390 likes | 664 Views
Computer Forensics Principles and Practices. by Volonino, Anzaldua, and Godwin. Chapter 11: Fraud and Forensic Accounting Investigation. Objectives. Understand the challenges of fraud investigations
E N D
Computer ForensicsPrinciples and Practices by Volonino, Anzaldua, and Godwin Chapter 11: Fraud and Forensic Accounting Investigation
Objectives • Understand the challenges of fraud investigations • Describe the common types of fraud committed against and on behalf of companies and organizations • Explain the characteristics and symptoms of fraud © Pearson Education Computer Forensics: Principles and Practices
Objectives (Cont.) • Identify the role of computer forensics in fraud detection and deterrence • Understand the purposes of forensic accounting investigations and how to participate in them © Pearson Education Computer Forensics: Principles and Practices
Introduction In crimes of fraud, the intent or conscious desire to deceive is essential to prosecuting these types of white collar crimes. This chapter helps you understand fraud and forensic accounting cases, what they are about, and how to utilize tools to help collect e-evidence in these cases. © Pearson Education Computer Forensics: Principles and Practices
Has fraud been committed? Is fraud still going on? Who might have done it? Who might have been involved? Did someone break into the network? Did an employee gain access to a system beyond the level of their authority? How? Has someone overridden the controls in a financial system? How? How do we prevent what has happened from happening again? Challenges of Fraud Investigations • Questions to ask when fraud is suspected: © Pearson Education Computer Forensics: Principles and Practices
Challenges of Fraud Investigations(Cont.) • Scope of fraud • Fraud is on the rise both in scope and scale • Corporate and occupational fraud • Examples illustrate the complexity and challenges of investigating these types of fraud cases • Multinational fraud case involving 19 computers in 18 countries • Accounting fraud at Cisco Systems • Corporate fraud at Prudential Insurance Co. • Fraud and corruption among San Diego city employees © Pearson Education Computer Forensics: Principles and Practices
Challenges of Fraud Investigations(Cont.) • Fraud to trial process • Most investigations of fraud originate from one of six sources: • Internal audits • Outside or external audits • Regulatory inquiries, primarily by the SEC • Shareholder actions, such as class action lawsuits • Complaints from customers or vendors • Anonymous tips © Pearson Education Computer Forensics: Principles and Practices
Challenges of Fraud Investigations(Cont.) • Special protection considerations • Occupational investigations must be kept secret to avoid harming an employee’s reputation • Investigation team must understand law of privilege and how it relates to contemporaneous documents and work product of the case • A work product may not be released, even through subpoena © Pearson Education Computer Forensics: Principles and Practices
Challenges of Fraud Investigations(Cont.) • Legal elements of fraud • Fraud depends on intentional (willful) acts of misrepresentation • Specific elements required to prove fraud: • A material false statement • An intent to deceive • A victim’s reliance on the statement • Damages to the victim © Pearson Education Computer Forensics: Principles and Practices
Investigator Independence • Forensics experts are needed in fraud investigations because of their specialized experience and objectivity • Their reports carry an impartiality that might not be true of reports from an internal audit © Pearson Education Computer Forensics: Principles and Practices
Challenges of Fraud Investigations(Cont.) • Intent is usually proven circumstantially • Ways to help prove intent include: • Motive • Opportunity • Repetitive acts • Concealment • Showing the victim relied on the false statement and was harmed • There is no fraud if victim is not damaged © Pearson Education Computer Forensics: Principles and Practices
Challenges of Fraud Investigations(Cont.) • Fraud claims have to meet tougher requirements than many other civil actions • A fraud plaintiff has to detail: • What misrepresentations were made • To whom the misrepresentations were made • How they were false • Why the plaintiff relied on them © Pearson Education Computer Forensics: Principles and Practices
Challenges of Fraud Investigations(Cont.) • Handling a fraud suspect • Make copies of all suspicious paper documents secretly and keep the copies in a secured location • Don’t tell the suspect that she is going to be interviewed to avoid destruction of evidence • Do not interview the suspect in his office or other familiar “comfortable” location • Don’t show the suspect the evidence, unless necessary for a confession • Have a verbal confession converted into a written statement and then signed © Pearson Education Computer Forensics: Principles and Practices
In Practice: Bank Fraud and Conspiracy • In 2004, Kenneth J. Flury obtained stolen CitiBank debit card account numbers, PINs, and personal identifier information • He encoded blank cards with the stolen information • He was indicted by a federal grand jury in the Shadowcrew investigation, a long-term online undercover investigation © Pearson Education Computer Forensics: Principles and Practices
In Practice: Fifth Amendment Right Against Self-Incrimination • Fifth Amendment to the Constitution guarantees that one cannot be compelled to be a witness against himself • Fourteenth Amendment applies that guarantee to state courts • Refusing to testify based on this guarantee is called “taking the Fifth” • The right does not apply in all situations © Pearson Education Computer Forensics: Principles and Practices
Types of Fraud • Fraud can be categorized based on who committed the fraud and who was victimized • Internal fraud is committed by someone within an organization • External fraud is committed by an outside party • When fraud is committed against a company, the company is the victim • When fraud is committed on behalf of a company, the victims may be shareholders or employees © Pearson Education Computer Forensics: Principles and Practices
Types of Fraud (Cont.) (Continued) © Pearson Education Computer Forensics: Principles and Practices
Types of Fraud (Cont.) © Pearson Education Computer Forensics: Principles and Practices
Types of Fraud (Cont.) • Types of fraud committed against a company • Operating-management corruption • Misappropriation of assets • Conflict of interest • Bribery • Extortion • Kickbacks • Theft of trade secrets © Pearson Education Computer Forensics: Principles and Practices
In Practice: Kickback and Embezzlement Red Flags • Red flags of kickbacks require a closer look at suspect’s activities • Red flags include not taking time off, personal financial problems, extravagant lifestyle • Behavior that could indicate embezzlement may also be zealous actions of dedicated employee • Red flags include missing documents, delayed bank deposits, large drop in profits © Pearson Education Computer Forensics: Principles and Practices
Types of Fraud(Cont.) • Three main types of fraud committed for a company • Senior management financial reporting fraud • Accounting cycle fraud • Bribery • Healthcare fraud defined as • Misrepresentation of fact for payment of a claim • Theft of money or property belonging to a health plan or health insurance company © Pearson Education Computer Forensics: Principles and Practices
Common Types of Healthcare Fraud (Continued) © Pearson Education Computer Forensics: Principles and Practices
Common Types of Healthcare Fraud (Cont.) © Pearson Education Computer Forensics: Principles and Practices
Types of Fraud (Cont.) • Relationship of job level and type of fraud committed • Senior management—financial statement fraud • Operating management—bribery and corruption • Administrative management—asset misappropriation • Employees—embezzlement • Nonemployees—conflict of interest • Medical doctors or healthcare providers—phantom billing, upcoding, unnecessary care © Pearson Education Computer Forensics: Principles and Practices
In Practice: Fraudulent Dossier about Saddam’s Regime • British government maintained that trusted intelligence sources had produced a report on Saddam Hussein • Analysis of document revealed report was created by Foreign Office and Downing Street staffers © Pearson Education Computer Forensics: Principles and Practices
Types of Fraud (Cont.) • Why fraud is not reported • Insufficient police resources to investigate it • Concern that a lengthy investigation will be expensive and not worth the cost • Concern that the news will harm the brand image or business reputation and scare away customers © Pearson Education Computer Forensics: Principles and Practices
Characteristics and Symptoms of Fraud • Three factors common in all fraud: • Pressure • Opportunity • Rationalization © Pearson Education Computer Forensics: Principles and Practices
Characteristics and Symptoms of Fraud (Cont.) • Pressures that most commonly drive people to commit fraud are financial • Financial pressures include • Greed or living beyond one’s means • High bills, personal debt, or poor credit • Personal financial losses or unexpected financial needs • Vices or addictions • Expensive extramarital relationships © Pearson Education Computer Forensics: Principles and Practices
Characteristics and Symptoms of Fraud (Cont.) • Weaknesses in organizations that create opportunities to commit fraud include: • Lack of controls that prevent or detect fraud • Overriding of internal controls • Failure to search out and discipline fraud perpetrators • Lack of access to information • Lack of an audit trail, of which the perp is aware © Pearson Education Computer Forensics: Principles and Practices
Characteristics and Symptoms of Fraud (Cont.) • Rationalization for fraud • Most difficult to investigate because it cannot be seen • Certain questionable behaviors can be rationalized and eventually escalate into massive fraud © Pearson Education Computer Forensics: Principles and Practices
In Practice: Jack Abramoff • Abramoff’s e-mails indicated that he blatantly deceived Indian tribes and did business with people linked to the underworld • Choctaw Indians gave Abramoff more than $80 million between 2000 and 2003 • Abramoff pleaded guilty to engaging in conspiracy involving corruption of public officials, fraud, and tax evasion © Pearson Education Computer Forensics: Principles and Practices
Fraud Investigation and Deterrence • Perception of detection can be an effective deterrent to fraud • Companies need to educate employees that computer forensics experts can find out everything they do and tie it to a particular person © Pearson Education Computer Forensics: Principles and Practices
Digital Forensic Accounting • Forensic accounting involves identifying, collecting, analyzing, and interpreting financial data with reports and expert opinions that will stand up in legal actions • Three high-profile forensic accounting cases: • Adelphia • Global Crossing • Tyco © Pearson Education Computer Forensics: Principles and Practices
Digital Forensic Accounting(Cont.) • General purposes of forensic accounting investigations • Fraud investigation • Dispute analysis or litigation • Data recovery © Pearson Education Computer Forensics: Principles and Practices
Reasons for Forensic Accounting Investigations (Continued) © Pearson Education Computer Forensics: Principles and Practices
Reasons for Forensic Accounting Investigations © Pearson Education Computer Forensics: Principles and Practices
Comparison of Forensic Accounting Fraud and Investigation © Pearson Education Computer Forensics: Principles and Practices
Summary • More and more frauds are perpetrated using computers and networks • Fraudster could be disgruntled employee, greedy executive, or unethical business partner • Pressure, opportunity, and rationalization are elements of every fraud © Pearson Education Computer Forensics: Principles and Practices
Summary (Cont.) • Prosecutor must show intent and deceit in order to prove fraud • E-evidence can show intent and deceit • “Forensic” in financial investigations implies that the information can be used in court • Forensic accounting is the investigation and analysis of financial evidence • Requires proper procedures and detailed evidence to ensure admissibility © Pearson Education Computer Forensics: Principles and Practices