Fraud and Internal ControlFraudFraud: dishonest act by an employee that results in personal benefit at the cost of the employer.Fraud Triangle (acronym FOR)Opportunity (most important): things employee can exploit in workplaceFinancial pressure: financial problems (Ex. employee has too much debt). Or wants to lead a lifestyle they cannot affordRationalization: to justify stealing (Ex to justify stealing: saying you are “underpaid” while the employer is making a lot of money).Sarbanes-Oxley Act of 2002 (SOX): passed after fraud in early 2000sRequires:System of internal controlsCorporate executives and Board of Directors to ensure reliability and effectiveness of the controls.Outside auditorsCaused the creation of:Public Company Accounting Oversight Board (PCAOB): establishes and regulates auditing standardsInternal ControlsMethods to safeguard assets, enhance reliability of its accounting records, increase efficiency, and ensure compliance with laws/regulations5 components:Controls environment: responsibility of top management to make clear that the organization values integrity and unethical activity will not be tolerated. Another name: “tone at the top”Risk Assessment: identify/analyze factors that create risk in the company and determine how to manage these riskControl Activities: policies/procedures to reduce riskInfo/Communication: internal control system must communicate information through organization and to appropriate external partiesMonitoring: internal controls must be monitored periodically. Problems are reported to top management and/or the BOD.Principles of Internal Control ActivitiesInternal Controls: Backbone of the company’s efforts to address the risks it faces, such as fraudControl activities used will be influenced on size and nature of the company6 principles (relevant to manual and computerized accounting systems):Establishment of Responsibility: only one person is responsible for a given task.Segregation of Duties:2 common applications of this principle:Different individuals responsible for related tasksResponsibility for record-keeping for an asset should be separate from physical custodyWork of one employee should be a reliable basis for evaluating the work of anotherDocumentation procedure:Documents provide evidence that transactions and events have occurred.when possible pre-number documents and all documents should be accounted for (helps stop a transaction from being recorded more than once or not at all).Forward source document to accounting department; ensures timely recording.Signatures identify individual responsible for transactionDocument transactions when the transaction occursPhysical Controls: vaults, alarms, etc.Independent Internal Verification: review of data prepared by employeesFor maximum benefit:Verify records periodically or on a surprise basisEmployees independent of the personnel responsible for the info should make verificationDiscrepancies and exceptions should be reported to a management levelInternal auditors: evaluate the effectiveness of internal control system (usually assigned the task of independent internal verification)Most Fraud discovered by internal controls and internal auditsHuman Resource Controls:Bond employees who handle cash (insurance protection if theft occurs): insurance company screens employee and bonded offenders will be vigorously prosecutedRotate duties and require vacations: deter employees from attempting theft b/c they cannot permanently conceal their improper actionsConduct background checksCheck whether job applicants graduated from schools they listNever use telephone numbers for previous employers; always look them upLimitations of Internal ControlCompanies design systems of internal controls to provide reasonable assuranceReasonable assurance: establishing control procedures should not exceed their expected benefitHuman element: good system can become ineffective as a result of employee fatigue, carelessness, or indifferenceCollusion: two or more individuals working together to get around prescribed controlsSize of a business can be a problem; smaller companies find it difficult to segregate dutiesCash ControlsCash: asset most susceptible to fraudulent activitiesCash Receipts ControlsOver-the-Counter Receiptscash registers make the amount visible to customers; stops cashier from ringing up a small amount and pocketing the rest.Illustrates an internal control principal: segregation of record-keeping from physical custodyCash over and short account:Account to record error when clerk hands incorrect change back to a customerincome statement itemmiscellaneous expense when there is a cash shortfallmiscellaneous revenue when there is a cash overageMail Receipts (usually checks)should be opened by at least two mail clerksmail clerk should endorse each check “For Deposit Only”List of checks received each day:shows name of the check issuer, purpose of payment, and amounteach clerk signs list to establish responsibilityTriplicateOriginal/check sent to cashier’s departmentCopy sent to accounting department for recordingClerk also keeps a copyCash Disbursements Controlsmore effective when companies pay by check rather than cashexception: amounts that are paid out of petty cashVoucher System ControlsVoucher system: network of approvals, acting independently, to ensure that all disbursements by check are properVoucher: authorization form prepared for each expenditure.not prepared for petty cashvoucher system stepsfill in info about liability on voucher (vendor’s invoice provides most of needed info)employee in A/P records voucher ( journal called voucher register); files according to date on which it is to be paidissues check; stamps voucher “paid”voucher sent to accounting department for recording (journal called check register)voucher system involves 2 journal entries:one to record the liability when voucher is issuedsecond to pay the liability that relates to the voucherPetty cash fundfund used to pay relatively small amountsControl Features: Use of a BankUse of a bank contributes significantly to good internal control over cashBank:Depository/clearinghouse for checks received and writtenDouble record is maintain (one by company, one by bank)Bank reconciliation: comparing bank’s/company’s balances and making them agreeBank StatementMonthly; shows companies bank transactions and balancesExamples (remember recorded according to bank’s perspective):Checks paid and other debits that