Question

Create a scenario in which you attempt to breach the company’s information system in order to commit financial fraud. Explain how and why your scheme might work. Identify two internal controls, one preventative control and one detective control, that would quickly prevent or uncover the potential fraud.

Answer 1

I attempted to breach the company’s information system to commit financial fraud by entering a new standing instruction on the company’s bank to make a recurring monthly payment to a new company. I will form a shell company and then use the company’s information system to register my shell company as a vendor for my employer company. I will also give a standing instruction to remit certain amounts to the shell company on a monthly basis and will get the transaction recorded as transaction for materials supplied by my shell company. The scheme might work as the amounts will not be very high to raise red flags and hence will go unnoticed.

Two internal controls: A preventive internal control that will quickly prevent the potential fraud is that duties are separated within the company. So one person cannot approve vendors as well as make payments. So for instance even if I register my shell company as an approved vendor the payments will be done by another employee and that too after it has been approved by the accounts manager. This will quickly prevent my fraud from occurring.

One detective control that will uncover my potential fraud is monthly reconciliation of payments to vendors against physical verification of all materials and inventories purchased. This reconciliation will show that my registered shell company is only receiving payments but there is no actual supply of materials from my company. Hence my fraud will be uncovered.