  Chapter 

This chapter introduced the topic computer fraud. What is fraud? How was fraud perpetrated? How vulnerable is de company’s computer system?

As accounting information systems grow more complex to meet our escalating needs for information, companies face the growing risk that their systems may be compromised. Recent surveys show that 67% of companies had a security breach, over 45% were targeted by organized crime, and 60% reported financial losses.

There are four types of threats to accounting information systems.

  1. Natural and political disasters.

  2. For example: fire or excessive heat. Floods, earthquakes, landslides, hurricanes, tornadoes, blizzards, snowstorms, and freezing rain. Also, war and attacks by terrorists.

  3. Software errors and equipment malfunction.

  4. For example: hardware of software failure, software errors or bugs, operating system crashes, power outages and fluctuations, and undetected data transmissions errors.

  5. Unintentional acts.

  6. For example: accidents caused by human carelessness, failure to follow established procedures, and poorly trained or supervised personnel. Or innocent errors or omissions. Also logic errors, and lost, erroneous, destroyed, or misplaced data. Another example: systems that do not meet company needs or cannot handle intended tasks.

  7. Intentional acts (computer crimes).

  8. For example: sabotage, corruption, computer fraud, financial statement fraud, misappropriation of assets, and misappropriation, false use, or unauthorized disclosure of data.

A cookie contains data a website stores on your computer to identify the website to your computer so that you do not have to log on each time you visit the site.

Fraud is gaining an unfair advantage over another person. Legally, for an act to be fraudulent there must be:

  • A false statement, representation, or disclosure

  • A material fact, which is something that induces a person to act

  • A intent to deceive

  • A justifiable reliance. That is the person relies on the misrepresentation to take an action

  • A injury or loss suffered by the victim

An estimated 75% to 90% of computer fraud perpetrators are knowledgeable insiders with the requisite access, skills, and resources. Because employees understand a company’s system and its weaknesses, they are better able to commit and conceal a fraud. The controls used to protect corporate assets make it more difficult for an outsider to steal from a company. Fraud perpetrators are often referred to as white-collar criminals.

Fraud takes two forms

  • Misappropriation of assets: is the theft of company asset. The most significant contributing factor in most misappropriations is the absence of internal controls and/or the failure to enforce existing internal control.

  • Fraudulent financial reporting defined as intentional or reckless conduct, whether by act or omission, that results in materially misleading financial statements. Financial statements are falsified to deceive investors and creditors, increase a company’s stock price, meet cash flow needs, or hide company losses and problems.

The Treadway Commission recommended four actions to reduce fraudulent financial reporting:

  1. Establish an organizational environment that contributes to the integrity of the financial reporting process.

  2. Identify and understand the factors that lead to fraudulent financial reporting.

  3. Assess the risk of fraudulent financial reporting within the company.

  4. Design and implement internal controls to provide reasonable assurance of preventing fraudulent financial reporting.

The Association of Certified Fraud Examiners found that an asset misappropriation is 17 times more likely than fraudulent financial reporting but that the amounts involved are much smaller.

SAS No. 99 (Statement on Auditing Standards) was adopted to clarify the auditor’s responsibility to detect fraud. It requires auditors to:

  • Understand fraud

  • Discuss the risk of material fraudulent misstatements

  • Obtain information

  • Identify, assess, and respond to risks

  • Evaluate the results of their audit tests

  • Document and communicate findings

  • Incorporate a technology focus

When researches compared the psychological and demographic characteristics of white-collar criminals, violent criminals, and the public, they found significant differences between violent and white-collar criminals. Fraud perpetrators look just like you and me. Some are disgruntled and unhappy with their jobs and seek revenge against employers. Most have no previous criminal record. Some are motivated by curiosity, a quest for knowledge, the desire to learn how things work and the challenge of beating the system.

Three conditions are present when fraud occurs.

  1. Pressure. A pressure is a person’s incentive or motivation for committing fraud. There are three types of pressure. The first one is financial pressure. Financial pressure often motivate misappropriation frauds by employees. A second type of pressure is emotional. Many frauds are motivated by greed. Some employees turn to fraud because they have strong feelings or resentment or believe they have been treated unfair. A third type of employee pressure is a person’s lifestyle. The person may need funds to support a gambling habit or support a drug or alcohol addiction. Some people commit fraud to keep pace with other family members.

  2. Opportunities. This is the condition or situation that allows a person or organization to do three things.

    1. Commit the fraud

    2. Conceal the frand

      1. Lapping: a perpetrator steals the cash or checks customer A mails in to pay its accounts receivable.

      2. Kiting: cash is created using the lag between the time a check is deposited and the time it clears the bank.

    3. Convert the theft or misrepresentation to personal gain

  3. Rationalization. A rationalization allows perpetrators to justify their illegal behavior. Perpetrators rationalize that they are not being dishonest, that honesty is not required of them, or that they value what they take more than honesty and integrity.

Computer fraud is any fraud that requires computer technology knowledge to perpetrate, investigate, or prosecute it. Millions of dollars can be stolen in less than a second, leaving little or no evidence. Therefore, computer fraud can be much more difficult to detect than other types of fraud.

Computer systems are particularly vulnerable for the following reasons:

  • People who break into corporate databases can steal, destroy, or alter massive amounts of data in very little time.

  • Perpetrators can steal many more assets with much less time and effort.

  • Some organizations grant employees, customers, and suppliers access to their system.

  • Computer programs need to be modified illegally only once for them to operate improperly for as long as they are in use.

  • Personal computers are vulnerable to security risks.

  • Computer systems face a number of unique challenges.

The number of incidents, the total dollar losses, and the sophistication of the perpetrators and the schemes used to commit computer fraud are increasing rapidly for several reasons:

  1. Not everyone agrees on what constitutes computer fraud

  2. Many instances of computer fraud go undetected

  3. A high percentage of frauds is not reported

  4. Many networks are not secure

  5. Internet sites offer step-by-step instructions on how to perpetrate computer fraud and abuse

  6. Law enforcement cannot keep up with the growth of computer fraud

  7. Calculating losses is difficult

Computer fraud can be categorized using the data processing model

  • Input fraud. The simplest and most common way to commit a computer fraud is to alter of falsify computer input. It requires little skill. Perpetrators need only understand how the system operates so they can cover their tracks.

  • Processor fraud. It includes unauthorized system use, including the theft of computer time and services.

  • Computer instruction fraud. This type of fraud includes tampering with company software, copying software illegally, using software in an unauthorized manner, and developing software to carry out an unauthorized activity. The approach used to be uncommon, but today it’s more frequent.

  • Data fraud. This is illegally using, copying, browsing, searching, or harming company data. The biggest cause of data breaches is employee negligence. In the absence of controls, it is nog hard for employees to steal data.

  • Output fraud. Unless properly safeguarded, displayed or printed output can be stolen, copied, or misused. Fraud perpetrators use computers to forge authentic-looking outputs, such as a pay check.

Voor toegang tot deze pagina kan je inloggen

 

Aansluiten en inloggen

Sluit je aan en word JoHo donateur (vanaf 5 euro per jaar)

 

    Aansluiten en online toegang tot alle webpagina's 

Sluit je aan word JoHo abonnee

 

Als donateur een JoHo abonnement toevoegen

Upgraden met JoHo abonnement (+ 10 euro per jaar)

 

Inloggen

Inloggen als donateur of abonnee

 

Hoe werkt het

Om online toegang te krijgen kun je JoHo donateur worden  en een abonnement afsluiten

Vervolgens ontvang je de link naar je online account en heb je online toegang

Lees hieronder meer over JoHo donateur en abonnee worden

Ben je al JoHo donateur? maar heb je geen toegang? Check hier  

Korte advieswijzer voor de mogelijkheden om je aan te sluiten bij JoHo

JoHo donateur

  • €5,- voor wie JoHo WorldSupporter en Smokey Tours wil steunen - voor wie korting op zijn JoHo abonnement wil - voor wie van de basiskortingen in de JoHo support centers gebruik wil maken of wie op zoek is naar de organisatie achter een vacature - voor wie toegang wil tot de op JoHo WorldSupporter gedeelde samenvattingen en studiehulp

JoHo abonnees

  • €20,- Voor wie online volledig gebruik wil maken van alle JoHo's en boeksamenvattingen voor alle fases van een studie, met toegang tot alle online HBO & WO boeksamenvattingen en andere studiehulp - Voor wie gebruik wil maken van de vacatureservice en bijbehorende keuzehulp & advieswijzers - Voor wie gebruik wil maken van keuzehulp en advies bij werk in het buitenland, lange reizen, vrijwilligerswerk, stages en studie in het buitenland - Voor wie gebruik wil maken van de emigratie- en expatservice

JoHo donateur met doorlopende reisverzekering

  • Sluit je via JoHo een jaarlijks doorlopende verzekering af dan kan je gedurende de looptijd van je verzekering gebruik maken van de voordelen van het JoHo abonnement: hoge kortingen + volledig online toegang + alle extra services. Lees meer

Abonnementen-advieswijzers voor JoHo services:

Abonnementen-advieswijzers voor JoHo services

  • Check hier de advieswijzers voor samenvattingen en stages - vacatures en sollicitaties - reizen en backpacken - vrijwilligerswerk en duurzaamheid - emigratie en lang verblijf in het buitenland - samenwerken met JoHo

Steun JoHo en steun jezelf

 

Sluit je ook aan bij JoHo!

 

 Steun JoHo door donateur te worden

en steun jezelf door ook een abonnement af te sluiten

 

Crossroads

 Crossroads

  • Crossroads lead you through the JoHo web of knowledge, inspiration & association
  • Use the crossroads to follow a connected direction

 

Footprint toevoegen
 
   
Hoe werkt een JoHo Chapter?

 JoHo chapters

Eigen aantekeningen maken?

Zichtbaar voor jezelf en bewaren zolang jij wil

Flexibele parttime bijbanen bij JoHo

    Memberservice: Make personal notes

    Ben je JoHo abonnee dan kun je je eigen notities maken, die vervolgens in het notitieveld  worden getoond. Deze notities zijn en blijven alleen zichtbaar voor jouzelf. Je kunt dus aantekeningen maken of bijvoorbeeld je eigen antwoorden geven op vragen