Part 1: Group Activity

Question 1 (Romney et.al. (2020) P10.5 p. 353)

During a recent review, ABC Corporation discovered that it has a serious internal control problem. It is estimated that the impact associated with this problem is $1 million and that the likelihood is currently 5%. Two internal control procedures have been proposed to deal with this problem. Procedure A would cost $25,000 and reduce likelihood to 2%; procedure B would cost $30,000 and reduce likelihood to 1%. If both procedures were implemented, the likelihood would be reduced to 0.1%.

a)   What is the estimated expected loss associated with ABC Corporation’s internal control problem before any new internal control procedures are implemented?

Expected Loss  =  Risk * Exposure  =  0.05 * $1,000,000  =  $50,000

b)   Compute the revised estimate of expected loss if procedure A were implemented, if procedure B were implemented, and if both procedures were implemented.

c)   Compare  the  estimated  costs  and  benefits  of  procedure  A,  procedure  B,  and  both procedures combined.  If you consider only the estimates of cost and  benefit, which procedure(s) should be implemented?

Considering  only the  estimated  costs  and  benefits,  procedure  B  should  be  implemented because its net benefit is greater than A; it is also greater than both A and B together.  Care must be taken with these discussions, however, because the numbers used are estimates. The net benefit figures are only as good as the estimates used to produce them.

Question 2 (Romney & Steinbart (20188) P7.2 p. 251-252)

Explain how the principle of separation of duties is violated in the following situation. Also, suggest one or more procedures to reduce the risk and exposure highlighted in the case.

An employee of the finishing department walked off with several parts from the store-room and  recorded the  items  in the  inventory  ledger  as  having  been  issued to the  assembly department.

PROBLEM:  Employees can commit and conceal fraud when they  have access to  physical inventory (custody) and to inventory records (recording).

SOLUTION: This can be prevented by restricting storeroom access to authorised employees. Likewise, access to inventory  records should  be  limited to authorised employees. Where possible, no storeroom employee should have access to both the physical inventory and the inventory records.

Part 2: Advanced Functions for FM

Download Tutorial5.xlsx from Moodle (Week5>Tutorial 5). Instructions are in the workbook.

See Tutorial5_solutions.xlsx

Part 3: Questions to complete at home (Good revision questions for your final exam)

Question 1 (Romney et.al. (2020) P10.1 p350)

You are an audit supervisor assigned to a new client, Go-Go Corporation, which is listed on the  New  York  Stock  Exchange.  You  visited  Go-Go’s  corporate  headquarters  to  become acquainted  with  key  personnel  and  to  conduct  a  preliminary  review  of  the  company’s accounting  policies,  controls,  and  systems. The  information you  have  obtained  suggests potential problems relating to Go-Go’s internal environment. For each scenario, identify the problems, and explain them in relation to COSO- ERM’s Internal Environment discussed in Lecture 4.

a) You  met  with  Go-Go’s  audit  committee,  which  consists  of  the  corporate  controller, treasurer, financial vice president, and budget director.

PROBLEM: Section  301 of the Sarbanes-Oxley Act of 2002  (SOX) applies to  publicly  held companies and their auditors.  It requires audit committee members to be on the company’s board of directors and to be independent of the company.  That is not the case at Go-Go Corporation.

SOLUTION: All members of the audit committee should be members of the Board of Directors. They must also be independent of the company – meaning none of the audit committee can be employees.  The audit committee is responsible for overseeing the corporation’s internal control  structure,  its  financial  reporting  process,  and  its  compliance  with  related  laws, regulations, and standards. The committee works closely with the corporation’s external and internal auditors.  SOX requires audit committees to be responsible for hiring, compensating, and overseeing the auditors and for auditors to report all critical accounting  policies and practices to the audit committee.

b) You learned that the company has reported increases in earnings per share for each of the past 25 quarters; however, earnings during the current quarter have levelled off and may decline.

PROBLEM: Management’s philosophy and operating style  , as well as their commitment to integrity and ethical values, can be tested when a company faces declining earnings.  When earnings per share decrease or when they do not meet expectations, company share can take a dive, sometimes a significant one.   As a result, a company  may try and avoid earnings decreases when possible. The problem comes when management uses questionable or even illegal means to prop up their earnings.

SOLUTION: Because many frauds have been perpetrated to prop up earnings, this significant fraud “red flag” must be investigated.

c)  Some employees complained that some managers occasionally contradict the instructions of other managers regarding proper data security procedures.

PROBLEM: It does not appear that there is a clear line of authority and responsibility for data security policies and procedures .

SOLUTION: Achieving adequate security and control over an organization’s data should be a top management priority. A company’s organizational structure defines its lines of authority, responsibility, and reporting and provides the overall framework for controlling   and monitoring its operations.

d) Several new employees have had trouble completing some of their duties, and they do not appear to know who to ask for help.

PROBLEM:  Employee  training  and  support  appear  to  be  rather  weak.  Companies  that shortchange training are more likely to have more fraud and more security breaches. If the employees do not know who to turn to for help, the company’s organizational structure and methods of assigning authority and responsibility appear to be lacking or unexplained.

SOLUTION: Good human resource standards require that training programs familiarize new employees with their responsibilities; expected levels of performance and behaviuor; and the company’s policies and procedures, history, culture, and operating style. Ongoing training is needed to help employees tackle new challenges, stay ahead of the competition, adapt to changing technologies, and deal effectively with the evolving environment.

e) You observe that company’s purchasing agents wear clothing and exhibit other equipment from major vendors.  The purchasing department manager proudly displays a picture of himself holding a big fish on the deck of a luxury fishing boat that has the logo of a major Go-Go vendor painted on its wheelhouse.

PROBLEM: Gifts from vendors can unduly influence purchasing agents to buy more goods from the gifting vendors.  Purchasing decision should be free of this sort of bias.

SOLUTION:  Part of management’s philosophy and operating style should be the creation of an  organisational  culture  that  stresses  integrity  and  commitment  to  ethical  values  and competence.    In  doing  so,  management  should  develop  clearly  stated  human  resource standards and policies that explicitly describe honest and dishonest behaviours, often in the form of a written code of conduct ( methods of assigning authority and responsibility), and communicate them to employees.

These policies should especially cover issues that are uncertain or unclear, such as conflicts of interest and the acceptance of gifts.  For example, most purchasing agents would agree that accepting a $5,000 bribe from a supplier is dishonest, but a weekend fishing trip or clothing is not as clear-cut. The observations in the purchasing department indicated that there could be a problem with favouring certain vendors.

Question 2 (Romney et.al. (2020) DQ10.5 p. 350)

When you go to a movie theatre, you buy a prenumbered ticket from the cashier. This ticket is handed to another person at the entrance to the movie. What kinds of irregularities is the theatre trying to prevent? What controls is it using to prevent these irregularities? What remaining risks or exposures can you identify?

There are two reasons for using tickets.

•    The theatre is trying to prevent cashiers from stealing cash by providing greater control over cash receipts. You cannot get into the theatre without a ticket so you never give cash to a cashier without insisting on a ticket. That makes it much harder for a cashier to pocket cash.

•    Prenumbered tickets are also used so cashiers cannot give tickets to their friends. The number of tickets sold at the cashier counter can be reconciled with the number of tickets taken by the usher letting patrons into the theatre.

Reconciling the cash in the register to the tickets sold and then reconciling the number of tickets sold to the number collected by the ticket-taker helps prevent the theft of cash and giving tickets away to friends.

Despite these controls, the following risks still exist:

•    The ticket-taker can let friends into the theatre without tickets.

•    The ticket-taker may take money from theatre patrons, pocketing the cash and letting them enter without a ticket.

•    The cashier and the ticket-taker may collude in selling admittances without issuing tickets and then split the proceeds.