak & Hare, 2006); Narcissism (Johnson et al., 2012) --The Honest Truth About DishonestyAriely (2012) --Dark Triad research by Paulhus et al. (from 2002) 87 FRAUD TRIANGLE: CONCEPT & ACTION 88 A-B-C THEORY: BAD APPLE BAD BUSHEL

BAD CROP 89 Human Factors to Ponder Human factors pot pourri:

Fraud from the top: Behavioral/integrity risks in the C-suite Tone from the top and organizational/industry culture Professional skepticism/ non-gullible attitude of system actors Performance metrics: feel-think people respond to incentives Response to bad behavior (10 - 80 -10 anecdote) Recognizing and safeguarding against emotional manipulation Understanding Dark Triad fraudster personalities

Psychological autopsy of governance failures Psycho-biology, neuroscience-inspired motivations (Perkins, 2016) Using technology to unearth behavioral cues: size of CFO signatures, voice layering, polygraphs, forensic lexicology, FACS by Ekman for facial expressions, body language, micro-gestures 90 1. Introduction to the Workshop Topic and Presenters 2. Overview of Components of Anti-Fraud Program and where Companies are Challenged 3. Investigation Case Studies 4. Remediation/Resolution

5. Questions, Discussion & Coffee Break 6. Detection of Fraud: Training and Techniques 7. Fraud Theory: Models and Tools to Assess Fraud Risk 8. Questions, Discussion and Closing Remarks Thank You!

Recently Viewed Presentations

  • GRAMPS Overview - Computer graphics

    GRAMPS Overview - Computer graphics

    Extending GRAMPS Shaders Jeremy Sugerman June 2, 2009 FLASHG Agenda GRAMPS Reminder (quick!) Reductions Reductions and more with GRAMPS Shaders GRAMPS Reminder GRAMPS Shaders Facilitate data parallelism Benefits: auto-instancing, queue management, implicit parallelism, mapping to 'shader cores' Constraints: 1 input...
  • Organic Compounds - AP Biology

    Organic Compounds - AP Biology

    Organic Compounds Necessities for Life Special Chemicals of Life What is an organic compound? In Biology, the word organic means "relating to organisms" NOT food grown without the use of pesticides, antibiotics, or other industrial chemicals.
  • Project Roslyn - joehummel

    Project Roslyn - joehummel

    What is Project Roslyn? The ".NET Compiler Platform" Replacement of existing .NET compilers with new ones. csc for C#. vbc for VB.NET. SDC Meetup Sept 2014
  • CS 2123 Data Structures

    CS 2123 Data Structures

    Computer Science Main Lab. Location: NPB 2.118. It has about 40 Linux workstations running 14.04. On the left side, it also has about 40 VDI workstations.
  • Reform Movements - Cedar Mountain Secondary

    Reform Movements - Cedar Mountain Secondary

    Write down on a post-it one of the facts that you learned when interviewing your reformer - Put your name on the post-it. After you have done this, Frederick Douglass interviewers trade with Elizabeth Stanton, and Horace Mann trade with...
  • Public Domain vigour in Copyright based on John

    Public Domain vigour in Copyright based on John

    Public Domain vigour in Copyright based on John Locke 4rd International Conference on Information Law 2011 "Values and freedoms in modern information law and ethics"
  • West, Ford, & Ibrahim Strategic Marketing, 3rd edition

    West, Ford, & Ibrahim Strategic Marketing, 3rd edition

    is a collection of shared values and beliefs that are reflected as "acceptable" behaviour by a specific group of people. Culture comprises of: core beliefs and values . which are passed on from parents to children and are reinforced by...
  • MP3 Overview - University of California, San Diego

    MP3 Overview - University of California, San Diego

    MP3 Overview John Ehrhardt Elena Silenok CSE228 - Spring 03 Where did MP3 come from? In 1987 the Fraunhofer IIS (Institut Integreierte Schaltungen) started work on audio encoding In 1991 with Prof. Deiter Seitzler from the University of Erlangen they...