CERTIFIED FORENSIC FRAUD EXAMINER (CFFE)
MODULE ONE
FRAUD AND CORRUPTION SCHEMES
MONDAY: 2 December 2024. Afternoon Paper. Time Allowed: 3 hours.
This paper consists of one hundred (100) Multiple Choice Questions. Answer ALL questions indicating the letter (A, B, C or D) that represents the correct answer. Each question is allocated one (1) mark.
1. Which one of the following statements is ACCURATE in regard to the fraudulent effect of recognising fictitious revenue?
A. Expenses are understated and revenue is overstated
B. Revenue is understated and receivables are understated
C. Revenue is understated and receivables are overstated
D. None of the above (1 mark)
2. Which one of the following statements is ACCURATE in regard to the effects of omission of expenditure in the financial statements?
A. Expenses are understated and liabilities are overstated
B. Expenses are overstated and liabilities are understated
C. The current ratio is inflated
D. The current ratio is understated (1 mark)
3. Which one of the following occupation fraud is an off book fraud?
A. Embezzlement of funds
B. Ghost employees scheme
C. Personal purchase billing scheme
D. Multiple expenses (1 mark)
4. Which one of the following is a fraud scheme that is associated with writing off bad debts?
A. Improper asset valuation
B. Overstating receivables
C. Inadequate provision of bad and doubtful debts
D. None of the above (1 mark)
5. Which one of the following fraud schemes is associated with improper recognition of revenue?
A. Failure to write off bad debts
B. Recording receivables as revenue
C. Improper valuation of receivables
D. Recording long term contract revenue in the current financial year (1 mark)
6. Which one of the following is the MOST effective detection method of corrupt payments?
A. Focus at the point of payment
B. Focus at the point of receiving
C. Conducting a forensic audit
D. None of the above (1 mark)
7. Which one of the following statements is ACCURATE in regard to the main objective of collusion among vendors and contractors in a competitive procurement process?
A. Increase the cost of the bids
B. Suppress the bids
C. Rotate the bids
D. Divide the market (1 mark)
8. Which one of the following BEST describes the fraud scheme associated with related party’s transactions?
A. Reporting entities scheme
B. Inadequate disclosure
C. Fraudulent related party’s transactions
D. Changes in accounting principles (1 mark)
9. Which one of the following BEST describes multilevel authentication control?
A. Logical access control
B. Technical control
C. Administrative control
D. Legal control (1 mark)
10. Which one of the following security control is associated with technical security control?
A. Training and awareness
B. Security audit test
C. Incident response plans
D. None of the above (1 mark)
11. Which one of the following basis of accounting should be used to avoid understating expenditure?
A. Proper expenditure recognition basis
B. Accrual basis
C. Cash basis
D. Double entry basis (1 mark)
12. Which one of the following statements is NOT accurate in regard to overstating of profit?
A. Capitalising expenses would result to overstatement of profit
B. Capitalising expenses would not result to overstatement of revenue
C. Omission of expenses would result to overstated profit
D. Failure to write off bad debts would result to overstated profits (1 mark)
13. Which one of the following is NOT an item of the statement of financial position?
A. Receivables
B. Non-current assets
C. Disclosures
D. Payables (1 mark)
14. Which one of the following statements BEST describes an organisation as a going concern?
A. The organisation’s current assets must be more than the current liabilities
B. The organisation current assets must be more than the current liabilities to ensure a positive cash low
C. If the cash flow balances are positive
D. If it is able to meet its immediate financial obligations (1 mark)
15. Which one of the following statements BEST describes complementary bidding?
A. Bidding that involves collusion among bidders
B. Biding that involves submitting shadow bids
C. Biding that involves suppressing the bids
D. None of the above (1 mark)
16. Which one of the following financial ratios could be used to detect fictitious revenue?
A. Ratio analysis
B. Receivable turnover ratio
C. Inventory turnover ratio
D. Vertical analysis (1 mark)
17. Which one of the following is NOT a social engineering scheme?
A. Piggybacking
B. Spearphising
C. Business email compromise
D. Pharming (1 mark)
18. Which one of the following procurement fraud schemes facilitates change orders?
A. Bid tailoring
B. Bid splitting
C. Need recognition
D. Bid specification scheme (1 mark)
19. Which one of the following is a fraud scheme associated with competent bidders sharing a contract?
A. Market division
B. Bid rotation
C. Bid suppression
D. Bid manipulation (1 mark)
20. Which one of the following statements is ACCURATE in regard to narrow bid specification?
A. Narrow bidding compromises competitive bidding
B. Several suppliers can meet the specifications
C. Narrow bidding is effective for competitive bidding
D. None of the above (1 mark)
21. Which one of the following computer risk assessment steps involves identification of risks?
A. The third step of the risk assessment
B. The second step of the risk assessment
C. The first step of the risk assessment
D. The fourth step of the risk assessment (1 mark)
22. Which of the following statements is NOT accurate in regard to bank reconciliation statement in relation to detection of asset misappropriation?
A. Bank reconciliation statements can help to detect fraudulent disbursements
B. Bank reconciliation statements cannot help to detect fraudulent disbursements
C. Bank reconciliation statements cannot help to detect skimming of revenue
D. Bank reconciliation statements can help detect un-deposited receipts (1 mark)
23. Which one of the following accounts would NOT be affected capitalisation of expenditure?
A. Liabilities account
B. Asset account
C. Expenses account
D. None of the above (1 mark)
24. Which one of the following statements is NOT a red flag of misappropriation of inventory?
A. Failure to write off inventory as scrap
B. Decreasing perpetual inventory records to balance with physical inventory balances
C. Writing off inventory to scrap
D. None of the above (1 mark)
25. Which one of the following is a type of security response plan measure?
A. Containment and eradication
B. Log management
C. Data classification
D. Data control (1 mark)
26. Which one of the following parties has the primary responsibility for prevention of financial statement fraud?
A. Management
B. Accountants
C. External auditors
D. The Board (1 mark)
27. Which one of the following statements is ACCURATE in regard to fictitious revenue?
A. Fictitious revenue means overstated revenue
B. Fictitious revenue is revenue that has not been earned
C. Fictitious revenue is revenue that does not exist
D. Fictitious revenue is revenue that relates to last financial year (1 mark)
28. Which one of the following fraud schemes relates to recognising prepaid revenue?
A. Fictitious revenue
B. Understated revenue
C. Fraudulent revenue
D. None of the above (1 mark)
29. Which one of the following is a red flag of concealment of expenditure?
A. Overdue receivables
B. Overstated expenditure
C. Dispropositionate costs
D. Overstated receivables (1 mark)
30. Which one of the following schemes promotes favourable investment returns compared to the rest in the industry?
A. Ponzi investment schemes
B. Pyramid investment schemes
C. Both ponzi and pyramid investments
D. Traditional investments opportunities (1 mark)
31. Which one of the following is NOT a red flag of bid rotation scheme?
A. A pattern of winning bids
B. Competent industry players submit bids each time lower
C. Winning bidder contracts bidders who refrained from bidding
D. None of the above (1 mark)
32. Which one of the following procurement fraud schemes is NOT perpetrated at the solicitation phase of a competitive bidding process?
A. Bid manipulation scheme
B. Bid specification schemes
C. Defective pricing
D. Bid rotation (1 mark)
33. Which one of the following procurement fraud schemes is NOT associated with pre-solicitation process?
A. Bid manipulation scheme
B. Bid tailoring
C. Bid splitting
D. None of the above (1 mark)
34. Which one of the following is NOT an asset misappropriation scheme?
A. Embezzlement scheme
B. Fictitious expenses scheme
C. Shell companies
D. Kickbacks (1 mark)
35. Which one of the following schemes is associated with unrealistic targets?
A. Situational pressure
B. Financial pressure
C. Rationalisation
D. Opportunity (1 mark)
36. Which one of the following fraud schemes involves payment for goods or services not rendered?
A. Embezzlement of funds
B. Misappropriation of funds
C. Misapplication of funds
D. None of the above (1 mark)
37. Which one of the following statements is NOT accurate in regard to the effect on the liquidity ratio?
A. Failure to write off obsolete inventory would inflate the current ratio
B. Omission of expenses would not inflate the current ratio
C. Omission of expenses would overstate the current ratio
D. Failure to write off bad debts would inflate the current ratio (1 mark)
38. Which one of the following statements does NOT describe a purpose of a computer security risk assessment process?
A. Audit computer security risks that make an organisation vulnerable to computer fraud
B. Quantify the impact if the risk is materialised
C. Identify the risks that make an organisation vulnerable to computers and computer systems
D. Establish an economic balance between the impact if the risk materialised and the cost of the resources required (1 mark)
39. Which one of the following financial transactions can inflate revenue?
A. Recording revenue that has been earned but not received
B. Recording revenue that has not been earned but received
C. Matching revenue with the respective expenses
D. Failure to record expenses incurred (1 mark)
40. Which one of the following statements BEST describes the type of control associated with security audits?
A. Logical security controls
B. Administrative controls
C. Administrative and technical security controls
D. Technical security controls (1 mark)
41. Which one of the following is a procurement fraud scheme associated with failure to disclose residue materials?
A. Material mischarges
B. Accounting mischarges
C. Misappropriation of materials
D. Defective pricing (1 mark)
42. Incident response plan related to cybersecurity should be created and implemented at which step?
A. Planning step
B. Containment and eradication step
C. Recovery and follow-up step
D. None of the above (1 mark)
43. Which one of the following transactions would NOT conceal embezzlement of cash?
A. Reducing owners’ equity
B. Creating an expense
C. Decreasing a liability
D. Reducing an asset (1 mark)
44. Which one of the following is the LEAST effective method of detecting receipt of bribes the procuring entity’s employees?
A. Life style audits
B. Interviewing employees
C. Audit tests
D. Integrity tests (1 mark)
45. Which one of the following is the MOST vulnerable billing scheme?
A. Travel and accommodation account
B. Payroll account
C. Personal purchases
D. Printing and stationery (1 mark)
46. Which one of the following entities is likely to be under pressure to inflate revenue in the financial statements?
A. Private company
B. Public listed company
C. Government ministry
D. Limited partnership (1 mark)
47. Which one of the following statements is ACCURATE in regard to calculating liquid ratio?
A. Quick ratio is calculated dividing realisable receivables, cash, bank and financial securities with current liabilities
B. Quick ratio is calculated dividing total receivables, cash, bank and financial securities with current liabilities
C. Quick ratio is calculated dividing total receivables, cash, bank and financial securities with total liabilities
D. Quick ratio is calculated dividing total receivables, inventory, cash, bank, financial securities and current liabilities (1 mark)
48. Which one of the following steps of a risk assessment related to computers and computer systems involve recommendations for counter measures?
A. Sixth step
B. Fourth step
C. Third step
D. None of the above (1 mark)
49. Which one of the following schemes is associated with capitalisation of expenses?
A. Improper asset valuation
B. Overstated assets scheme
C. Improper disclosure
D. Concealed expenses (1 mark)
50. Which one of the following statements is ACCURATE in regard to the second step of risk assessment related to computers and computer systems?
A. Identifying which physical and digital assets need to be protected, is the first step of a risk assessment
B. Determining the value of each asset of a risk assessment related to computers and computer systems is the first step
C. Recommending the counter-measures and other remedial activities is the first step of a risk assessment related to computers and computer systems
D. Identifying the risks and threats of each asset and calculating the probability of each risk materialising, is the first step of a risk assessment (1 mark)
51. Which one of the following steps of a risk assessment involves identifying the assets that need to be protected?
A. The third step of the risk assessment
B. The second step of the risk assessment
C. The first step of the risk assessment
D. The fourth step of the risk assessment (1 mark)
52. Which one of the following schemes BEST describe “pass through scheme”?
A. Conflict of interest
B. Purchases for personal use scheme
C. Shell company scheme
D. Billing scheme (1 mark)
53. Which one of the following is NOT a method of overstating receivables?
A. Failure to write off bad debts
B. Capitalising expenses
C. Recording fictitious acquisition of assets
D. None of the above (1 mark)
54. Which one of the following health care fraud schemes BEST describes a fraudster stealing a health care provider’s identification information and bills a government health care program?
A. Fictitious provider scheme
B. Identity theft scheme
C. Overbilling scheme
D. Unbundling scheme (1 mark)
55. Which one of the following is an item in the statement of profit and loss?
A. Bad debts
B. Receivables
C. Disclosures
D. Payables (1 mark)
56. Which one of the following is NOT a method that research and development personnel could use to divulge confidential information?
A. Discussions in conferences
B. Hiring outside professionals
C. Industry journals articles
D. None of the above (1 mark)
57. Which one of the following is NOT a method that can be used to detect a skimming scheme?
A. Confirming customers current account balances
B. Examining receivable write-offs journals
C. Examining inventory credits journals
D. Observation of any inconsistency in revenue and activities for generating the revenue (1 mark)
58. Which one of the following statements is ACCURATE in regard to broad bid specification?
A. Broad bidding compromises competitive bidding
B. Only a few suppliers can meet the specifications
C. Broad bidding is effective in facilitating competitive bidding
D. None of the above (1 mark)
59. Which one of the following is NOT an example of on-the-book fraud?
A. Fictitious revenue recognition
B. Understanding liabilities
C. Kickback schemes
D. Inflating expenses (1 mark)
60. Which one of the following is NOT a financial statement fraud scheme?
A. Omission of expenditure in the financial statements
B. Failure to disclose a major fraud
C. Recording receivable revenue
D. None of the above (1 mark)
61. According to Dr. Cressy, which one of the following statements represents “Opportunity” as one of the contributing factors of financial statement fraud in an organisation?
A. A sudden decrease in revenue
B. High environmental pressure
C. Inadequate oversight
D. An overly ambitions revenue targets (1 mark)
62. Which one of the following situations creates a conducive environment for insiders within the organisation to perpetrate cyberfraud?
A. Excess privileges granted to users
B. Separation of duties between program developers and program testers
C. Production programs are run during normal business hours
D. End users not having privileges to program source codes (1 mark)
63. Which one of the following is an administrative security control for protecting computer assets from intrusion?
A. Encryption
B. System hardening
C. Firewalls
D. Computer security risk assessments (1 mark)
64. Which one of the following statements BEST describe a fictitious revenue scheme?
A. An organisation recognises all revenue at the beginning of a project for work to be completed in subsequent periods
B. Recognising revenue that has not been received
C. Failure to write off bad debts
D. None of the above (1 mark)
65. Which one of the following departments is MOST vulnerable to bribery and corruption within an organisation?
A. Finance department
B. Procurement department
C. Research and development department
D. Marketing department (1 mark)
66. Which one of the following statements is ACCURATE in regard to bribery?
A. Bribery schemes are more common than all other types of occupational fraud
B. Bribery is the most expensive occupational fraud
C. Bribery can be paid through a loan serviced the bribe payer
D. Corrupt intent is an element of bribery (1 mark)
67. Which one of the following methods of proving corrupt payments is LEAST effective for off book corruption schemes?
A. Turning an inside witness to obtain a testimony
B. Conducting a sting operation to record ongoing transactions
C. Tracing the corrupt payment through audit steps focusing at the point of payment
D. Tracing corrupt payments through audit steps using the of point of suspected receipt (1 mark)
68. Which one of the following describes healthcare fraud scheme in which a doctor prescribes excessive and unnecessary services to patients for financial gain?
A. Fictitious services schemes
B. Unbundling schemes
C. Overutilisation schemes
D. Fictitious provider schemes (1 mark)
69. ABC organisation overvalued the inventory in the financial statements. Which one of the following financial ratios was affected this fraud scheme?
A. Quick ratio
B. Gross margin ratio
C. Current ratio
D. Profit margin ratio (1 mark)
70. Which one of the following is a type of an access control that is both administrative and technical?
A. Firewalls
B. Warning screen
C. Biometrics system
D. Intrusion detection system (1 mark)
71. Which one of the following is the MAIN reason why college students are suitable targets for identity theft?
A. They are less likely to report identity theft
B. They have no credit history
C. They have more available cash
D. They are inexperienced in managing and using credit cards (1 mark)
72. Mark a fraudster creates a fictitious identity combining a person’s real government identification number with a fabricated name and birthdate. Mark then uses the new identity to apply for a credit card.
Which one of the following describes the kind of identity theft scheme?
A. True name fraud
B. Traditional identity theft
C. Synthetic identity theft
D. Account takeover identity theft (1 mark)
73. Which one of the following statements is ACCURATE in regard to criminal identity theft?
A. A fraudster creates a new company with a similar name to an existing business which he uses for fraudulent purposes
B. A fraudster falsely identifies himself as another person to a police officer while being arrested
C. A fraudster uses another person’s identity to file a tax return and obtain a refund from the government
D. A fraudster uses a victim’s personal information to file claims for government disability benefits (1 mark)
74. A purchasing officer at a local NGO convinces management that a beneficiary requires new water tanks which the beneficiary did not need. This type of procurement fraud scheme is known as .
A. conflict of interest
B. need recognition scheme
C. bid manipulation scheme
D. none of the above (1 mark)
75. Which one of the following procurement fraud schemes is present only in the post award and administration phase of the procurement process?
A. Substandard goods or services scheme
B. Leaking bid data scheme
C. Defective pricing schemes
D. Bid splitting (1 mark)
76. Which one of the following statements BEST describes why contractors would suppress bids?
A. To support each other to share the available contracts
B. To inflate the total cost of the contract and share the works
C. To ensure that winning bidder gets a competitive price for the bid
D. None of the above (1 mark)
77. Which of the following frauds is NOT a type of workers’ compensation?
A. Agent fraud
B. Indemnity fraud
C. Premium fraud
D. Claimant fraud (1 mark)
78. At which point should employees NOT be informed about confidential information?
A. Upon being hired
B. During an exit interview
C. When signing a nondisclosure agreement
D. None of the above (1 mark)
79. Which one of the following BEST describes billing separately from subcomponents of a single procedure?
A. Over-coding
B. Double billing
C. Fictitious billing
D. None of the above (1 mark)
80. Which one of the following is NOT a common medical suppliers fraud scheme?
A. Intentionally providing excessive equipment
B. False prescription for medical equipment
C. Billing for equipment rental after it is returned
D. Double billing for medical equipment (1 mark)
81. Which one of the following is NOT a target for affinity fraud scheme?
A. Professional associations
B. Corporations
C. Immigrant groups
D. Member clubs (1 mark)
82. Which one of the following schemes BEST describes payments to individuals who does not work for the organisation?
A. Asset misappropriation scheme
B. Fraudulent disbursement
C. Corruption
D. Overstated expenses (1 mark)
83. Which one of the following is NOT a red flag of fraudulent insurance claims?
A. A theft claim includes a lot of recently purchased property without proof of purchase
B. A fire loss claim does not include family sentimental items
C. The insured has not made many previous insurance claims
D. A claim is made soon after the insurance policy starts (1 mark)
84. Which one of the following statements is ACCURATE in regard to fraud schemes associated with financing linked with large deposits?
A. Unqualified borrowers misrepresent personal credit worthiness, overstate their ability to pay and misrepresent characteristics of a housing unit
B. Borrowers pledge the same collateral with different lenders before liens are recorded without telling the lenders
C. Large deposits are offered to a bank on the condition that loans are made to individuals affiliated with the deposit broker
D. Insiders in different banks cause their banks to lend funds or sell loans to other banks with agreements to buy their loans (1 mark)
85. Which one of the following is a recommended method of recognising revenue on long term projects?
A. Complete-valuation method
B. Percentage-of-completion method
C. Partial-contract method
D. Cost-to-completion method (1 mark)
86. Which one of the following is NOT a recommended step for responding to a cybersecurity incident?
A. Detection and analysis
B. Containment and eradication
C. Planning
D. Preparation (1 mark)
87. The following are best practices for ensuring separation of duties within the information communication technology (ICT) department and business unit personnel, EXCEPT .
A. only programmers should be server administrators
B. ICT departments should not overlap with information user departments
C. end users should not have access to production data outside the scope of their normal job duties
D. program developers should not be responsible for testing programs (1 mark)
88. Which one of the following occupation frauds is an on book fraud?
A. Bribery
B. Conflict of interest
C. Mischaracterised expenses
D. None of the above (1 mark)
89. Which one of the following basis of accounting should be used to avoid understating expenditure?
A. Proper expenditure recognition basis
B. Accrual basis
C. Cash basis
D. Double entry basis (1 mark)
90. Which one of the following statements is NOT accurate in regard to understatement of liabilities in financial statements?
A. Capitalising expenses would result to concealment of liabilities
B. Capitalising expenses would not result to concealment of liabilities
C. Recording fictitious expenses would not result to concealment of liabilities
D. Recording incurred expenses would not result to concealment of liabilities (1 mark)
91. Which one of the following statements describes the fraudulent transaction of capitalisation of expenditure?
A. Credit expenditure account and debit assets account
B. Debit expenditure account and credit assets account
C. Credit expenditure account and debit liabilities account
D. Credit expenditure account and credit account (1 mark)
92. Which one of the following basis of accounting for expenditure would result to understated liabilities?
A. Double entry basis
B. Accrual basis
C. Cash basis
D. Marching principle (1 mark)
93. Which one of the following is NOT a red flag of revenue recognition fraud scheme?
A. Normal revenue growth
B. Rapid growth
C. Negative cash flow balances while reporting profits
D. Rapid profits growth (1 mark)
94. Which one of the following statements is NOT a red flag of bid specifications?
A. Similar or identical procurements from the same supplier in amounts just slightly over the competitive bidding limits
B. Consecutive related procurements from several contractors that are within the competitive-bidding or upper-level review limits
C. Justifiable split purchases that fall under the competitive-bidding or upper-level review limits
D. None of the above (1 mark)
95. Which one of the following statements is ACCURATE in regard to business email compromise social engineering scheme?
A. Business email compromise is a type of phishing
B. Business email compromise is a type of vishing
C. Business email compromise is a type of pharming
D. None of the above (1 mark)
96. Which one of the following statements is ACCURATE in regard to red flags of tailoring bids?
A. Justifiable changes in contract specifications from previous proposals or similar items
B. Good number of competitive bids or awards to several bidders
C. Specifications developed a consultant who is also a bidder
D. None of the above (1 mark)
97. Which one of the following statements is NOT an indicator of bid rigging?
A. Competent bidders refrain from bidding
B. Competent bidders rotate bids
C. Complementary bids
D. None of the above (1 mark)
98. Which one of the following BEST describes data classification as a type of control?
A. Administrative control
B. Technical control
C. Detective control
D. Preventive control (1 mark)
99. Under the IFRS, recognising a long-term project revenue can BEST be described as which one of the following financial statements fraud schemes?
A. Fictitious revenue scheme
B. Improper revenue recognition
C. Overstated revenue scheme
D. None of the above (1 mark)
100. Which one of the following is a legal method of gathering information of a competitor?
A. Espionage
B. Surveillance
C. Competitive intelligence
D. None of the above (1 mark)
………………………………………………..………………….………….……..