Question

Explain how the Wells Fargo accounting information system (i.e., components and functions) contributed to the fraud and / or embezzlement. You will need to focus on how each component / function of the accounting information system failed, which resulted in the scandal / case.

1. Imagine that Wells Fargo uses a third-party accounting system. Evaluate the effectiveness of the firm’s stakeholder in the event that a third-party accounting system suffers a breach. Include an assessment of the level of responsibility of the software provider to the business and its clients. Provide support for your rationale.

Please include any websites/references used

Answer 1

Wells Fargo’s accounting scandal was one of the biggest and odd kind scandal. Wells Fargo pressurized its employees to persuade people to open accounts in the bank so that customers will take loans make deposits and make other transactions so that bank will earn revenue from it. But, the employees failed in generating a good customer base and began opening fake deposits and credit card accounts in the bank without the knowledge of the customers. Out of all these millions fake accounts only 5% of accounts generated some revenue for Wells Fargo. The scandal was a reason of inadequate supervision of Wells Fargo’s management and unrealistic targets set up which pressurized its employees.

With the increasing use of accounting software developed by a third party creates a lot of pressure on the top management to have a strong monitor over the software. Banking profession are at risk of cyber- attack because of sensitive and important data that they store. To minimize the risk, the best practices for stakeholders are as follows-

1. Keep a record of all transactions done by third party and monitor them. Alerts should be set up for the logins and activities that do not match protocols to be followed by Vendor.
2. Vendor’s access to software should be limited and a formal access procedure should be implemented for the vendor.
3. A multi-factor authentication should be implemented for the users.
4. Proper training should be provided to the employees to beware them from accessing email phishing.

Responsibilities of service provider.

1. Clients should be kept informed regarding all the useful information required for the services.
2. Services should be controlled and supervised.
3. Services should not have been terminated at times which can cause damage to the client.

     

References.

https://www.bloomberg.com

https://money.cnn.com

https://www.cpapracticeadvisor.com