Week Five: Partisan? FAs

What processes or strategies could you implement, if engaged as a forensic accountant expert witness, to make sure you are not partisan?

I find public speaking extremely nerve-racking, and it’s difficult enough presenting to an audience without the knowledge that someone is going to try and tear your evidence and opinions to shreds, a situation expert witnesses face. I can’t imagine being in that position, but I do know that if I ever were I would do everything in my power not to have my hard work disqualified because of perceived bias.

 Figure 1 – Expert Witness (Yanklowitz, S., 2013)

When an expert witness’ testimony is considered partisan, it means that their opinion is prejudiced in favour of a particular side of the case (Forensic Accounting, 2016). As a forensic accountant, the main way to ensure that you are not partisan is to be completely independent (Hellen B. & Veitch, J., 2015). 

Now, being independent and unbiased does not mean that you can’t express your opinion, because that is an integral part of an expert witness’ job. Rather, any opinion stated must be based wholly or substantially on your specialised knowledge (Hoffman, R., et al., 2013), and also must comply with the terms set out in APES215, paragraph 5.6. These terms include detailing any relationships with parties in the proceedings, detailing assumptions, explaining the extent to which you relied upon others’ work, illustrating the transparency of your research, and the significant facts your opinions are based on (APES, 2013).

Video 1 - Expert Witness (What is an Expert Witness, 2015)

Week Four: Strict/Vicarious Liability

There are a number of crimes that can be committed in the business world that fall under the banner of fraud, bribery, and corruption, and the Corporations Act 2001 (Cth) attempts to address these criminal matters. However, strict or vicarious liability is really what matters in attempts by legislators and the courts to address this continuing problem in the corporate world.

Do you agree or disagree with the above statement?

Strict/vicarious liability means that a superior is liable for the acts of their subordinate, even if the superior is free from personal fault (Vicarious Liability, 2016).

Video 1 – Strict Liability (What is Strict Liability, 2015)

I believe that, although the Corporations Act is trying to establish avenues to prosecute corporations for doing the wrong thing, strict liability is what really matters. If you make corporations personally liable, employers will be tougher on employees, and they’ll implement the necessary controls/culture changes to ensure that the fraudulent behaviour does not occur.

There are four major types of crimes in the business world that fall under the banner of fraud, bribery, and corruption:

1. White-Collar crime (e.g. embezzlement and false accounting);
2. Organised crime (e.g. illegal drugs and services);
3. Computer crime (e.g. unauthorised data access and internet fraud); and
4. Regulatory Offences (e.g. violation or workplace laws and insider trading) (Latimer, P., 2014).

Figure 1 – False Accounting (Whitton, E., 2012)

Strict liability attempts to address these areas. In particular, it addresses false accounting by ensuring there is an appropriate no-tolerance for fraud corporate culture from the top down; and it addresses unauthorised data access by ensuring superiors create and maintain the necessary information controls.

This is an extremely important issue, and I highly recommend management take steps toward reducing their strict liability (i.e. take all measures to fully educate employees and create a no-fraud-tolerance culture) (Evans, L., 2015).

Week Two: Information Security

“There is an exaggerated reaction by business in general on the need for information security to minimise fraud, bribery, and corruption. These days, with virus, adware, and malware protection, along with other information and security software, passwords, and user IDs, the need for addressing security in 2016 has been minimised.”

Do you agree or disagree with this statement?

I’ve previously worked at Ernst & Young (EY), and I was initially surprised at the level to which they secure their data. However, I know understand that a breach in information security and a loss of confidential information could be potentially catastrophic for EY, as it would likely result in financial and operational damages, as well as damages to customer and employee relations (and in severe cases, could even endanger EY’s survival) (ISACA, 2012). 

In my opinion, the above measures will protect an individual’s information, but do not create enough security for business information. Information is vital to businesses, and therefore requires the highest level of protection available (Holley, A., 2015). Having deficient information security measures leaves a firm vulnerable to fraud (e.g. with lack of controls on employee details, a perpetrator could easily create ghost employees) (Wasserman, E., 2010). 

COBIT 5 has created an Information Security system which brings a number of information security related capabilities to enterprises (ISACA, 2012); this system is depicted in Figure 1 below. This framework would be extremely beneficial to all organisations, and would more effectively secure business information; the need for addressing security in 2016 has not yet been minimised, but I believe that COBIT 5 will help with this.

Figure 1 – COBIT 5: Information Security (ISACA, 2012) (See Appendix for Enlarged Versions)

Week Three: FA Regulatory Updates

The Honourable Michael Kirby AC CMG, a retired judge of the High Court of Australia, delivered a speech in 2011 titled ‘Forensic Accounting – new rules and opportunities’ to a conference convened by chartered accountants. He made the following remarks:

“Some developments are happening that amount to positive phenomena, likely to strengthen the profession of forensic accounting. One of these is the new regulatory environment. Thus, a revised professional standard on forensic accounting services has tightened the requirements of those who may practise in the field, although doubts have been expressed that some members of the profession do not understand how they may be affected by such changes…”

The Honourable Kirby AC CMG considers that changing the regulatory environment will strengthen the profession of forensic accounting. The challenge for forensic accountants, practising in the profession, is to keep up with the changes. At paragraph 1.2 of APES215 (page 3) reference is made to “APES 215 [setting] the standard for Members in the provision of quality and ethical Forensic Accounting Services”. Why is it important that forensic accountants understand and keep up with the development of this new “regulatory environment”?

I first encountered the world of forensic accounting in high school, and I learnt that it was a relatively new concept. Even in the few years since then, the scope of forensic accounting has broadened as technology and capabilities rapidly advance.

Kirby mentions in his speech that there is a new professional forensic accounting (FA) regulatory environment (Kirby, M., 2011), as set out in APES 215. Paragraph 1.3 of APES 215 specifically states that forensic accountants must “follow the mandatory requirements set out in [the document] when they provide [FA] services” (APES, 2013).

Figure 1 – Accounting Professional & Ethical Standards Board Logo (Source)

It is highly important for FAs to keep up-to-date with and understand the development of this new regulatory environment so that they maintain compliance with those regulations. The updates to the regulatory environment include updates to requirements for compliance, integrity, independence, and objectivity (APES, 2013).

In my opinion, it is important for forensic accountants to understand these changes not only for the aforementioned reasons, but also to strengthen the credibility of the forensic accounting profession. For many years there have been no official regulations as to who can become a forensic accountant (Williams, E., 2016) and how they should act in that role, and this has lead to questionability regarding expert opinions, and often exclusion of evidence as a result (as in: ASIC v Vines 2003). 

Week One: Separation of Governance & Management

It is of the utmost importance to separate management from governance policy-making, which is usually undertaken by the board of directors. Without this structure in place, fraud, bribery, and corruption are very high risks.

Do you agree or disagree with this statement? Provide reasons for your answer. In your answer, identify what the potential risks may be if management and governance are not separated.

I understand that many people don’t know the difference between management and governance, so here’s a simple explanation: Governance ensures that enterprise objectives are achieved by evaluating stakeholders, setting direction, and monitoring performance, whilst management plans, builds, runs, and monitors activities in alignment with governance direction (ISACA, 2012).

Video 1 – COBIT 5 Governance & Management (COBIT 5, 2016)

I agree that it is of the utmost importance that management and governance be separated. I work in a firm in which management is very important in ensuring that all the proper policies are implemented correctly, so I can easily visualise how simple it would be to exploit the situation were there a lack of governance/management segregation. When not separated, companies run the risk that their policy makers are also their policy monitors (Carver, J., 2002): this opens the company up to serious risk of fraud, bribery, and corruption because there are no checks or division of duties to ensure that proper policies are being created and run.

Figure 1 – Enron Logo (Johnson, J., 2013)

I did some research and unsurprisingly to me, failures caused by lack of governance/management separation have captured news headlines for years (OECD, 2014). Enron is just one example (where the C-suite executives, i.e. governance, created a culture in which they were also had management capabilities) (Lowery, M. & Blinebry, A., 2014), and you can find many others just by doing a quick Google search.