ACFE CFE-Fraud-Prevention-and-Deterrence Certified Fraud Examiner - Fraud Prevention and Deterrence Exam Exam Practice Test

COSO Definition of Internal Control:

COSO defines internal control as a process executed by an entity’s board, management, and personnel to provide reasonable assurance about achieving objectives in operations, reporting, and compliance.

Analysis of Options:

A. Corporate compliance: Corporate compliance focuses on adhering to laws and regulations, not the broader operational objectives.

B. Fraud risk management: This is a component of internal control, not its definition.

C. Risk assessment: This is a step within the internal control process but not the overarching process.

D. Internal control: Matches the COSO definition accurately.

Conclusion:Internal control is the correct answer as defined by COSO.

References:COSO Internal Control Framework documentation​​.

Proactive Fraud Auditing Procedures:

Analytical reviews are effective for identifying large or unusual trends and anomalies, not necessarily small frauds.

Other tools, such as detailed transaction testing, are better suited for uncovering small frauds.

Analysis of Other Options:

A. Element of surprise: A key feature of fraud audits.

C. Fraud assessment questioning: Valid as part of the audit process.

D. Management’s intentions: Proactive procedures signal a strong stance against fraud.

Conclusion:Option B is false because analytical reviews are better at detecting significant anomalies rather than small frauds.

References:ACFE materials on fraud auditing techniques​​.

 ISSAI Standards:

The International Standards of Supreme Audit Institutions (ISSAI) require government auditors to consider fraud and abuse during financial audits. Abuse includes improper use of authority or resources, which may not always meet the legal threshold of fraud but still warrants attention.

 Expanded Audit Scope:

Unlike private-sector audits, public-sector audits often have broader objectives, requiring vigilance for misuse of public funds and resources.

 Why A is Correct:

Staying alert to abuse ensures comprehensive accountability, aligning with ISSAI's objectives​​.

Rational Choice Theory Overview:

This theory asserts that individuals make conscious decisions to commit crimes after weighing the costs (risk of detection and punishment) and benefits.

Why D is Correct:

Rational choice theory aligns with strategies to deter crime by reducing opportunities and increasing personal risks.

Why Other Options are Incorrect:

A (Differential association theory): Explains crime as learned behavior.

B (Routine activities theory): Focuses on environmental factors.

C (Justification of action theory): Not a recognized criminological theory​​.

References for All Questions:

ACFE Code of Professional Ethics and Fraud Examination Guide​​.

Criminological theories and governance frameworks in fraud prevention​​.

Case studies on indirect fraud costs and ethical decision-making​​.

Impact of Specialized Departments on Fraud Risk:While specialization improves operational efficiency, it can also create silos, reducing oversight and coordination. This fragmentation may increase the overall fraud risk.

Key Considerations:

Fraud often occurs in areas where controls and communication are weak. Specialized departments may inadvertently facilitate fraud by isolating information.

Cross-departmental collaboration and centralized controls are essential to mitigate these risks.

Conclusion:The existence of many specialized departments increases the risk of fraud if not properly managed.

References:ACFE recommendations on risk management and departmental coordination​​.

The Treadway Commission emphasizes improving internal controls, which include strengthening the internal audit function. Providing adequate resources and authority to the internal audit function ensures that it operates independently and effectively, which is critical for preventing and detecting fraud. The internal audit function can evaluate financial reporting systems, detect irregularities, and provide valuable recommendations for improvement. This recommendation aligns with the goal of reducing fraud and ensuring reliable financial reporting.

​

=================

CFEs must act ethically and responsibly when handling sensitive information. Eliece should inform Jewel that she will try to maintain confidentiality but must adhere to professional and ethical obligations, which may require disclosing the information to appropriate parties such as her employer or relevant authorities. This balanced response encourages transparency while maintaining ethical standards.

=================

Steve Albrecht's Research on Fraud Motivation:

Personal factors like "living beyond their means" are commonly cited as a driver of fraudulent behavior.

Organizational factors, such as excessive trust in key employees, create opportunities for fraud by reducing oversight and enabling unethical behavior.

Analysis of Options:

A. High personal debt: This can be a motivator, but it is less common than "living beyond their means."

B. Revenge: Rarely a primary driver of fraud.

D. Desire for recognition: This may motivate some individuals, but it is not as prevalent as financial pressure and opportunity.

Conclusion:Option C reflects the most common personal and organizational factors motivating fraudsters.

References:ACFE's Fraud Triangle and findings from Albrecht's research on fraud motivation​​.

Analysis of Each Scenario:

A. Rodrigo: Reporting unrelated findings without a clear mandate violates principles of focus and relevance under the ACFE Code.

B. Vivian: Overlooking evidence demonstrates a lack of due diligence and professionalism.

C. Tom: Complying with a court order is permissible, but failure to safeguard client confidentiality before receiving the order constitutes a breach.

Ethical Standards:

Each scenario demonstrates a failure to meet the ethical and professional responsibilities outlined in the ACFE Code.

Conclusion:All scenarios represent violations of the ACFE Code of Professional Ethics.

References:ACFE Code of Professional Ethics, particularly diligence and confidentiality provisions​​.

Purpose of Anti-Fraud Education:

Education is most effective when employees understand the real consequences of fraud. Providing examples of prior incidents reinforces the importance of compliance.

Analysis of Other Options:

A. Include detection procedures: While this can increase awareness, it risks exposing sensitive controls.

C. Restricting to formal mechanisms: Education should be flexible and incorporate informal, ongoing messaging.

D. Executives and professionals only: While they play an essential role, education should engage employees at all levels.

Conclusion:Including examples of prior misconduct effectively conveys the seriousness of fraud prevention.

References:ACFE best practices for fraud education programs​​.

Purpose of a Code of Conduct:

A professional code of conduct serves as a guideline for ethical behavior, provides benchmarks for decision-making, and facilitates enforcement within the profession.

It does not replace the personal responsibility to exercise individual judgment and consult one's conscience.

Analysis of Other Options:

B, C, and D: These accurately describe the purposes of a professional code of conduct.

Conclusion:The code of conduct does not eliminate the need for personal ethical reflection, making Option A incorrect.

References:ACFE and other professional ethics codes​​.

ACFE research consistently shows that tips are the most common method for detecting occupational fraud. Organizations often rely on whistleblowing mechanisms such as hotlines to encourage employees and other stakeholders to report suspected fraud, which makes tips the most effective fraud detection tool.

=================

G20/OECD Principles Overview:

The G20/OECD Principles of Corporate Governance are international guidelines aimed at enhancing economic efficiency and promoting stable financial systems.

Equitable Treatment of Shareholders:

The principles stress fairness and the protection of all shareholders' rights, particularly minority shareholders, ensuring they are treated equally.

Why D is Correct:

Equitable treatment is a fundamental tenet of the Principles, which strive to maintain trust and integrity in governance practices across jurisdictions​​.

References for All Questions:

ACFE Fraud Examination Standards​​.

ISA Standards and International Corporate Governance Best Practices​​.

G20/OECD Principles of Corporate Governance​.

Integration of Fraud Risk Assessment in Audits:

The fraud risk assessment provides valuable input but does not replace the auditor’s independent responsibility to identify and assess fraud risks.

Why B is Correct:

Professional auditing standards require auditors to perform their own risk assessments, and the fraud risk assessment is only a tool to enhance this process.

Why Other Options are Correct:

A, C, and D reflect appropriate uses of fraud risk assessments in the audit process, such as increasing awareness and designing effective audit tests​​.

References for All Questions:

ACFE Code of Professional Ethics and Fraud Examination Guide​​.

COSO frameworks for corporate governance and fraud risk management​​.

Standards for incorporating fraud risk assessments into the audit process​​.

Objectives of a Fraud Risk Management Program:

A. Proactively identifying fraud risks: A fundamental goal is to identify and assess potential fraud risks to implement preventative measures.

B. Limiting the damage caused by fraud occurrences: Programs should have mechanisms in place to detect and respond to fraud promptly to minimize harm.

C. Punishing fraud perpetrators: Punishment serves as both a deterrent and a means of reinforcing the organization's commitment to ethical behavior.

Comprehensive Objective Coverage:

Effective fraud risk management includes preventative, detective, and corrective measures.

Conclusion:All the listed objectives are essential components of a fraud risk management program.

References:ACFE guidelines on designing and implementing fraud risk management programs​​.

Communication of Fraud Risk Assessment Process:Effective communication ensures that employees understand the objectives and importance of the fraud risk assessment process. The following practices contribute to its success:

A. Personalization: Personalized communication increases engagement by making the information relevant to employees' roles and responsibilities.

B. Appropriateness to Culture: Aligning the communication format with the organization's culture ensures clarity and resonance.

C. Visibility: Disseminating communication broadly reinforces its significance and encourages widespread participation.

Why All Options are Correct:

Fraud risk assessments require buy-in and participation across all levels of the organization. Combining personalization, cultural alignment, and visibility creates an effective communication strategy.

Conclusion:All three practices—personalization, cultural appropriateness, and visibility—are critical for effective communication.

References:Best practices for fraud risk communication as outlined in ACFE fraud risk management guides​​.

This scenario is an example of punishment. Punishment involves introducing a consequence (in this case, the loss of responsibility for cross-departmental projects) to discourage undesirable behavior. The manager uses this approach to address Devon’s negative attitude and to promote better cooperation with other departments in the future.

=================

Findings from the 2020 Report to the Nations:

A. Complaints about management: Not the most common red flag; lifestyle changes, such as living beyond means, are more common.

B. Gender of fraudsters: The report consistently shows that men commit more occupational frauds than women.

C. Median losses by executives vs. staff: Losses caused by executives are significantly higher.

D. Past offenses: Most fraudsters do not have a prior fraud-related disciplinary history.

Conclusion:Option B aligns with the findings of the 2020 Report to the Nations.

References:2020 ACFE Report to the Nations​​.

 Principle Overview:

Responsibility pertains to the duty of an organization to act in the best interest of society, ensuring sustainable and ethical practices that benefit all stakeholders, including employees, customers, and the environment.

 Corporate Governance Definition:

Corporate governance frameworks emphasize corporate responsibility as a key pillar for maintaining societal trust and long-term value creation.

 Why Responsibility is Correct:

While transparency, fairness, and accountability are essential, responsibility uniquely emphasizes societal interests and ethical conduct​​.

Focus of Risk Management:

Risk management seeks to balance the organization's risk appetite (the level of risk it is willing to accept) with its ability to achieve objectives.

Why D is Correct:

Effective risk management aligns the organization's risk tolerance with its strategic and operational goals to ensure sustainability and success.

Why Other Options are Incorrect:

A, B, and C: While internal controls, regulatory requirements, and resources are critical, the primary balance is between risk appetite and objectives​​.

References for All Questions:

ACFE Fraud Examination Guide and Risk Management Best Practices​​.

COSO frameworks for internal controls and fraud risk management​​.

Industry guidance on effective deterrence and governance practices​​.

Key Elements of an Ethics Program:

An effective ethics program involves assessing existing issues, such as ethical leadership gaps, and designing policies and practices to address them.

Analysis of Other Options:

A. Restricted access: Ethics policies should be accessible to external parties, including stakeholders, to enhance transparency.

C. Written policy alone: A written policy is insufficient without ongoing communication, training, and leadership support.

D. All of the above: Incorrect because options A and C are not true.

Conclusion:Considering existing ethical leadership issues is critical when designing an effective ethics program.

References:ACFE materials on ethics program design and implementation​​.

Purpose of Anti-Fraud Controls:

Preventive controls deter fraud before it occurs, making them the primary focus of an effective anti-fraud program.

Detective controls identify fraud after it has occurred, serving as a secondary line of defense.

Analysis of Options:

A. Fully eliminates risk: No system can fully eliminate fraud risk.

B. Focus on detective controls: Less effective than prevention.

D. Increases perception of detection: Important but not the primary focus.

Conclusion:An effective anti-fraud system emphasizes preventive controls.

References:ACFE guidance on fraud control systems​​.

Ethical Responsibilities of a CFE:

Under the ACFE Code of Professional Ethics, a Certified Fraud Examiner has the responsibility to report all relevant findings honestly and comprehensively, even if no fraud is identified.

Rule 2 states that CFEs must "perform all professional engagements with due diligence" and report any material findings.

Expressing Opinions on Deficient Controls:

CFEs are expected to provide constructive recommendations, including noting control deficiencies that could lead to fraud or operational risks.

Failing to express an opinion on deficiencies would not align with professional standards of diligence and full disclosure.

Conclusion:Black is permitted, and indeed encouraged, to express his professional opinion on the deficient controls as part of his ethical obligations.

References:ACFE Code of Professional Ethics, specifically rules related to diligence and full disclosure​​.

Fraud Reporting Program Best Practices:

Ensuring anonymity encourages employees to report fraud without fear of retaliation. This enhances the effectiveness of the reporting program.

Why D is Correct:

Communicating confidentiality builds trust and increases participation in the fraud reporting program.

Why Other Options are Incorrect:

A: Fraud risks are not limited to organization size.

B: Restricting reports to immediate supervisors may create barriers.

C: Holding employees accountable for unsubstantiated tips discourages reporting.

References:

ACFE’s recommendations for successful fraud reporting systems emphasize confidentiality and employee trust​​.

References for All Questions:

ACFE Fraud Examination Guide​​.

COSO framework and ISA auditing standards​​.

Industry best practices for fraud prevention, governance, and due diligence​​.

COSO Definition of Internal Control:

COSO defines internal control as a process enacted by an entity's board, management, and personnel to provide reasonable assurance regarding objectives in operations, reporting, and compliance.

Analysis of Options:

A. Operational risk assessment: A component of internal control, not the overall process.

C. Fraud risk management: Focuses specifically on fraud risks, a subset of internal control.

D. Financial reporting: A specific objective addressed by internal control.

Conclusion:The correct answer is internal control, as defined by COSO.

References:COSO Internal Control—Integrated Framework​​.

Diane Vaughan’s Research:

Vaughan highlights that linking employee performance goals with company goals can create undue pressure, fostering an environment where unethical behavior becomes rationalized.

Analysis of Other Options:

A. Diversity in hiring: Encourages broader perspectives and does not inherently lead to crime.

B. Rewarding challenges to the status quo: Promotes innovation and integrity, reducing crime risk.

Conclusion:Management’s linking of performance goals with company goals is the factor most associated with increased crime inclination.

References:ACFE criminological studies and Diane Vaughan’s findings​​.

Implications of Management Manipulation:

Intentional manipulation, even if quantitatively immaterial, raises concerns about the reliability of management representations and the integrity of audit evidence.

Why Option A is Correct:

Reassessing the reliability of previously obtained evidence ensures that the auditors address potential biases or systemic issues arising from management's actions.

Analysis of Other Options:

B. Withdrawing from the audit: Premature unless the issue is pervasive.

C. Legal definition of fraud: Auditors are not required to meet this threshold for assessing evidence.

D. Quantitative materiality: Misstatements can be qualitatively material if they indicate intentional manipulation.

Conclusion:The auditors must reconsider the reliability of evidence due to the qualitative implications of management's actions.

References:Auditing standards and ACFE guidance on assessing audit evidence reliability​​.

Corporate Governance in Multinational Corporations:

Multinational corporations must adhere to the legal, regulatory, and governance frameworks of each jurisdiction in which they operate. These frameworks may vary significantly across countries.

Why Other Options are Incorrect:

B: There is no Universal Corporate Governance Act applicable globally.

C: G20/OECD Principles provide guidelines but are not mandatory compliance requirements.

D: Operating in multiple jurisdictions increases governance complexity, but does not exempt corporations from compliance.

Why A is Correct:

It reflects the reality of multinational operations, where governance compliance must align with local laws and regulations​​.

References for All Questions:

ACFE and Treadway Commission fraud prevention guidelines​​.

ISSAI standards and international governance principles​​.

COSO framework and legal requirements for multinational corporations​​.

Purpose of the Task:

The team seeks candid feedback on ethical tone, which requires a confidential and direct interaction method.

Comparison of Techniques:

A. Interviews: Effective for obtaining one-on-one feedback in a private setting.

B. Focus groups: Group dynamics may inhibit candid responses due to peer pressure.

C. Anonymous feedback mechanisms: These provide insights but lack the depth and follow-up opportunities of interviews.

D. Surveys: While useful for broad input, surveys are less effective for detailed exploration of ethical tone.

Conclusion:Interviews are the most helpful technique for gathering one-on-one candid feedback.

References:ACFE guidance on fraud risk assessments and effective data collection methods​​.

Understanding Behaviorism and Punishment:

Behaviorists like B. F. Skinner argue that punishment temporarily suppresses undesired behaviors rather than eliminating them.

Once the punitive stimulus is removed, the behavior is likely to reappear unless it is replaced with a more desirable behavior through reinforcement.

Analysis of Options:

B. Permanently suppressed: This contradicts the principles of behaviorism, as punishment alone does not permanently modify behavior.

C. Occur more frequently: Punishment typically decreases behavior temporarily.

D. Not affected by punishment: Punishment impacts behavior, but the effect is often temporary.

Conclusion:The most likely outcome is that the behavior will return once the punishment ceases.

References:ACFE resources on behavioral psychology and fraud prevention strategies​​.

 Deterrence Theory in Criminology:

This theory posits that crime can be prevented by making the potential consequences severe enough to deter individuals from offending. It emphasizes the certainty, severity, and swiftness of punishment.

 Why A is Correct:

The threat of criminal sanctions is a cornerstone of deterrence theory, designed to reduce crime by increasing the perceived risks and consequences.

 References:

Criminological studies and fraud deterrence strategies emphasize the effectiveness of deterrence in reducing criminal behavior​​.

 Definition of Organizational Crime:

Organizational crime refers to illegal actions committed by a corporation or individuals acting on behalf of the organization to benefit the corporation or its leaders.

Examples include antitrust violations, environmental crimes, and fraudulent financial reporting.

 Why B is Correct:

A price-fixing scheme involves collusion among companies to manipulate prices, a clear example of organizational crime designed to benefit the involved corporations.

 Why Other Options are Incorrect:

Options A, C, and D represent individual crimes for personal gain, not organizational crimes​​.

 ACFE Code of Professional Ethics:

CFEs must act with integrity and report material fraud findings to the appropriate authority within the organization.

 Why A is Correct:

Informing the board of trustees ensures that those responsible for governance can take appropriate action. Reporting to law enforcement (option B) may breach contractual obligations unless legally required.

 Why Other Options are Incorrect:

B: Reporting to law enforcement may overstep Daniela’s authority as an independent investigator.

C: Not disclosing the information violates ethical responsibilities.

D: Resignation avoids responsibility and does not fulfill ethical obligations​​.

Tone at the Top:

Management must set a strong example by adhering to the same ethical standards as employees.

Visible adherence builds trust and reinforces an anti-fraud culture.

Analysis of Other Options:

A. Checklist of initiatives: Helpful but insufficient by itself.

B. Dissuading challenges: This is counterproductive, as it discourages transparency and accountability.

D. All of the above: Incorrect, as Option B is detrimental to an anti-fraud culture.

Conclusion:Visibly adhering to ethics policies is the most effective action.

References:ACFE resources on fostering an ethical organizational culture​​.

Reporting Fraud Risk Assessment Results:

Reports should align with the organization's operational language to ensure comprehension by management and stakeholders.

Why A is Correct:

Using business-appropriate language ensures effective communication of findings and recommendations.

Why Other Options are Incorrect:

B: Comprehensive details may overwhelm the audience; only key findings are usually reported.

C: Reports should reflect objective analysis, not subjective perspectives​​.

nti-Fraud Policy Components:

A robust anti-fraud policy should provide clear definitions and examples of fraud and misconduct to ensure employees understand what constitutes unacceptable behavior.

Specific examples make investigations and enforcement more consistent and defensible.

Analysis of Option B:

Avoiding specific examples creates ambiguity, which can hinder enforcement and increase legal risks when discharging employees.

Properly vetted examples, reviewed with legal counsel, help ensure compliance with legal standards.

Conclusion:Option B is false because including examples of fraud and misconduct strengthens the anti-fraud policy.

References:ACFE guidance on anti-fraud policies and employee misconduct​​.

 Definition of Focus Groups:

Focus groups involve small groups of individuals discussing a specific topic under the guidance of a facilitator. This technique is used to gather qualitative insights through direct interaction and observation.

 Why A is Correct:

Observing employee interactions during a focus group provides rich, contextual data about attitudes, understanding, and engagement with fraud awareness training.

 Why Other Options are Incorrect:

B (Surveys): Collect quantitative data but lack interaction and observational opportunities.

C (Anonymous feedback mechanisms): Useful for confidentiality but do not allow observation.

D (Interviews): Individualized and do not involve group dynamics​​.

 CFE Ethical Responsibilities:

As per the ACFE Code of Professional Ethics, fraud examiners must ensure transparency in their professional conduct. They cannot promise confidentiality if the information must be disclosed to management or other authorities as part of the investigation.

 Why D is Correct:

Agreeing to confidentiality in this situation would breach ethical and legal obligations, especially if the information pertains to fraud or misconduct that the organization needs to address.

 Why Other Options are Incorrect:

A and B: Attempting to maintain confidentiality is misleading and unprofessional.

C: Taking the request directly to management without clarification could breach trust prematurely​​.

 COSO Internal Control Framework Components:

The five components are:

Control Environment

Risk Assessment

Control Activities

Information and Communication

Monitoring Activities

 Why C is Correct:

Independent oversight, while important in governance, is not explicitly listed as one of the five COSO components. It may relate to broader governance structures but is not a core component of the internal control framework.

 References:

COSO Internal Control–Integrated Framework​​.

McCaghy's Perspective on Organizational Deviance:Criminologist Charles McCaghy identified regulatory pressure as a significant factor influencing organizational deviance. Excessive or poorly implemented regulations can lead companies to cut corners or engage in fraudulent behavior to remain competitive.

Supporting Analysis:

Regulatory pressure can create a perception that compliance is too costly or burdensome, leading to unethical practices.

This aligns with the concept of "strain theory," where organizations under pressure may resort to deviance.

Conclusion:McCaghy's assertion that regulatory pressure is a key driver of organizational deviance is accurate.

References:ACFE study materials on regulatory challenges and organizational fraud​​.

Impact of Reporting to Law Enforcement:

Reporting fraud incidents to law enforcement demonstrates a zero-tolerance approach, acting as a deterrent to potential fraudsters.

It also ensures that perpetrators face legal consequences, discouraging others from engaging in fraudulent activities.

Prevention Mechanism:

The public nature of such actions signals organizational commitment to ethics and integrity, enhancing its reputation and strengthening internal controls.

Supporting References:

ACFE guidelines advocate for reporting fraud to appropriate authorities as part of an effective fraud prevention strategy​​.

 Internal Auditors' Role in Fraud Risk Management:

Internal auditors evaluate management’s commitment to overseeing and addressing fraud risks as part of their assurance role.

 Why A is Correct:

Oversight of fraud risk management is a management responsibility, and internal auditors assess whether this responsibility is effectively retained and executed.

 Why Other Options are Incorrect:

B: Reporting to regulators is not a core responsibility of internal auditors.

C: Internal auditors provide evaluation, not direct oversight.

D: Attesting financial statement accuracy is the responsibility of external auditors, not internal auditors​​.

Understanding Compliance Theory:

Compliance theory emphasizes preventing crime through incentives for voluntary adherence to laws and proactive administrative measures.

By addressing potential violations early, compliance theory aims to deter criminal behavior before it occurs.

Application of the Theory:

Examples include economic benefits for following regulations and monitoring mechanisms to identify early signs of noncompliance.

Conclusion:The statement accurately describes compliance theory.

References:Criminological theories as outlined in ACFE study materials​​.

Defining Fraud Risk Management Objectives:

Management should focus on tailoring objectives to the organization's needs, examining past fraud incidents, and balancing costs with benefits. Assigning a quantitative measure to risk appetite, while potentially useful, is not a requirement for effective fraud risk management.

Analysis of Options:

A. Examining previous frauds: This helps identify vulnerabilities and design controls.

B. Balancing costs and benefits: Essential to ensure the program's efficiency and feasibility.

D. Tailoring objectives: Necessary for aligning the program with organizational goals.

Conclusion:Option C is false because assigning a quantitative measure to risk appetite is not mandatory in defining fraud risk management objectives.

References:ACFE materials on fraud risk management program design and implementation​​.

Findings from the 2020 Report to the Nations:

Asset misappropriation: Most common form of occupational fraud (e.g., theft of cash or inventory). It is frequent but less costly.

Financial statement fraud: Most costly, involving significant manipulation of financial data.

Analysis of Options:

A. Asset misappropriation; corruption: Corruption is less costly than financial statement fraud.

B. Corruption, asset misappropriation: Incorrect order and does not match the costliest scheme.

C. Financial statement fraud; corruption: Incorrect pairing.

Conclusion:Asset misappropriation is most common, and financial statement fraud is most costly.

References:2020 ACFE Report to the Nations on Occupational Fraud and Abuse​​.

 Definition of Corporate Governance:

Corporate governance establishes the framework for decision-making and accountability within an organization. It includes roles, rights, and responsibilities of stakeholders such as the board, management, and shareholders.

 Why D is Correct:

The governance structure formalizes the distribution of roles and ensures clarity in accountability and oversight.

 Why Other Options are Incorrect:

A: Fraud risk management supports governance but is not its foundation.

B: Governance encompasses more than financial reporting accuracy.

C: Governance practices are essential even when owners are setting strategy​​.

Three General Approaches to Controlling Corporate Crime:

Government Intervention: Strong regulations and enforcement to ensure accountability.

Voluntary Corporate Changes: Encouraging ethical practices through organizational policies.

Consumer Action: Pressure from consumers demanding corporate responsibility.

Why D is Incorrect:

Media blacklisting is not a formal or systematic approach to controlling corporate crime. It is a consequence rather than a preventive or corrective measure.

References:

ACFE and corporate governance frameworks emphasize formal mechanisms like government intervention and organizational self-regulation​​.

 Fraud Risk Management Program Requirements:

A fraud risk management program includes mechanisms to detect and respond to noncompliance, sanctions for violations, and measures to address control failures.

 Why B is Incorrect:

Responsibility for handling suspected incidents should remain within the organization, typically assigned to compliance officers or internal audit teams. Delegating it to external parties undermines internal governance.

 Why Other Options are Correct:

A, C, and D describe essential elements of a fraud risk management program, including monitoring, sanctions, and corrective measures for anti-fraud controls​​.