Prepared by Coby Harmon University of California, Santa Barbara Westmont College Chapter 3-1 Fraud, Ethics, and Internal Control Chapter 3-2 Accounting Information Systems, 2nd Edition Study Study Objectives Objectives An introduction to the need for a code of ethics and good internal controls The accounting related fraud that can occur when ethics codes and internal controls are weak or not correctly applied The nature of management fraud The nature of employee fraud The nature of customer fraud The nature of vendor fraud The nature of computer fraud The policies that assist in the avoidance of fraud and errors The maintenance of a code of ethics 10 The maintenance of accounting internal controls 11 The maintenance of information technology controls Chapter 3-3 Need Need for for Code Code of of Ethics Ethics and and Internal Internal Controls Controls During the early 2000s, several companies were named in regards to fraudulent financial reporting WorldCom (Audit firm) Chapter 3-4 SO An introduction to the need for a code of ethics and good internal controls Need Need for for Code Code of of Ethics Ethics and and Internal Internal Controls Controls When management is unethical, fraud is likely to occur Management obligations: ► Stewardship ► Provide accurate reports ► Maintain internal controls ► Enforce a code of ethics Chapter 3-5 SO An introduction to the need for a code of ethics and good internal controls Need Need for for Code Code of of Ethics Ethics and and Internal Internal Controls Controls Question The careful and responsible oversight and use of the assets entrusted to management is called a control environment b stewardship c preventive control d security Chapter 3-6 SO An introduction to the need for a code of ethics and good internal controls Accounting Accounting Related Related Fraud Fraud Fraud - theft, concealment, and conversion to personal gain of another’s money, physical assets, or information ► Misappropriation of Assets - defalcation or internal theft ► Misstatement of Financial Records - earnings management or fraudulent financial reporting Chapter 3-7 SO The accounting related fraud that can occur when ethics codes and internal controls are weak or not correctly applied Accounting Accounting Related Related Fraud Fraud Fraud, three conditions must exist Exhibit 3-1 The Fraud Triangle Chapter 3-8 SO The accounting related fraud that can occur when ethics codes and internal controls are weak or not correctly applied Accounting Accounting Related Related Fraud Fraud Categories of Accounting-Related Fraud Exhibit 3-2 Chapter 3-9 SO The accounting related fraud that can occur when ethics codes and internal controls are weak or not correctly applied Accounting Accounting Related Related Fraud Fraud Question Which of the following is not a condition in the fraud triangle? a rationalization b incentive c conversion d opportunity Chapter 3-10 SO The accounting related fraud that can occur when ethics codes and internal controls are weak or not correctly applied Maintenance Maintenance of of Accounting Accounting Internal Internal Controls Controls Risk Assessment Management must develop a way to: Specify the relevant objectives of the risk assessment process Identify the sources of risks and determine the impact of such risks in terms of finances and reputation Identify and analyze significant changes in the business Develop and execute an action plan to reduce the impact and probability of these risks Chapter 3-30 SO 10 The maintenance of accounting internal controls Maintenance Maintenance of of Accounting Accounting Internal Internal Controls Controls Control Activities Categories: Authorization of transactions Segregation of duties Adequate records and documents Security of assets and documents Independent checks and reconciliation Chapter 3-31 SO 10 The maintenance of accounting internal controls Maintenance Maintenance of of Accounting Accounting Internal Internal Controls Controls Control Activities Categories: Authorization of transactions a General authorization b Specific authorization Chapter 3-32 SO 10 The maintenance of accounting internal controls Maintenance Maintenance of of Accounting Accounting Internal Internal Controls Controls Control Activities Categories: Segregation of Duties Exhibit 3-6 Segregation of Duties Chapter 3-33 SO 10 The maintenance of accounting internal controls Maintenance Maintenance of of Accounting Accounting Internal Internal Controls Controls Control Activities Categories: Adequate Records and Documents a Supporting documentation for all significant transactions b Schedules and analyses of financial information c Accounting cycle reports d Audit Trail Chapter 3-34 SO 10 The maintenance of accounting internal controls Maintenance Maintenance of of Accounting Accounting Internal Internal Controls Controls Control Activities Categories: Security of Assets and Documents a Protecting physical assets b Protecting information c Chapter 3-35 Cost-benefit comparison SO 10 The maintenance of accounting internal controls Maintenance Maintenance of of Accounting Accounting Internal Internal Controls Controls Control Activities Categories: Independent Checks and Reconciliation a Procedures: Chapter 3-36 i Reconciliation ii Comparison of physical assets with records iii Recalculation of amounts iv Analysis of reports v Review of batch totals SO 10 The maintenance of accounting internal controls Maintenance Maintenance of of Accounting Accounting Internal Internal Controls Controls Question Which control activity is intended to serve as a method to confirm the accuracy or completeness of data in the accounting system? a authorization b segregation of duties c security of assets d independent checks and reconciliations Chapter 3-37 SO 10 The maintenance of accounting internal controls Maintenance Maintenance of of Accounting Accounting Internal Internal Controls Controls Question Proper segregation of duties calls for separation of the functions of a authorization, execution, and payment b authorization, recording, and custody c custody, execution, and reporting d authorization, payment, and recording Chapter 3-38 SO 10 The maintenance of accounting internal controls Maintenance Maintenance of of Accounting Accounting Internal Internal Controls Controls Information and Communication An effective accounting system must: Identify all relevant financial events transactions Capture the important data of these transactions Record and process the data through appropriate classification, summarization, and aggregation Communicate this summarized and aggregated information as needed for internal and external purposes Chapter 3-39 SO 10 The maintenance of accounting internal controls Maintenance Maintenance of of Accounting Accounting Internal Internal Controls Controls Monitoring Any system of control must be constantly monitored to assure that it continues to be effective Chapter 3-40 SO 10 The maintenance of accounting internal controls Maintenance Maintenance of of Accounting Accounting Internal Internal Controls Controls Reasonable Assurance of Internal Controls Controls achieve a sensible balance of reducing risk when compared with the cost of the control Not possible to provide absolute assurance, because: ► Flawed judgments are applied in decision making ► Human error exists in every organization ► Controls can be circumvented or ignored ► Controls may not be cost beneficial Chapter 3-41 SO 10 The maintenance of accounting internal controls Maintenance Maintenance of of Information Information Technology Technology Controls Controls For any business process, there should be both ► accounting internal controls as in COSO, and ► IT controls as in the Trust Principles Risk and controls in IT are divided into five categories: ► Security ► Online privacy ► Availability ► Confidentiality ► Processing integrity Chapter 3-42 SO 11 The maintenance of information technology controls Maintenance Maintenance of of Information Information Technology Technology Controls Controls Question AICPA Trust Principles identify five categories of risks and controls Which category is best described by the statement, “Information process could be inaccurate, incomplete, or not properly authorized”? Chapter 3-43 a security c processing integrity b availability d confidentiality SO 11 Copyright Copyright Copyright © 2013 John Wiley & Sons, Inc All rights reserved Reproduction or translation of this work beyond that permitted in Section 117 of the 1976 United States Copyright Act without the express written permission of the copyright owner is unlawful Request for further information should be addressed to the Permissions Department, John Wiley & Sons, Inc The purchaser may make back-up copies for his/her own use only and not for distribution or resale The Publisher assumes no responsibility for errors, omissions, or damages, caused by the use of these programs or from the use of the information contained herein Chapter 3-44 ... Ethics, and Internal Control Chapter 3-2 Accounting Information Systems, 2nd Edition Study Study Objectives Objectives An introduction to the need for a code of ethics and good internal controls. .. directives Chapter 3-26 SO 10 The maintenance of accounting internal controls Maintenance Maintenance of of Accounting Accounting Internal Internal Controls Controls Three types of controls: ... detection of fraud and errors: Maintain and enforce a code of ethics Maintain a system of accounting internal controls Maintain a system of information technology controls Chapter 3-24 SO The