Question

CPA Australia’s advisory guide on employee fraud identifies some typical ways that fraud is carried out. These are listed in the table below.

In the table below:

(a) Recommend a control for each of the risks identified in the table below.
(b) Classify each of the control activities as preventive, detective, or corrective.

Source: Parkes, Alison, Brett Considine, Karin Oleson, Yvette Blount. Accounting Information Systems, 5th Edition. John Wiley & Sons Australia,

Risk	Control	Control classification
1) creating ‘ghost’ employees or not deleting ex-employee records and having the salary of these ‘ghost’ employees paid into the fraudster’s bank account
2) creating bogus suppliers, with payment being made to the fraudster’s bank account
3) creating bogus purchase orders of a bona fide supplier and substituting the supplier’s bank account details with fraudster’s bank account details

5

4) obtaining kickbacks or bribes from suppliers or contractors (as an inducement to purchase from them)
5) submitting inflated/bogus reimbursement claims
6) manipulating financial data to receive performance-based bonuses
7) faking time sheets
8) making private purchases through business accounts/business credit cards

Answer 1

Control classification Risk creating 'ghost' employees or not deleting ex-employee records and having the salary of these 'ghost' employees paid into the fraudster's Review of general legder bank account Control SI. Detective Control 1 creating bogus suppliers, with payment being made to the fraudstersCollection of all supplier information Preventive Control 2 bank account creating bogus purchase orders of a bona fide supplier and substituting the supplier's bank account details with fraudster's bank with the bank account details Verification of supplier information Preventive Control 3 provided account details Review of purchasing policy obtaining kickbacks or bribes from suppliers or contractors (as an inducement to purchase from them) Detective Control 4 procedures Terminating of employees indulged in cheating Corrective Control submitting inflated/bogus reimbursement claims 5 Authenticating manipulations to financial information through login IDs and passwords. manipulating financial data to receive performance-based bonuses 6 Preventive Control Installing swipe card/ biometric devices to record proper entry and exit of employees |Authorization by higher level personnel for every payments made Preventive Control from business account Preventive Control faking time sheets 7 making private purchases through business accounts/business credit cards