2.1 Fraud and corruption includes both those committed by the government employees or management of an auditee (internal fraud and corruption), and those perpetrated against the auditee by outside individuals or groups (external fraud and corruption). Internal fraud and corruption may result in benefits being obtained either from the organization (e.g., theft of cash/assets, falsification of payroll data), or from a third party (e.g., the theft of patients’ property). The latter may not result in immediate loss to the auditee, but it may result in a liability for restitution where positions of trust have been abused. Examples of external fraud and corruption include making fraudulent claims for government grants and benefits or suppliers issuing false or duplicate invoices.

2.2 Whereas the loss to the auditee is usually fairly apparent in cases of “fraud” as defined above, in the case of “corruption” the corrupt government employee may benefit from the act, but there may not be any loss to the auditee or effect on financial information. Both fraud and corruption are by definition without proper authority and involve breach of trust and therefore irregular.

2.3 There are many general and technical definitions of fraud. In most countries, fraud and corruption are legal concepts, although they are referred to in various ways. One of the factors distinguishing fraud from error is whether the underlying cause is intentional or unintentional, although intent is often difficult to determine, particularly in matters involving the use of judgment.

2.4 XVI INCOSAI URUGUAY 1998 viewed fraud as a legal concept, which involves acts of deceit, trickery, concealment, or breach of confidence that are used to gain some unfair or dishonest advantage; an unlawful interaction between two entities, where one party intentionally deceives the other through the means of false representation in order to gain illicit and unjust advantage.

2.5 According to SPASAI Fraud Guide, “fraud is a generic term which embraces all the means that human ingenuity can devise, which are resorted to by one individual, to get an advantage over another by false representations. There is no finite rule to define fraud as it includes surprise, trick, cunning and unfair ways by which another is cheated.

2.6 Fraud, as it is commonly understood today, means dishonesty in the form of an intentional deception or a wilful misrepresentation of a material fact. Lying, the wilful telling of an untruth, and cheating, the gaining of an unfair or unjust advantage over another, could also be used to further define the word fraud because both that and dishonesty denote intention or willingness to deceive.”

2.7 The Canadian Audit Guide 21 on Fraud Awareness refers to fraud as an action where there is a loss of a valuable resource resulting from a false representation made knowingly, without belief in its truth. Such actions could result in charges being laid under various applicable Canadian laws.

2.8 According to the National Audit Office of UK, fraud involves the use of deception to obtain an unjust or illegal financial advantage as well as intentional misstatements in, or omissions of amounts or disclosures from, an entity's accounting records or financial statements. It also includes theft, whether or not accompanied by misstatements of accounting records or financial statements.

2.9 The Fraud Examiners Manual views fraud as any intentional or deliberate act to deprive another of property or money by guile, deception or other unfair means. Similarly International Standard of Auditing (240) also treats fraud as an intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception to obtain an unjust or illegal advantage.

2.10 Essentially, fraud refers to intentional misrepresentation of financial information by one or more individual among the management, employees or third parties. It involves the use of deception to obtain an illegal financial advantage.

2.11 Fraud may involve:

• manipulation, falsification or alteration of records or documents.
   

• misappropriation/ misapplication of assets.
   

• suppression or omission of the effects of transactions from records or documents.
   

• recording of transaction without substances.
   

• misapplication of accounting policies.

2.12 The basic elements of fraud can be summarized as follows:

• There must be at least two parties to the fraud, namely the perpetrator and the party who was or could have been harmed by the fraud, otherwise known as the victim;
   

• A material omission or false representation must be made knowingly by the perpetrator;
   

• There must be intent by the perpetrator that the false representation be acted upon by the victim;
   

• The victim must have the legal right to reply on the representation;
   

• There must be either actual injury or a risk of injury to the victim as a result of the reliance;
   

• There generally is an attempt to camouflage; and
   

• Fraud involves betrayal of trust.

2.13 Corruption is a complex issue. While its roots are grounded in a country’s particular social and cultural history, political and economic development, bureaucratic traditions and policies, one can generalize to state that corruption tends to flourish when institutions are weak and economic policies distort the marketplace.

2.14 The following definition of corruption is provided by the Asian Development Bank in the Anti-corruption Policy: “Corruption involves behaviour on the part of officials in the public and private sectors, in which they improperly and unlawfully enrich themselves and/or those close to them, or induce others to do so, by misusing the position in which they are placed.”

2.15 The Anti-Corruption Act of the Republic of Korea defines the term “act of corruption” as the act of any public official’s abusing his position or authority or violating laws and regulations in connection with his duties to seek gains for himself or any third party.

2.16 The Chartered Institute of Public Finance and Accountancy of UK defines corruption as the offering, giving, soliciting or accepting of an inducement or reward, which may influence the action of any person. That is, an individual receives a bribe as a reward or incentive for action or inaction contrary to the proper conduct of his or her duties, for the direct benefit of a third party.

2.17 The World Bank defines corruption as the abuse of public power for personal gain or for the benefit of a group to which one owes allegiance.

2.18 Klitgaard [World Bank Publication, Pillars of Integrity, The Importance of SAIs in Curbing Corruption] (1996) developed a model to explain the dynamics of corruption.

Corruption = Monopoly power + Discretion – Accountability

2.19 An act of corruption would comprise one or more of the following elements:

• There must be at least two parties to an act of corruption, namely the person who offers the reward or inducement and the party accepting it;
   

• There must be misuse of office or position of authority for private gain;
   

• There is either an offer and/or acceptance of inducements;
   

• An attempt to solicit an offer of inducement or reward as benefit for performance of an official act;
   

• Any act through which public or entity property is dishonestly misappropriated;
   

• There may be an attempt to camouflage; and
   

• Corruption involves breach of trust.

2.20 It is useful for auditors to understand the motivational and organizational/environmental factors of fraud and corruption. The presence of these factors does not necessarily mean that fraud and corruption have occurred. Rather, awareness of their presence should increase the auditor's sensitivity to that possibility. The key factors generally associated with fraud and corruption are as follows:

2.21 Motivation and opportunity are the elements that generally underlie the commission of fraud and corruption. These could take the form of:

• Economic motivation - financial need or gain is the most common motivation for fraud and corruption. Often, persons convicted of fraud and corruption complain that they had unbearable financial problems for which there was no legitimate recourse.
   

• Greed – persons with power and authority often commit fraud and corruption because they are motivated by greed.
   

• Prestige or recognition – persons may feel they deserve more prestige or more recognition. These persons are often motivated by jealousy, revenge, anger, or pride. They often believe that they are superior to others, that they are shrewd enough to confound and confuse others and can commit fraud and corruption without being discovered or detected.
   

• Moral Superiority – persons may also be motivated by a cause or values that they feel are morally superior to those of the victim, or the government in this case.

2.22 The organisational atmosphere and its perception play a major causative role in perpetration of fraud and corruption.

2.23 Where management is perceived as insensitive, insecure, impulsive or too strict, illtreats employees and judges performance either on short term results or without considering operational constraints, the disgruntlement in the employee is likely to result in instances of fraud and corruption.

2.24 Systems and procedures adopted in organisations and organisational policies are particularly important. An organisation in which the corporate policies are unclear, there is inadequate internal control, excessive regulations, red-tapism, inadequate accountability or history of programme abuse is likely to have more instances of fraud and corruption.

2.25 An understanding of the organisational atmosphere will enable an auditor to assess whether there is a higher risk of fraud and corruption in the entity and planning of the audit could be suitably modified. Poor management structure and policies are indicated by a high turn over of employees, absenteeism, poor documentation, low awareness of regulatory requirements and lack of transparency in reward systems

2.26 It is important for the auditor to also understand that very often the perpetrator of fraud and corruption rationalises his actions with some kind of justification. For instance an employee accused of fraud and corruption is likely to rationalise his action by saying or believing that his low pay justifies the action or since everybody is doing that he is also well within his right to do it; while a contractor could justify his acts of fraud and corruption as a cost of doing business or problems of securing contract from a government entity.

2.27 Some of the most typical fraud and corruption are as follows:

• Bribery is the giving, receiving, offering or soliciting of any “thing of value” in order to influence a person in the performance of, or failure to perform, his / her duties.

• False Statements and False Claims occur whenever a person knowingly and willfully falsifies a material fact or makes a false or fictitious representation or files a false or fictitious claim that results in economic or financial loss to the person to whom the false representation has been made.

• Embezzlement is the fraudulent conversion of personal property by a person in possession of that property where the possession was obtained pursuant to a trust relationship. Examples of means to conceal embezzlement are the use of kiting or lapping scheme.

  • Kiting occurs when a person withdraws cash from a bank on checks deposited by a person for which the cash has not yet been collected by the bank. To conceal the fraud, the person continuously writes checks against non-existent account balances (“kites” checks from bank to bank).
     

  • Lapping occurs when a person steals cash from payment of accounts receivable, and continuously uses cash from other payments of accounts receivables to conceal the initial theft (“laps” two consecutive accounts).
     

• Conflict of Interest occurs when a person has an undisclosed economic or personal interest in a transaction that adversely affects that person’s employer.

• Phantom Contractor is a non-existent company whose invoice is submitted for payment by a person involved in the purchase process.

• Purchases for Personal Use. A person may purchase items intended for personal use or may make excess purchases of items needed, some of which are then diverted to personal use.

• Split Purchases. Contracts are split into two or more segments to circumvent the procurement authority limitations, and thus to avoid competitive bidding. This may involve bribery from the contractor to a person of the other party.

• Collusive Bidding, Price Fixing or Bid Rigging. Groups of prospective contractors for a contract form an agreement or arrangement, to eliminate or limit competition. This agreement may also involve bribery.

• Progress Payment Fraud. The contractor requests progress payments based on falsified information submitted to the other party.

• Over or under invoicing. Occurs when there is deliberate misstatement of the invoice value as compared with goods or services received or supplied.

• Extortion is the use of authority to secure unlawful pecuniary gain or advantage.

• Nepotism and Favoritism unlawful use of public office to favor relatives and friends.

• Loss of Revenue on account of tax or duty evasion can include different situations where revenue due to the government is not received or paid.

• Unfair Recruitment favoritism exercised in the process of recruitment for unlawful gain.

• Computer Fraud is any fraudulent behavior connected with computerization by which a person intends to gain a dishonest advantage. For instance, salami-slicing is a computer fraud where fractions of interest calculations are transferred to a personal account.

2.28 An understanding of the audited entity should enable the auditor to identify potential high-risk areas and suitably modify audit procedures and techniques. Some of the commonly perceived high risk areas are:

• contracts of service/procurement;
   

• inventory management;
   

• sanctions/clearances;
   

• program management;
   

• revenue receipt;
   

• cash management;
   

• general expenditure; and
   

• other areas with public interface.

SAIs would have to, based on experience and perceptions, identify such risk areas while planning audits.

2.29 Procurement of goods and services is a major activity in the government sector and is traditionally prone to fraud and corruption. Understanding fraud and corruption in contracts may therefore be beneficial to the auditor. An illustrative list of the forms fraud and corruption can take in the area of contracts is given at Appendix 1 to enhance the Auditor’s understanding.

2.30 The audit of Contracts in most SAIs, therefore becomes an area of focus for the Auditor who has to be particularly sensitive to the possibility of Fraud in this area. Appendix 2 lists out the warning signs that an auditor needs look out for. These would alert him to the necessity of further scrutiny or intensive examination. The size of the sample or the techniques adopted could also be suitably adjusted.

2.31 With the increased use of information technology in the function of entities and increased introduction of IT systems the auditors needs to understand that the perpetration of fraud and corruption and consequently detection of such instances become more complicated.

2.32 Computer fraud could involve the manipulation of a computer or computer data by whatever method in order to dishonestly obtain money, property or some other advantage of value or to cause loss

2.33 The Auditor has to be particularly aware of the audit trail, of the checks and balances of IT systems, of the levels of control and needs to also have a fair idea of how processing controls can be circumvented by the perpetrator of fraud and how data can be accessed and manipulated. It is particularly important for the auditor of the IT system to assess in his audit the level of security controls built in and if these are in tune with the sensitivity of data.

2.34 Audit evidencing in an IT environment is often more complex than traditional manual audit. In an IT environment not only it is necessary to understand the techniques of assessing system and data soundness but also necessary to establish means of collecting evidence. The standards of audit evidence collection have to be set by the SAIs in consonance with the legal framework and regulations in which the audit is carried out.

2.35 Since this is an emerging field of audit and is also undergoing rapid changes the SAIs may consider the pooling of information on the IT audits conducted and techniques adopted.