Accounting Information System - Misleading Advertising

- Questionable Business Practices in

Chapter 3: Ethics, Fraud, and Internal Control Foreign Countries
Ethical Issues in Business - Accurate Reporting of Shareholder
 Ethical standards are derived from Interests
societal mores and deep-rooted personal D. Exercise of Corporate Power
beliefs about issues of right and wrong - Political Action Committees
that are not universally agreed upon. - Workplace Safety
- Product Safety
 Business Ethics - Environmental Issues
- Divestment of Interest
*Ethics – pertains to the principles of conduct - Corporate Political Contributions
that individuals use in making choices and guiding - Downsizing and Plant Closures
their behavior in situations that involve the
concepts of right and wrong.  Making Ethical Decision
 Every major decision has consequences
(1) How do managers decide what is right in
that potentially harm or benefit these
conducting their business?
constituents.
(2) Once managers have recognized what is right,  Seeking a balance between these
how do they achieve it? consequences is the manager’s ethical
responsibility.
 Four areas of Ethical issues in Business:  Proportionality – the benefit frim
Equity, rights, honesty, and the exercise a decision must outweigh the
of corporate power risks.
a. Justice – The benefits of the
A. Equity decision should be
- Executive Salaries distributed fairly to those
- Comparable Worth whp share the risks.
- Product Pricing b. Minimize risk – avoid any
B. Rights unnecessary risks.
- Corporate Due Process
- Employee Health Screening  Computer Ethics
- Employee Privacy  The analysis of the nature and social
- Sexual Harassment impact of computer technology and
- Diversity the corresponding formulation and
- Equal Employment Opportunity justification of policies for the ethical
- Whistleblowing use of such technology.
C. Honesty
- Employee and Management Conflicts  Three levels of Computer Ethics
of Interest 1. Pop Computer Ethics – simply the
- Security of Organization Data and exposure to stories and reports found in
Records the popular media regarding the good or
 bad ramifications of computer E.Environmental Issues
technology.
2. Para Computer Ethics – involves taking a  It may be more efficient or more
real interest in computer ethics cases and comforting to have a hard copy in
acquiring some level of skill and addition to the electronic version.
knowledge in the field.  However, paper comes from trees, a
3. Theoretical Computer Ethics – of interest precious natural resource, and ends up in
to multidisciplinary researchers who landfills if not properly recycled.
apply the theories of philosophy, F.Artificial Intelligence
sociology, and psychology to computer
science with the goal of bringing some  Both knowledge engineers (those who
new understanding to the field. write the programs) and domain experts
(those who provide the knowledge about
*A new Problem or Just a New Twist on an Old the task being automated) must be
Problem concerned about their responsibility for
A. Privacy faulty decision, incomplete or inaccurate
knowledge bases, and the role given to
 People desire to be in full control of computers in the decision making
what and how much information process. (Chat GPT)
about themselves is available to
others. G. Unemployment and Displacement

B. Security (Accuracy and Confidentiality)  Many jobs have been and are being
changed as a result of the availability of
 An attempt to avoid such undesirable computer technology.
events as a loss of confidentiality or
data integrity. H. Misuse of Computers
 it attempts to prevent fraud and  Copying Proprietary software, using a
other misuse of computer systems. company’s computer for personal benefit,
C. Ownership of Property and snooping through other people’s
files.
 Intellectual Property is a kind of software
ownership. Copyright Law have been  Sarbanes – oxley Act and Ethical Issues
invokes in an attempt to protect those  Many provisions designed to deal with
who develop software from having it specific problems relating to capital
copied. market, corporate governance, and the
auditing profession.
D. Equity in Access

 The economic status of the individual or Section 406 – Code of Ethics for
the affluence of an organization will Senior Financial Officers
determine the ability to obtain  SOX requires public companies to disclose
information technology. to the SEC whether they have adopted a
 code of ethics that applies to the material misstatement of the financial
organization’s chief executive officer statements.
(CEO), CFO, controller, or persons  Statement on Auditing Standards (SAS)
performing similar function. No. 99, Consideration of Fraud in a
 A public company may disclose its code Financial Statement Audit.
of ethics in several ways: (1) included an
exhibit to its annual report, (2) as a  Definitions of Fraud
posting to its Web site, or (3) by agreeing  Denotes a false representation of a
to provide copies of the code upon material fact made by one party to
request. another party with the intent to deceive
and induce the other party to justifiably
*The SEC has ruled that compliance with Section rely on the fact to his or her detriment.
406 necessitates a written code of ethics that
addresses the following ethical issues. *Five condition to consider fraudulent act

A. Conflict of Interest – The company’s code of 1. False Representation

ethics should outline procedures for dealing with
actual or apparent conflicts of interest between 2. Material fact
personal and professional relationships. 3. Intent
B. Full and Fair Disclosures – this provision states 4. Justifiable reliance
that the organization should provide full, fair,
accurate, timely, and understandable disclosures 5. Injury or Loss
in the documents, reports, and financial
 Employee fraud by
statements that it submits to the SEC.
nonmanagement employees, is
C. Legal Compliance -Code of ethics should generally designed to directly
require employees to follow applicable convert cash or other assets to
governmental laws, rules and regulations. the employee’s personal benefit.
A. Stealing something of value
D. Internal Reporting of Code Violations – the (an asset).
code of ethics must provide a mechanism to B. Converting the asset to a
permit prompt internal reporting of ethics usable form (cash).
violations. C. Concealing the crime to avoid
E. Acocuntability – An effective ethics program detection.
must take appropriate action when code  Management Fraud
violations occur.  More insidious than employee fraud
because it often escapes detection until
 Fraud and Accountants the organization has suffered irreparable
 In SOX, it requires the auditor to test damage or loss.
controls specifically intended to prevent
or defect fraud likely to result in a *Three Special Characteristics of Management
Fraud
1. The fraud is perpretrated at levels of  Fraud Losses by Position within
management above the one to which internal the Organization – individuals in
control structures generally relate. the highest positions within an
organization are beyond the
2. The fraud frequently involves using the
internal control structure and
financial statement to create an illusion that an
have the greatest access to
entity is healthier and more prosperous than, in
company funds and assets.
fact , it is.
 Fraud Losses and the Collusion
3. If the fraud involves misappropriation of assets, Effect – One reason for
it frequently is shrouded in a maze of complex segregating occupational duties is
business transaction, often involving related to deny potential perpretrators
parties. the opportunity they need to
commit fraud. When individuals
 The Fraud Triangle in critical positions collude, they
1. Situational Pressure – which includes create opportunities to control or
personal or job-related stresses that gain access to assets that
could coerce an individual to act otherwise would not exist.
dishonestly.  Fraud Losses by Gender –
2. Opportunity - which involves direct Women are not fundamentally
access to assets and/or access to more honest than men, but men
information that control assets. occupy High Corporate position
3. Ethics – which pertains to one’s character in greater numbers than women.
and degree of moral opposition to acts of This affords men greater access
dishonesty. to assets.
 Fraud Losses by Age – Older
 Financial Losses from Fraud employee tend to occupy higher-
ranking positions and therefore
*Difficult to quantify for a number of reasons:
generally have greater access to
1. Not all fraud is detected company assets.
 Fraud Losses by Education –
2. of that detected, not all is reported those with more education
occupy higher positions in their
3. In many fraud cases incomplete information is
organizations and therefore have
gathered
greater access to company funds
4. Information is not properly distributed to and other assets.
management or law enforcement authorities.  Fraud Losses by Collusion – One
reason for segregating
5. Too often, business organization decide to take occupational duties is to deny
no civil or criminal action against the positions collude, they create
perpetrator(s) of fraud. opportunities to control or gain
 The Perpetrators of Fraud
 access to asset that otherwise during the discharge of his or her duties
would not exist. or has self-interest in the activity being
performed.
 Fraud Schemes d. Economic Extortion – the use of force
 Three broad categories of fraud schemes (including economic sanctions) by an
are defined: fraudulent statements, individual or organization to obtain
corruption, and asset misappropriation. something of value.

 Fraud Statements – are associated with  Asset Misappropriation

management fraud. Whereas all fraud  In which assets are either directly or
involves some form of financial indirectly diverted to the perpetrator’s
misstatement, to meet the definition to benefit.
the perpetrator.
A.) Lack of Auditor Independence  Skimming
B.) Lack of Director Independence  Involves stealing cash from an
C.) Questionable Executive Compensation organization before it is recorded on the
Schemes organization’s books and records.
D.) Inappropriate Accounting Practices
 Cash Larceny
[The act establishes a framework to modernize
 Involves schemes in which cash receipts
and reform the oversight and regulation of public
are stolen from an organization after they
company auditing.]
have been recorded in the organization’s
(1) The creation of an accounting oversight book and records.
board
(2) Auditor independence  Billing Schemes
(3) Corporate governance and responsibility  Vendor fraud, are perpetrated by
(4) Disclosure requirements employees who causes their employer to
(5) Penalties for fraud and other violations issue a payment to a false supplier or
vendor.
 Corruption a. Shell company – first requires that the
 Involves an executive, manager, or perpetrator establish a false supplier on
employee of the organization in collusion the books of the victim company
with an outsider. b. Pass through fraud – similar to the shell
a. Bribery – involves giving, offering, company fraud with the exception that a
soliciting, or receiving things of value to transaction actually takes place.
influence an official in the performance c. Pay-and-return – third form of vendor
of his or her lawful duties. fraud. This typically involves a clerk with
b. Illegal Gratuities – an official act that has check writing authority who pays a
been taken vendor twice for the same products.
c. Conflict of Interest – occurs when an
employee acts on behalf of a third party  Check Tampering
 Involves forging or changing in some  Management Responsibility
material way a check that the  This concept holds that the establishment
organization has written to a legitimate and maintenance of a system of internal
payee. control.

 Payroll Fraud  Reasonable Assurance

 The distribution of fraudulent paychecks  No system of internal control is perfect
to existent and/or nonexistent and the cost of achieving improved
employees. control should not outweigh its benefits.

 Expense Reimbursement  Method of Data Processing

 Schemes in which an employee makes a  The control techniques used to achieve
claim for reimbursement of fictitious or these objectives will, however, vary with
inflated business expenses. different types of technology.

 Theft of Cash  Limitations

 Schemes that involve the direct theft of (1) The possibility of error – no system is
cash on hand in the organization. perfect.
(2) Circumvention – personnel may
 Non-Cash Misappropriation circumvent the system through
 Schemes involve the theft or misuse of collusion or other means.
the victim organizations non-cash assets. (3) Management override management
is in a position to override control
 Computer Fraud procedures by personally distorting
 The fundamental structure of fraud is transactions or by directing a
unchanged by computers-fraudulent subordinate to do so.
statements, corruption, and asset (4) Changing conditions may change over
misappropriation-computers do add time so that existing controls may
complexity to the fraud picture. become ineffectual.

 Internal Control Concepts and  Exposure and Risk

Techniques  As a shield that protects the firm’s assets
1. To safeguard asset of the firm from numerous undesirable events that
2. To ensure the accuracy and reliability of bombard the organization.
accounting records and information  The absence or weakness of a control is
3. To promote efficiency in the firm’s called an exposure.
operations. 1. Destruction of assets
4. To measure compliance with 2. Theft of assets
management’s prescribed policies and 3. Corruption of information or the
procedures. information system
4. Disruption of the information system
  Sets the tone for the organization and
 The Preventive-Detective-Corrective influences the control awareness of its
Internal Control Model management and employees.
1) Preventive Controls – passive techniques 1. The integrity and ethical values of
designed to reduce the frequency of management
occurrence of undesirable events. 2. The structure of the organization
2) Detective Controls – These are devices, 3. The participation of the organization’s
techniques, and procedures designed to board of directors and the audit
identify and expose undesirable events committee, if one exists
that elude preventive controls. 4. Management’s philosophy and operating
3) Corrective Controls – actions taken to style
reverse the effects of errors detective. 5. The procedures for delegating
There is an important distinction responsibility and authority
between controls and corrective controls. 6. Management’s methods for assessing
Detective controls identify anomalies and performance.
draw attention to them; corrective 7. External influences such as examinations
controls actually fix the problems. by regulatory agencies
8. The organization policies and practices
 Sarbanes-Oxley and Internal Control for managing its human resources.
1. A statement of management’s
responsibility for establishing and [It requires that auditors obtain sufficient
maintaining adequate internal control knowledge to assess the attitude and awareness
2. An assessment of the effectiveness of the of the organization management, board of
company’s internal controls over financial directors, and owners regarding internal control]
reporting  Risk Assessment
3. A statement that the organization’s  To identify, analyze, and manage risk
external auditors have issued an relevant to financial reporting.
attestation report on management’s  It requires that auditors obtain sufficient
assessment of the company’s internal knowledge of the organization’s risk
controls assessment procedures to understand
4. An explicit written conclusion as to the how management identifies, prioritizes,
effectiveness of internal control over and manages the risks related to financial
financial reporting reporting.
5. A statement identifying the framework
used in their assessment of internal  Information and Communication
controls. a. Identify and record all valid financial
transactions.
 SAS78/COSO Internal Control Framework b. Provide timely information about
transactions in sufficient detail to permit
 The Control Environment proper classification and financial
reporting.
c. Accurately measures the financial value processing, accounts payable, and
of transactions so their effects can be payroll applications.
recorded in financial statements. b) Physical Controls – relates primarily
d. Accurately record transactions in the time to the human activities employed in
period in which they occurred. accounting systems.
c) Transactions Authorization – to
[It requires that auditors obtain sufficient ensure that all material transactions
knowledge of the organization’s information processed by the information system
system are understand] are valid and in accordance with
(1) The classes of transactions that are management’s objectives.
material to the financial statements and d) Segregation Duties – can take many
how those transactions are initiated. forms, depending on the specific
(2) The accounting records and accounts that duties to be controlled.
are used in the processing of material e) Supervision – in small organization or
transactions. in functional areas that lack sufficient
(3) The transactions processing steps personnel, management must
involved from the initiation of a compensate for the absence of
transaction to its inclusion in the financial segregation controls with close
statements. supervision. It is called compensating
(4) The financial reporting process used to control.
prepare financial statements, disclosures, f) Accounting Records – consists of
and accounting estimates. source documents, journals and
ledgers.
 Monitoring g) Access Control – to ensure that only
 The process by which the quality of authorized personnel have access to
internal control design and operation can the firm’s asset.
be assessed. h) Independent Verification –
independent check of the accounting
 Control Activities system to identify errors and
 The policies and procedures used to misinterpretations.
ensure that appropriate actions are taken  Reconciling batch totals at points during
to deal with the organization’s identified transaction processing
risks.  Comparing physical assets with
a) IT Controls – general controls pertain accounting records
to entity-wide concerns such as  Reconciling subsidiary accounts with
controls over the data center, control accounts
organization databases, systems  Reviewing management reports (both
development, and the program computer and manually generated) that
maintenance. Application controls summarize business activity.
ensure the integrity of specific
systems such as sales order