Three types of fraud schemes are of special interest to CPAs--financial statement fraud, occupational fraud, and bribery. Many, but not all, of these types of fraud schemes require the fraudster to invent a series of fraudulent numbers in the execution of the scheme. CPAs who know how to spot the fingerprints of these fabricated numbers will have an edge in the fight against fraud.
This article looks at a fingerprint of fraudulent numbers that might seem obvious but is often overlooked: Fraudulent numbers are frequently round numbers.
An appreciation of the overuse of round numbers by fraudsters may benefit internal auditors and forensic accountants who are proactively looking for fraud and bribery schemes as a part of a continuous monitoring program. External auditors could run round number audit data analytics tests in the planning phase of an audit that are designed, in part, to assess the risk of material misstatements. These round number tests could also be run in the audit's testing phase as a test of controls and in the completion phase as a final review to detect possible misstatements.
Rounding to the nearest thousand or million dollars in financial statements, or to the nearest penny in earnings-per-share calculations, is done to make it easier for investors and other interested parties to focus on the important parts of the numbers. In a fraud fingerprint context, we are generally interested in transaction amounts or ledger balances that are exact multiples of $1,000 or $1,000,000. In the external auditing realm, AU-C Section 240, Consideration of Fraud in a Financial Statement Audit, requires journal entries to be examined for evidence of material misstatements due to fraud. AU-C Section 240.A49 states that inappropriate journal entries and other adjustments have characteristics that include the use of round numbers.
The AICPA's new general ledger and subledger audit data standards, with their common framework, will help auditors to develop, over time, a level of experience and expertise with audit data analytics. Round number tests run against the currency fields in the ledgers could include extracting and scanning these records, as well as a comparison of the proportion of round numbers in the current period to that of prior periods. The prior periods, as is commonly done, could be used as the expectation formation for the round number testing, but it should be understood that any of the fraud types could be carried out with just a handful of round number transactions.
An analysis of round number transactions or balances is complicated by the fact that the round number universe includes legitimate and authentic transactions and balances. Experience has shown that round numbers are often linked to the purchase of goods or services with individual and unique features; used property, plant, and equipment purchases; and charitable or political campaign contributions. Precise numbers (such as $1,201.85) are often linked to the purchase of mass-produced items and amounts that are a result of a calculation (such as a property or income tax refund that includes interest). General ledgers and subledgers inevitably include legitimate entries that are round amounts. The challenge is to identify the fraudulent amounts that are the proverbial needles in a haystack, except that the fraud needles look similar to the hay. The next section of this article presents examples of round numbers used in fraud schemes and round numbers used in authentic data. This is followed by some tactical notes on running the analytics.
USES OF ROUND NUMBERS IN FRAUD SCHEMES
Financial statement fraud
A classic case of round numbers being used to manipulate corporate earnings occurred at the India-based company Satyam Computer Services. In the Satyam fraud, which came to light in 2009, senior officers overstated earnings by booking fictitious revenues under fake company names. Sales invoices for nonexistent sales were reported as revenue and as accounts receivable in financial statements. The invoices were entered into the system by people who had a "superuser" status that allowed them to override system controls. These superusers recorded the sales in such a way that the invoices were not visible to the managers of the business units, who would have questioned the validity of the customers and the services provided.
Over the five-year life of the fraud (2003-2008) about 100 fictitious sales invoices were created each month. In 2006, a set of 27 false invoices was created by managers who were not superusers. The invented amounts were all multiples of $5,000 with...