Hall Chapter 3

Ethical standards rights and wrongs that are not universally agreed upon
Ethics principles of conduct that individuals use in making choices and guiding
their behavior in situations that involve the concepts of right and wrong
Business Ethics involves finding the answers:
1. How do managers decide on what is right in conducting their business?
2. Once managers have recognized what is right, how do they achieve it?
* Ethics are needed when conflicts arise the need to choose
* Conflicts may be b/w employees, management and/or stakeholders
Ethical Issues in Business
1.
2.
3.
4.

Equity
Rights
Honesty
Exercise of corporate power

Making Ethical Decisions

Proportionality benefit from a decision must outweigh the risks and, also, there
must be no alternative decision that provides the same or greater benefit with less
risk
1. Justice benefits should be distributed fairly to those who share the risks;
those who do not benefit should not carry the burden of risk
2. Minimize Risk decision should be implemented so as to minimize all of
the risks and avoid any unnecessary risks
Computer Ethics the analysis of nature and social impact of computer technology
and the corresponding formulation and justification of policies for the ethical use of
technologythis includes concerns about software as well as hardware and
concerns about networks connecting computers as well as computer themselves
* Concerns the social impact of computer technology
Three levels of computer ethics:
1. Pop exposure to stories and reports found in the popular media
regarding good or bad ramifications of computer technology
2. Para involves taking a real interest in computer ethics case and
acquiring some level of skill and knowledge in the field
3. Theoretical is of interest of multidisciplinary researchers who apply the
theories of philosophy, sociology, and psychology to computer science
with the goal of bringing some new understanding to the field
Computer Ethics Issue:

Hall Chapter 3
1. Privacy raises the issue of ownership of personal information
2. Security (Accuracy and Confidentiality) an attempt to avoid such
undesirable events as a loss of confidentiality or data integrity
3. Ownership of Property intellectual property --- software; what can be
owned?
4. Equity in Access
5. Environmental Issues
6. Artificial Intelligence replacements for experts; what of faulty
programming?
7. Unemployment and Displacement because of incapability to adapt to
changes caused by modernization
8. Misuse of Computers
SOX and Ethical Issues Section 406 Code of Ethics for Senior Financial Officers
- Requires public companies to disclose whether they have adopted a code of
ethics that applies to their CEO, CFO, COO and the likes; if not, state why
- It may disclose in several ways
o Included as an exhibit to its annual report
o As a posting on its website
o By agreeing to provide copies of the code upon request
- A companies code of ethics should apply to all equally
Conflicts of interest code of ethics should outline procedures for dealing
with actual or apparent conflicts of interest b/w personal and professional
relationships; conflicts are dealt with and arent prohibited
Full and fair disclosure objective: to ensure that future disclosure are
candid, open, truthful and void of deception
Legal compliance code of ethics should require employees to follow
applicable governmental laws, rules and regulations
Internal reporting of code violation code of ethics must provide a
mechanism to permit prompt internal reporting of ethics violations
Accountability effective ethics program must take appropriate action when
code violations occur
Fraud false representation of a material fact by one part to another with the intent
to deceive and induce the party to justifiably rely on the fact to his or her detriment

Conditions to be met:
1. False representation false statement or nondisclosure
2. Material fact
3. Intent
4. Justifiable reliance
5. Injury or loss
A.k.a. white-collar crime, defalcation, embezzlement and irregularities
Auditors encounter fraud at two levels:
1. Employee fraud designed to directly convert cash or other assets to
the employees personal benefit
Steps usually involved:

Hall Chapter 3
a. Stealing something of value
b. Converting asset to usable form
c. Concealing crime to avoid detection
2. Management fraud performance fraud
a. Fraud is perpetrated at levels of management above the one to
w/c internal control structures generally relate
b. Fraud frequently involves using the FS to create an illusion that
an entity is healthier and more prosperous than it is
c. If fraud involves misappropriation of assets, frequently shrouded
in a maze of complex business transactions, often involving
related third parties
Fraud Triangle
1.
2.
3.

Situational pressure
Opportunity
Ethics
Use the red-flag checklist to provide insights of these factors

Financial Losses from Fraud there could be direct and indirect losses
-

Not all fraud are detected

Of that detected, not all is reported
In many fraud cases, incomplete information is gathered
Information is not properly distributed to management or law enforcement
authorities
Often, no civil or criminal action is taken up against perpetrator of fraud

Perpetrators of Fraud --- who has more opportunity

Position those at top; they have greater access company funds and assets
Gender men; they more high corporate positions
Age older employees; they tend to have higher-ranking positions
Education with more education; they tend to be on top
Collusion collusion b/w those with critical positions; they create
opportunities that otherzise would not exist

Fraud Schemes
1. Fraudulent Statements
- Associated w/ management fraud
- The statement itself should bring a direct or indirect financial benefit to
the perpetrator
- Underlying problems
a. Lack of auditor independence
b. Lack of director independence
c. Questionable executive compensation scheme like abuse of stockbased compensation
d. Inappropriate accounting practices

Hall Chapter 3
-

SOX
o
o
o

o
o

Deal w/ problems related to capital markets, corporate governance

and auditing profession
Changed how public companies do business and how accounting
profession performs its attest function
PCAOB set auditing, qualifying control and ethics standards;
inspect registered accounting firms; conduct investigations; take
disciplinary actions
Auditors Independence
Corporate Governance and Responsibility
Audit committee must be independent
Audit committee must hire and oversee external auditors
Public companies are prohibited from making loans to
executive officers and directors
Attorneys are required to report evidence of material
violation of securities laws or breaches of fiduciary duty of
the CEO, CFO or the PCAOB
Issuer and Management Disclosure
Public companies must report all off-balance-sheet
transactions
Annual reports filed with SEC should include a statement by
management asserting that it is responsible for creating and
maintaining adequate internal controls and asserting to the
effectiveness of the controls
Officers must certify that the companys accounts fairly
present the firms financial condition and result of
operations
Knowingly filing a false certification is a criminal offense
Fraud and Criminal Penalties

o
2. Corruption
- Involves an executive, manager or employee in collusion with an outsider
- Bribery giving, offering, soliciting or receiving things of value to
influence an official in the performance of his or her lawful duties
- Illegal gratuities giving, receiving, offering or soliciting something of
value because of an official act that has been taken
- Conflicts of interest occurs when employee acts on behalf of a third
party during the discharge of his or her duties or has self-interest in the
activity being performed
- Economic extortion use of force to obtain something of value
3. Asset Misappropriation
- Most common
- Assets are either directly or indirectly diverted to the perpetrators
benefit
- Skimming stealing cash from an organization before it is recorded on
the organizations books and records; example: mail room fraud

Hall Chapter 3
-

Cash larceny involves schemes in w/cash receipts are stolen from an

organization after they have been recorded in the organizations books
and records ; example: lapping
Billing schemes or vendor fraud perpetrated by employees who causes
their employer to issue a payment to a false supplier or vendor by
submitting invoices from fictitious goods or services, inflated invoices or
invoices for personal purchases
o Shell company no real transaction takes place
o Pass through fraud transaction actually takes place
o Pay-and-return pay vendor twice then intercept refund of excess
Check tampering
Payroll fraud disbursement of fraudulent paychecks to existent or
nonexistent employees
Expense reimbursement fraud employee makes a claim for
reimbursement of fictitious or inflated business expenses
Thefts of cash
Non-cash misappropriation
Computer fraud

Internal Control Concepts and Techniques

-

Internal control system comprises policies, practices and procedures

employed by the organization to achieve its objectives
o Objectives:
Safeguard assets of the firm
Ensure accuracy and reliability of accounting records and
information
Promote efficiency in the firms operations
Measure compliance with managements prescribed policies
and procedures
Modifying assumptions these 4 are inherent in the control objectives
o Management responsibility - the establishment and maintenance
of a system of internal control is the responsibility of management
o Reasonable assurance - the cost of achieving the objectives of
internal control should not outweigh its benefits
o Methods of data processing - the techniques of achieving the
objectives will vary with different types of technology
o Limitations:
Possibility of honest errors
Circumvention via collusion
Management override
Changing conditions--especially in companies with high
growth
Exposures and risks
o Exposure absence or weakness of a control; may expose firm to
one or more of the ff. risks:
Destruction of assets

Hall Chapter 3

Theft of assets
Corruption of information or the IS
Disruption of the IS
Preventive controls passive technique; designed to reduce frequency of
occurrence of undesirable event
Detective controls designed to identify and expose undesirable events
that elude preventive controls
Corrective controls actions taken to reverse the effects of errors
detected
SAS 78 current authoritative document for specifying internal control
objectives and techniques; based on COSO; for auditors
Committee of Sponsoring Organizations of the Treadway Commission
(COSO) a management tool

SAS 78/COSO
Describes the relationship between the firms :
internal control structure,
auditors assessment of risk, and
the planning of audit procedures
How do these three interrelate?
* The weaker the internal control structure, the higher the assessed level of risk; the
higher the risk, the more auditor procedures applied in the audit
SAS 78/COSO Components
1. Control environment foundation of the other four components tone on top
2. Risk assessment done to identify, analyze and manage risks relative to
financial reporting
3. Information and communication
4. Monitoring process by w/c quality of internal control design and operation
can be assessed
5. Control activities policies and procedures used to ensure that appropriate
actions are taken to deal with the organizations identified risks
a. IT Controls relate specifically to computer environment
i. Application controls ensure the integrity of specific systems
ii. General controls pertain to entity-wide concerns
b. Physical Controls relates primarily to human activities employed in
accounting systems; must be purely manual
i. Transaction authorization purpose is to ensure that all material
transactions are processed by the IS and are valid and in
accordance with managements objective
Authorization may be general or specific
o General Authority granted to operations personnel to
perform day-to-day operations; programmed procedure;
rules are specified in advance and no additional
approval are needed

Hall Chapter 3
o Specific Authority case-by-case decisions
ii. Segregation of duties objectives:
1. Transaction authorization vs. transaction processing
2. Responsibility for the custody of asset vs. record-keeping
responsibility
3. Organizational structure must only let fraud with collusion
of 2 or more employees with incompatible responsibilities
be successful
iii. Supervision often called compensating control; underlying
assumption: firm employs competent and trustworthy personnel
supervisory efficiency
iv. Accounting records consists of source documents, journals and
records; captures the economic essence of transactions and
provide an audit trail of economic events
v. Access controls to ensure that only authorized personnel have
access to firms assets
vi. Independent verification are independent checks of the
accounting system to identify errors and misrepresentations;
differs from supervision because it takes place after the fact, by
an individual who is not directly involved with the transaction or
task being verified (supervision takes place while the activity is
being performed by a supervisory w/ direct responsibility for the
task); through this management can assess the performance of
individuals, the integrity of the transaction processing system
and the correctness of data contained in accounting records