control, and governance
THE CASE OF THE EMBEZZLING CIO
ITWorld reports that the former chief information officer at a U.S. automobile processing company has been sentenced to prison for embezzling US $500,000 by faking expense reports and reselling company equipment. The man also was sentenced in 1996 for stealing US $200,000 while managing an Indiana audio shop.
This real-life situation reinforces the importance of conducting criminal background checks, particularly on people responsible for handling cash or receivables. It also demonstrates that not all of the fraud triangle conditions — pressure, rationalization, and opportunity — need to be present for fraud to occur. For example, there was no evidence of rationalization in this situation. In fact, the perpetrator appeared to know that what he was doing was wrong. There were no obvious signs of financial or other pressure (e.g., gambling problems or medical costs). However, when controls are weak, some people cannot refrain from taking advantage of the situation.
Auditors may not be able to address the rationalization or pressure components of the fraud triangle, but they can reduce the opportunity. By verifying the control framework, internal auditing can reduce the opportunities available for fraud. In this case, the company had poor controls over attractive assets and did not match invoices to contracts before paying for goods or services. Also, there likely were numerous problems with separation of duties.
COMMENT ON THIS ARTICLE
Internal Auditor is pleased to provide you an opportunity to share your thoughts about the articles posted on this site. Some comments may be reprinted elsewhere, online, or offline. We encourage lively, open discussion and only ask that you refrain from personal comments and remarks that are off topic. Internal Auditor reserves the right to edit/remove comments.