▪ Introduction to Ethics.

▪ Understanding the business ethics.

▪ Fraud and accountant’s role.

▪ Understanding the internal control environments.

 Moral principles that govern a person's behavior in
situation of Right or Wrong.

Ethics

Business Computer
Ethics Ethics
Business Ethics:

 Management's Or Individual’s behavior in accessing

and making the right decision.

 How to make ethical decision?

Answer:
Proportionality
The decision’s benefits should supersede the
associated risk. Justice and minimization of risk
should be taken into account.
Example:
Every major decision may have both good and bad
consequences for the entity or it’s stakeholders.
Decision:
Implementation of new computer Information System

➢ May cause some employees to loose their jobs, while those

who remain will enjoy the benefits of improved working
conditions.

➢ Seeking balance between these consequences is the

manager’s ‘Ethical Responsibility’.

➢ Following Eth. principles provide guidance in discharge of

this responsibility.
➢ 1. Justice
➢ 2. Minimize Risk
❖ Justice:
The benefits of decision should be distributed fairly
who share the risk. Those who don’t benefit should
not carry the burden of risk.

❖ Minimize Risk
Even if judged acceptable by principles, the
decision should be implemented so as to
minimize all of the risks.

➢ UBL Implementation of IS
➢ Down-sizing
Ethical Issues in Business can be divided in following 4 areas.
Decision in each of these areas have ethical implications

E.g.: Using Covert

Compensation Schemes,
Enron CFO Andy Fastow
managed to increase his
worth by approx. $25
billion (Executive Salaries)
Computer Ethics:
“The analysis of nature and social impact of computer technology
and the corresponding formulation and the justification of policies
for ethical use of such technology including concerns about
software, hardware concerns about networks connecting
computers”

 Requires the user of Computer system should be well aware

of good or bad consequences of computer technology.

 Its not only about confidentiality but also about

understanding the system but also about being competent
and keeping it confidential.

 Students understanding of the ethical issues and continuously

updating the relevant disciplines of computer sciences
Ethical Issues relating to Computer / Information System

❖ Privacy
❖ Security (Accuracy & Confidentiality)

❖ Ownership of Property

❖ Equity in Access

❖ Environmental Issues

❖ Artificial Intelligence

❖ Unemployment and displacement

❖ Misuse of Computers
❖ Privacy
✓ The creation and maintenance of huge shared databases
make it necessary to protect people from potential misuse of
data..
✓ Keeping the information confidential as to restrict the misuse
of data .
✓ Reserving the rights of information ownership will keep the
data secure.
✓ Restricted use and security upholds the information integrity
and accuracy.
❖ Security
✓ Security systems attempt to prevent Fraud and misuse of
date.
✓ Ethical issue of security arises from arises from emergence of
shared databases.
❖ Ownership of property
✓ Copy right law: Laws are designed to protect
ownership of intellectual property rights of
information system (software). / to protect software
from piracy.

❖ Equity in Access
1. .
✓ Motive.
✓ Status of individual.
✓ Culture
❖ Environmental issues.
✓ What can be the environmental issues
✓ Printers use papers – Cutting down of trees – Loss to
environment like global warming.
✓ Corrective action=Plantation , Recycling of wasted papers

❖ Artificial intelligence:
✓ Expert systems are replacing humans. But these systems
lack sense of ownership of the decision.
✓ The existence and usage of systems has also led to
redundancies and increase in unemployment. What’s the
ethical issue here?

✓ AI is the ability of a Computer or a program to think &

learn. It is simulation of human intelligence process by
machines. It makes the computer systems ‘Smart”.
❖ Unemployment and displacement
✓ Many employees have been made redundant due to
technology.

❖ Misuse of Computers:
✓ Computers are misused in many way:
➢Using office computers for personal use.
➢Copying proprietary software
➢Snooping through other people’s files.
 Error = Unintentional
 Fraud= Intentional

 Frauds
➢ Enron (Energy company 2001)
➢ Adelphia (TV cable company 2002)
➢ WorldCom {Phone service (mobile+landline)company 2002}
➢ Lehman Brothers {Global Investment Bank 2008}

Meaning
 In term of accounting and finance, Fraud means misrepresentation of
facts or unlawful/wrong use of assets.

 Fraud denotes false representation of a material fact made by one

party to another party with the intent to deceive and induce the other
party to justifiable rely on the fact to his/her detriment.
?
 In accounting literature fraud is also commonly known as

❖ White-collar Crime,
❖Defalcation and embezzlement
❖Irregularities.

 Fraudulent Act must meet the following conditions.

Conditions for fraud

1. False representation
2. Material fact
3. Intent
4. Justifiable reliance
5. Injury or loss (to victim)
Employee Fraud & Management Fraud:

Auditors encounter fraud at two levels

1) Employees Fraud: (Non Management Employees)

➢Employee Fraud is designed to covert cash or other assets to
employee personal benefits.

➢Employees commit fraud by misuse of asset, circumventing the

controls and concealing fraudulent activities.

Example: Stealing of cash, personal use of laptops cars,

stealing of inventory and tempering inventory records.
 Management Fraud:
Like Employee fraud it does not involve direct theft of
assets but it is very insidious complex and hard to
detect because it involves high level of planning,
circumvention of internal controls and falsification
of records.

Example: Management engages in a different types of

frauds such as falsifying the market share price.
It consists of three factors that contribute to or are
associated with employee or Management Fraud.

1. Situational Pressure (Personal / Job related stress)

2. Opportunity (access to assets or information that

controls assets)
3. Ethics

Research by the Forensic Experts suggests that auditor’s

evaluation of Fraud is enhanced when the fraud triangle
is considered.
A research Publication 2008 by ACFE=Association of Certified
Fraud Examiners shows that losses due to fraud comprise 7%
of total revenue. ACFE examined 959 cases of fraud.

Reason due to which quantification of fraud is difficult to

measure.
1. Most of the frauds are not even detected.
2. Incomplete information.
3. Information is not properly communicated to mgt or law
enforcement agencies.
4. Most of times the perpetrators are not punished or
penalized.
➢ ACFE study examined a no. of factors that profiles the
perpetrators of fraud.

✓By Position
✓By Gender:
✓By Collusion
✓By Age
✓By Education
Fraud Schemes:
There are 3 categories of Fraud Schemes

1. Fraudulent Statement

2. Corruption

3. Asset Misappropriation
Fraud Schemes:
There are 3 categories of Fraud Schemes
1. Fraudulent Statement
✓It is associated with management fraud.
✓It involves some form of financial misstatement.

Example: Misstatement in Financial statements.

Overstatement of Profit to get share price upward.

Underlying Problems
➢Lack of Auditor’s Independence
➢Lack of director’s Independence
➢Executives compensation pkg
➢Inappropriate accounting practices
2. Corruption (and it’s types)
Corruption involves an executive, manager or an employee of
an organization in collusion with an outsider.

ACFE study identifies 4 principal types of corruption

1. Bribery:
Involves giving, offering, soliciting or receiving things of
value to influence an official in his performance of his /
her lawful duties. (Example: Drug inspector)

2. Illegal Gratuities:
This is similar to the bribe but the transaction occurs
after the fact. Involves giving, offering, soliciting or
receiving things of value to influence an official’s act that
has been taken. (Example: Request for proposal and then
submission of bid)
3. Conflicts of Interest:
Conflict of interest occurs when an employee acts on
behalf of a third party while discharging his or her duty
or has self interest in the activity being performed.

When employee’s conflict of interest is unknown to the

employer and results financial loss to the employer, then
fraud has occurred. (Example: Procurement manger)

4. Economic Extortion:
It is the use (threat)of force (including economic
sanctions) by an individual or organization to obtain
something of value.
(Example: threat to blacklist to customer)
3. Asset Misappropriation
It is most common fraud scheme in which assets are
directly or indirectly diverted to the perpetrator’s benefit.

 Skimming
Stealing cash before it is even recorded.
Example: Mail room fraud: Ee opens mail and steals cheque
and destroys remittance evidence
 Cash larceny
Stealing cash after it has been recorded.
Example: lapping: Clerk first steals chq from customer A later
on applies (credit) cheque of Mr.. B to Mr. A.

 Billing scheme / Vendor Fraud

Payment made to a false vendor by submitting invoices of
fictitious goods.
 Cheque tempering
Fraud scheme that involves forging or changing in some
material way a cheque that an organization has written to
some legitimate payee.

 Payroll fraud
It is distribution of fraudulent paychecks to existent or non-
existent employees.

 Expense reimbursement
Fraud scheme where employees make the reimbursement of
fictitious or inflated business expenses.

 Theft of cash
Fraud scheme that involves direct theft of cash in hand of an
organization. Example: Petty cash
 Non-cash Misappropriations
Scheme which involves theft or misuse of organization’s
non-cash assets (Example: Inventory or information
product prices)

 Computer Fraud:
It is fraud scheme that involves theft misuse or
misappropriation of assets by:

✓ Computer related records and files

✓ Logic of computer software
Or Theft or illegal use of computer-readable information.
CG codes have emphasized on

1. Public oversight board.

2. Auditor independence.
3. Corporate governance and responsibility.
4. Complete disclosures.
5. Penalties for fraudulent activities.
Definition:
Internal control system comprises policies, practices and procedures
employed by an organization to achieve following objectives

Objectives:
1. To safeguard assets

2. To ensure accuracy and reliability of accounting records and

information.

3. To promote efficiency in firm’s operations

4. To measure compliance with management laws and

relevant regulation and policies.
Modifying Assumptions

Following 4 assumptions are inherent in the objectives of IC.

1. Mgt responsibility
2. Reasonable assurance (about cost effectiveness)
3. Method of data processing (IC should achieve objectives
regardless of data processing methods)
4. IC system limitations.
a) Error
b) Circumvent
c) Management override
d) Changing conditions

➢ Control mechanism is developed to reduce the undesirable events

What if the internal control are not working effectively or do not exist?
✓ Absence of controls can result in destruction, theft and misuse of
assets.
Preventive-Detective-Corrective Internal Control Model:
Levels of Internal Controls:

1. Preventive Controls:
These are the first line of defense. These involve passive techniques
designed to reduce the frequency of occurrence of undesirable
events. Preventive controls are more effective than detective and
corrective.
Example: A well designed source document.

2. Detective Controls:
These are the first line of defense. These include devices, techniques
and procedures designed to identify and expose undesirable events
that elude preventive controls.
Example: Control accounts, Bank reconciliations

3. Corrective Controls:
These are the actions to reverse the effect of errors detected in
previous step.
Example: JV
COSO framework consists of five components:

COSO= Committee of the Sponsoring Organizations of the Tradeway

Commission

COSO's Internal Control Framework enables organizations to effectively and

efficiently develop systems of internal control that adapt to changing business
and operating environments, mitigate risks to acceptable levels, and support
sound decision making and governance of the organization

1. The control environment.

2. Risk Assessment.
3. Information & Communication.
4. Monitoring.
5. Control Activities
1. Control Environment
➢ Control environment is the foundation for other 4
components of COSO framework

➢ It sets the tone for organization and influences the control

awareness of it’s management and employees.

1. Elements of Control environment:

2. Integrity and ethical values of management
3. Structure of organization
4. Participation of BODs and Audit Committee
2. Risk Assessment
➢ Organizations must perform Risk Assessment to identify,
analyze and manage risk relevant to financial reporting.

➢ Risks can arise or change from following circumstances:

1. New or reengineered information system that affects transaction

processing.
2. New personnel who have a different or inadequate understanding of
internal controls.
3. Significant or rapid growth that stains existing internal controls.
3. Information and Communication

➢ The quality of information that IS generates impacts

management ability to take actions and make decisions in
connection to organizations operations and to make reliable
financial statements.

➢ An effective AIS will:

1. Identify and record all the relevant financial information.
2. Provide timely information for financial reporting.
3. Accurately record transaction in relevant time period.(Cutoff)
4. Monitoring
➢ Management must determine that internal controls are
functioning.
➢ Monitoring is a process by which quality of IC design and
operations can be assessed.
➢ Internal Auditors perform this activity.

➢ Ongoing monitoring is achieved by:

1. Integrating special computer module into IS that permits TOCs to be
conducted as a part of routine operations.
2. Judicious use of management report.
5. Internal Control activities

➢ IC activities are policies, procedures used to ensure that

appropriate actions are taken to deal with organization’s identified
risks.

➢ There are two categories of ICA.

1. IT Controls
a) General Controls
b) Applications controls

2. Physical controls
a) Transactions Authorization.
b) Segregation of Duties.
c) Supervision.
d) Accounting records.
e) Access controls.
f) Independent Verification.
 General Controls
IT Controls

5. Internal Control activities

Applications
controls

Transactions
Authorization.

Segregation of
Duties.

Supervision.
Physical controls
Accounting records.

Access controls.

Independent
Verification.