Accounting Irregularities and Computer Fraud
Doost, Roger K., The National Public Accountant
ACCOUNTING IRREGULARITIES AND COMPUTER FRAUD
Irregularities and fraudulent activities are of much concern to the manager, the accountant and the auditor. Computer fraud alone is estimated to amount to more than $6 billion dollars a year in this country. Accountants know very little about fraud in general and computer fraud in particular because, traditionally, if the auditor suspects fraud, he declines the engagement, and if he comes across fraudulent activities, he withdraws from the engagement. In addition, less than 25% of all white-collar crimes are ever reported, making it very difficult to study and analyze cases of fraud. In fact, many believe that thousands of large scheme computer crimes may be still going on without anyone knowing about them. Many fraudulent acts, particularly computer crimes, have been discovered not through regular audits, but by someone reporting them and exposing the perpetrators.
Statement on Auditing Standards (SAS) Numbers 53, 54 and 55, which were released in July 1988 and are effective as of January 1, 1989, for the issues of fraud and illegal acts and as of January 1, 1990, for internal control requirements deal with the updated auditor's responsibilities in conjunction with detection and reporting of errors, irregularities and illegal acts (1).
The issuance of these statements is very timely and important for auditors in lieu of high dollar-value lawsuits charging auditors with negligence in detecting certain fraudulent activities. In many instances, the court did not buy the argument that the purpose of an audit is not detection of fraud. These recent pronouncements provide clearer guidelines from the auditor.
More attention must be paid to computer crime, as the losses related to these crimes can be staggering.
In the wake of increase in computer crimes, Congress in 1980 passed a bill making unauthorized acts in, around or with a computer criminal activities subject to prosecution and punishment. These acts may include introduction of fraudulent records or data into a computer system; unauthorized use of computer related facilities; the alteration or destruction of information or files and stealing money, property, services, financial instruments and valuable data.
Areas of Fraud
It is not surprising to note that the discovered cases of fraud basically cover all areas within an organization. Fraud is known to have occurred in the areas of petty cash, purchasing and accounts payable, invoicing and accounts receivable, personnel and payroll, lapping on cash collections, inventory manipulation and abuse, or simply kickbacks of various kinds (2).
The following classification on computer crime gives us a good focus on the specific areas of computer fraud (3). Tampering with the equipment is a computer crime. This could be in the form of fraudulent representation of a system's capabilities or simply stealing or damaging some computer hardware.
Tampering with media is another form of computer crime. Instances of removing computer tapes, input data or checks for personal gain abound. The third case of computer crime deals with tampering with software. This could be either tampering with operating system software or application program software. A change in an operating system could result in serious and unrecoverable damage. A simple change to a program routine could result in overpayment and miscalculation of items such as interest, dividend, deductions and other critical items.
Tampering with files is another form of computer crime. The criminal in this case goes to the file itself and changes critical items such as his (or someone else's) credit rating, payrate, balance due or other data. The last group of computer crimes deals with tampering with data and transactions. Data could simply be entered erroneously at its source. …