Home » ACC 574
Category Archives: ACC 574
Acc 578 Financials statement fraud Essay
Course name and number
Financials statement fraud is one of the most common forms of fraud that occur in companies. Financial statement fraud involves careful manipulation of the accounting system with an aim of making the financial status of the company appear healthy to investors and the shareholders. Some form of financial statement frauds perpetrated in the past include disguising loans as sales revenue, concealing losses, deliberate omission of financial figures and/or transactions, falsification of figures, lack of adherence to accounting principles, and other forms of frauds. The Sarbanes Oxley Act of 2002 was introduced to deter companies from fraudulent reporting of financial figures. The Act, however, may not be able to deter acts of fraud where the management is involved in perpetrating such cases. This paper will assess two fraud cases related to financial statement fraud, specifically the Satyam Scandal of 2009 and the American International Group fraud which occurred in 2005.
Satyam Computer Services was an Indian-based company with interests in IT services and products. The company was engaged in the fields of system maintenance, engineering design, software development and packaged software integration. The company was publicly traded and its shares listed in India’s stock exchange. In 2009, the company changed its name to Mahindra Group following a takeover by Tech Mahindra. The scandal rocking the Indian IT giant emerged in 2009 after the company’s Chairman, Ramalinga Raju, publicly acknowledged that the company’s financial reports had been doctored. The accounts had been falsified by a staggering $ 1.47 billion (Sanyal & Tiwari, 2009).
Culture of the organizations
At Satyam computer Services, the written down corporate culture reflected what can be found in majority of ethical organizations around the world. However, the actions of the top management were contrary to the outlined corporate culture of the company. Prior to its collapse in 2009, reports had emerged over the top management involvement in unethical behavior such as data theft and bribing employees (Bhasin, 2013). On 23rd December 2008, the company was banned from engaging in any form of business with the World Bank, which was a clear indication that there were fraud issues within the company. Satyam was barred by the World Bank following emergence of details of irregular payments and hefty benefits to staff members. Clearly, the corporate culture at the top engaged in unethical practices such as bribery and corruption. In 2008, a number of directors resigned from the company indicating that all was not well in the company’s leadership. Share price fell by over 14 percent, the lowest price in a span of 4 years. Following the revelation that the company’s financial records had been falsified, the company’s promoters, Ramalinga and his brother Rama, were arrested and charged with bribery, cheating, forgery, breach of trust and criminal conspiracy (Bhasin, 2013).
In 2005 and 2008, American International Group (AIG) was involved in massive financial statement frauds. The frauds by AIG was unmasked following investigations by the Securities and Exchanges Commission (SEC), which possible came to know about the fraud through a whistleblower (Brady & Vickers, 2005). AIG is an American corporation involved in providing insurance services to clients worldwide. The financial statement fraud perpetrated by the top management of the company involved falsifying accounting records. After the investigations into the scandal, the company was forced to restate financial figures for the years 2000 to 2005, which contained gross financial misstatements (“RMS,” 2013). These financial misstatements were part of an elaborate scheme by the top management to portray the company as highly performing while in reality the company was performing poorly. In 2008, the company was on the verge of collapse after years of gross mismanagement.
The corporate culture at American International Group significantly contributed to the financial statement fraud and the subsequent imminent collapse in 2008. The company was however bailed out by the government, preventing a total collapse of the international company. The major cause of this collapse was the company’s corporate culture which had embraced a culture of high-stakes risk-taking investments. The top management as well as employees engaged in highly risky investments which were meant to provide the company with quick revenue. In 2007 and 2008, AIG engaged in the sales of credit default swaps without securing collateral or hedging the investments (“RMS,” 2013). Such risky investments supported by top management with a high risk appetite resulted in the failure of the company. The corporate culture also rewarded executives who failed in their specific divisions with huge bonuses, encouraging them to take more risks. The company also believed in speculative risk-taking which ultimately led to its collapse. Prior to 2005 fraud scandal, the top management at AIG lacked integrity and honesty, as evidenced by careful financial manipulations of financial statements (Brady & Vickers, 2005).
Causes of financial statement fraud and effectiveness of fraud prevention and detection
Satyam fraud was perpetrated over a period of time, involving the careful and planned manipulation of financial statements. Satyam would create fictitious items in its balance sheets and income statements just to impress analysts. For instance in 2009, Satyam balance sheet indicated that the company had $ 1.04 billion as non-interest-bearing deposits (Bhasin, 2013). Such deposits were of course non-existent. PricewaterhouseCoopers (PwC) had been the company’s auditor since 2000. Over the entire period, the auditors did not suspect anything unusual with the company’s financial statements. What was more appalling is that deposits amounting to $1.04 billion in non-interest-bearing accounts would definitely have raised the red flag that all was not well in the company. Such a huge amount of money would either have been given back to shareholders or invested as interest-bearing deposits. Other cases of fraud involved underreporting of liabilities.
The financial statement fraud at Satyam was thus driven by greed for success, power, competition and money. This drove the chairman, Mr. Ramalinga to engage in unethical practices. Mr. Ramalinga acted with negligence towards the fiduciary duties assigned upon him (Sanyal & Tiwari, 2009). The chairman was in constant pressure to impress all the stakeholders including analysts, investors, shareholders and even the stock market. Clearly, the top management had low moral standards and lacked corporate social responsibility, only acting upon their current needs. Fraud prevention and detection policies at Satyam were not effective. To start with, the there was no effective whistle-blower policy in the company. Fraud perpetrated by the top management can only be reported through a confidential whistle-blower policy. Independent directors may be unable to uncover such frauds. According to reports, the whistle-blower at Satyam was a former director. The company’s auditors, PwC, failed to uncover the massive fraud possibly out of collusion with the top management. PwC had audited the company for over 9 years, fuelling concerns of more than auditor-client relationships.
American International Group fraud in 2005 marked an unprecedented decline in the performance of the company culminating in a financial crisis in 2008. The company had for long been under the leadership of Maurice R. Greenberg, the then chief Financial Officer. In 2005, the company was engulfed in a fraud case involving mutual funds and insurance. There were also instances of corruption and fraudulent accounting practices. AIG’s financial fraud specifically involved reporting a $500 million loan as revenue (Cohan, 2010). This action created the impression that the company had high revenues, while in reality the company had lower revenues. The $ 500 million loan had been obtained from Berkshire Hathaway. On March 30th, Greenberg was forced to acknowledge the fraudulent financial reporting at the company aimed at bolstering reserves. In addition, investigators revealed other accounting frauds which had been committed over time. In addition, the company delayed announcing annual 10-K filings, causing an inflation of its net worth by over $ 1.7 billion (Cohan, 2010).
As seen from the fraud case, the key motivations in the fraud case was solely to bolster revenue figures so that the company could seem to be performing well in the eyes of shareholders, analysts, investors and the stock market. The top management lacked the proper moral and ethical values; hence they decided to deceive the public. Fraud prevention and detection policies at the company were weak. AIG’s board lacked independence from the CEO, Greenberg. Greenberg had been the CEO for quite some years, developing close ties with the board members (Cohan, 2010). New governance regulations and shareholder pressure has forced the directors to become independent. Since the fraud was perpetrated by the top management with the knowledge of directors, it was difficult to detect.
Effectiveness of SEC regulations and improvements needed
The major aims of SEC is to protect investors, develop new capital for businesses and curb against securities fraud. In line with this, SEC also ensures orderliness on securities transactions. One of the failures of SEC is lack of a clear outline of the auditor’s responsibility with regard to fraud prevention and detection. SEC only acknowledged that fraud may exist but placed no direct obligations on the auditors with regard to detecting fraud. As a result, auditors were under no legal obligation to detect various frauds. Majority of frauds perpetrated in organizations are attributed to inadequate audits. This mainly includes the failure to acquire sufficient audit evidence, lack of due professional care, giving a poor audit opinion, and among others. The effectiveness of SEC regulations is also limited when the management is involved in perpetrating fraud. The management can be able to override internal controls in an organization in order to perpetrate fraud.
There are a number of improvements SEC can make to improve on fraud detection. One of the possible ways is the use of data-mining technology to improve fraud detection in organizations. Data-mining involves the use of quantitative data analysis techniques with the aid of computers to automatically detect fraud. The use of data-mining technology in the fight against fraud is imperative in the modern world where cases of management involvement are on the rise. SEC needs to improve the existing fraud detection procedures. Auditors should not only assess the internal conditions but also collect information from third parties such as customers, suppliers, custodians and others. Lastly, SEC needs to improve the whistleblower policy in all organizations and establish links with insiders in all organizations who can provide evidence in case of fraud.
In conclusion, financial statement fraud is the most common in organizations. This type of fraud is often perpetrated by the top management and the directors. Most companies engage in this type of fraud in order to bolster their revenues and send the picture that the company is performing well to the public. Companies must develop elaborate fraud prevention and detection policies to prevent such frauds by the top management. An appropriate whistle-blower policy can help prevent and detect such types of frauds.
Bhasin, M. (2013). Corporate Accounting Scandal at Satyam: A Case Study of India’s Enron. European Journal of Business and Social Sciences, 1(12): 25-47.
Brady, D., & Vickers, M. (2005, April 10). AIG: What Went Wrong. Bloomberg Business. Retrieved from: http://www.bloomberg.com/bw/stories/2005-04-10/aig-what-went-wrong
Cohan, W. D. (2010). Collapse of the house of Hank. Institutional Investor, 44(3): 1-9.
Risk Management Society (RMS). (2013). AIG, Credit Default Swaps and the Financial Crisis. Retrieved from: http://clubs.ntu.edu.sg/rms/researchreports/AIG.pdf
Sanyal, S., & Tiwari, D. (2009, April 17). Ex-insider blew the lid off Satyam Scam. The Economic Times.
Comprehensive Audit Plan
The feasibility study and discuss the Pros and cons for the design of SDLC with a recommendation for an optimal time frame for each stage.
A feasibility study is a basic audit procedure that helps the organization in compliance and preparation of a final audit. A feasibility study answers the basic question; can it be accomplished given the current resources? The feasibility study enables the management to determine all the resources necessary for the accomplishment of the tasks and the viability of the project (Kendall, & Julia, 2005). The following are the basic requirements for a feasibility study.
- Analysis of the existing information system
For an organization to develop a new and advanced system, the existing system must be analyzed in detail in order to identify its weaknesses in detecting and averting fraud. The crucial thing in this step is for the team to comprehensively review the interactions of the existing system with users, hardware and software and how the system inputs data and outputs the same in a readable manner. All these details should be documented for further analysis.
- Requirements of the various stakeholders
The feasibility study should address the needs of the concerned parties. The requirements of the new system should answer the expectations of the various stakeholders such as management, shareholders, owners and others. The system analyst must thoroughly assess the operating environment for the new system. Thus, the analyst must understand the structure of the business, nature of the business, management, the people as well as existing information system.
- The potentiality of the new system
The feasibility study must also incorporate the expected benefits, goals and objectives to be met in using the new system. The feasibility study must describe the expected results of the new system. In this part, the feasibility study should describe the new security enhancements, storage capabilities, interface improvements and storage capabilities of the new system. This part is essential as it is used by the committee as a basis for making judgment on whether to proceed with the implementation.
Implementation stages and timeline
This is the initial phase of the SDLC. This phase basically involves identification of a need for a new system and the necessary documentation of its role. The need for a new system may be proposed by the IT team or the new management in the organization. In this phase, the goals of the project are clearly defined, in addition to requirements needed for information security. At this stage also, security concerns are thoroughly assessed. The new system should be able to avert any attacks and ensure smooth integration of the old and the new system (McLeod, & Sumner, 2004).
System analysis is basically an investigation of the current system in a bid to identify problems or shortcomings with the current system. This phase involves identifying the specific problems with the current system to be solved. For example, all the areas identified as weak in previous audits are thoroughly assessed. In system analysis, a thorough investigation of the current information system is conducted identifying the various activities, products and resources it entails. In addition, the organization’s information requirements are assessed. System analysis should be conducted in a period of one month (McLeod, & Sumner, 2004).
In the system analysis phase, the major aim is to describe what the new system should accomplish for users. On the other hand, the system design stage describes how the new system will accomplish the goals identified. In system design, the technical specifications or aspects of the system are identified. This may involve developing the necessary process diagrams, screen layouts, and description of all operations in detail. This stage should take two months (McLeod, & Sumner, 2004).
System construction and testing
This stage involves the actual creation of the system. In this stage, all the required programs are created including the codes and the necessary documentation. After the successful creation, the system is tested to evaluate its accuracy. Testing enables shortcomings in the new system to be fixed. If there are no errors in the system, the project continues to the implementation stage. This stage should take four months.
This is the most important phase of the project. In this phase, the necessary software is acquired and installation completed. User training is also conducted to all the staff and other users. Training is conducted to the system support staff and other end users interacting with it. Implementation of the new system should take three months to complete (McLeod, & Sumner, 2004).
This is the final stage in the SDLC. This involves monitoring the new system, constant evaluation and making modifications to the system. The stage involves improving the new system to the needs of the business, which often entails changing the original system specifications. System maintenance should be conducted on a yearly basis (McLeod, & Sumner, 2004).
Benefits of the waterfall method
- The method facilitates early detection and rectification of errors.
- Implementation of the model is less costly compared to other models.
- The model has definite starting as well as end points unlike other models such as the spiral model.
- Since each phase must be completed before proceeding to the next, it encourages meeting of set deadlines.
- Each stage is unique and teams often ensure they perfect on each before proceeding to the next.
- The model does not offer room to amend mistakes in previous stages because when a particular stage is complete the focus is on the preceding one.
- Individuals involved in other phases are often idle as they await the work to progress to the phase they are assigned to.
- It is often difficult to estimate the amount of time each phase will take.
- The model is inflexible as any changes needed in the system means that all the stages must be repeated (Kendall, & Julia, 2005).
Make recommendations for the optimal computer operating system to address the emerging issue
The optimal computer operating system for to address the financial misstatements is IBM AS/400. The IBM AS/400 is effective software especially in preventing unauthorized access. In large organizations, IBM AS/400 is more effective because users are given different menus under in the operating system (Moeller, 2005). In addition, users are often required to change their logon codes. In small organizations, users have the same general menu, and are less likely to change their logon codes. An optimal computer operating system should be able to secure passwords and offer distinct menu systems that can hardly be compromised (Cannon, 2008). Small business organizations have an additional challenge in regularly updating the operating system and related software to the latest releases. Lack of regular system upgrade may compromise the reliability of such as a system, making it vulnerable to attacks (Cannon, 2008). Large organizations regularly update their operating systems and other software hence they are able to maintain security of data and other important information.
The IBM AS/400 has a number of security features that enable prevent fraud especially the type of fraud perpetrated by dishonest employees (Moeller, 2005). The operating system is equipped with a number of features that enhance its security level. The system offers a variety of password format options that enhance password security. For instance, the password characters must be more than five and users cannot be able to reuse their previous passwords. In addition, a single character cannot be repeated more than once. The operating system can be programmed in such a way that a user cannot be able to carry out tasks at different workstations (Moeller, 2005). This means that an employee can only be able to carry out duties on the workstation assigned to him or her only. The system is also designed to limit the number of attempts a user can make while logging on the system to utmost three. Lastly, the operating system can be set to audit specific areas that are considered high risk in an organization. The operating system contains more than 14 parameters that can be used to analyze high risk areas in an organization (Moeller, 2005).
Cannon, D. L. (2008). CISA: Certified information systems auditor study guide. Indianapolis, Ind: Wiley Pub.
Kendall, K., and Julia, K. (2005). Systems Analysis and Design. 6th ed. Englewood Cliffs, NJ: Prentice-Hall.
McLeod, R., and Sumner, G. S. (2004). Management Information Systems. 9th ed. Englewood Cliffs, NJ: Prentice-Hall.
Moeller, R. R. (2005). Brink’s modern internal auditing. Hoboken, N.J: John Wiley & Sons. Inc.