Задать вопрос специалисту

Приобрети журнал - получи консультацию экспертов

To top
NBU Rate

Logic of fraud

Alexander Shaforostov


During his work an auditor must try to get rid of doubts that client’s financial statements are free from significant misstatement. And if this is not possible, then -to evaluate possible effects of such distortions and try to find out their nature: whether significant misstatements are due to unintentional error, or there is a reason to talk about falsification, or, if you follow established in audit terminology - fraud.

This uneasy duty is provided at International Standard on Audit 240, "The Auditor's Responsibility in relation to fraud in audit of financial statements" (ISA 240). It is possible to fulfill this obligation only when clearly understanding what meaning is attached (and what is not) to the term "fraud". To begin, we note that the term "fraud for MCA" means slightly different content than which is set out in the Criminal Code or as understood in everyday level. And applicability of the term also has its own peculiarities: it is limited to audit of financial statements.

These are obvious features, expressly provided in ISA 240. And there are also implicit that are clearly visible in more detailed analysis of fraud definition, which is most convenient to do using mathematical (set-theoretic) model.

Mathematical model

Fraud[1] in the ISA 240 is defined as " An intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception to obtain an unjust or illegal advantage". This rather wordy definition (even in translation, at least in original) can be represented in logic-algebraic form. But first you need to formalize the domain.

Lets denote S as the set of persons (those, who can cheat), A - the set of possible actions of these persons. Definition of fraud can be represented as a propositional function μ(x,y), where x A, y S. This function can have only two values:

 truth - under conditions specified in definition of fraud;

 lie - otherwise.

Consider domain of function μ (x, y) in detail. Given signs of action used to determine fraud from the set A of possible actions of persons in S set makes sense to define subsets:

 A1 - set of action, characterized by intention;

 A2 - set of actions that have signs of fraud;

 A3 - set of actions performed for purpose of obtaining an undue advantage;

 A4 - set of actions committed in order to obtain illegal benefits.

Obviously, A4 A3, ie set of misconduct includes many illegal actions (otherwise, in general, is not true).

Also it makes sense to define subsets from S set:

 S10 - set consisting of  single element (one person);

 S21 - management personnel;

 S22 - those with the highest authority;

 S23 - employees;

 S24 - third parties.

It is obvious that S = S21 S22 S23 S24.

Lets introduce some auxiliary propositional functions on defined sets (see Table 1.), and applying them, we obtain the following representation for the function μ (x, y):

μ(x,y) = α(x) (β1(y) β2(y)) (γ1(y) γ2(y) γ2(y) γ4(y)) δ(x) (η(x) η1(x))     (1)

Table 1

Table of truth for auxiliary propositional functions


Domain of truth

Appropriate fragment for definition



 x  A1

"Deliberate Action"

Actions of person or persons have intent


 y  S10


There was one person


 y  S10

"A large number of persons"

There were more then one person


 y  S21

"From the managerial staff”

At least one participant belongs to the management personnel


 y  S22

“Who has the highest authority"

At least one participant has the highest authority


 y  S23


At least one participant is employee of company


 y  S24

"Third parties"

All the other persons


 x  A2

"With the use of deception"

The action was fraudulent


 x  A3

«To obtain an unjust»

Action was aimed at obtaining unjust advantage


 x  A4

"Illegal advantage"

Action was aimed at obtaining illegal advantage

Model analysis

Given set-theoretic model allows clearly, unequivocally define term "fraud", and describe for auditor algorithms to detect and respond accordingly.

Let’s consider one of opportunities provided by mathematical model. To start let’s find out which value accepts the expression β1(y) β2(y):

 if y  S10  we have β1(y)=1, β2(y)=0, therefore, β1(y) β2(y) = 10 =1

 if y  S10  we have β1(y)=0, β2(y)=1, therefore, β1(y) β2(y) = 01 =1

that is, it appears, on whole domain the disjunction of two propositional functions β1 (y) and β2 (y) has the same value! Thus, we get:

β1(y) β2(y) ≡ 1,       (2)

Then, proceeding similarly, let’s consider values for expression γ1(y) γ2(y) γ2(y) γ4(y), which is marked as γ (y):

 if y  S21  we have γ1(y)=1, γ2(y)=0, γ3(y)=0, γ4(y)=0, therefore, γ(y)= 1000 =1;

 if y  S22  we have γ1(y)=0, γ2(y)=1, γ3(y)=0, γ4(y)=0, therefore, γ(y)= 0100 =1;

 if y  S23  we have γ1(y)=0, γ2(y)=0, γ3(y)=1, γ4(y)=0, therefore, γ(y)= 0010 =1;

 if y  S24  we have γ1(y)=0, γ2(y)=0, γ3(y)=0, γ4(y)=1, therefore, γ(y)= 0001 =1.

Since, as noted above, S = S21 S22 S23 S24, it turns out that the entire domain of function γ (y) ≡ 1. Accordingly, we have:

γ1(y) γ2(y) γ2(y) γ4(y)) ≡ 1, (3)

Finally, let’s consider expression η(x) η1(x):

 with x  A3 η(x)=1, therefore, η(y) η1(y) = 1;

 with x  A4 η1(x)=1 and, since A4 A3, η(x)=1, therefore, η(y) η1(y) = 1.

Hence we get a simple expression:

η(y) η1(y) = η(y),    (4)

Thus, the original propositional function, determining fraud existence, gets form of:

μ(x, y) = α(x)   δ(x) η(x), (5)

Fivemain causes offraud risk:

• Difficultieswith targets achievement.

• Beliefthat competitorspay bribesto gain advantage in market (pushing employeesto follow such example).

Non-payment ofpremiums.

Desireto demonstratenecessaryperformance to keep on receiving premium.

• Desireof top managers to report aboutachieving planned performance objectives.

Source:Fifth Worldeconomic crime survey. PWC.

If you go back to original notation, transformed function can be interpreted as follows: "Fraud is an intentional action which involves use of deception to obtain an undue advantage", ie, we have definition of fraud in all substantial respects.

As you can see in resulting definition of fraud, as opposed with original, there is no mention of person. But this, of course, does not relieve auditor’s need to study "human factor". Whether persons are mentioned in definition of fraud or not - all the same, someone stands behind each occurrence of fact and illegal benefits (to see how it appears, look for "red flags" - Ed.). And that someone has not only office position or assistants (§ 11 ISA 240), but has a set of distinct human traits, such as creativity, meanness, deceit. This poetic definition gives the president of the Association for combating economic fraud (Bulgaria) Dimitar Dinev: "Fraud is any multiple tools that human ingenuity can create and individuals use to get an advantage over other means of false statements or to conceal true state of affairs. These tools include unexpected action, cunning, guile or hypocrisy, and other dishonest intent to deceive people".

▪ Red flags

(Examples of circumstances that indicate possibility of fraud)

Lack of documents.

Availability of documents that contain signs of change.

Inaccessibility to original documents, except for photocopies or copies sent electronically, if circumstances involve originals.

Unconfirmed or unapproved account balances or transactions.

Unexplained or unconvincing explanation of difference between accounts receivable in analytic and synthetic account or between messages from clients and receivables in analytical accounting.

Loss or absence of paid checks in situations where canceled checks are usually returned to organization together with bank certificate.

Reconciliations for unexpected issues in substantial amount.

Unusual changes in balance, changing trends or important indicators or relationships in financial statements (for example, receivables growing faster than revenues).

Inconsistent, vague or implausible responses from management or employees to inquiries or as result of auditors’ analysis.

Unusual discrepancies between credentials of organization and responses to requests for confirmation.

A significant number of credit entries and other changes in accounting for receivables.

Operations unaccounted fully or on time, or if there are wrong amount, accounting period, classification, or accounting policies.

Adding changes in the last minute that substantially alter financial results.

Signs of employee’s access to systems and accounts that are not connected with performance of their duties.

Reports or complaints to auditor about alleged fraud.

Addition to model


Мотивация - Motivation/ pressure of external circumstances

Риск мошенничества - Fraud risk

Возможность - Possibility

Самооправдание - Self-justification

The above set-theoretic model has one, but significant drawback: it is static. In reality, many fraudulent entities - A and fraud persons - S during audit process are constantly changing. At initial stage set S is empty, and is to be filled with elements – performers of audited enterprises and various related entities (including external entity for audited one). As for set A, then at initial stage it should be filled with "under an outset", ie, to include all known fraud. Then set A is to be abbreviated with omitting elements, impossible at enterprise. In addition, A and S must match:

each element of S must match at least one element of A (if we consider subject of potential fraud, it must somehow show up);

each element of A must match at least one element of S (if we consider fraud, it is done by someone).ñ

Finally, model should produce results in list-based audit procedures that lead to emergence of audit evidence and response from auditor (see "Response").

▪ Response:

(Examples of reactions to detect possible fraud)

Sudden visits to different places or certain inspections without prior notice.ñ

Request inventory on the day of reporting period or the day as close to end of period.

 Change of approach to audit of current year (for example, an oral appeal to major customers and suppliers, in addition to writing.)

Detailed inspection of organization’s adjusting entries at the end of quarter or year-end.

For transactions in substantial amounts or unusual, especially those that take place at the end of reporting period.

Interviews with employees working in areas where there was identified risk of substantial misstatement.

Communication with other independent auditors, who audit financial statements of one or more subsidiaries.

Further examination of financial statements document where assessed risk is high.

Retrospective analysis of selected balance sheet accounts.

Audit action on bills or reconciliations in organization, including cross-checks analysis for interim periods.

Heuristic searches for anomalies in general dataset.

Checking integrity of computer accounting and operations.

Getting additional audit evidence from sources outside of audited entity.

 Analysis of information on incomes, using disaggregated data (for example, comparison of income statements for month, by product line, by business segment for current reporting period with comparable prior periods).

Confirmation of contract terms with a number of significant customer and absence of additional agreements.

Products, guaranteed resale amounts, and terms of termination liability or compensation.

 Interviews with organizations engaged in sales and marketing, or in-house counsel (eg, unusual transactions carried out on the day of reporting period).

Personal presence in one or several locations during reporting period.

Checking the records completeness.

Learning statements on organization’s inventory to find out where are storages of goods or items that require special attention.

Monitoring inventory in segregated unit without notice or inventory of all units simultaneously.

Inventory at the end of reporting period.

 Comparison of current period with prior periods by class or categories of records, location or other criteria, or comparison of volume on results of inventory data for permanent records.

 Quality assurance calculations and calculations in inventory (for example, to check possibility of missing property or duplication).

Inviting expert for independent calculations and comparisons with calculations manual.

Test capabilities and management's intent to implement essential performance objectives.

Counting cash or securities at the end of year.

Derive direct confirm of transactions on accounts from customers.

Analysis of shortages in inventory by department and by product.

Comparison indicators to conventional inventory in this sector.

Reconciliation of supporting documentation for write-downs with constant accounting data on inventory.

Comparison vendor list with list of staff members.

Search for duplicate addresses, employee number, taxpayers or bank accounts.

Checking personnel records (for example, for certification of personnel).

Analysis of information on discounts and product return.

Checking some contracts terms with third parties.

Obtaining evidence that contract is performed in accordance with their terms.

Verifying large or unusual expenses.

Check for proper authorization and the balance of loans to senior management, and related entities.

Checking the correct knowledge of senior management expense reports.

Thus, set-theoretic model should be supplemented by operators corresponding to model’s life phases:

 information gathering - operator Ψ: A, S → A, S;

 information processing - operator Ћ: A, S →A, S;

 decision-making - operator Ω: A, S → A, S.

Let's discuss each operator.

Ψ: gathering information. Given model specificity the collection process must take into account number of features. Specialists in economic crimes focus on fraud preconditions (see "Conditions for fraud"). As an illustration, they give so-called triangle of fraud (A.1 ISA 240). Its vertices determine motivation and opportunity to commit fraud:

 1) pressure of financial circumstances or motive (see "Temptation / necessity");

 2) ability to commit and conceal act of fraud (see "Opportunity");

 3) ability to justify this action ("I deserve more", "everybody does it", "Now I really need the money, I'll return, as soon as I can", etc.).

Person, corresponding the "triangular" basis, is a first candidate for inclusion in set S (performers). Others with extensive opportunities for manipulation, falsification, etc. are to be initially included in this set (for example, management personnel, A.5 ISA 240), as well as members of various informal groups (§ 11a) ISA 240 ).

Conditions for falsification:

 ineffective corporate governance;

 incentives for high achievement;

 expressed desire to minimize tax payments;

 complex organization of enterprise;

 unrealistic expectations of partners;

 sharp fluctuations in level of profitability;

 unrealistic budgeting;

 inadequate internal economic control.

Ћ: data processing. Under processing of collected information, the set A (potentially fraudulent possible actions), which at first is a list of all possible fraud (list may be different for every auditor, depending on experience and number of clients), is changing. Out of total pattern, list excludes items that are known to be unacceptable to audited company. Inadmissibility of particular action (element of A) is determined by performance associated with this action conditions.

Stage of information processing can be considered to be finished only when each element of A corresponds to at least one element of S, and vice versa - each element of S corresponds to at least one element of A. If this condition is satisfied, then you can begin assessing risks of material misstatement of financial statements and development of planned audit procedures.

Fraud actions:

 manipulation, falsification, changing records or documents;

 concealment or omission of information on transactions in accounting records or documents;

 recording of non-existing transactions;

 misapplication of accounting policies.

Ω: decision-making. After receiving adequately filled A and S, the appropriate audit procedures set can be scheduled. By the way, it is possible that on results of these audit procedures, there can be necessity to clarify elements of A and S.

Note that despite compliance with all activities (planning, audit procedures) and that there are effective systems of accounting and internal control systems, there is an inevitable risk of not detecting material misstatement due to fraud. Such is specificity of this phenomenon, as it implies action to its concealment and providing false information to auditor. Therefore, auditor must inform heads of enterprise of his suspicions about fraud, even if it does not cause significant impact on financial statements (paragraph 40 of ISA 240). If senior executives are suspected of committing fraud, auditor should seek legal advice.

Model Application

To illustrate application of "fraudulent" model, let’s take an example from practice (names have been changed - Ed.) SC "Sicilian pastries" (in "fraudulent" cut, that is, with minimum details that bring scope of "zone of competence” under ISA 240). Company is producing and selling confectionery products. Due to good management, according to senior manager, enterprise, despite crisis, is not experiencing any difficulties, actively growing, increasing number of sales outlets and expanding its presence in region. But financial results (profit, sales revenue) are virtually unchanged. This fact prompted largest shareholder (after his words) to address auditors.

Auditor started with standard procedure of collecting information about company, including (operator Ψ):

sent requests to head of enterprise and its owner on available information about any allegations of fraud (and suspicions on this point) for enterprise;

sent requests to local tax authorities (with knowledge and approval of head of company) to confirm balance of payment of taxes and duties;

 prepared compilation of various references about company in local press and on the Internet.

As a result of following events specific conditions have been identified.

Conditions content


Prerequisites for any doubt about honesty and competence of management:

exercise sole leadership


supervision by owner


undue complexity of enterprise structure


are there any works to address weaknesses in internal control system


high turnover and understaffing among accountants


frequent change of legal advisers and auditors


Adverse external and internal conditions:

decline in sector, increase in bankruptcies


lack of working capital


deterioration in quality of income


need to maintain market value for shares


significant investments in expansion of product range


dependence on one or few products or customers


financial pressure on enterprise’s head management


pressure on enterprise’s staff in order to reduce time of reports preparation


high staff turnover and understaffing of ordinary employees


Unusual transactions:

operations carried out at the end of year, which have significant effect on earnings


complexity of operations or accounting methods used


transactions with related parties (associates and subsidiaries)


excessively high payment for certain services


Problems in obtaining sufficient appropriate audit evidence:

inadequate account records


excessive number of corrections


Operations, unrecognized in accordance with standard procedures


management of off-balance control accounts


Inadequate documentation of operations


differences between accounting records and third-party confirmations


inexplicable changes in coefficients that characterize enterprise performance


unjustified or unclear management response to auditors questions


As a result of processing (and understanding) collected information auditor has focused on most important aspects, in his opinion (Ћ operator):

In assessing possible amount of income in period from sale of products, based on amount of raw materials consumed, nearly twofold difference was received (they could get almost twice as much from raw materials than has been sold in fact);

significant amount of production (volume comparable to volume of sales) turned out to untapped and discarded;

ordinary work of personnel, including work of sales manager, has been paid at minimum wage by law, and sometimes delayed;

chief accountant of company was experiencing financial difficulties (daughter was going to enter university, which would require level of expenditure disparate to income of accountant, a single mother).

Since management is in unique position to commit fraud because has ability to manipulate accounts and prepare fraudulent financial statements by traversing control procedures (paragraph 31 of ISA 240), risk of material misstatement due to fraud is high. Given this, set of S was supplemented by variety of elements corresponding to director of enterprise (see Fig. 1).

With regard to possible fraud actions from his side, then they coincided with list of possible actions of accountant (except for manipulation in accounting).

Relevant aspects (formalized in sets A and S) became starting in planning appropriate audit procedures (operator Ω), which were implemented.

Under evaluation of obtained audit evidence, some procedures were done (paragraphs 32-37 of ISA 240):

testing appropriateness of entering data, as reflected in General ledger and other adjustments made during reporting;

review of accounting data and assessment of circumstances that cause material misstatement due to fraud;

uncharacteristic operations were assessed for compliance with their business objectives on assumption that they are necessary to create fraudulent financial reporting or conceal theft of assets;

estimated probability of bypass control procedures by management.

Note that in terms of mathematical model, operators Ψ, Ћand Ω are repeatedly performed until an acceptable outcome in given to situation. In this case, after all additional audit procedures were planned and performed, auditor made sure that accounting data matches financial statements in all substantial respects, internal control system does not allow ordinary staff to assign significant amounts of enterprise assets. But auditor could not get strong evidence of absence of fraud from director and chief accountant. The fact that large quantities of products remain unfulfilled and written off in according to expiration date remained incomprehensible for auditor. So he decided to give up expressing opinion on this matter due to lack of "opportunity to obtain sufficient and acceptable audit evidence to support opinion", and concluded that "potential impact on financial statements of undetected distortion is both essential and comprehensive" (p. 9 ISA 705).

ISA 240 requires auditor to verify doubt that there are significant distortions in client’s financial statements caused by fraud. And thus generates additional "point of entry" in audit, which is different from usual: compliance of accounting with financial reporting, client compliance with legal norms, etc. And that, perhaps, is the main value of standard.

Temptation / need:

(risk of fraud factors – A. 25, ISA 240)

high level of competition or market saturation, combined with margin reduction;

significant negative consequences of rapid change (such as changes in technology, obsolescence of products);

deterioration in economy (for example, significant reduction in demand);

operating losses, which create an imminent threat of hostile acquisitions, bankruptcy, foreclosure on property;

losses amid reports of profitability and growth;

rapid growth or unusually high yield (compared with competitors);

changing accounting, legal requirements;

 striving to meet expectations of investment analysts, institutional investors, significant creditors or other third parties;

need to obtain additional financing;

weak ability to meet exchange requirements, repayment of debts, etc.;

alleged or actual negative consequences for ongoing significant operations;

significant financial interest and/or rights in enterprise;

substantial part of compensation (eg, bonuses);

personal surety for debts of organization;

commitment of management or executive staff to report "beautifully" in front of senior management;

personal financial obligations may create need for management or employees with access to cash or other property;

known or expected layoffs;

recent or anticipated decline in salary or bonuses;

unfulfilled hopes for career growth or increase in revenue.


access to large amounts of cash;

access to highly liquid assets and with no visible identification of owner (inventories, bearer securities, etc.);

improper segregation of duties or independent checks;

inadequate cost control for top managers (for example, transport, and other compensation);

inadequate control management for financially responsible persons;

improper storage of records in respect of property;

improper matching system and approval of withdrawals;

inadequate levels of physical security of assets;

lack of full and timely audits of property;

improper paperwork on transactions, such as credit, returning goods;

absence of mandatory vacations for employees performing key control functions;

improper understanding by management of information technology, which gives employees opportunity to abuse;

inadequate monitoring system for automatic accounting;

 significant transactions with related parties that go beyond usual activities of organization, or with affiliated entities, audits are not performed or performed by another firm;

 strong economic position or dominance possibility in particular sector, organization can dictate terms to suppliers or customers;

 assets, liabilities, income or expenses are based on relevant calculations, which include complex to confirm subjective judgments or uncertainties;

 significant, unusual, or highly complex transactions, especially those implemented at the end of  period, in which there are complex issues of "substance over legal form";

 substantial activities conducted or located outside country's borders in jurisdictions with complex situation for business or culture;

unwarranted involvement of business intermediaries;

 unfounded premise of significant amounts of bank account or significant transactions with affiliates or subsidiaries in tax havens;

one person or small group dominating in leadership of organization;

control by senior management for financial reporting process and internal controls are ineffective;

it is difficult to determine structure or persons who control organization;

over complex organizational structure, which includes uncommon form of legal entities or managerial chain;

high turnover in leadership positions in legal profession, as well as senior management;

 inadequate monitoring control systems, including automated monitoring and control systems for interim financial statements;

high turnover of accounting staff, internal audit, information technology specialists, or inefficient recruitment of staff;

 inefficiency of information and accounting systems, including situations of serious shortcomings of internal control system.


Add comment

Security code

Что для Вас криптовалюта?

Виртуальные «фантики», крупная махинация вроде финансовой пирамиды - 42.3%
Новая эволюционная ступень финансовых отношений - 25.9%
Чем бы она не являлась, тема требует изучения и законодательного регулирования - 20.8%
Даже знать не хочу что это. Я – евро-долларовый консерватор - 6.2%
Очень выгодные вложения, я уже приобретаю и буду приобретать биткоины - 4.3%

29 августа вступила в силу законодательная норма о начислении штрафов-компенсаций за несвоевременную выплату алиментов (от 20 до 50%). Компенсации будут перечисляться детям

В нашей стране стоит сто раз продумать, прежде чем рожать детей - 33.3%
Лучше бы государство изобретало механизмы финансовой поддержки института семьи в условиях кризиса - 29.3%
Это не уменьшит числа разводов, но заставит отцов подходить к вопросу ответственно - 26.7%
Эта норма важна для сохранения «института отцовства». Поддерживаю - 9.3%