978-0134474021 Chapter 5 Solutions Manual Part 1

Unlock access to all the studying documents.

View Full Document

CHAPTER 5

FRAUD

SUGGESTED ANSWERS TO DISCUSSION QUESTIONS

5.1 Do you agree that the most effective way to obtain adequate system security is to rely

on the integrity of company employees? Why or why not? Does this seem ironic?

What should a company do to ensure the integrity of its employees?

The statement is ironic because employees represent both the greatest control strength and

the greatest control weakness. Honest, skilled employees are the most effective fraud

deterrent. However, when fraud occurs, it often involves an employee in a position of trust.

As many as 90% of computer frauds are insider jobs by employees.

Managing Disgruntled Employees: Some employees who commit a fraud are

Culture. Create an organizational culture that stresses integrity and commitment to both

Management Style. Adopt an organizational structure, management philosophy,

Employee Training: Employees should be trained in appropriate behavior, which is

5-1

Ch. 5: Fraud

5.2 You are the president of a multinational company where an executive confessed to

kiting $100,000. What is kiting and what can your company do to prevent it? How

would you respond to the confession? What issues must you consider before pressing

charges?

In a kiting scheme, cash is created using the lag between the time a check is deposited and

Kiting can be detected by analyzing all interbank transfers. Since the scheme requires

constant transferring of funds, the number of interbank transfers will usually increase

When the employee confesses, the company should immediately investigate the fraud and

Employers should consider the following issues before pressing charges:

How will prosecuting the case impact the future success of the business?

What effect will adverse publicity have upon the company’s well being? Can the

publicity increase the incidence of fraud by exposing company weaknesses?

What social responsibility does the company have to press charges?

Does the evidence ensure a conviction?

If charges are not made, what message does that send to other employees?

Will not exposing the crime subject the company to civil liabilities?

5-2

Accounting Information Systems

5.3 Discuss the following statement by Roswell Steffen, a convicted embezzler: “For every

foolproof system, there is a method for beating it.” Do you believe a completely secure

computer system is possible? Explain. If internal controls are less than 100%

effective, why should they be employed at all?

The old saying “where there is a will, there is a way” applies to committing fraud and to

breaking into a computer system. It is possible to institute sufficient controls in a system so

5-3

Ch. 5: Fraud

5.4 Revlon hired Logisticon to install a real-time invoice and inventory processing system.

Seven months later, when the system crashed, Revlon blamed the Logisticon

programming bugs they discovered and withheld payment on the contract. Logisticon

contended that the software was fine and that it was the hardware that was faulty.

When Revlon again refused payment, Logisticon repossessed the software using a

telephone dial-in feature to disable the software and render the system unusable. After

a three-day standoff, Logisticon reactivated the system. Revlon sued Logisticon,

charging them with trespassing, breach of contract, and misappropriation of trade

secrets (Revlon passwords). Logisticon countersued for breach of contract. The

companies settled out of court.

Would Logisticon’s actions be classified as sabotage or repossession? Why? Would

you find the company guilty of committing a computer crime? Be prepared to defend

your position to the class.

This problem has no clear answer. By strict definition, the actions of Logisticon in halting

the software represented trespassing and an invasion of privacy. Some states recognize

5-4

Accounting Information Systems

5.5 Because improved computer security measures sometimes create a new set of

problems—user antagonism, sluggish response time, and hampered performance—

some people believe the most effective computer security is educating users about

good moral conduct. Richard Stallman, a computer activist, believes software

licensing is antisocial because it prohibits the growth of technology by keeping

information away from the neighbors. He believes high school and college students

should have unlimited access to computers without security measures so that they can

learn constructive and civilized behavior. He states that a protected system is a puzzle

and, because it is human nature to solve puzzles, eliminating computer security so

that there is no temptation to break in would reduce hacking.

Do you agree that software licensing is antisocial? Is ethical teaching the solution to

computer security problems? Would the removal of computer security measures

reduce the incidence of computer fraud? Why or why not?

Answers will vary. Students should consider the following conflicting concepts:

Software licensing encourages the development of new ideas by protecting the efforts of

businesses seeking to develop new software products that will provide them with a profit

and/or a competitive advantage in the marketplace. This point is supported by the

following ideas:

5-5

Ch. 5: Fraud

SUGGESTED ANSWERS TO THE PROBLEMS

5.1 You were asked to investigate extremely high, unexplained merchandise shortages at a

department store chain. Classify each of the five situations as a fraudulent act, an

indicator of fraud, or an event unrelated to the investigation. Justify your answers.

Adapted from the CIA

Examination

a. The receiving department supervisor owns and operates a boutique carrying

many of the same labels as the chain store. The general manager is unaware of

the ownership interest.

b. The receiving supervisor signs receiving reports showing that the total quantity

shipped by a supplier was received and then diverts 5% to 10% of each

shipment to the boutique.

This is a fraudulent act because there is a theft accompanied by:

1. A false statement, representation, or disclosure (signing the receiving report)

c. The store is unaware of the short shipments because the receiving report

accompanying the merchandise to the sales areas shows that everything was

received.

d. Accounts Payable paid vendors for the total quantity shown on the receiving

report.

Proper internal control says that Accounts Payable should match the vendor’s invoice

to both the purchase order and the receiving report. Because this matching would not

detect the theft, some may argue that this is a weakness in internal control. However,

5-6

Accounting Information Systems

e. Based on the receiving department supervisor’s instructions, quantities on the

receiving reports were not counted by sales personnel.

This is the same internal control weakness described in part c. The receiving

department supervisor gave those instructions to facilitate his or her fraud

5.2 A client heard through its hot line that John, the purchases journal clerk, periodically

enters fictitious acquisitions. After John creates a fictitious purchase, he notifies Alice,

the accounts payable ledger clerk, so she can enter them in her ledger. When the

payables are processed, the payment is mailed to the nonexistent supplier’s address, a

post office box rented by John. John deposits the check in an account he opened in the

nonexistent supplier’s name. Adapted from the CIA Examination.

a. Define fraud, fraud deterrence, fraud detection, and fraud investigation.

Fraud is gaining an unfair advantage over another person. Legally, for an act to be

fraudulent there must be:

1. A false statement, representation, or disclosure

2. A material fact, which is something that induces a person to act

3. An intent to deceive

5-7

Ch. 5: Fraud

b. List four personal (as opposed to organizational) fraud symptoms, or red-flags,

that indicate the possibility of fraud. Do not confine your answer to this example.

High personal debts or significant financial or investment losses.

Expensive lifestyle; living beyond your means.

Extensive gambling, alcohol, or drug problems.

Significant personal or family problems.

c. List two procedures you could follow to uncover John’s fraudulent behavior.

1. Inspecting the documentation supporting the release of a check to a vendor. There

2. Tracing all payments back to the supporting documentation. The receiving

5-8

Accounting Information Systems

5.3 The computer frauds that are publicly revealed represent only the tip of the iceberg.

Although many people perceive that the major threat to computer security is external,

the more dangerous threats come from insiders. Management must recognize these

problems and develop and enforce security programs to deal with the many types of

computer fraud.

Explain how each of the following six types of fraud is committed. Using the format

provided, also identify a different method of protection for each and describe how it

works Adapted from the CMA Examination.

Type of

Fraud

Explanation Identification and Description of

Protection Methods

Input

manipulation

This requires the least amount of

technical skill and little

Documentation and Authorization

Data input format authorized and

Program

alteration

Program alteration requires

programming skills and

knowledge of the program.

Program coding is revised for

fraudulent purposes. For

Ignore certain transactions

Programmers should not be allowed to

make changes to actual production

source programs and data files.

Segregation of Duties

Programmers should not have access to

5-9

Ch. 5: Fraud

File

alteration

Defrauder revises specific data or

manipulates data files. For

example:

Transferring balances among

Restrict Access to Equipment/Files

Restrict access to computer center.

Programmers and analysts should not

Restrict computer operator access to

Sabotage Physical destruction of hardware or

Terminated employees immediately

Theft of

Unauthorized use of a company’s

Assigning blocks of time to processing

5-10