The document discusses various topics related to ethics, fraud, and internal controls. It begins with an icebreaker activity called "Never Have I Ever" and poses several personal questions. It then covers business ethics and issues, computer ethics, and the Sarbanes-Oxley Act. Fraud topics discussed include the fraud triangle, schemes like fraudulent statements and asset misappropriation, and perpetrators of fraud. Underlying problems like lack of auditor independence are analyzed. Finally, the document discusses internal control concepts around safeguarding assets, ensuring accurate records, and promoting efficiency.
15. ETHICAL ISSUES IN BUSINESS
⢠Business Ethics
⢠Computer Ethics
⢠Sarbanes-Oxley Act and Ethical
Issues
16. Ethical Issues in
Business
Ethical standards are derived from
societal mores and deep-rooted
personal beliefs about issues of
right and wrong that are not
universally agreed upon.
18. ETHICS
18
It pertains to the principles of
conduct that individuals use in
making choices and guiding
their behavior in situations that
involve the concepts of right
and wrong.
19. BUSINESS ETHICS
19
Involves finding the answers to two
questions:
(1) How do managers decide what is right in
conducting their business?
(2) Once managers have recognized what is
right, how do they achieve it?
UP!!!!
20. BUSINESS ETHICS
20
Ethical issues in business can be divided into
four areas:
ď§Equity
ď§Rights
ď§Honesty
ď§The Exercise
of Corporate
Power
22. Business organizations have conflicting
responsibilities to their employees,
shareholders, customers, and
the public.
Making Ethical
Decisions
23. Every major decision has
consequences that potentially
harm or benefit these constituents.
Making Ethical
Decisions
24. The benefit from a decision
must outweigh the risks.
PROPORTIONALITY
UP!!!!
25. ÂťJustice
The benefits of the decision should be
distributed fairly to those who share the risks.
Those who do not benefit should not carry
the burden of risk.
PROPORTIONALITY
26. ÂťMinimize Risk
Even if judged acceptable by the principles,
the decision should be implemented so as
to minimize all of the risks and avoid any
unnecessary risks.
PROPORTIONALITY
27. COMPUTER ETHICS
27
the analysis of the nature and social impact
of computer technology and the
corresponding formulation and justification
of policies for the ethical use of such
technology
UP!!!!
29. COMPUTER ETHICS
29
â Pop Computer Ethics
simply the exposure to stories and reports
found in the popular media regarding the
good or bad ramifications of computer
technology.
30. COMPUTER ETHICS
30
â Para Computer Ethics
involves taking a real interest in computer
ethics cases and acquiring some level of skill
and knowledge in the field
31. COMPUTER ETHICS
31
â Theoretical Computer Ethics
interest to multidisciplinary researchers who
apply the theories of philosophy, sociology,
and psychology to computer science with the
goal of bringing some new understanding to
the field.
32. â
A New Problem or Just a New
Twist on an Old Problem?
32
Privacy
People desire to be in full control of
what and how much information
about themselves is available to
others, and to whom it is available.
ď§Should the privacy of individuals be protected
through policies and systems?
ď§What information about oneself does the individual
own?
ď§Should firms that are unrelated to individuals buy and sell
information about these individuals without their
permission?
33. â
A New Problem or Just a New
Twist on an Old Problem?
33
Security (Accuracy
and Confidentiality)
Security systems attempt to prevent
fraud and other misuse of computer
systems, they act to protect
and further the legitimate interests of
the systemâs constituencies.
ď§Which is the more important goal? Automated monitoring
can be used to detect intruders or other misuse, yet it can also be
used to spy on legitimate users, thus diminishing their privacy.
Where is the line to be drawn? What is an appropriate use and
level of security? Which is most important: security, accuracy, or
confidentiality?
UP!!!!
34. â
A New Problem or Just a New
Twist on an Old Problem?
34
Ownership of Property
Copyright laws have been
invoked in an attempt to protect
those who develop software
from having it copied.
35. â
A New Problem or Just a New
Twist on an Old Problem?
35
Equity in Access
Some barriers to access are
intrinsic to the technology of
information systems, but some
are avoidable through careful
system design.
36. â
A New Problem or Just a New
Twist on an Old Problem?
36
Environmental Issues
Computers with high-speed printers allow for the
production of printed documents faster than ever
before. It may be more efficient or more
comforting to have a hard copy in addition to the
electronic version. However, paper comes from
trees, a precious natural resource, and ends up in
landfills if not properly recycled.
37. â
A New Problem or Just a New
Twist on an Old Problem?
37
Unemployment and Displacement
Many jobs have been and are being
changed as a result of the
availability of computer technology
People unable or unprepared to
change are displaced.
ď§Should employers be responsible for retraining workers
who are displaced as a result of the computerization of
their functions?
UP!!!!
38. â
A New Problem or Just a New
Twist on an Old Problem?
38
Misuse of Computers
Computers can be misused in many ways.
Copying proprietary software, using a
companyâs computer for personal benefit,
and snooping through other peopleâs files
are just a few obvious examples.
ď§What harm is done to the software developer when people
make unauthorized copies?
ď§A computer is not an item that deteriorates with use, so is there
any harm to the employer if it is used for an employeeâs personal
benefit?
ď§Is it okay to look through paper files that clearly belong to
someone else?
ď§Is there any difference between paper files and computer files?
UP!!!!
39. â The Act is named after its sponsors,
Senator Paul Sarbanes, D-Md., and
Congressman Michael Oxley, R-Ohio. It's
also called Sarbox or SOX. It became law
on July 30, 2002.
39
SARBANES-OXLEY ACT AND
ETHICAL ISSUES
40. â The Sarbanes-Oxley Act of 2002 is a
federal law that established sweeping
auditing and financial regulations for
public companies. Lawmakers created
the legislation to help protect
shareholders, employees and the public
from accounting errors and fraudulent
financial practices.
40
SARBANES-OXLEY ACT AND
ETHICAL ISSUES
41. FRAUD AND ACCOUNTANTS
⢠Definitions of Fraud
⢠The Fraud Triangle
⢠Financial Losses from Fraud
⢠The Perpetrators of Frauds
42. - false representation of a material fact
made by one party to another party with
the intent to deceive and induce the
other party to justifiably rely on the fact
to his or her detriment.
FRAUD
43. â False representation
â Material fact
â Intent
â Justifiable reliance.
â Injury or loss.
43
Fraudulent act must meet the
following five conditions:
44. In accounting literature, fraud
is also commonly known as
white-collar crime,
defalcation, embezzlement,
and irregularities.
44
UP!!!!
45. â Give one of the five conditionsâŚ..
45
Fraudulent act must meet the
following five conditions:
46. Two levels of Fraud
46
â Employee fraud
â Management fraud
47. - or fraud by non-management
employees, is generally designed
to directly convert cash or other
assets to the employeeâs personal
benefit.
47
Employee fraud
48. - is more insidious than employee
fraud because it often escapes
detection until the organization
has suffered irreparable damage
or loss.
48
Management fraud
49. â The fraud is perpetrated at levels of management above
the one to which internal control structures generally
relate.
â 2. The fraud frequently involves using the financial
statements to create an illusion that an entity is healthier
and more prosperous than, in fact, it is.
â 3. If the fraud involves misappropriation of assets, it
frequently is shrouded in a maze of complex business
transactions, often involving related third parties.
49
Management fraud typically
contains three special
characteristics:
50. The fraud triangle consists of three
factors that contribute to or are
associated with management and
employee fraud
50
THE FRAUD TRIANGLE
51. â (1) situational pressure, which includes personal or
job-related stresses that could coerce an individual
to act dishonestly;
â (2) opportunity, which involves direct access to
assets and/or access to information that controls
assets, and;
â (3) ethics, which pertains to oneâs character and
degree of moral opposition to acts of dishonesty
51
THE FRAUD TRIANGLE
UP!!!!
52. The --------- consists of three
factors that contribute to or are
associated with management and
employee fraud
52
58. Three broad categories of fraud schemes
â fraudulent statements
â Corruption
â asset misappropriation
58
THE FRAUD SCHEMES
59. â this class of fraud scheme, the
statement itself must bring direct or
indirect financial benefit to the
perpetrator
59
Fraudulent Statements
60. â For example, misstating the cash account balance
to cover the theft of cash is not financial
statement fraud.
â On the other hand, understating liabilities to
present a more favourable financial picture of the
organization to drive up stock prices does fall
under this classification.
60
Fraudulent Statements
61. 61
these numbers fail to reflect the
human suffering that parallels them
in the real world
UP!!!
62. â
Three broad categories of
fraud schemes
â fraudulent statements
â asset misappropriation
â ANDâŚ?
62
63. â
â this class of fraud scheme,
the statement itself must
bring ---------------- benefit
to the perpetrator
63
64. THE UNDERLYING PROBLEMS
â Lack of Auditor Independence
â Lack of Director Independence
â Questionable Executive Compensation
Schemes
â Inappropriate Accounting Practices
64
65. THE UNDERLYING PROBLEMS
â Lack of Auditor Independence
- Auditing firms that are also engaged by their
clients to perform non-accounting activities
- For example, Enronâs auditorsâArthur
Andersenâwere also their internal auditors
and their management consultants.
65
66. THE UNDERLYING PROBLEMS
â Lack of Director Independence
directors who have a personal relationship
- by serving on the boards of other directorsâ companies
- have a business trading relationship as key customers or
suppliers of the company
- have a financial relationship as primary stockholders or
have received personal loans from the company
- have an operational relationship as employees of the
company
66
67. THE UNDERLYING PROBLEMS
â Questionable Executive Compensation
Schemes
- fewer stock options should be offered than
currently is the practice
67
68. THE UNDERLYING PROBLEMS
â Inappropriate Accounting Practices
- use of special-purpose entities to hide
liabilities through off-balance-sheet
accounting
68
UP!!!
69. THE UNDERLYING PROBLEMS
â ----------------
- Auditing firms that are also engaged by their
clients to perform non-accounting activities
- For example, Enronâs auditorsâArthur
Andersenâwere also their internal auditors
and their management consultants.
69
70. Three broad categories of fraud schemes
â fraudulent statements
â Corruption
â asset misappropriation
70
THE FRAUD SCHEMES
----------------------------------------------------------------
71. â involves an executive, manager, or employee of
the organization in collusion with an outsider
â 4 principal types:
â Bribery
â illegal gratuities
â conflicts of interest
â economic extortion
71
Corruption
72. â involves giving, offering, soliciting, or receiving
things of value to influence an official in the
performance of his or her lawful duties
72
BRIBERY
73. â involves giving, receiving, offering, or soliciting
something of value because of an official act that
has been taken
73
ILLEGAL GRATUITIES
74. â occurs when an employee acts on behalf of a
third party during the discharge of his or her
duties or has self-interest in the activity being
performed
74
CONFLICTS OF INTEREST
75. â is the use (or threat) of force (including economic
sanctions) by an individual or organization to
obtain something of value
75
ECONOMIC EXTORTION
UP!!!
79. â assets are either directly or indirectly diverted to
the perpetratorâs benefit
79
ASSET MISAPPROPRIATION
80. â involves stealing cash from an organization before
it is recorded on the organizationâs books and
records
80
SKIMMING
81. â involves schemes in which cash receipts are
stolen from an organization after they have been
recorded in the organizationâs books and records
81
CASH LARCENCY
82. â also known as vendor fraud, are perpetrated by employees
who causes their employer to issue a payment to a false
supplier or vendor by submitting invoices for fictitious goods
or services, inflated invoices, or invoices for personal
purchases.
â SHELL COMPANY
â PASS THROUGH FRAUD
â PAY-AND-RETURN
82
BILLING SCHEMES
83. â involves forging or changing in some material way
a check that the organization has written to a
legitimate payee
83
CHECK TAMPERING
84. â the distribution of fraudulent paychecks to
existent and/or non-existent employees
84
PAYROLL FRAUD
85. â are schemes in which an employee makes a claim
for reimbursement of fictitious or inflated
business expenses. For example, a company
salesperson files false expense reports, claiming
meals, lodging, and travel that never occurred.
85
EXPENSE REIMBURSEMENTS
86. â are schemes that involve the direct theft of cash
on hand in the organization
86
THEFTS OF CASH
87. â schemes involve the theft or misuse of the victim
organizationâs non-cash assets. One example of
this is a warehouse clerk who steals inventory
from a warehouse or storeroom.
87
NON-CASH MISAPPROPRIATION
88. â Because computers lie at the heart of modern
accounting information systems, the topic of
computer fraud is of importance to auditors.
88
COMPUTER FRAUD
90. Internal Control Concepts and
Techniques
â 1. To safeguard assets of the firm.
â 2. To ensure the accuracy and reliability of
accounting records and information.
â 3. To promote efficiency in the firmâs
operations.
â 4. To measure compliance with managementâs
prescribed policies and procedures
94. The Preventive-DetectiveâCorrective
Internal Control Model
â Preventive Controls
It forces compliance with prescribed or desired
actions and thus screen out aberrant events.
ď§ Detective Controls
These are devices, techniques, and procedures designed to
identify and expose undesirable events that elude preventive controls.
ď§ Corrective Controls
These are actions taken to reverse the effects of
errors detected in the previous step.
95. SAS 78 / COSO
Describes the relationship between the firmâsâŚ
ď§ internal control structure,
ď§ auditorâs assessment of risk, and
ď§ the planning of audit procedures
âThe weaker the internal control structure, the higher the assessed level of
risk; the higher the risk, the more auditor procedures applied in the auditâ.
96. Five Internal Control
Components: SAS 78 / COSO
1. Control environment
2. Risk assessment
3. Information and communication
4. Monitoring
5. Control activities
97. 1: The Control Environment
â Integrity and ethics of management
â Organizational structure
â Role of the board of directors and the audit
committee
â Managementâs policies and philosophy
â Delegation of responsibility and authority
â Performance evaluation measures
â External influencesâregulatory agencies
â Policies and practices managing human resources
98. 2: Risk Assessment
â Identify, analyze and manage risks relevant to
financial reporting:
â changes in external environment
â risky foreign markets
â significant and rapid growth that strain internal controls
â new product lines
â restructuring, downsizing
â changes in accounting policies
99. 3: Information and
Communication
â The AIS should produce high quality information
which:
â identifies and records all valid transactions
â provides timely information in appropriate detail to permit
proper classification and financial reporting
â accurately measures the financial value of transactions
â accurately records transactions in the time period in
which they occurred
100. 4: Monitoring
The process for assessing the quality of internal
control design and operation
â Ongoing monitoring:
â computer modules integrated into routine
operations
â management reports which highlight
trends and exceptions from normal
performance
101. 5: Control Activities
â Policies and procedures to ensure that the
appropriate actions are taken in response to
identified risks
â Fall into two distinct categories:
â IT controlsârelate specifically to the computer
environment
â Physical controlsâprimarily pertain to human
activities
102. Two Types of IT Controls
â General controlsâpertain to the entity-wide
computer environment
â Examples: controls over the data center, organization
databases, systems development, and program maintenance
â Application controlsâensure the integrity of specific
systems
â Examples: controls over sales order processing, accounts
payable, and payroll applications
103. Six Types of Physical
Controls
â Transaction Authorization
â Segregation of Duties
â Supervision
â Accounting Records
â Access Control
â Independent Verification
104. Physical Controls
Transaction Authorization
â used to ensure that employees are carrying out
only authorized transactions
â general (everyday procedures) or specific (non-
routine transactions) authorizations
105. Segregation of Duties
â In manual systems, separation between:
â authorizing and processing a transaction
â custody and recordkeeping of the asset
â subtasks
Physical Controls
106. Physical Controls
Supervision
â A compensation for lack of segregation; some
may be built into computer systems
â An underlying assumption of supervision control
is that the firm employs competent and
trustworthy personnel. The competent and
trustworthy employee assumption promotes
supervisory efficiency.
107. Physical Controls
Accounting Records
â The accounting records of an organization
consist of source documents, journals, and
ledgers. These records capture the economic
essence of transactions and provide an audit trail
of economic events.
â Audit Trail
108. Access Controls
â help to safeguard assets by restricting physical access to them
Independent Verification
â reviewing batch totals or reconciling subsidiary accounts with
control accounts
â Through independent verification procedures, management can
assess (1) the performance of individuals, (2) the integrity of the
transaction processing system, and (3) the correctness of data
contained in accounting records.
Physical Controls