You are on page 1of 5

Aquino, Bautista, Cruz, Esguerra BA 121 WHODUNIT?

Case Background: Whodunit is a case about a crab meat processing business located in a small town on the eastern shore of Maryland. It is a family-run business that earns from supplying crabmeat to various restaurants. With its current control system in place, everything seemed to be going quite well until the business lost $40,000 in less than two months. The owners, including the auditor that was hired is now faced with a dilemma of trying to figure out who was responsible for the theft and how it was perpetrated. Problems/ Issues: Who was responsible for stealing $40,000 dollars from the company how did that person committed such action and how to avoid it in the future? Current Situation: A. Characters and Responsibilities The crab meat processing business is headed by John Smith, the president and also a stockholder of the entity. He has the primary responsibility of receiving orders from customers and overseeing the entire production process. Aside from this, he also takes charge of opening mails, signing checks and preparing bank reconciliations. His wife Susan, who is also a stockholder, acts as the vice president. She is responsible for preparing bank deposit tickets and making bank deposits. In addition, she is expected to prepare checks for payroll and payments of accounts payable. At the end of each day, Susan constructs daily sales reports which she summarizes to obtain monthly sales reports. Since the system that the entity is using to record Accounts Receivable, Accounts Payable and Payroll are not integrated, she performs the role of obtaining the running summaries of the programs and inputting them into the General Ledger program. At month end, she analyzes the companys trial balance and open balances in accounts receivable and accounts payable. Tommy, the son of John and Susan, is the companys shipping manager. Aside from handling shipping activities, he helps John in overseeing the production of crabmeat. The company also hires an office worker, Debbie. Her parents have been friends with the Smiths for nearly a decade. As an office worker, Debbie is mainly responsible for billing customers by entering sales data into the accounts receivable program and recording the receipt of cash and checks which she also enters in the same program. She shares with Susan a lot of responsibilities such as preparing bank deposit tickets and making bank deposits, preparing checks, constructing daily and monthly sales reports and inputting the running summaries of programs into the General Ledger program.

B. Controls/ Areas of Concern: The accounting records of the business are maintained on a microcomputer. Installed in this system are four (4) modules namely: General Ledger, Purchases, Accounts Receivable and Payroll. Because of the small capacity of the microcomputer, the modules are not integrated meaning that the data from the other programs are not transferred automatically between

modules. This gives rise for the need of a person who will get the running summaries of the Accounts Receivable, Accounts Payable and Payroll programs at each month end and input such data into the General Ledger Program. With regards to invoices, the entity uses manual invoices which are not pre-numbered. To pay its workers, the company does not use checks but instead, pays them with cash each week. It is not therefore unusual for the company to request large sums of cash from its local bank. Due to its nature and size, it also seems that the entity has not established a clear set of roles and responsibilities among its employees. There are workers with overlapping duties and some of which are not properly segregated. Debbie, for example, who is in-charge of billing customers and entering sales into the Accounts Receivable program is also responsible for recording receipts of cash and checks and entering collections of accounts receivable into the same program. In addition to these, the entity has lapses in the implementation of standard operating procedures that its workers should follow. These procedures include placing the right stamps on specific documents such as checks and recording payments as they are received. Risk Issues: There are a lot of problematic areas in the firms control activities, making it vulnerable to fraud. One is its IT Controls where in all the accounting systems used are not linked to one another. It is easy to manipulate transactions without the others detecting it right away. Another big issue is the segregation of duties. The custody of assets and record-keeping responsibility may lie on the hands of one person. For example, Debbie may record the sale, open the mail, deposit the check and record the deposit. Lapping may be done under this circumstance. There should be proper separation of duties since failure might lead to bigger losses in the future. Lastly, lack of strict company policies and practices create opportunities for fraud. The use of unnumbered sales invoice and no guidelines with check stamps increase the risk of embezzlement. Analysis: Based on the facts at hand and the division of responsibilities among those in the company, either Susan or Debbie is the most likely culprit. Both Debbie and Susan are capable of billing customers, making bank deposits, recording receipts of cash and checks and updating the receivable accounts in their program. Thus, they are both capable of performing receiving and recording functions, which shows an improper segregation of duties. It was along these lines of responsibility where the fraud occurred. One of the first signs that caught the attention of Susan was the different balances in the A/R general ledger and subsidiary ledger. In addition, the A/R listings were not continuous and appear to have been tampered with due to the fact that there were tears on some of them. It is possible that certain transactions were intentionally omitted from the A/R records. There was also some unusual activity with regards to payments and deposits. A different stamp was used on some checks and an inaccurate and unstamped bank deposit slip was presented by Debbie. The different stamp used may have been a means to divert the payment away from the companys bank account and the unstamped bank deposit slip could be a fake one which was used to cover up the missing transaction. Payments were also not recorded chronologically in the computer and the missing transactions may have just been added when it was noticed that the records were incomplete. Putting together all these events, it is reasonable to believe that some collections of customer A/R were stolen from the

company, with the cash never really coming in. The weaknesses in internal control with poor segregation of duties make it entirely possible to bypass the recording function and steal customer collections. Conclusion: Based on the case facts and our analysis of how the fraud could be reasonably believed to have occurred, it can be said that Debbie is the perpetrator. Her control over physical assets and recordkeeping responsibilities enabled her to steal the USD 40,000. One of the possible ways to do it is through not recording some sales and keeping the checks from payments on these sales. The fact that Debbie may have tried to cover things up by possibly tampering with the records and presenting a false bank deposit slip points to her as being the person guilty of the embezzlement. Recommendation: Given the current scenario, the company should improve its current control system through (1) exclusive accountability, (2) segregation of duties, (3) use of an integrated system, (4) prenumbering of invoice forms, (5) billing all customers and (6) payment of employees through check. Exclusive Accountability Currently, multiple individuals may perform particular tasks. This increases the risk for fraudulent activities since it would be harder to pinpoint who is primarily accountable if several individuals have access to a particular task. To improve the companys control system, key functions must be assigned and performed by a single individual who would primarily be accountable. Other individuals may not have access to functions outside their own responsibilities. Segregation of Duties Individuals who are responsible for receiving or disbursing cash/checks must not have access to accounting records and vice versa. These must be handled by distinct individuals to avoid manipulation of records and the possibility of misappropriation of assets. Use of an Integrated System Subsidiary ledgers should be automatically integrated to the general ledger. Transferring records manually from the subsidiary ledger to the general ledger poses the risk of committing errors or fraud. The person in charge of accounting records may conceal Pre-numbering of Invoice Forms Pre-numbered invoice forms allows the company to identify missing transactions. This prevents employees from lapping an entire transaction from the company accounting records and keeping the cash receipts from the customers. Billing of all Customers

The practice of billing all customers will provide a standard procedure which will be applied to all. The possibility of human error is reduced in preparing the billing statement if it is done for all as compared to initially identifying customers who are behind in payments. Moreover, having complete billing records provides the company with an official document which may be used as audit trail. Set Clear Policies and Guidelines for Sensitive Processes Another way to build an effective control environment is setting policies and implementing them. One example is explicitly stating that only one type of stamp must be used on all customer checks. There could also be agreements with the bank on encashing company checks. To make this effective, close supervision must be maintained. Appendix Exhibit 1: Present Condition Lack of segregation of duties Risk More opportunities to commit fraud Recommendation Physical custody of assets and record keeping responsibilities must be separated. For a company with limited number of employees, close supervision may decrease the risk Integrate all systems and limit access to other employees

Lack of IT controls

Easy manipulation of records and questionable accuracy No audit trail and verification

Not prenumbered invoices Monthly bills sent to unpaid customers only Payment of wages in cash Lack of strict policies

Only issue pre-numbered invoices

No audit trail and verification

Issue monthly bills to all customers to verify data and leave audit trail

More prone to fraudulent activities Can easily find ways to steal, such as the use of another stamp for checks

Use checks instead

Create specific policies and guidelines on sensitive processes

Exhibit 2:

You might also like