Presentation is loading. Please wait.

Presentation is loading. Please wait.

Accounting Information Systems, 1st Edition

Similar presentations


Presentation on theme: "Accounting Information Systems, 1st Edition"— Presentation transcript:

1

2 Accounting Information Systems, 1st Edition
Fraud, Ethics, and Internal Control Accounting Information Systems, 1st Edition

3 Study Objectives An introduction to the need for a code of ethics and good internal controls The accounting related fraud that can occur when ethics codes and internal controls are weak or not correctly applied The nature of management fraud The nature of employee fraud The nature of customer fraud The nature of vendor fraud The nature of computer fraud The policies that assist in the avoidance of fraud and errors The maintenance of a code of ethics The maintenance of accounting internal controls The maintenance of information technology controls 1. On the topic, “Challenges Facing Financial Accounting,” what did the AICPA Special Committee on Financial Reporting suggest should be included in future financial statements? Non-financial Measurements (customer satisfaction indexes, backlog information, and reject rates on goods purchases). Forward-looking Information Soft Assets (a company’s know-how, market dominance, marketing setup, well-trained employees, and brand image). Timeliness (no real time financial information)

4 Need for a Code of Ethics and Internal Controls
During 2001 and 2002, several companies were named in regards to fraudulent financial reporting. WorldCom (Audit firm) SO 1 An introduction to the need for a code of ethics and good internal controls

5 Need for a Code of Ethics and Internal Controls
When management is unethical, fraud is likely to occur. Management obligations: Stewardship. Provide accurate reports. Maintain internal controls. Enforce a code of ethics. SO 1 An introduction to the need for a code of ethics and good internal controls

6 Need for a Code of Ethics and Internal Controls
Quick Review The careful and responsible oversight and use of the assets entrusted to management is called a. control environment. b. stewardship. c. preventive control. d. security. SO 1 An introduction to the need for a code of ethics and good internal controls

7 Accounting Related Fraud
Fraud - theft, concealment, and conversion to personal gain of another’s money, physical assets, or information. Misappropriation of Assets - defalcation or internal theft. Misstatement of Financial Records - earnings management or fraudulent financial reporting. SO 2 The accounting related fraud that can occur when ethics codes and internal controls are weak or not correctly applied

8 Accounting Related Fraud
Fraud, three conditions must exist. Exhibit 3-1 The Fraud Triangle SO 2 The accounting related fraud that can occur when ethics codes and internal controls are weak or not correctly applied

9 Accounting Related Fraud
Exhibit 3-2 Categories of Accounting Related Fraud Categories of Accounting-Related Fraud SO 2 The accounting related fraud that can occur when ethics codes and internal controls are weak or not correctly applied

10 Accounting Related Fraud
Quick Review Which of the following is not a condition in the fraud triangle? a. rationalization. b. incentive. c. conversion. d. opportunity. SO 2 The accounting related fraud that can occur when ethics codes and internal controls are weak or not correctly applied

11 The Nature of Management Fraud
Management Fraud is usually in the form of fraudulent financial reporting. Managers misstate financial statements in order to: Increased stock price. Improved financial statements. Enhanced chances of promotion, or avoidance of firing or demotion. Increased incentive-based compensation. Delayed cash flow problems or bankruptcy. SO 3 The nature of management fraud

12 The Nature of Management Fraud
Management Fraud may involve: Overstating revenues and assets. Understating expenses and liabilities. Misapplying accounting principles. Enron’s top management had been hiding debt and losses by using special purpose entities (SPEs). Two Examples: Managers at Xerox approved and encouraged accounting practices that violated GAAP and accelerated revenue recognition. SO 3 The nature of management fraud

13 The Nature of Management Fraud
Quick Review There are many possible indirect benefits to management when management fraud occurs. Which of the following is not an indirect benefit of management fraud? a. delayed exercise of stock options. b. delayed cash flow problems. c. enhanced promotion opportunities. d. increased incentive-based compensation. SO 3 The nature of management fraud

14 The Nature of Employee Fraud
Employee Fraud usually means that an employee steals cash or assets for personal gain. Kinds of Employee Fraud: Inventory theft. Cash receipts theft. Accounts payable fraud. Payroll fraud. Expense account fraud. Kickback Collusion Larceny Skimming SO 4 The nature of employee fraud

15 The Nature of Management Fraud
Quick Review Which of the following is not an example of employee fraud? a. skimming. b. larceny. c. kickbacks. d. earnings management. SO 4 The nature of employee fraud

16 The Nature of Management Fraud
Quick Review The most difficult type of misstatement to discover is fraud that is concealed by a. over-recording the transactions. b. nonrecorded transactions. c. recording the transactions in subsidiary records. d. related parties. SO 4 The nature of employee fraud

17 The Nature of Customer Fraud
Customer Fraud occurs when a customer improperly obtains cash or property from a company, or avoids a liability through deception. Kinds of Customer Fraud: Credit card fraud. Check fraud. Refund fraud. SO 5 The nature of customer fraud

18 The Nature of Vendor Fraud
Vendor Fraud occurs when vendors obtain payments to which they are not entitled. Vendors may: Submit duplicate or incorrect invoices. Send shipments in which the quantities are short. Send lower-quality goods than ordered. SO 6 The nature of vendor fraud

19 The Nature of Vendor Fraud
Quick Review The review of amounts charged to the company from a seller that it purchased from is called a a. vendor audit. b. seller review. c. collusion. d. customer review. SO 6 The nature of vendor fraud

20 The Nature of Computer Fraud
Computer Fraud may include: Industrial espionage. Software piracy. SO 7 The nature of computer fraud

21 The Nature of Computer Fraud
Internal Sources of Computer Fraud Input manipulation Program manipulation Salami technique Trojan horse programs Trap door alterations Output manipulation SO 7 The nature of computer fraud

22 The Nature of Computer Fraud
External Sources of Computer Fraud In most cases conducted by someone outside the company who has gained unauthorized access to the computer. Two Common Types: Hacking. Denial of Service attack (DoS) Spoofing. SO 7 The nature of computer fraud

23 The Nature of Vendor Fraud
Quick Review Which of the following is generally an external computer fraud, rather than an internal computer fraud? a. spoofing b. input manipulation c. program manipulation d. output manipulation SO 6 The nature of vendor fraud

24 Policies to Assist in the Avoidance of Fraud and Errors
Actions to assist in prevention or detection of fraud and errors: Maintain and enforce a code of ethics. Maintain a system of accounting internal controls. Maintain a system of information technology controls. SO 8 The policies that assist in the avoidance of fraud and errors

25 Maintain a Code of Ethics
Sarbanes–Oxley Act of 2002 Requirement - public companies adopt and disclose a code of ethics. Concepts usually found in code of ethics: Obeying applicable laws and regulations. Conduct that is honest, fair, and trustworthy. Avoiding all conflicts of interest. Creating and maintaining a safe work environment. Protecting the environment. SO 9 The maintenance of a code of ethics

26 System of Accounting Internal Controls
Objectives of an internal control system are: Safeguard assets (from fraud or errors). Maintain accuracy and integrity of accounting data. Promote operational efficiency. Ensure compliance with management directives. SO 10 The maintenance of accounting internal controls

27 System of Accounting Internal Controls
Three types of controls: Preventive controls Detective controls Corrective controls COSO Report - five components of internal control: Control environment. Risk assessment. Control activities. Information and communication. Monitoring. SO 10 The maintenance of accounting internal controls

28 System of Accounting Internal Controls
Exhibit 3-5 Factors of the Control Environment Control Environment Example of a less risky control environment Example of a more risky control environment Factor Integrity and ethics The company has a code of The company does not have ethics, and it is rigidly a code of ethics, or if they enforced. have one, it is not enforced. Philosophy and operating Management is very Management is very style conservative in its approach aggressive and risk taking to things such as mergers. in its approach to things such as mergers. SO 10 The maintenance of accounting internal controls

29 System of Accounting Internal Controls
Example of a less risky control environment Example of a more risky control environment Factor Assignment of authority Lines of authority are well Managers have overlapping and responsibility established, and managers’ duties, and oftentimes jobs and duties are clear to managers are not quite sure them. whether or not they have certain responsibilities and authority. Organization and Management carefully trains Management does not spend development of people and cultivates employees to any money or time on the be able to take on more training of employees. responsibility. Attention and direction by Members of the board Members of the board do the board of directors examine reports and hold not prepare for the top management meetings they attend and accountable for the are merely “big-name” accuracy of the reports. figureheads.

30 System of Accounting Internal Controls
Risk Assessment Management must develop a way to: Identify the sources of risks. Determine impact of risks. Estimate chances of risks occurring. Develop an action plan to reduce the impact and probability of risks. Execute the action plan and continue the cycle, beginning again with the first step. SO 10 The maintenance of accounting internal controls

31 System of Accounting Internal Controls
Control Activities Categories: Authorization of transactions Segregation of duties Adequate records and documents Security of assets and documents Independent checks and reconciliation SO 10 The maintenance of accounting internal controls

32 System of Accounting Internal Controls
Control Activities Categories: Authorization of Transactions General authorization Specific authorization SO 10 The maintenance of accounting internal controls

33 System of Accounting Internal Controls
Control Activities Categories: Segregation of Duties Exhibit 3-6 Segregation of Duties SO 10 The maintenance of accounting internal controls

34 System of Accounting Internal Controls
Control Activities Categories: Adequate Records and Documents Supporting documentation for all significant transactions Schedules and analyses of financial information Accounting cycle reports Audit Trail SO 10 The maintenance of accounting internal controls

35 System of Accounting Internal Controls
Control Activities Categories: Security of Assets and Documents Protecting physical assets Protecting information Cost-benefit comparison SO 10 The maintenance of accounting internal controls

36 System of Accounting Internal Controls
Control Activities Categories: Independent Checks and Reconciliation Procedures: Reconciliation Comparison of physical assets with records Recalculation of amounts Analysis of reports Review of batch totals SO 10 The maintenance of accounting internal controls

37 System of Accounting Internal Controls
Quick Review Which control activity is intended to serve as a method to confirm the accuracy or completeness of data in the accounting system? a. authorization b. segregation of duties c. security of assets d. independent checks and reconciliations SO 10 The maintenance of accounting internal controls

38 System of Accounting Internal Controls
Quick Review Proper segregation of functional responsibilities calls for separation of the functions of a. authorization, execution, and payment. b. authorization, recording, and custody. c. custody, execution, and reporting. d. authorization, payment, and recording. SO 10 The maintenance of accounting internal controls

39 System of Accounting Internal Controls
Information and Communication An effective accounting system must: Identify all relevant financial events transactions. Capture the important data of these transactions. Record and process the data through appropriate classification, summarization, and aggregation. Report this summarized and aggregated information to managers. SO 10 The maintenance of accounting internal controls

40 System of Accounting Internal Controls
Information and Communication Monitoring Any system of control must be constantly monitored to assure that it continues to be effective. SO 10 The maintenance of accounting internal controls

41 System of Accounting Internal Controls
Reasonable Assurance of Internal Controls Controls achieve a sensible balance of reducing risk when compared with the cost of the control. Not possible to provide absolute assurance, because: Flawed judgments are applied in decision making. Human error exists in every organization. Controls can be circumvented or ignored. Controls may not be cost beneficial. SO 10 The maintenance of accounting internal controls

42 System of Information Technology Controls
For any business process, there should be both accounting internal controls as in COSO, and IT controls as in the Trust Principles. Risk and controls in IT are divided into five categories: Security Availability Processing integrity. Online privacy. Confidentiality. SO 11 The maintenance of information technology controls

43 System of Information Technology Controls
Quick Review AICPA Trust Principles identify five categories of risks and controls. Which category is best described by the statement, “Information process could be inaccurate, incomplete, or not properly authorized”? a. security b. availability c. processing integrity d. confidentiality SO 11 The maintenance of information technology controls

44 Copyright Copyright © 2008 John Wiley & Sons, Inc. All rights reserved. Reproduction or translation of this work beyond that permitted in Section 117 of the 1976 United States Copyright Act without the express written permission of the copyright owner is unlawful. Request for further information should be addressed to the Permissions Department, John Wiley & Sons, Inc. The purchaser may make back-up copies for his/her own use only and not for distribution or resale. The Publisher assumes no responsibility for errors, omissions, or damages, caused by the use of these programs or from the use of the information contained herein.


Download ppt "Accounting Information Systems, 1st Edition"

Similar presentations


Ads by Google