Chapter 3
Fraud Scenarios
Can we be blunt? Long before you do anything regarding fraud within the context of an audit program, you must understand fraud scenarios. A fraud audit program isn't just a traditional audit structure that consists of doing a risk assessment, then sampling and testing. It isn't just the labeling of these traditional audit concepts and steps as the “fraud assessment,” “fraud sampling,” or “fraud testing.” Sure, you can paint some stripes on a donkey to make it look like a zebra, but it's not the same animal, is it? So, too, a fraud red flag isn't just a red flag, a fraud risk assessment isn't just a risk assessment, and certainly a fraud audit program isn't just an audit program.
Developing a comprehensive list of the fraud scenarios consistent with the organization under audit is our objective in addressing fraud via the audit mechanism. The question of why this development is so imperative will be answered in the discussion that follows. For now, understand that the two most common responses to fraud risk are the fraud risk assessment and the design of a fraud audit program. We tend to think of them as distinct animals like our donkey–zebra analogy. However, by building a fraud risk structure, the vital connection between the fraud risk assessment and the fraud audit program is made. Specifically, this connection occurs through identification of the inherent fraud scheme, the fraud scenarios, the fraud concealment strategies, and the fraud conversion ...