What are the types of frauds possible in credit sales? How should the auditor proceed to investigate such frauds?

 

Answer:

Types of frauds possible in credit sales

1. Application Fraud

Application fraud generally happens in conjunction with identity theft. It happens when other people apply for credit or a new credit card in your name. They will usually first steal supporting documents, which are then used to substantiate their fraudulent application. Banks have various safeguarding measures in place to stop this type of fraud from happening. The most important one is requiring original documentation only. Additionally, they will often telephone employers to confirm identity. Unfortunately, criminals will frequently forge documents and provide false telephone numbers for places of employment. Unfortunately, there are always ways around certain safeguarding measures.

2. Electronic or Manual Credit Card Imprints

A second form of credit card fraud is experienced through credit card imprints This means that somebody skims information that is placed on the magnetic strip of the card. This is then used to encode a fake card or to complete fraudulent transactions.

3. CNP (Card Not Present) Fraud

If somebody knows the expiry date and account number of your card, they can commit CNP fraud against you. This can be done through phone, mail or internet. It essentially means that somebody uses your card without actually being in physical possession of it. More and more and often, merchants will require the card verification code, making CNP fraud slightly more difficult, but if a fraudster can get your account number, they probably know that number too. Additionally, there are only 999 possible combinations for the verification code. As such, many criminals attempt to order items of very low amounts until they figure out the right number. Be on the lookout, therefore, for small payments on your statements.

4. Counterfeit Card Fraud

Counterfeit card fraud is usually committed through skimming. This means that a fake magnetic swipe card holds all your card details. This fake strip is then used to create a fraudulent card that is fully functional. Essentially, it is an exact copy, which means fraudsters can simply swipe it in a machine to pay for certain goods. This type of fraud can also be committed by someone who knows your card details. They can use this information to create a so-called 'fake plastic'. Here, the magnetic strip or the chip on the card doesn't actually work. However, it is often easy enough to convince a merchant that there is something wrong with the card, at which point they will enter the transaction by hand.

5. Lost and Stolen Card Fraud

The next possible type is lost and stolen card fraud. Here, your card will be taken from your possession, either through theft or because you lost it. The criminals who get their hands on it will then use it to make payments. It is difficult to do this through machines, as they will require a pin number. However, it is easy enough to use a found or stolen card to make online purchases. It is for this reason that it is vital that you cancel your cards as soon as you realize they are missing.

6. Card ID Theft

Card ID theft happens when the details of your card become known to a criminal, and this information is then used to take over a card account or open a new one. Your name will be used for this. This is one of the most difficult types of fraud to identify and to recover from, because it can take a long time before you even know that it has happened.

7. Mail Non-Receipt Card Fraud

This type of fraud is also known as never received issue or intercept fraud. In this case, you were expecting a new card or replacement one and a criminal is able to intercept these. The criminal will then register the card and they will use it to make purchases and more.

8. Assumed Identity

With assumed identity fraud, a criminal will use a temporary address and a false name to obtain a credit card. There are a number of systems in place with banks for protection against this type of fraud. For instance, they will ask new customers to provide account references and these will be check to ascertain that they are genuine. Additionally, they could ask for such things as birth certificates, original copies of driver's license or passports and so on. They often ask for these things before they will send a card out.

9. Doctored Cards

A doctored card is a card whereby a strong magnet has erased its metallic stripe. Criminals do this and then manage to change the details on the card itself so that they match those of valid cards. Naturally, this card won't work when a criminal tries to pay for something. However, they will then use their charm to convince a merchant to just enter the details of the card manually.

10. Fake Cards

It takes a lot of time, skill and effort to create fake credit cards, but that doesn't stop a determine criminal. A card has to meet certain complex security features and cards are becoming increasingly advanced, meaning this is much harder to do. There is the magnetic strip, the chip and, often, holograms. However, someone who is skilled can forge this type of cards using fake names and numbers and will make transactions with the card. The card isn't actually linked to an account, so the credit card company will not pay for the transaction since they cannot link it to a specific user. By that time, however, the criminal will be long gone with their purchases.

11. Account Takeover

Account takeover is actually one of the most common forms of credit card fraud. Basically, a criminal will somehow manage to get hold of all of your information and relevant documents. This is usually done online. They will then contact the credit card company and pretend to be you, asking them to change the address. They will provide 'proof' of identity, since they have hacked through or otherwise obtained, your personal details. A replacement card will then be sent to the fake address, and the criminal will be able to make charges.

Auditors' Responsibility for Fraud Detection

Auditors will enter a much expanded arena of procedures to detect fraud as they implement SAS no. 99. The new standard aims to have the auditor's consideration of fraud seamlessly blended into the audit process and continually updated until the audit's completion. SAS no. 99 describes a process in which the auditor (1) gathers information needed to identify risks of material misstatement due to fraud, (2) assesses these risks after taking into account an evaluation of the entity's programs and controls and (3) responds to the results. Under SAS no. 99, you will gather and consider much more information to assess fraud risks than you have in the past.

Professional Skepticism

Reminds auditors they need to overcome some natural tendencies—such as overreliance on client representations—and biases and approach the audit with a skeptical attitude and questioning mind. Also essential: The auditor must set aside past relationships and not assume that all clients are honest. The new standard provides suggestions on how auditors can learn how to adopt a more critical, skeptical mind-set on their engagements, particularly during audit planning and the evaluation of audit evidence.

New Requirement: Discussion among Engagement Personnel

Requires the audit team to discuss the potential for a material misstatement in the financial statements due to fraud before and during the information-gathering process. This required "brainstorming" is a new concept in auditing literature, and early in the adoption process firms will need to decide how best to implement this requirement in practice. Keep in mind that brainstorming is a required procedure and should be applied with the same degree of due care as any other audit procedure.