210 likes | 597 Views
Purpose of the Study. To examine the key methods of fraud utilized by the management at WorldCom and to demonstrate how the use of established principles of analytic monitoring could be used to detect fraud executed through normal operating transactions.To demonstrate integration procedures for th
E N D
1. LEARNING FROM WORLDCOM: IMPLICATIONS FOR FRAUD DETECTION THROUGH CONTINUOUS ASSURANCE J. Randel Kuhn, Jr.
University of Central Florida
Steve G. Sutton
University of Central Florida
University of Melbourne
2. Purpose of the Study To examine the key methods of fraud utilized by the management at WorldCom and to demonstrate how the use of established principles of analytic monitoring could be used to detect fraud executed through normal operating transactions.
To demonstrate integration procedures for the prescribed monitoring in an SAP-based enterprise systems environment similar to WorldComs.
To highlight the intractable monitoring problem presented by the myriad of loosely connected legacy systems feeding into WorldComs consolidated SAP system.
3. Contribution to Continuous Audit Research Provides detailed understanding of how continuous assurance techniques explored in the research literature can be applied to effectively identify fraud in a known fraud situation.
Moves the literature on continuous audit modules forward by addressing the complexities of implementation within a standardized enterprise software environment.
Addresses the realities and risks associated with large numbers of disparate legacy systems.
4. Categorize operating expenses as capital expenditures.
Reclassify acquired MCI assets as goodwill.
Include future company expenses as write-downs of acquired assets.
Manipulate the bad debt reserve calculations. Fraud Strategies at WorldCom
5. Continuous Assurance Framework Traditional attestation framework provides only a snapshot of the financial reporting system, thus inhibiting timely decision-making and limiting audit scope.
Continuous auditing addresses these faults by immediately identifying irregularities, increasing audit coverage, and functioning remotely.
6. Continuous Assurance Framework Early work by Groomer and Murthy (1989) and Vasarhelyi and Halper (1991) laid the foundation for continuous auditing research.
The three phases of continuous auditing are:
1. Measurement key management reports (e.g. financials)
2. Monitoring comparison to metrics and error notification
3. Analysis auditor review of alarms and investigation
Nature of auditing transforms from substantive-based test of details approach to auditing by exception.
8. System Architecture The integrated platforms and automated business processes of ERP applications enable effective use of continuous auditing procedures.
WorldCom utilized an SAP R/3 enterprise system to process business transactions and produce consolidated financial statements.
9. System Architecture Two continuous auditing system architecture models exist in research literature:
1. Monitoring and Control Layer (MCL)
2. Embedded Audit Module (EAM)
MCL uses an independent server controlled by the auditor that receives scheduled data interfaces from the clients enterprise system (i.e. near real-time) and is analyzed against a set of rules.
10. System Architecture EAM functionality/logic is embedded into the clients system and operates real-time.
MCL represents the least intrusive, most efficient, and more independent alternative; especially in a resource-constrained SAP environment.
Data extraction for MCL can occur via either BAPI with RFC or direct extraction from table data (e.g. GLPCT/GLPCA).
12. CA Analyzer Rule-Set #1
13. CA Analyzer Rule-Set #2
14. CA Analyzer Rule-Set #3
15. CA Analyzer Rule-Set #4
17. Legacy System Complexities
19. Importance of the Study Demonstrates how a reasonable and practical implementation of continuous assurance would have detected a major fraud.
Emphasizes practicality of implementation in an enterprise systems environment.
Recognizes the inherent complexities of continued use of legacy systems and the related risk in any financial audit.
20. Implications for Future Research Continuous audit is possible, but what are the challenges facing a comprehensive implementation?
Cost?
Consumption of system resources?
Scalability?
Maintainability of comparison data/trends?
21. Implications for Future Research What are the organizational and human issues involved?
Perceptions of trust?
Gaming behavior?
Human interpretation and use of data?
Information processing biases?
Information overload?
22. LEARNING FROM WORLDCOM: IMPLICATIONS FOR FRAUD DETECTION THROUGH CONTINUOUS ASSURANCE J. Randel Kuhn, Jr.
University of Central Florida
Steve G. Sutton
University of Central Florida
University of Melbourne
Not only are information systems in healthcare changing, the environment in which medicine is practiced is changing as well, as are the relationships between the individuals involved (patients and HC workers). Information systems has played, and is continuing to significantly impact the practice of medicine.
This project examines the development of information systems in this new environment and addresses a current void in the literature regarding healthcare systems design, and acknowledges the roles of the people involved, as well as the impact of IS on medicine and individuals healthcare decisions.
Healthcare information systems are changing. Will Review these changes and the role that MIS is playing in the practice of medicine today.
In large part, due to technology, medical knowledge is changing rapidly. This has had an significant impact both on the practice of medicine by physicians/healthcare workers, and on the patients with regard to the complexity of the decisions that they face regarding treatment decisions.
Not only are the HIS changing but todays patients are changing as well.
The systems design literature has not evolved with the changes in either the systems itself or with the changes in todays HIS users.
This research project is a response to the need in both the literature and use of information systems in practice today.
Changes in IS in the healthcare industry, changes in the practice of medicine itself, and changes in the consumer of the product of medicine, and the current void in the literature regarding these issues, that this research project addresses.
Not only are information systems in healthcare changing, the environment in which medicine is practiced is changing as well, as are the relationships between the individuals involved (patients and HC workers). Information systems has played, and is continuing to significantly impact the practice of medicine.
This project examines the development of information systems in this new environment and addresses a current void in the literature regarding healthcare systems design, and acknowledges the roles of the people involved, as well as the impact of IS on medicine and individuals healthcare decisions.
Healthcare information systems are changing. Will Review these changes and the role that MIS is playing in the practice of medicine today.
In large part, due to technology, medical knowledge is changing rapidly. This has had an significant impact both on the practice of medicine by physicians/healthcare workers, and on the patients with regard to the complexity of the decisions that they face regarding treatment decisions.
Not only are the HIS changing but todays patients are changing as well.
The systems design literature has not evolved with the changes in either the systems itself or with the changes in todays HIS users.
This research project is a response to the need in both the literature and use of information systems in practice today.
Changes in IS in the healthcare industry, changes in the practice of medicine itself, and changes in the consumer of the product of medicine, and the current void in the literature regarding these issues, that this research project addresses.