Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
75 Cards in this Set
- Front
- Back
- 3rd side (hint)
|
Of the following parties, who is responsible for developing a strategy to assess and manage fraud risks that aligns with the organization’s risk appetite and strategic plans? |
Board of Directors
|
|
|
|
Most experts agree that it is much easier to detect fraud than it is to prevent it. (T/F) |
False
|
|
|
|
The theory of differential association is used frequently to explain white-collar criminality. Which of the following is one of the assertions or principles of differential association? |
Criminal behavior is acquired through participation with intimate personal groups. |
The theory of differential association was developed by criminologist Edwin Sutherland. It states that: (1) criminal behavior is learned; (2) it is learned from other people in a process of communication; (3) criminal behavior is acquired through participation with intimate personal groups; (4) the learning process includes the shaping of motives, drives, rationalizations, and attitudes; (5) motives are learned from definitions of legal codes as being favorable or unfavorable; (6) a person becomes a criminal because of an excess of definitions favorable to violation of the law over definitions unfavorable to violation of the law; (7) differential association may vary in frequency, duration, priority, and intensity; (8) learning criminal behavior involves all the mechanisms of other learning; (9) learning differs from pure imitation; and (10) while criminal behavior is an expression of general needs and values, it is not explained by these needs and values. |
|
|
According to COSO, _________ is a process that is designed to identify potential events that may affect the entity and manage risk to be within its risk appetite in order to provide reasonable assurance regarding the achievement of the entity’s objectives.
|
Enterprise risk management
|
|
|
|
According to the 2012 Report to the Nations, Certified Fraud Examiners estimate that organizations lose ___ percent of revenues to fraud and abuse each year.
|
5%
|
|
|
|
Which of the following is FALSE regarding the communication of the fraud risk assessment process? |
C. The communication should be limited to management and the board.
|
|
|
|
According to Government Auditing Standards, as part of a performance audit, the auditor should make a determination as to whether any questionable acts discovered during the engagement legally constitute fraud. (T/F) |
False. Whether an act is, in fact, fraud is a determination to be made through the judicial or other adjudicative system and is beyond auditors’ professional responsibility. |
|
|
|
In considering general ethics, a person's primary goal is to arrive at a set of acceptable methods for making ethical decisions to fulfill all his roles. (T/F) |
True. |
|
|
|
According to the requirements of the Sarbanes-Oxley Act, which of the following parties is responsible for establishing procedures to handle complaints regarding irregularities in a publicly traded company’s accounting methods, internal controls, or auditing matters? |
Audit committee |
|
|
|
Yellow Book auditing standards apply to performance audits conducted at private companies and non-profit organizations. (T/F) |
False. The Yellow Book provides generally accepted government auditing standards (GAGAS) that form a framework of guidance for auditors of government entities and entities that receive government awards. The Yellow Book describes and promulgates standards for financial audits and performance audits of government organizations. It also contains standards covering attestation engagements, such as examinations and reviews, and other non-audit services performed on government organizations and programs. The Yellow Book standards form a framework of guidance for auditors of government entities and entities that receive government awards, including standards covering ethics, independence, professional judgment and competence, quality control, audit performance, and reporting. |
|
|
|
The board of directors holds the primary responsibility for designing, implementing, monitoring, and improving the fraud risk management program. (T/F) |
False. The primary responsibility for designing, implementing, monitoring, and improving the fraud risk management program is held by management. |
|
|
|
Fraud risks that remain after management action are considered inherent risks. (T/F) |
False. Risks that are present before management action are described as inherent risks. The risks that remain after management action are described as residual risks. |
|
|
|
Which of the following is NOT one of the principles involved in the risk assessment process, as laid out by COSO? |
D. Conducting ongoing monitoring of the risk management strategy |
the risk assessment involves the following principles: * The organization sets sufficiently clear objectives to enable the identification and assessment of risks relating to the objectives. |
|
|
According to the U.S. Corporate Sentencing Guidelines, the board of directors does not necessarily have to be knowledgeable about the implementation of an organization's compliance and ethics program if the board has delegated that responsibility to a compliance officer. (T/F) |
False |
|
|
|
Under the Sarbanes-Oxley Act, members of the audit committee can be paid for consulting work done for the company, but only if the transaction is documented and conducted at arm's length. (T/F) |
False. Under the restrictions imposed by the Sarbanes-Oxley Act, all audit committee members must be members of the board of directors and must be “independent,” meaning they receive compensation only for their service on the board. They cannot be paid by the company, or any of its subsidiaries, for any other consulting or advisory work, including indirect payments made by the company to a party related to the committee member. |
|
|
|
According to PCAOB Auditing Standard No. 5, an auditor should implement a bottom-up approach when auditing an entity's internal control over financial reporting. (T/F) |
False. Top down. |
|
|
|
Certified Fraud Examiners are absolutely prohibited from expressing opinions regarding the guilt or innocence of any party. (T/F) |
True |
|
|
|
The Private Securities Litigation Reform Act requires public company audits to include procedures designed to provide reasonable assurance of detecting __________ that would have a direct and material effect on the financial statements. |
C. Illegal acts |
|
|
|
A Certified Fraud Examiner is strictly prohibited from accepting an assignment to uncover fraud in a company in which he has a major interest. (T/F)
|
False
|
|
|
|
According to ACFE research, frauds that target cash are more common than those that target non-cash assets. (T/F)
|
True.
|
|
|
|
Which of the following is one of the interrelated components of a company's internal control system, as laid out by COSO?
|
A. Risk assessment. COSO identified the following five interrelated components of internal control: |
|
|
|
The term white-collar crime was first coined by which of the following scholars?
|
A. Edwin H. Sutherland.
|
|
|
|
An entity’s corporate culture is most effectively assessed using a checklist of initiatives to make sure all the elements of a strong tone at the top are in place. (T/F) |
False. |
|
|
|
Which of the following is NOT one of the components of COSO’s Enterprise Risk Management—Integrated Framework? |
Corporate compliance
The eight components of the ERM Framework are: Internal environment Objective setting Event identification Risk assessment Risk response Control activities Information and communication Monitoring |
|
|
|
Lane, a Certified Fraud Examiner, conducted a fraud examination at Blue Corp. Betty was a prime suspect in the disappearance of money, but Lane could not prove it. Later, Lane discovered Betty had been recently hired by Red Corp., another client of his. Under the Certified Fraud Examiner Code of Professional Ethics, Lane must: |
Not inform Red Corp. Lane does not have authorization from Blue Corp to disclose that information. |
|
|
|
According to PCAOB Audit Standards No. 5, the external auditor should integrate the audit of the company's internal controls over financial reporting (ICOFR) with the audit of the company's financial statements. (T/F) |
True. Although the objectives of financial statement audits and audits of ICOFR are not identical, the two audits should be integrated, with the auditor planning and performing the work to achieve the objectives of both audits. |
|
|
|
During the course of a fraud examination, William, an employee of XYZ Inc., approaches Barbara, a Certified Fraud Examiner and fellow employee of XYZ, and tells Barbara that he knows of a major fraud being committed by company management. However, William says he can only provide details if Barbara promises him absolute confidentiality. In response to William’s condition, Barbara should agree to keep the source of the information confidential, even though she knows she will eventually have to reveal William’s identity. (T/F) |
False |
Fraud examiners must remember that the confidentiality relationship runs first to the client or employer, and the promise of confidentiality is understood to exist without being spoken. In the case of William (the employee/informant), Barbara (the Certified Fraud Examiner) does not have an understood or unspoken promise of confidentiality. Barbara should tell William that she will try to keep the information as confidential as possible, but it would be unethical for Barbara to promise confidentiality to the employee; her first obligation is to the employer. |
|
|
According to the 2012 Report to the Nations, which of the three major categories of occupational fraud has the highest median loss?
|
Financial statement fraud
|
|
|
|
The primary purpose of AU Section 240 is to:
|
B. Establish standards for auditors in fulfilling their responsibilities related to fraud during a financial statement audit
|
|
|
|
The results of the fraud risk assessment should be reported using a standardized risk assessment report developed by the ACFE or another professional association. (T/F)
|
False
|
|
|
|
A corporate compliance program will only be effective if the company consistently punishes employees who violate the program. (T/F)
|
True
|
|
|
|
Which of the following should be covered in employee anti-fraud training?
|
B. Examples of past transgressions and how they were handled
|
|
|
|
According to Government Auditing Standards, assessing the risk of potential fraud relates solely to planning the audit and should therefore be performed only at the beginning of the audit engagement. (T/F)
|
False
|
|
|
|
AU Section 240 requires auditors to brainstorm how management could perpetrate or conceal fraud. (T/F)
|
True
|
|
|
|
A person’s social status plays no role in his ability to commit white-collar crime. (T/F)
|
False
|
|
|
|
In the context of a fraud examination, the preservation of integrity requires that the CFE avoid all differences of opinion regarding all material matters with the other parties to the engagement. (T/F)
|
False
|
|
|
|
The Sarbanes-Oxley Act provides both civil and criminal penalties for retaliating against corporate whistleblowers. (T/F)
|
True
|
|
|
|
Which of the following parties is ultimately responsible for the prevention and detection of fraud within an organization?
|
Management
|
|
|
|
By law, all organizations must have an affirmation process as part of their fraud risk management program. (T/F)
|
False.
|
|
|
|
White-collar defendants are less likely to insist on a trial than other offenders. (T/F)
|
False
|
|
|
|
A detailed fraud prevention policy can give management legal grounds to investigate and punish violators. (T/F)
|
True
|
|
|
|
The fraud risk assessment should include input from both management and auditors to ensure a holistic view of the organization's risks, but should exclude all others to maintain the independence and objectivity of the assessment process. (T/F)
|
False
|
|
|
|
To show appreciation for an employee's hard work, a manager exempts the individual from several undesirable administrative tasks. This is an example of positive reinforcement. (T/F)
|
False. This is an example of , a negative reinforcement withdraws a negative stimulus in exchange for the desired response.
|
|
|
|
A corporation cannot be held criminally liable for the actions of its employees if there were specific policies in place that prohibited the activity undertaken by the employees. (T/F)
|
False
|
|
|
|
According to The Institute of Internal Auditors’ International Standards for the Professional Practice of Internal Auditing, internal auditors must apply the care and skill of an expert whose primary responsibility is investigating fraud. (T/F)
|
False. Internal Auditing Standard 1220 states that internal auditors must apply the care and skill expected of a reasonably prudent and competent internal auditor. The standard also states, however, that due professional care does not imply infallibility.
|
|
|
|
The purpose of corporate governance is to:
|
C. Encourage the efficient use of resources and require accountability for the stewardship of those resources.
|
|
|
|
The fraud risk assessment process should be conducted covertly so that assessment team members can get an accurate picture of what actually occurs in the business. (T/F)
|
False
|
|
|
|
According to COSO, internal control is a process “designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting, and compliance.” (T/F)
|
True
|
|
|
|
Justine, a CFE, was contacted regarding an engagement to investigate a complex mortgage fraud case involving an organized crime ring. Justine had previously taken a self-study CPE course on mortgage fraud schemes, but she had no other training or experience in such cases. However, she accepted the engagement and chose to conduct the work herself. Justine’s conduct would likely be a violation of the Certified Fraud Examiner Code of Professional Ethics. (T/F)
|
True.
|
|
|
|
For analytical procedures performed during an audit to be most effective in uncovering fraud, the scheme must materially impact the financial statements. (T/F)
|
True
|
|
|
|
During a performance audit of a government agency, if the auditor identifies information indicating fraud might have occurred, the auditor should stop the audit and contact the Inspector General's office for a criminal investigation. (T/F)
|
False
|
|
|
|
Which of the following is among the audit committee’s responsibilities for fraud risk management?
|
C. Receiving regular reports on the status of reported or alleged fraud
|
|
|
|
When performing a fraud risk assessment, the fraud examiner should only designate an area as high risk if the assessment has conclusively revealed that fraud is occurring there. (T/F)
|
False
|
|
|
|
In a public company, the CEO should be charged with having primary responsibility for the oversight of the company’s compliance program. (T/F)
|
False
|
|
|
|
Systems based on the compliance theory of crime control attempt to achieve conformity to the law without having to detect, process, or penalize violators. (T/F)
|
True. Compliance systems provide economic incentives for voluntary compliance to the laws and use administrative efforts to control violations before they occur. In contrast, deterrence is designed to detect law violations, determine who is responsible, and penalize offenders in order to deter future violations. Deterrence systems try to control the immediate behavior of individuals, not the long-term behaviors targeted by compliance systems.
|
|
|
|
Who is responsible for holding the board of directors accountable for proper governance and oversight?
|
Shareholders
|
|
|
|
It should be the compliance officer's duty to help measure the effectiveness of the compliance program.
|
True
|
|
|
|
Who is responsible for holding the board of directors accountable for proper governance and oversight?
|
Shareholders
|
|
|
|
It should be the compliance officer's duty to help measure the effectiveness of the compliance program. (T/F)
|
True
|
|
|
|
Under the Corporate Sentencing Guidelines, judges are required to examine the adequacy of a company’s compliance and ethics program when sentencing the organization for criminal conduct. (T/F)
|
True
|
|
|
|
Which of the following is INCORRECT regarding the code of ethics requirements under the Sarbanes-Oxley Act?
|
A. The SEC has laid out specific language that must be included in all public companies’ code of ethics for senior financial officers.
|
|
|
|
Management from several IT consulting firms conspires to take turns submitting the lowest bids for all contracts in their area. This is considered an organizational crime. (T/F)
|
True
|
|
|
|
Rachel, an independent Certified Fraud Examiner, was hired by Laura, the CEO of Black and White, Inc., to investigate a case of alleged vendor overbilling. During the investigation, Rachel learns that Laura is involved in an unrelated fraud scheme. Under the Certified Fraud Examiner Code of Professional Ethics, Rachel should resign from the engagement without disclosing the evidence against Laura. (T/F)
|
False. Difficult problems arise over Certified Fraud Examiners’ obligations to blow the whistle about clients’ or employers’ shady or illegal practices; thus, CFEs must act with prudent caution in such circumstances. In this particular case, the company’s board of directors should probably be advised and permitted to determine the next steps to take.
|
|
|
|
The risk that an organization might be victimized by an individual who is able to overcome the three elements of the fraud triangle is called _______________.
|
Fraud risk. NOT insider risk
|
|
|
|
Harassing an employee of a non-public company for testifying regarding an alleged violation of state securities laws is a violation of the whistleblower protections provided by the Sarbanes-Oxley Act. (T/F)
|
False. Only covers employees of publicly traded companies.
|
|
|
|
A Certified Fraud Examiner was hired to investigate a company. After he carefully examined the company, he issued a report that stated, in part, "... in my opinion, this operation is free of material fraud." Such an opinion is permitted under the Certified Fraud Examiner Code of Professional Ethics. (T/F) |
False |
|
|
|
An accounting clerk stealing incoming customer payments is an example of: |
Occupational crime. is that which is committed by businesses, particularly corporations, and the government. In contrast, occupational crime involves legal offenses committed by individuals in the course of their occupation. For example, an accounting clerk stealing incoming customer payments would be considered an occupational crime. An antitrust offense, such as bid rigging or price fixing, would be an organizational crime. |
|
|
|
Which of the following is NOT one of the factors that Diane Vaughan cites as contributing to organizations being inherently prone to committing crime? A. Rewards are given to employees who “rock the boat.”CORRECT B. Long-term loyalty is encouraged through company retirement and benefits. C. Loyalty is encouraged through social interaction, such as company parties and social functions. D. Organizations tend to recruit and attract similar individuals. |
A. Rewards are given to employees who “rock the boat.” O rganizations can also be criminogenic because they encourage loyalty. According to Diane Vaughan, the reasons are that: * The organization tends to recruit and attract similar individuals.* Rewards are given out to those who display characteristics of the “company man.” * Long-term loyalty is encouraged through company retirement and benefits. * Loyalty is encouraged through social interaction, such as company parties and social functions. * Frequent transfers and long working hours encourage isolation from other groups. * Specialized job skills can discourage personnel from seeking employment elsewhere. |
|
|
|
Which of the following is TRUE regarding fraud risks? A. The objective of anti-fraud controls is to make the residual fraud risk significantly smaller than the inherent fraud risk. B. The objective of anti-fraud controls is to make the inherent fraud risk significantly smaller than the residual fraud risk. C. The objective of anti-fraud controls is to completely eliminate residual fraud risks. D. Risks that are present before management action are described as residual risks. |
A. The objective of anti-fraud controls is to make the residual fraud risk significantly smaller than the inherent fraud risk.
|
|
|
|
Roger has just completed a fraud examination report containing confidential information for ABC, Inc., a client. He received a call from a special agent with the FBI requesting a copy of the report. Which of the following statements is FALSE? A. Roger can turn over the report if it is subpoenaed. B. Roger can turn over the report without any repercussions because he owns the information contained in the document. C. Roger can turn over the report if his client consents. D. Roger can turn over the report if the information is requested in a search warrant. |
B. Roger can turn over the report without any repercussions because he owns the information contained in the document. |
|
|
|
According to the 2012 Report to the Nations, which of the three major categories of occupational fraud is the most common? A. Identity theft B. Financial statement fraud C. Asset misappropriations D. Corruption |
C. Asset misappropriations All occupational frauds fall into one of three major categories: asset misappropriation, corruption, or financial statement fraud. In the 2012 Report to the Nations, asset misappropriation schemes were both the most commonly reported—occurring in more than 86 percent of cases—and the least costly of the three major categories of occupational fraud. Financial statement fraud, on the other hand, was the least commonly reported type of occupational fraud, occurring in just 7.6 percent of cases reported, but these schemes caused considerably more damage than frauds in the other two categories. Corruption schemes fell in the middle of the spectrum in terms of frequency and cost. |
|
|
|
Which of the following offenses is addressed by the whistleblower protections provided by the Sarbanes-Oxley Act? A. Threatening an employee of a public company for testifying regarding an alleged violation of securities laws B. Firing an employee of a public company for providing information as part of a fraud investigation C. Firing an employee of a non-public company for providing information about an alleged federal offense to law enforcement D. All of the above |
D. All of the above
|
|
|
|
The Treadway Commission was established with the purpose of defining the responsibility of the auditor in preventing and detecting fraud. (T/F) |
True The National Commission on Fraudulent Financial Reporting (commonly known as the Treadway Commission) was established in 1985 with the purpose of defining the responsibility of the auditor in preventing and detecting fraud. The commission was formed and sponsored by the major professional auditing organizations—the American Institute of Certified Public Accountants, The Institute of Internal Auditors, the American Accounting Association, Financial Executives International, and the Institute of Management Accountants. |
|
|
|
Both the NYSE and NASDAQ have rules requiring listed companies to adopt and disclose a code of conduct for all employees and to report any waivers of the code for directors or officers. (T/F) |
True. Companies with securities listed on the NYSE are bound by the corporate governance requirements contained in the NYSE Listed Company Manual; similarly, the corporate governance standards issued as part of the NASDAQ Equity Rules apply to all entities with securities listed on the NASDAQ exchange. Both the NYSE and the NASDAQ rules include a requirement that listed companies adopt and disclose a code of conduct for all directors, officers, and employees. The rules for both exchanges also state that any waivers of the code of conduct for directors or officers must be approved by the board of directors and disclosed. |
|
|
|
Of the following, which is the most effective method of preventing fraud? A. Having an open-door policy B. Screening employees C. Conducting covert audits D. Increasing the perception of detection |
D. Increasing the perception of detection |
|
