Download CFCI Study Guide – Updated with Certified Solutions and more Exams Financial Management in PDF only on Docsity!
CFCI Study Guide – Updated with
Certified Solutions
Fraud ✔✔"Any illegal acts characterized by deceit, concealment, or violation of trust. These acts
are not dependent upon the perpetrated by individuals and organizations to obtain money, property, or services; to avoid payment or loss of services; or to secure personal or business ad- vantage."
Main types of fraud ✔✔Internal Fraud and External Fraud
Internal Fraud ✔✔Activities that may be criminal, committed within an organization, typically by the employee against the employer.
External Fraud ✔✔Deceptive conduct by non-employees that
deprives the organization of value, and/or is undertaken for financial gain.
Embezzlement ✔✔The theft of money, property, or other assets of the employer.
Larceny ✔✔The taking away of the property of another, with the intent to convert it to his/her
own use.
Financial Fraud ✔✔"Cooking the books." This type of fraud generally refers to falsely
representing the financial condition of the company, so as to inflate the value of stock, fraudulently boost executive bonuses, or otherwise mislead shareholders, lenders, employees, investment analysts, or other users of the information.
Skimming (cash larceny) ✔✔Accounts receivable fraud, this involves simply stealing cash
before it enters the organization's accounting system.
Billing Schemes ✔✔Using false documentation to cause a targeted organization to issue a
payment for false services and/or purchases.
Check Tampering ✔✔Common method (Taking advantage of employee access to blank company checks, using a password to
steal computer-generated checks or producing counterfeit checks).
C.N.P ✔✔Card not present transactions
Identity Theft ✔✔The fraudulent acquisition or stealing of confidential personal information
through social engineering.
Identity Fraud ✔✔Involves the unauthorized use of another person's personal data for illegal
financial benefit. Involves abusing the stolen information to transact personal business in the victim's name.
Wildcat Banking ✔✔An extreme form of what was called free banking. "A bank that issued
notes without adequate security in the period before the establishment of the national banking system in 1864".
2 categories that encompass Fraud ✔✔Theft (stealing money, ID, or assets) and deception (cooking the books, lying to shareholders, employees or partners)
Savings and Loan Crisis ✔✔The failure of about 1000 savings and loan banks as a result of risky
business practices. The roots of the S&L crisis lay in excessive lending, speculation, and risk- taking driven by the moral hazard created by deregulation and taxpayer bailout guarantees.
Myth #1 of the Financial Services ✔✔"We have very little fraud here" ex: subprime mortgage fraud
Myth #2 of Financial Services ✔✔"Ethics and training compliance has us covered" Fraud is not
always covered in ethics policy or training.
Myth #3 of Financial Services ✔✔"Fraud is an unavoidable cost of doing business" Fraud is
usually not serious enough to destroy a financial service firm, it is much more than necessary cost of doing business.
Chapter 1 review points ✔✔• Statistical picture of fraud. The numbers do not lie: Fraud is a huge worldwide problem—for all organizations.
- Financial services fraud. Seventy-four percent of financial institutions experienced attempted payment fraud (check fraud, ACH fraud, or credit card fraud in 2020).
- Definitions of fraud. The broad definition of fraud is illegal activity representing either theft or deception, or a combination of both.
Financial pressure ✔✔Financial difficulties, such as large amounts of credit card debt, an
overwhelming burden of unpaid medical bills, large gambling debts, extended unemployment, or similar financial difficulties.
Opportunity ✔✔Employee identifies a weakness in the organization's anti-fraud controls. For
example, if an employee is able to set up a phony vendor, have fraudulent invoices approved, and have payment sent to an address that he or she controls.
Rationalization ✔✔Persons who have committed fraud convince themselves that the act is either
not wrong or that even though it may be wrong, it will be corrected because they will eventually return the money. Another, often more damaging form of rationalization occurs when employees justify the fraud by taking the attitude that they deserve the stolen money—because the company unfairly denied them a raise or promotion, or because some other form of mistreatment made them "victims."
Remember: ✔✔The opportunity element of the Fraud Triangle helps to explain the ways in
which many frauds are committed by employees, middle managers, and executives of financial services organizations.
What caused the Fraud Triangle to morph into the Fraud Diamond? ✔✔A reevaluation for
peoples unadorned lust for money caused personal Greed to become the 4th side, morphing the triangle into the diamond.
Chapter 2 Review points ✔✔• External fraudsters are a varied and demographically diverse group, which makes it difficult for fraud fighters to profile these criminals. The best approach to detecting and preventing external fraud against financial institutions is to understand the red flags of these crimes.
- Internal fraudsters do have common behavioral and personality traits, which helps to detect suspicious activity before it is too late.
- Up to 80 percent of employees are either totally honest or honest to the point that they will not steal except in situations in which the opportunity to do so presents itself. And even then, these "fence sitters" may err on the side of honesty. The remaining 20 percent of your organization's employees are fundamentally dishonest and will go out of their way to commit fraud.
- Internal fraud can be divided into two categories: employee level and management level. There is an inverse ratio between the level of the organization at which fraud is committed and the amount of financial loss resulting from frauds committed at each level. Thus, while management-level frauds are committed less frequently than employee-level frauds, the financial loss resulting from the former is almost always significantly greater than the amount lost from the latter.
Kickback on Illegal loans ✔✔A bank insider is induced to approve a loan to a non-credit worthy
borrower, where the borrowers agrees to give something of value to the banker to approve the loan.
Reciprocal loans ✔✔A dishonest loan officer or bank manager agrees to authorize loans to one or more crooked bank colleagues or to dishonest counterparts in other financial institutions made with the understanding that a comparable, reciprocal loan or favor would be made in return.
Linked financing ✔✔A form of loan fraud in which a large depositor or a deposit broker agrees
to give a bank its business in exchange for a loan that it might otherwise not qualify for or that is used to perpetrate a real estate fraud.
Working Capital or Asset-based Loan Fraud ✔✔Typically are made by committing the
borrower's receivables, inventory, or other assets as collateral. Also referred to a "Floor-plan" lending as merchandise is used as collateral for the loan.
Suspense Account fraud ✔✔Bank employees with authority to credit and debit these accounts
would and to move funds held in suspense accounts the fraudster controls, such as a personal checking account.
Types of mortgage fraud ✔✔1. Application
- Tax return/financial statement
- Appraisal
- Verification of deposit
- Verification of employment
- Escrow/closing documents
- Credit documents
Two key categories of indicators of potential or actual employee
fraud. ✔✔Soft indicators and hard indicators.
Soft indicators ✔✔Are intangible, behavioral signs displayed by dishonest employees or
employees with an intention to commit fraud.
Hard indicators ✔✔Are pieces of evidence that are tangible. Often they are signs represented by
numerical oddities or by physical evidence.
- A virtually limitless variety of anti-fraud controls can be implemented to minimize the organization's fraud risk. The choice of which controls to put into place is best determined by conducting a fraud risk assessment that pinpoints signs of specific fraud vulnerabilities.
2 types of employee level embezzlement ✔✔1. Looting customer accounts such as savings and
checking by teller skimming of bank funds.
- Exploiting control weakness in the bank's operations such as account payable and procurement.
Looting crimes ✔✔Making unauthorized withdrawals, by diverting funds of customers to accounts with false records
Dormant account fraud ✔✔Employees use dormant accounts to transfer money. An account is
considered dormant after more than 12 months of inactivity and/or statements are returned as undeliverable.
Certificate of Deposit (CD) fraud ✔✔Since the CD is usually not touched by the account holder
until maturity it gives the employee opportunity to not record deposits.
Fraudulent fee reversal ✔✔Bank employees or call center reps would say they returned or
credited a bank fee to a customer when it was really credited to their own or coworkers accounts.
Teller Theft of Skimming ✔✔Simply put, stealing cash from the teller drawer.
Theft of consignment items ✔✔Theft of cashier's checks, money orders, and traveler's checks
Accounts Payable (AP) or Billing Fraud ✔✔Fraud committed by a person responsible for paying
company invoices, thus giving them ample opportunity to send checks to fake invoices or shell companies.
Shell company and/or phony invoice fraud ✔✔Setting up shell companies and submitting
invoices to be paid, usually a high person who approves third-party payments. The company appears real and legit.
Vendor Master File (VMF) manipulation ✔✔Employees with access to VMF can generate phony invoices, enter bogus vendors, and obtain approval of fraudulent transactions.
- Pay-per-view schemes. A dishonest purchasing employee may accept a corrupt vendor's offer for payment in exchange for advance access to the contract specifications. The crooked vendor obtains a competitive (and illegal) advantage over rival bidders and essentially is guaranteed to win the business.
- Early-start schemes. A dishonest buyer accepts something of value from a crooked vendor in exchange for receiving advance access to the contract specifications. The preferred vendor gains extra time to prepare its bid, thereby putting the competition at a disadvantage.
What happens during the Submission Phase? ✔✔Providing a preferred (i.e., bribe-paying)
vendor with the details of already-submitted bids, in order to give the corrupt vendor a leg up in tailoring a bid in a way that ensures he or she will win the business.
Bid pooling. ✔✔A process by which several bidders conspire to split contracts, thereby ensuring
that each gets a certain amount of work, which does not require collusion with an insider.
Travel and Entertainment fraud (T&E) ✔✔Employees using traveling and entertainment
expenses as a way to defraud the company.
Making multiple reimbursement claim submissions. ✔✔When two or more employees dine
together while on the road, each may submit a forged claim for reimbursement for his or her own
meal even though a single member of the group paid the entire bill. Similar practices often occur with shared
taxis, airport shuttle services, and other expenses. (T&E Fraud)
Falsifying receipts. ✔✔Receipts for transportation, hotel, restaurant, and other business travel
expenses are easily obtained and "recycled" by employees either by forgery or by alteration. It is all too easy, for example, to alter the date or amount on a receipt before it is submitted. (T&E Fraud).
Claiming expenses just below the minimum documentation requirement. ✔✔If receipts are required for all expenses over $25 for meals, an employee may fraudulently submit undocumented claims for amounts of $24.99 or $24.95. (T&E Fraud)
Claiming for "out-of-policy" expenses. ✔✔A dishonest employee may test your organization's
anti-fraud controls by submitting a receipt for a personal expense incurred during a business trip. If the form is complicated the processor may just approve payment (T&E Fraud)
Purchasing Card Fraud (P-Card) ✔✔Corporate card used by legitimate holders who charge non-
business expenses to the employer and falsely document them as legitimate job-related purchases.
Electronic Payee Alteration ✔✔Where an insider in AP, modifies the Vendor Master File
changes the name of a legitimate business to a name that is similar enough that it wont be noticed. The perpetrator simply changes the information back after the execution of the fraud.
Check alteration by inserting numbers ✔✔Changing the amount of the check by changing one or more number.
Check alteration by inserting letters ✔✔Changing or washing the check to change the name of
the payee by adding letters or words.
Hidden check fraud ✔✔A dishonest employee puts an unauthorized check in a pile of authorized
checks, betting on the odds that the signer will not check each check and just sign the unauthorized one.
Check fraud intimiation ✔✔A bank employee using fear or intimidation on a person responsible for issuing the checks (such as AP) to write a check without proper invoices, documentation or signatures etc.
ACH fraud ✔✔A perpetrator provides the routing number and the account number of the
victim's account to the receiving company (utility, car loans, etc) to make the required payments.
Types of Payroll Fraud ✔✔1. Creation of ghost-employees (most common)
- Altering hourly rate of pay or commission details
- Altering employee status so the company does not have to pay taxes and/or benefits.
- Timecard alterations, claiming time not really worked, forged supervisor signatures.
Theft of confidential information ✔✔Perpetrators (possible employees) steal PII of customers
and use the information to commit identity frauds such as unauthorized loans, credit accounts.
(Many successful breaches result from employee error).
Insider abuse of Computer Systems ✔✔Insiders pose a substantial threat by virtue of their knowledge of and access to their employers' systems and/or databases, and their ability to bypass existing physical and electronic security measures through legitimate means.
Chapter 4 Review points ✔✔• Financial institutions are vulnerable to a wide range of internal
frauds. These range from accounts payable fraud, check theft and tampering, theft of cash, looting of customer accounts, payroll fraud, and so on. Minimizing risk of these crimes requires implementation of carefully designed controls and deterrents.
