Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2015 Pearson Education, Inc. Computer Fraud Chapter 5 5-1.

Published byWeston Noyes Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright © 2015 Pearson Education, Inc. Computer Fraud Chapter 5 5-1."— Presentation transcript:

1 Copyright © 2015 Pearson Education, Inc. Computer Fraud Chapter 5 5-1

2 Copyright © 2015 Pearson Education, Inc. Learning Objectives Explain the threats faced by modern information systems. Define fraud and describe both the different types of fraud and the process one follows to perpetuate a fraud. Discuss who perpetrates fraud and why it occurs, including the pressures, opportunities, and rationalizations that are present in most frauds. Define computer fraud and discuss the different computer fraud classifications. Explain how to prevent and detect computer fraud and abuse. 5-2

3 Copyright © 2015 Pearson Education, Inc. INTRODUCTION Information systems are becoming increasingly more complex and society is becoming increasingly more dependent on these systems. ▫Companies also face a growing risk of these systems being compromised. ▫Recent surveys indicate 67% of companies suffered a security breach in the last year with almost 60% reporting financial losses.

4 Copyright © 2015 Pearson Education, Inc. Threats to AIS Natural and Political disasters Software errors and equipment malfunctions Unintentional acts Intentional acts 5-4

5 Copyright © 2015 Pearson Education, Inc. Fraud Any means a person uses to gain an unfair advantage over another person; includes: ▫A false statement, representation, or disclosure ▫A material fact, which induces a victim to act ▫An intent to deceive ▫Victim relied on the misrepresentation ▫Injury or loss was suffered by the victim Fraud is white collar crime 5-5

6 Copyright © 2015 Pearson Education, Inc. THE FRAUD PROCESS Fraud against companies may be committed by an employee or an external party. ▫Former and current employees (called knowledgeable insiders) are much more likely than non-employees to perpetrate frauds (and big ones) against companies.  Largely owing to their understanding of the company’s systems and its weaknesses, which enables them to commit the fraud and cover their tracks. ▫Organizations must utilize controls to make it difficult for both insiders and outsiders to steal from the company.

7 Copyright © 2015 Pearson Education, Inc. Two Categories of Fraud Misappropriation of assets ▫Theft of company assets which can include physical assets (e.g., cash, inventory) and digital assets (e.g., intellectual property such as protected trade secrets, customer data) Fraudulent financial reporting ▫“cooking the books” (e.g., booking fictitious revenue, overstating assets, etc.) 5-7

8 Copyright © 2015 Pearson Education, Inc. SAS #99 Auditors responsibility to detect fraud ▫Understand fraud ▫Discuss risks of material fraudulent statements  Among members of audit team ▫Obtain information  Look for fraud risk factors ▫Identify, assess, and respond to risk ▫Evaluate the results of audit tests  Determine impact of fraud on financial statements ▫Document and communicate findings  See Chapter 3 ▫Incorporate a technology focus

9 Copyright © 2015 Pearson Education, Inc. THE FRAUD PROCESS Fraud perpetrators are often referred to as white- collar criminals. Researchers have compared the psychological and demographic characteristics of three groups of people: ▫White-collar criminals ▫Violent criminals ▫The general public They found: ▫Significant differences between violent and white-collar criminals. ▫Few differences between white-collar criminals and the general public.

10 Copyright © 2015 Pearson Education, Inc. Conditions for Fraud These three conditions must be present for fraud to occur: Pressure ▫Employee  Financial  Lifestyle  Emotional ▫Financial Statement  Financial  Management  Industry conditions Opportunity to: ▫Commit ▫Conceal ▫Convert to personal gain Rationalize ▫Justify behavior ▫Attitude that rules don’t apply ▫Lack personal integrity 5-10

11 Copyright © 2015 Pearson Education, Inc. Fraud Triangle 5-11

12 Copyright © 2015 Pearson Education, Inc. PRESSURES THAT LEAD TO EMPLOYEE FRAUD FINANCIAL Living beyond means High personal debt/expenses “Inadequate” salary/income Poor credit ratings Heavy financial losses Bad investments Tax avoidance Meet unreasonable quotas/goals EMOTIONAL Greed Unrecognized performance Job dissatisfaction Fear of losing job Power or control Pride or ambition Beating the system Frustration Non-conformity Envy, resentment Arrogance, dominance Non-rules oriented LIFESTYLE Support gambling habit Drug or alcohol addiction Support sexual relationships Family/peer pressure

13 Copyright © 2015 Pearson Education, Inc. WHO COMMITS FRAUD AND WHY Financial statement fraud is distinct from other types of fraud in that the individuals who commit the fraud are not the direct beneficiaries. ▫The company is the direct beneficiary. ▫The perpetrators are typically indirect beneficiaries. Reasons for Fraudulent Financial Statements  Deceive investors or creditors  Increase a company’s stock price  Meet cash flow needs  Hide company losses or other problems

14 Copyright © 2015 Pearson Education, Inc. WHO COMMITS FRAUD AND WHY Opportunity is the opening or gateway that allows an individual to: ▫Commit the fraud ▫Conceal the fraud ▫Convert the proceeds

15 Copyright © 2015 Pearson Education, Inc. There are many opportunities that enable fraud. Some of the most common are: ▫Lack of internal controls ▫Failure to enforce controls (the most prevalent reason) ▫Excessive trust in key employees ▫Incompetent supervisory personnel ▫Inattention to details ▫Inadequate staff WHO COMMITS FRAUD AND WHY

16 Copyright © 2015 Pearson Education, Inc. WHO COMMITS FRAUD AND WHY Management may allow fraud by: ▫Not getting involved in the design or enforcement of internal controls; ▫Inattention or carelessness; ▫Overriding controls; and/or ▫Using their power to compel subordinates to carry out the fraud.

17 Copyright © 2015 Pearson Education, Inc. WHO COMMITS FRAUD AND WHY Concealing the fraud often takes more time and effort and leaves more evidence than the actual theft or misrepresentation. Examples of concealment efforts: ▫Charge a stolen asset to an expense account or to an account receivable that is about to be written off. ▫Create a ghost employee who receives an extra paycheck. ▫Lapping. ▫Kiting.

18 Copyright © 2015 Pearson Education, Inc. WHO COMMITS FRAUD AND WHY Unless the target of the theft is cash, then the stolen goods must be converted to cash or some form that is beneficial to the perpetrator. ▫Checks can be converted through alterations, forged endorsements, check washing, etc. ▫Non-cash assets can be sold (online auctions are a favorite forum) or returned to the company for cash.

19 Copyright © 2015 Pearson Education, Inc. WHO COMMITS FRAUD AND WHY How many people do you know who regard themselves as being unprincipled or sleazy? It is important to understand that fraudsters do not regard themselves as unprincipled. ▫In general, they regard themselves as highly principled individuals. ▫That view of themselves is important to them. ▫The only way they can commit their frauds and maintain their self image as principled individuals is to create rationalizations that recast their actions as “morally acceptable” behaviors.

20 Copyright © 2015 Pearson Education, Inc. WHO COMMITS FRAUD AND WHY These rationalizations take many forms, including: ▫I was just borrowing the money. ▫It wasn’t really hurting anyone. (Corporations are often seen as non-persons, therefore crimes against them are not hurting “anyone.”) ▫Everybody does it. ▫I’ve worked for them for 35 years and been underpaid all that time. I wasn’t stealing; I was only taking what was owed to me. ▫I didn’t take it for myself. I needed it to pay my child’s medical bills.

21 Copyright © 2015 Pearson Education, Inc. WHO COMMITS FRAUD AND WHY Fraud occurs when: ▫People have perceived, non-shareable pressures; ▫The opportunity gateway is left open; and ▫They can rationalize their actions to reduce the moral impact in their minds (i.e., they have low integrity). Fraud is much less likely to occur when ▫There is low pressure, low opportunity, and high integrity. Unfortunately, there is usually a mixture of these forces in play, and it can be very difficult to determine the pressures that may apply to an individual and the rationalizations he/she may be able to produce.

22 Copyright © 2015 Pearson Education, Inc. Computer Fraud If a computer is used to commit fraud it is called computer fraud. In using a computer, fraud perpetrators can steal: ▫More of something ▫In less time ▫With less effort They may also leave very little evidence, which can make these crimes more difficult to detect. 5-22

23 Copyright © 2015 Pearson Education, Inc. APPROACHES TO COMPUTER FRAUD Computer systems are particularly vulnerable to computer crimes for several reasons: ▫Company databases can be huge and access privileges can be difficult to create and enforce. Consequently, individuals can steal, destroy, or alter massive amounts of data in very little time. ▫Organizations often want employees, customers, suppliers, and others to have access to their system from inside the organization and without. This access also creates vulnerability. ▫Computer programs only need to be altered once, and they will operate that way until:  The system is no longer in use; or  Someone notices.

24 Copyright © 2015 Pearson Education, Inc. APPROACHES TO COMPUTER FRAUD ▫Modern systems are accessed by PCs, which are inherently more vulnerable to security risks and difficult to control.  It is hard to control physical access to each PC.  PCs are portable, and if they are stolen, the data and access capabilities go with them.  PCs tend to be located in user departments, where one person may perform multiple functions that should be segregated.  PC users tend to be more oblivious to security concerns.

25 Copyright © 2015 Pearson Education, Inc. Computer Fraud Classifications Input Fraud ▫Alteration or falsifying input Processor Fraud ▫Unauthorized system use Computer Instructions Fraud ▫Modifying software, illegal copying of software, using software in an unauthorized manner, creating software to undergo unauthorized activities Data Fraud ▫Illegally using, copying, browsing, searching, or harming company data Output Fraud ▫Stealing, copying, or misusing computer printouts or displayed information

26 Copyright © 2015 Pearson Education, Inc. Preventing and Detecting Fraud 1. Make Fraud Less Likely to Occur OrganizationalSystems Create a culture of integrity Adopt structure that minimizes fraud, create governance (e.g., Board of Directors) Assign authority for business objectives and hold them accountable for achieving those objectives, effective supervision and monitoring of employees Communicate policies Develop security policies to guide and design specific control procedures Implement change management controls and project development acquisition controls 5-26

27 Copyright © 2015 Pearson Education, Inc. Preventing and Detecting Fraud 2. Make It Difficulty to Commit OrganizationalSystems Develop strong internal controls Segregate accounting functions Use properly designed forms Require independent checks and reconciliations of data Restrict access System authentication Implement computer controls over input, processing, storage and output of data Use encryption Fix software bugs and update systems regularly Destroy hard drives when disposing of computers 5-27

28 Copyright © 2015 Pearson Education, Inc. Preventing and Detecting Fraud 3. Improve Detection OrganizationalSystems Assess fraud risk External and internal audits Fraud hotline Audit trail of transactions through the system Install fraud detection software Monitor system activities (user and error logs, intrusion detection) 5-28

29 Copyright © 2015 Pearson Education, Inc. Preventing and Detecting Fraud 4. Reduce Fraud Losses OrganizationalSystems Insurance Business continuity and disaster recovery plan Store backup copies of program and data files in secure, off-site location Monitor system activity 5-29

Download ppt "Copyright © 2015 Pearson Education, Inc. Computer Fraud Chapter 5 5-1."

Similar presentations

Fraud and Internal Control Presented by Andy Harper Pugh & Company, P.C. April 28, 2011.

Fraud and Internal Control Presented by Andy Harper Pugh & Company, P.C. April 28, 2011.
Chapter 14 Fraud Risk Assessment.

Chapter 14 Fraud Risk Assessment.
FRAUD EXAMINATION ALBRECHT, ALBRECHT, & ALBRECHT

FRAUD EXAMINATION ALBRECHT, ALBRECHT, & ALBRECHT
Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.

Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.
Computer Fraud Chapter 5.

Computer Fraud Chapter 5.
Computer Fraud Chapter 5.

Computer Fraud Chapter 5.
Control and Accounting Information Systems

Control and Accounting Information Systems
Computer Fraud Chapter 5.

Computer Fraud Chapter 5.
1 Non-Cash Assets Chapter 9. 2 List the five categories of tangible non-cash misappropriations discussed in this chapter. Discuss the data on non-cash.

1 Non-Cash Assets Chapter 9. 2 List the five categories of tangible non-cash misappropriations discussed in this chapter. Discuss the data on non-cash.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Chapter 2 Skimming.

Chapter 2 Skimming.
13-1. 13-2 13 Employee, Vendor, and Other Frauds against the Organization Other Frauds against the Organization McGraw-Hill/Irwin Copyright © 2012 by.

Employee, Vendor, and Other Frauds against the Organization Other Frauds against the Organization McGraw-Hill/Irwin Copyright © 2012 by.
Fraud Theories Dr. Raymond S. Kulzick, CPA, CFE St. Thomas University Miami, Florida Copyright 2004 R. S. Kulzick.

Fraud Theories Dr. Raymond S. Kulzick, CPA, CFE St. Thomas University Miami, Florida Copyright 2004 R. S. Kulzick.
Chapter 5 Computer Fraud Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-1.

Chapter 5 Computer Fraud Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-1.
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
Chapter 5 Computer Fraud Copyright © 2012 Pearson Education 5-1.

Chapter 5 Computer Fraud Copyright © 2012 Pearson Education 5-1.
Reducing Fraud With Improved Internal Controls Dr. Raymond S. Kulzick, CPA St. Thomas University Miami, Florida Copyright 2004 R. S. Kulzick.

Reducing Fraud With Improved Internal Controls Dr. Raymond S. Kulzick, CPA St. Thomas University Miami, Florida Copyright 2004 R. S. Kulzick.
Auditing Computer Systems

Auditing Computer Systems
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
Chapter 6-1 The Islamic University of Gaza Accounting Information System Ethics, Fraud and Internal Control Dr. Hisham Madi.

Chapter 6-1 The Islamic University of Gaza Accounting Information System Ethics, Fraud and Internal Control Dr. Hisham Madi.

Similar presentations

Ads by Google