Page 1
I2FC
InterdisciplinaryInsightsonFraudandCorruption
Red flags and publicly available information: an effective combination for
reducingthecostsoffraud
IsabelleAugsburger‐Bucheli
DoctorinLaw,ProfessorofLaw,DeanofInstitutdeluttecontrelacriminalitééconomique(ILCE‐InstituteofEconomicCrimeInvestigation),DeputyDirectoroftheHauteécoledegestionArc(HEGArc–BusinessSchool),UniversityofAppliedSciencesandArtsWesternSwitzerlandHES‐SO
Espacedel’Europe21,CH‐2000Neuchâtel(Switzerland)
isabelle.augsburger@he‐arc.ch
Abstract
Recentdevelopmentsinthefieldofthefightagainsteconomiccrimehaveshowna
focusondevelopingdetectiontoolsbasedoncompanies'internaldata.Ourproject
exploresothersourcesinordertoestablishtowhichextenttheriskoffraudina
Swiss company can be assessed using publicly accessible data. We have also
analyzed and classified a large number of fraud red flags, exogenous as well as
endogenous, deriving from both financial and extra‐financial information. This
processhasallowedustodevelopseveralcopyrightedlistsandspreadsheetsthat
could be extremely helpful in fraud assessment. Publicly accessible data still
representsanuntappedsource in the fightagainst suchcrimes: ifused the right
way, it could become an asset for businesses, investors, and public authorities
Page 2
-2-
alike.Severalobstacles,however,mustbeovercomeinordertoachievethisgoal:
first and foremost,non‐financial red flagsare rarely referenced ‐ andwhile they
sometimes highlight interesting tendencies, they are not guaranteed to reveal
actualfraudcases.Secondly,thevalidityofresultsobtainedwhenusingsuchred
flagsnecessarilydependsonthereliabilityofthesources.Suchissuesnaturallycall
forfurtherresearchwork.
Keywords: occupational fraud, red flags, fraud prevention, fraud detection,
economiccrime,Switzerland.
JELcodes:K14CriminalLaw,K42IllegalBehaviourandtheEnforcementofLaw,
K22BusinessandSecuritiesLaw,L53EnterprisePolicy
Page 3
-3-
1. Introduction
Studies by advisory firms and professional associations indicate that economic
crimeisontherise,dueinparticulartothedevelopmentoffinancialengineering,
the use of new technologies and the globalization of economy (see for example:
KPMG2009,2013a;PwC2011a,2011b,2014a,2014b).Occupationalfraudisatthe
heartofthisproblem;itcanbedefinedas“theuseofone’soccupationforpersonal
enrichment through the deliberate misuse or misapplication of the employing
organization’sresourcesorassets”(ACFE,2014:6).Occupationalfraudgenerates
enormouscostsforemployers:ACFE2014reportsthattypicalorganizationslosea
medial of 5% to all types of fraud. As a result, the implementation of efficient
strategiesallowingtopreventanddetectfraudisapriorityformanyofthem.
Most of the strategies in place today involve themonitoring and surveillance of
employees,internalcontrol,andthedetectionofredflagsthroughtheanalysisof
internalinformation(suchasaccountingdata).Redflagsaredefinedassituations
ortransactionsthatrevealoraresusceptibletorevealafraud,orthataretypicalof
an environment where fraudulent behaviors can arise and proliferate (see,
Hounnongandji,2010:251).Whilefraud,likemostformsofeconomiccrime,does
notmanifestitselfinadirectorimmediateway(likestreetcrimeusuallydoes),it
stillleavestraces.
Red flags are based on information and situations that typically show up in
connectionwithfraud.Therefore,inacontextofpreventionorinvestigation,they
canbe readaspiecesof evidence that sucha crimehasoccurred, is about tobe
committed, or is likely to take place in the analyzed environment. They are
powerful weapons, alongside internal control and whistleblowing, in the fight
Page 4
-4-
againstfraud.Theycanbeparticularlyusefulinthepreventionphase,astheycan
helpreducethenumberandimpactoffraudcasestogetherwiththerelatedcosts.
Those inuse today,however,dependalmostexclusivelyon internal information,
which is oftenkeptprivate. Thishas two consequences: becauseof the focuson
internal data, the possible role of publicly available information (any data
originating from public or private sources that is available to anyone, without
restrictions, freeofchargeorotherwise) in frauddetectionhasbeenoverlooked.
The second consequence is that a serious assessment of fraud risk can be
conducted exclusively by the company itself. Third parties such as business
partnersorinvestors,whichmayhavealegitimateinterestinassessingsuchrisks,
donothaveaccesstonecessaryinformation,andcannotuseittoidentifypossible
redflags.
Ourprojectwasmeantasafirststepinanattempttofillthesegaps.Weexplored
otherpossiblesourcesofinformationinordertoestablishtowhichextenttherisk
of fraud in a Swiss company could be assessed using red flags based on public
information. At the same time,we created a series of risk assessment tools that
workwithred flagssuitable to facilitate the tasksof thosehavingaccess toboth
internal and external information, but alsouseful to interested thirdparties.We
also endeavored to create a functional red flags database that integrates public
informationasapossiblesourceofdetection.
Page 5
-5-
2. Literature review
Although the ideaofusingpublic information for thepurposeof assessmenthas
alreadybeenimplementedinothersectors,ithasnotyetbeenextendedtofraud
andeconomiccrimeingeneral.TheFondationIbrahimhasestablishedacollection
ofquantitativedataleadingtoayearlyevaluationoftheperformances,intermsof
governance,withinAfrican countries. Similarly, theBaselInstituteonGovernance
(anon‐profitorganizationtightlyassociatedwiththeLawFacultyoftheUniversity
ofBasel)hasdevelopedan index thatuses red flags (developedbasedonpublic
reports byGAFI andby theWolfsbergGroup) to classify countriesbased on the
risklevelinrelationwithmoneylaundering,terrorismfinancing,andcorruption.
Whiletheaboveprojectsshowcasethepotentialofpublicinformation‐derivedred
flags, theydoso ina context far removed frombusinessandoccupational fraud.
When it comes to the latter, the available literature focuses, as expected, on red
flags that depend on internal information (e.g. information related to internal
service compliance, etc.), and which is therefore suitable for internal use only
(Pons,2006;Gallet,2010).Severalauthorshavedevelopedchartscontainingred
flagsthatcanbedetectedandevaluatedbasedonsuchdata(see:Cauvin&Bescos,
2005;Ouaniche,2009;Pons&Berche,2009).TheforensicservicesoftheBigFour
(Deloitte, EY, KPMG, and PricewaterhouseCoopers), who assist companies in
internalinvestigations,doemployredflagsaspartoftheirprocess,buttheirtools
‐besidesbeingshredinsecrecy‐alsorequireaccesstointernaldata.
Partofourproject involved the identificationof typesofpublic information that
can lead to the detection of fraud red flags. As purely financial information is
typicallykeptprivate,thedataavailabletothepublic is largelyofanon‐financial
Page 6
-6-
nature. Studies conducted in the auditing field, where financial information is
paramount, have showed thatnon‐financial information ‐ suchas thenumberof
employees,consumersatisfaction,andthenumberofopenaccounts(Amesetal.,
2012) ‐ should also be taken into consideration (American Institute of Certified
Public Accountant (AICPA), 2002; Cohen et al., 2000), as it helps to generate a
more trustworthy assessment of a company, unveil irregularities, verify the
validity of financial performances, and sometimes even predict the latter. The
importanceofnon‐financialinformationhasbeenalsohighlightedbyanumberof
other studies focusing on corporate governance and social and environmental
responsibility(e.g.Mauléon,2007;Peter&Jaquemet,2014.).
Despite this, anddespite the fact that companies' communications arebecoming
more focused on extra‐financial information (Mauléon, 2007), few authors have
explored thequestionof its roleand importance in frauddetection (e.g. Ittner&
Larcker,1998).Thestudiesconductedsofar,however,havethemeritofshowing
thatextra‐financialinformationcanindeedproveuseful.Brazeletal.(2009)have
shownacorrelationbetweenfinancialresultsandextra‐financialinformation,and
arguethatvariationswithinthiscorrelationcansuggestthatfinancialresultshave
beenmanipulated.Extra‐financial information,whilehardertobetamperedwith
than its financial counterpart (Cohen et al., 2011), can still be falsified by the
management, but the risk factor becomes higher: this is because its veracity is
more easily verifiable (Bell et al., 2005), and also because the circle of people
involvedinthefraudislikelytobeextendedbysuchmaneuvers.Finally,Grove&
Basilico (2008; 11) “demonstrate the usefulness of both types of red flags ‐
quantitative fraud ratios and qualitative corporate governance factors ‐ for
Page 7
-7-
detectingfraudulentfinancialreporting.Thequalitativecorporategovernancered
flags are just as, or even more, important than the quantitative ones for both
detecting and preventing fraudulent financial reporting, according tomany fund
managers,shortsellers,financialanalysts,andfinancialpresswriters”.
In conclusion, extra‐financial data that is publicly available represents a valid
sourceof information that ‐whileoftenoverlooked ‐ canplayan important role
not only in fraud detection, but also in fraud prevention. Indeed, according to
KPMG(2013b),“failuretoadequatelyassessclients,agentsandbusinesspartners,
andtoknowhowtheyoperate,canexposeorganizationstoreputationaldamage,
operationalriskandgovernmentinvestigations,aswellasmonetarypenaltiesand
potentialcriminalliability”.
3. Methodology
Red flags are powerful tools in the fight against fraud. They are particularly
importantbecausetheycanallowtopreventfraudandassesstheriskthereof,thus
helping companies to drastically reduce the costs linkedwith the phenomenon.
Today, as we have seen, red flags are detected using almost exclusively private
information,especiallyofafinancialnature.Ourprojectaimedtoevaluatewhether
theuseofpubliclyavailableinformationcouldleadtoamoreefficientdetectionof
redflagsandatthesametimewidenthecircleofpeoplethataresusceptibletouse
such red flags, ultimately transforming the latter into a more complete and
universaltooloffraudprevention.
We have structured our project in four phases. The first phase consisted in
establishingageneralinventoryofreliablefraudredflags.Inthesecondphasewe
Page 8
-8-
identified types of publicly available information that could, realistically, lead to
thedetectionofthelistedredflags(forpracticalreasons,welimitedourselvesto
informationavailableinSwitzerlandandpertainingtoSwisscompanies).Thethird
phase consisted in cross‐referencingeach red flagwith the information found in
phase two; it allowed us to determine which red flags could theoretically be
detectedusingthelatter,andinwhichcasessuchinformationcouldcontributetoa
moreefficientdetection.Phasefouriscurrentlyinprogress:wearetestingthered
flagsidentifiedinphasethree,withtheobjectiveofevaluatingtowhichextentthey
couldbeusedtoassesstheriskoffraudwithinaSwisscompany.
3.1Establishingacatalogueofoccupationalfraudredflags
Weachievedthisthroughathreestepsprocess,whichisdescribedbelow.
3.1.1Identificationoffraudtypologies
As a starting point, we have based ourselves on the three main categories of
occupational fraud established by the Association of Certified Fraud Examiners
(ACFE&Peltier‐Rivest,2007:8):
‐ Assetmisappropriation: “Any scheme that involves the theftormisuseof an
organization’sassets,suchasskimmingsales,fraudulentbilling,payrollfraud,
orexpensereimbursementfraud.”
‐ Corruption:“Anyschemeinwhichaperpetratoruseshisorherinfluenceina
businessorofficial transaction toobtainanunauthorizedbenefitcontrary to
thatperson’sdutytohisorheremployer.Commonexamplesincludepayingor
acceptingbribesor illegal gratuities, engaging in self‐dealing transactionsor
engaginginconflictsofinterests.”
Page 9
-9-
‐ Fraudulent financial statements: “Any scheme that involves the deliberate
falsificationofanorganization’sfinancialstatementstomaketheorganization
appearmoreorlessprofitable.Examplesincluderecordingfictitioussalesand
concealingliabilitiesorexpenses.”
Wehavethenselectedaseriesofcrimesandsituationswithinsuchcategories;we
havebasedour choices especiallyon surveysbyACFEand theBigFour, bothof
which have a long‐standing expertise in financial investigation and advisory
services (see forexample:ACFE2012;ACFE&Peltier‐Rivest,2007;KPMG2009,
2013a; Isenring&al.,2014;PwC2011a,2011b,2014a,2014b).Havingobserved
thatseveralfraudsthatoccurfrequently(suchase‐mailscams)havelittlefinancial
consequences,andthatrarertypologies(suchasfraudulentfinancialstatements)
can have an enormous impact, we have decided to take both categories into
account.
3.1.2 Redflagscollection
Throughaliteraturesearchinwhichwehaveconsultedmultiplesources(suchas
Brown&DLAPiperLLP,2012;Colby,2004a,2004b,2004c;DiNapoli,2010;Gallet,
2010;Goldenetal.,2011;KPMG,2012a,2012b;Ouaniche,2009;Pons&Berche,
2009;Singleton&Singleton,2006;Zimbelman&Albrecht,2011)wehavegathered
a large collection of red flags lists and tables, as well as articles and papers
discussing one or more red flags. We have retained and listed those that are
applicabletooccupationalfraud.
We have then conducted an empirical research in which we have studiedwell‐
documented fraudcasesandanalyzed therelevant jurisprudence fromtheSwiss
FederalSupremeCourt(Tribunalfédéral).Wehavealsoconductedinterviewswith
Page 10
-10-
several forensic accounting experts, with the objective of listing the techniques
usedbyfraudstersaswellastheevidencetheyleavebehind.Throughthisprocess
wehaveconfirmedsomeoftheredflagscollectedduringourliteraturesearchand
alsoestablishednewredflags,whichhavebeenaddedtothelist.
3.1.3 Redflagindexing
Thelargeamountofinformationcollectedin3.1.2wastakenfromseveraldifferent
sources, andas such itneeded tobeorganizedandhomogenizedbefore it could
proveuseful.Wehavethereforeplacedtheretainedredflags(aroundathousand)
in a spreadsheet and applied filters (with theobjectiveofmerging similar items
andeliminatingduplicates),thusgeneratingacatalogueconsistingof403redflags.
For these we have developed an ad hoc classification inspired by the works of
Zimbelman and Albrecht (2011), by the Swiss SME chart of account (Plan
comptablesuissePME),andbytheCOSO(CommitteeofSponsoringOrganizations
oftheTreadwayCommission)framework.Everyredflagincludedinthefinal list
hasbeentaggedwiththefraudcategory(ies)itpertainstoandplaced,basedonits
impact and its nature, in one of the tiers described below. The categorization
accordingtofraudtypewasmadewiththegoalofobtainingacleareroverviewof
thecatalogueandtorenderthesearchofspecificredflagseasier.Itisnotintended
to be final nor completely accurate, as it involved several decisionswhichwere
madeaccordingtoourproject’sneeds.
Endogenousredflags
Endogenous red flags are those that are detectable using companies' internal
information.Theycanbefurtherclassifiedinfoursub‐categories:
Page 11
-11-
‐ Organisation: includes red flags linked with a company's functioning,
structure, management, and performance, as well as with its employees'
behaviorsandissues.
‐ InternalControlSystem(ICS).Inordertodecidewhichredflagstolistunder
this category, we have drawn inspiration from the COSO framework, which
providesabenchmarkforinternalcontrolstandardsand“helpsorganizations
design and implement internal control in light ofmany changes in business
and operating environments” (COSO, 2013). One of the functions of internal
control is to allow companies to identify and eliminate fraud opportunities,
thusdrasticallyreducingthechancesthatsuchacrimewilloccur.Accordingto
Cressey'fraudtriangletheory,allfraudsarecharacterizedbythesimultaneous
occurrenceofthreeelements:motivation,opportunity,andrationalization.As
Chapuisetal. (2016)pointout, thediscoveryofgapsandweaknesses in the
controls inplace,orofacertain lackofdiscipline intheirapplication,canbe
perceived as opportunities and encourage fraudsters to act. Since in the
majorityofcasesindividualsdonotactivelylookforbreaches,butarewilling
to take the opportunities that arise, eliminating such opportunities is
particularlyeffectivewhentryingtolimitfraudcases.
‐ Accounting: companies' activities generate a large number of transactions,
entries,movements,andratiocalculations:anomalieswithinsuchdatamight
indicatethatafraudhasbeencommitted.Inordertoidentifywhichdatacould
behelpfulinfrauddetection,wehavestudiedthestructureoftheSwissSME
chartofaccount(PlancomptablesuissePME;Sterchietal.,2014)).
Page 12
-12-
‐ Documents: this last category concerns all information originating from
companydocumentssuchasbills,contracts,etc.
Exogenousredflags
Exogenous red flags,which are detectable through information originating from
sourcesthatareexternaltothecompany,havebeenclassifiedinthreecategories.
‐ Internal control and surveillance: includes red flags connected with the
company'srelationswithitsauditors.
‐ Environment and business sectors: includes red flags connected with the
conditionsandthechangeswithincompanies’externalenvironment(political,
social,etc.),andwithproblemslinkedtocompanies’businesssectors.
‐ Thirdparties:businesspartners,suppliers,andserviceproviders: this category
concerns people and organizations that do business with the assessed
company, such as business partners, suppliers, and service providers. It
includes red flags connectedwith their behaviors and business activities, as
wellaswitheventualcomplaints,lawsuits,anddenunciations.
3.2 IdentifyingpubliclyavailableinformationrelatingtoSwisscompanies
Inordertodeterminewhichoftheredflagsincludedinourlistcouldbedetected
usingpubliclyavailableinformation,wefirsthadtoestablishwhichinformationof
this kind is available in our country.As a reminder,wedefinepublicly available
informationasanydataorinformationoriginatingfrompublicorprivatesources
that isavailabletoanyone,withoutrestrictions, freeofchargeorotherwise.This
conceptmustbedifferentiated from that of opendata,which includes any “data
and content that can be freely used, modified, and shared by anyone for any
purpose” (opendefinition.org). We achieved this by analyzing the Swiss legal
Page 13
-13-
framework and conducting semi‐structured interviews with investigation and
financialinvestigationexpertsworkingforlawenforcementagenciesaswellasfor
privateentities.
3.2.1 ThelegalframeworkinSwitzerland
Fewlaws,inSwitzerland,establishtheobligationtopublishcompanyinformation.
Withregardtofinancialinformation,theSwissCodeofObligations(CO)setsforth
that “Following their approval by the competent management body, the annual
accountsandconsolidatedaccountstogetherwiththeauditreportsmusteitherbe
publishedintheSwissOfficialGazetteofCommerceorsentasanofficialcopyto
anypersonwhorequests thesamewithinoneyearof theirapproval” (Art.958e
CO).Annualaccountsincludethebalancesheet,theprofitandlossaccountandthe
notestotheaccounts(art.958al.2COand959ff.CO).Otherlawsestablishspecial
dutieswithregardtopublicationofinformation:theseapplyforexampletolisted
companies, (see for example the Federal law on stock exchanges and the
commerceofsecurities(Loisurlesbourses,RS954.1),toestablishmentssubjectto
the Federal Law on Banks (Loi sur les banques, RS 952.0) and to the Swiss
NationalBank(LoisurlaBanquenationale,RS951.11).
According to researchers (e.g. Del Bosco & Misani; 2011) as well as to human
rights,environmental,andanti‐corruptionorganizations,publishedextra‐financial
information represents an important asset in the context of fraud detection.
However, there is no legislation related to such publishing, and the Swiss
governmentshowsnointentionoftakingstepsinthisdirection(Rapportdedroit
comparé, 2014), like the European Union has recently done
(Directive2014/95/EU).
Page 14
-14-
3.2.2 Classification
Having established the legal framework, we searched for possible sources of
publiclyavailableinformationrelatedtoSwisscompanies.Wehaveidentified352
typesofinformation,whichcanbeclassifiedinfivecategories:
‐ Officialdocuments(asdefinedbyart.5and6oftheFederalActonFreedomof
Information in the Administration (Freedom of Information Act, FoIA, RS
152.3),suchasdocumentsissuedbypublicauthorities(residents'registration
offices, debt collection and insolvency offices, commercial registers, land
registers,chancelleries,etc.);
‐ Reportsestablishedbycompaniesandservicesthatprovidebusiness,economic,
andsolvencyinformation. Such information ismadeavailable to thepublic in
variousforms(reports,adhocreports,bytelephone,automatically,etc.),free
of charge or for a fee. Swiss law (art. 13.2 of the Federal Act on Data
Protection,FADP,RS235.1)statesthatitislegaltoprocesspersonaldatafor
the purpose of evaluating another person's creditworthiness, under the
condition thatsuchdata“isneithersensitivepersonaldatanorapersonality
profile”,andthatitis“disclosedtothirdpartiesonlyifthedataisrequiredfor
theconclusionortheperformanceofacontractwiththedatasubject”;
‐ Directories that provide unrestricted access to information on people and
corporationsthathaveatelephonesubscription;
‐ Internet, social media and blogs: these sources can provide an enormous
amount of useful (though not always reliable) information on people and
companies;
Page 15
-15-
‐ Official company websites and other official documents such as brochures,
yearly reports,management reports, etc. These sources provide information
aboutcompanies’profiles,theirstructure,sectorsofactivity, financialhealth,
etc. Availability and quality of such information varies highly between
companies.
3.2.3 Determiningwhichredflagscanbedetectedusingpubliclyavailable
information
Wehave placed the 403 red flags in three categories, depending on the level of
accessibility of the information that can lead to their detection: 1) Red flag
detectable through private internal information; 2)Red flags detectable through
publicly accessible internal information,3)Red flagsdetectable throughpublicly
accessibleinformation.Themajorityofredflagshavebeen,asexpected,classified
inthefirstcategory.Wehavehoweveridentifiedasatisfyingnumbersofredflags
(67) that depend on publicly accessible information. We have then cross‐
referenced the latter with our publicly available information index, and
determinedthat43redflagscanbe,intheory,detectedbyusingexclusivelysuch
data (e.g. profits that are systematically lower than the business sector average,
information that diverge from the financial performance, and presence of shell
companies).
3.3.4 Testing
This phase of the project is currently in progress. We have conducted a
preliminary test, which consisted in assessing the risk of fraud within a Swiss
organizationsuspectedofwidespreadcorruptionpracticesusingthe43redflags
discussedabove.Further,intensivetestswillbeconductedin2015‐16bystudents
Page 16
-16-
ofILCE'sMasterofAdvancedStudiesinEconomicCrimeInvestigation(MASECI),
aswell as by several Swiss experts and entrepreneurs, in order to determine to
witch extent the results generatedby its application canbe considered accurate
andreliable.
4. Results and discussion
Themainoutputoftheprojectconsistsintwouniqueredflagdatabases.Thefirst
includes our 403 hand‐picked red flags pertaining to occupational fraud. It is
availableintwoformats:aprotectedExcelspreadsheet,completewithfiltersthat
allowtoquicklyaccessthedesired information,andasimplifiedprintedversion.
This database has the potential of empowering any person having access to
internal and/or external information regarding a company to rapidly foresee or
detectandpreventpotentialfraudsituations.Expertswhohavealreadybeengiven
access to thedatabaseagree thata toolgroupingreliableoccupational fraudred
flags in one place is a highly valuable asset; they also lauded its flexibility and
potential for customization, which will allow professionals to adapt it to their
needsand to the situations theywish toanalyze.Theybelieve that thedatabase
will proveuseful at an internal level (in particular to audit committees, internal
auditors, management, risk committees, compliance bodies, ICS surveillance
bodies, quality control bodies, and process managers), but also state that third
parties (such as the business partners, competitors, and investors) could also
benefitfromitsuse.Finally,theexpertssuggestthatthedatabasecouldbeusedfor
educationpurposes, inthecontextofspecializedtrainingforprofessionals inthe
fightagainsteconomiccrime.
Page 17
-17-
The second database includes the 43 fraud red flags that could possibly be
evaluated using only publicly available information. As mentioned above, these
havebeentestedinthelastphaseofourproject.Whilethisfirsttesthasgenerated
positiveresults,theyarebynomeansconclusive.Furthertestingwilltakeplacein
2015‐16. We will however not be able to corroborate our results with reliable
statistical elements, as the latter are, at the moment, insufficient. Finally, the
validationofseveralsourcesofinformationonwhichtheredflagsarebasedcould
provetobeproblematic,becauseofthehighvolumeofdata,thelackofuniformity
ofsuchsources,andoftheabsenceofevaluationstandardsinthefield.
5. Conclusion
As of today, publicly available information cannot, by themselves, allow the
detection of sufficient red flags to be considered a reliable source for the
assessmentoffraudriskwithinSwisscompanies.Thisduetothelegalframework
in Switzerland and to the fact that most financial information, on which many
provenredflagsdepend,iskeptprivate.Publiclyavailableinformationdoesfulfil,
however,animportantfunctioninthefightagainstfraud.Whilenotpermittinga
complete assessment, it can in some cases provide a general, preliminary
evaluation of a company, and can lead to the spotting of problems (or problem
areas)thatdeservefurtherinvestigation.Assuchtheycanproveusefultopeople
who have access to both private and public information as well as to people
external to the company. Those in the first category can also combine the two
sources in order to achieve a more complete and efficient red flag‐based
assessment.
Page 18
-18-
Public available information has the potential to play an even bigger role in the
context of fraud detection and prevention. Further research, in particular with
regard to the reliability and quality of the data (source validation) and to the
corroborationoftheresultswithreliablestatisticaldata,willbeneededinorderto
determineunderwhichconditionsthispotentialcouldbeexploited.Thevolumeof
publicly available information is constantly growing, thanks also to media
platformssuchasTwitterandFacebook‐whichareusedbycountlesscompanies
andorganizations.The identificationofpotentiallyuseful informationwithinthis
oceanofdatawillbeoneofthemainchallengesforthefuture.
Page 19
-19-
References
ACFE.2014.Reporttothenationsonoccupationalfraudandabuse.
http://www.acfe.com/rttn/docs/2014‐report‐to‐nations.pdf
ACFE.2012.Reporttothenationsonoccupationalfraudandabuse.
http://www.acfe.com/uploadedFiles/ACFE_Website/Content/rttn/2012‐
report‐to‐nations.pdf,October28,2015.
ACFE,&Peltier‐Rivest,D.2007.Ladétectiondesfraudescommisesenentrepriseau
Canada:uneétudedesesvictimesetdesesmalfaiteurs.
http://www.acfe.com/uploadedFiles/ACFE_Website/Content/documents/rttn‐
french‐canadian.pdf,October28,2015.
AmericanInstituteofCertifiedPublicAccountant(AICPA).2002.Considerationof
FraudinaFinancialStatementAudit.StatementonAuditingStandardsNo.99.
http://www.aicpa.org/Research/Standards/AuditAttest/DownloadableDocume
nts/AU‐00316.pdf,October28,2015,AICPA.
Ames,D.,Brazel,J.F.,Jones,K.L.,Rich,J.S.,&Zimbelman,M.F.2012.Using
NonfinancialMeasurestoImproveFraudRiskAssessments.CurrentIssuesin
Auditing,6(1):C28–C34.
Bell,T.B.,Peecher,M.E.,Solomon,I.,&KPMGInternational.2005.The21stcentury
publiccompanyaudit:conceptualelementsofKPMG’sglobalaudit
methodology.[S.l.]:KPMGInternational.
Brazel,J.F.,Jones,K.L.,&Zimbelman,M.F.2009.UsingNonfinancialMeasuresto
AssessFraudRisk.JournalofAccountingResearch,47(5):1135–1166.
Brown,S.A.,&DLAPiperLLP.2012.Identificationof“RedFlags”forpossibleviolations
ofkeyUSlawsforcompaniesoperatingoverseas.StrangerinaStrangeLand:
Page 20
-20-
EthicalandComplianceChallengesinInternationalDisputes.Presentedatthe
ABASectionofLitigation2012SectionAnnualConference,Miami,Florida,
http://www.americanbar.org/content/dam/aba/administrative/litigation/mat
erials/sac_2012/12‐1_identification_red_flags.authcheckdam.pdf,September5,
2014.
Cauvin,E.,&Bescos,P.2005.Lesdéterminantsduchoixdesindicateursdansles
tableauxdeborddesentreprisesfrançaises :uneétudeempirique.Finance
ContrôleStratégie,8(1):5–25.
Chapuis,B.,Granito,D.,Jaquier,S.,&Lavanchy,P.‐Y.2016.Investigationcomptable.
Précisd’investigationfinancière.Lausanne:Pressespolytechniqueset
universitairesromandes.
Cohen,J.,Holder‐Webb,L.,Nath,L.,&Wood,D.2011.RetailInvestors’Perceptionsof
theDecision‐UsefulnessofEconomicPerformance,Governance,andCorporate
SocialResponsibilityDisclosures.BehavioralResearchinAccounting,23(1):
109–129.
Cohen,J.R.,Krishnamoorthy,G.,&Wright,A.M.2000.Evidenceontheeffectof
financialandnonfinancialtrendsonanalyticalreview.Auditing,19(1):27–48.
Colby,E.2004a.Lafraudeetlecontrôleinterne,Premièrepartie :l’importancedes
contrôles.https://www.cga‐
pdnet.org/Non_VerifiableProducts/ArticlePublication/FraudInternalControls_F
/FraudInternalControls_p1_F.pdf,August5,2014.
Page 21
-21-
Colby,E.2004b.Lafraudeetlecontrôleinterne,Deuxièmepartie :concevoirdes
contrôlespourenrayerlesmenaces.https://www.cga‐
pdnet.org/Non_VerifiableProducts/ArticlePublication/FraudInternalControls_F
/FraudInternalControls_p2_F.pdf,August5,2014.
Colby,E.2004c.Lafraudeetlecontrôleinterne,Troisièmepartie :lesstratagèmesde
fraudeinterne.https://www.cga‐
pdnet.org/Non_VerifiableProducts/ArticlePublication/FraudInternalControls_F
/FraudInternalControls_p3_F.pdf,August5,2014.
COSO.2013.
http://www.cpa2biz.com/AST/PricingStructureAssortments/Section_Credentia
ls/Pricing_Tax_Section_Member/PRDOVR~PC‐990025/PC‐
990025.jsp?selectedFormat=Paperback,October28,2015.
DelBosco,B.,&Misani,N.2011.Keepingtheenemiesclose:Thecontributionof
corporatesocialresponsibilitytoreducingcrimeagainstthefirm.Scandinavian
JournalofManagement,27(1):87–98.
DiNapoli,T.P.2010.RedFlagsforFraud:14.
http://www.osc.state.ny.us/localgov/pubs/red_flags_fraud.pdf,August5,2014,
StateofNewYork,OfficeoftheStateComptroller.
Directive2014/95/EUoftheEuropeanParliamentAndoftheCouncilof22October
2014,amendingDirective2013/34/EUasregardsdisclosureofnon‐financial
anddiversityinformationbycertainlargeundertakingsandgroups.
Gallet,O.2010.Halteauxfraudes,Guidepourauditeursetdirigeants.Paris:Dunod.
Golden,T.W.,Skalak,S.L.,Clayton,M.M.,&Pill,J.S.2011.Aguidetoforensic
accountinginvestigation(2nded.).Hoboken,NJ:Wiley.
Page 22
-22-
Isenring,G.L.,Mugellini,G.,&Killias,M.2013.Surveytoassessthelevelandimpactof
crimesagainstbusinessesinSwitzerland.
http://www.unisg.ch/~/media/internet/content/dateien/unisg/schools/ls/leh
rstuhl%20killias/final%20report_swiss%20business%20crime%20survey_201
3.pdf,August5,2014,UniversityofZurich.
Ittner,C.D.,&Larcker,D.F.1998.AreNonfinancialMeasuresLeadingIndicatorsof
FinancialPerformance?AnAnalysisofCustomerSatisfaction.Journalof
AccountingResearch,36:1–35.
KPMG.2009.Enquêtesurlacriminalitééconomique2009,GlobalEconomicCrime
Survey.
https://www.pwc.ch/user_content/editor/files/publ_adv/pwc_global_economi
c_crime_survey_09_ch_f.pdf,August5,2014.
KPMG.2012a.AuditCommitteeInstitute,Outil11:indicateursd’alerte.
https://www.kpmg.com/FR/fr/AuditCommitteeInstitute/Documents/Fiches_O
utils_ACI_11.pdf,August5,2014.
KPMG.2012b.Lafraudedansleprocessusd’approvisionnement.
http://www.kpmg.com/ca/fr/topics/at‐risk‐magazine/pages/procurement‐
fraud‐are‐you‐prepared.aspx,August5,2014.
KPMG.2013a.Wirtschaftskriminalität:Deutschland,Österreich,SchweizimVergleich.
http://www.kpmg.com/CH/de/Library/Articles‐
Publications/Documents/Advisory/ch‐pub‐20130313‐wirtschaftskriminalitaet‐
de.pdf,October28,2015.
Page 23
-23-
KPMG.2013b.Astrusinsights.KPMG'sanalysisofthird‐partyintegrityrisks.
https://www.kpmg.com/Global/en/IssuesAndInsights/ArticlesPublications/Do
cuments/astrus‐insights.pdf,October28,2015.
Mauléon,F.2007.Lacommunicationextrafinancièrecommenouvelleformede
l’éthiquedel’entreprise.
http://quoniam.info/competitive‐
intelligence/PDF/PhDs_Guidance/PhD_Fabrice_Mauleon.pdf
Ouaniche,M.2009.Lafraudeenentreprise :Commentlaprévenir,ladétecter,la
combattre.Paris:Maxima.
Peter,H.,&Jaquemet,G.,2014.CorporateSocialResponsibility,Analysedesrapports
2013desdixplusgrandessociétésduSMI.L’Expert‐Comptablesuisse,2014|11:
1027‐1037.
Pons,N.2006.Colsblancsetmainssales.Economiecriminelle,moded’emploi.Paris:
OdileJacob.
Pons,N.,&Berche,V.2009.Arnaques:lemanuelanti‐fraude.Paris:CNRS.
PwC.2011a.Cybercrimeinthespotlight,SwissEconomicCrimeSurvey2011.
http://www.pwc.ch/user_content/editor/files/publ_adv/pwc_global_economic_
crime_survey_11_CH_e.pdf,August5,2014.
PwC.2011b.Lafraudeenentreprise :tendancesetrisquesémergents,6eédition
GlobalEconomicCrimeSurvey2011.
https://form.pwc.fr/dev/formulaire_pwc_publication/formulaire_pwc_publicati
on_1.0.0/index.php?id=3932,August5,2014.
Page 24
-24-
PwC.2014a.Economiccrime:Athreattobusinessglobally,GlobalEconomicCrime
Survey2014.https://www.pwc.com/gx/en/economic‐crime‐
survey/downloads.jhtml,July28,2014.
PWC.2014b.Lafraudecontinueàêtreunevraiemenacepourlesentreprises.
http://www.pwc.fr//assets/files/pdf/2014/02/pwc_etude_fraude2014_fr.pdf
Rapportdedroitcomparé.Mécanismesdediligenceenmatièrededroitsdel'hommeet
d'environnementenrapportaveclesactivitésd'entreprisessuissesàl'étranger.
Rapportrédigéenexécutiondupostulat12.3980.2mai2014.
http://www.ejpd.admin.ch/content/dam/data/bj/aktuell/news/2014/2014‐
05‐28/ber‐apk‐nr‐f.pdf,October29,2015.
Singleton,T.W.,&Singleton,A.J.2006.Fraudauditingandforensicaccounting(3rd
ed.).Hoboken,NJ:Wiley.
Sterchi,W.,Mattle,H.,&Helbling,M.2014.PlancomptablesuissePME.Lausanne:LEP,
LoisirsetMont‐sur‐Lausanne.
Zimbelman,M.F.,&Albrecht,C.C.2011.Forensicaccounting(4thed.,International
ed.).Mason,OH,etc.:South‐Western/CengageLearning.