CERTIFIED FORENSIC FRAUD EXAMINER (CFFE)
MODULE ONE
FRAUD AND CORRUPTION SCHEMES PILOT PAPER
MARCH 2025 Time Allowed: 3 hours.
Answer ALL questions. This paper has two sections. SECTION I consists of fifty (50) Multiple Choice Questions carrying fifty (50) marks. SECTION II has four (4) structured questions carrying (50) marks. Marks allocated to each question are indicated at the end of the question.
1. Which one of the following statements BEST describes the fraudulent effect of recording a fictitious revenue?
A. Expenses are understated and revenue is overstated
B. Revenue is overstated and receivables are overstated
C. Revenue is understated and receivables are overstated
D. Expenses are understated and liabilities are understated (1 mark)
ANSWER: B
2. Which one of the following statements BEST describes the fraudulent effect of omission of expenses in the financial statements?
A. Expenses are understated and liabilities are understated
B. Expenses are overstated and liabilities are understated
C. Liabilities are overstated and expenses are understated
D. Liabilities are understated and receivables are overstated (1 mark)
ANSWER: A
3. Which one of the following terms is NOT an off the book fraud?
A. Embezzlement of funds
B. Bribery
C. Conflict of interest
D. Economic extortion (1 mark)
ANSWER: A
4. Which one of the following statements is NOT an improper asset valuation scheme?
A. Failure to write off obsolete inventory
B. Recording fictitious assets
C. Inadequate provision of bad and doubtful debts
D. Writing off bad debts (1 mark)
ANSWER 😀
5. Which one of the following BEST describe unearned revenue?
A. Bad debts
B. Fictitious revenues
C. Improper valuation of receivables
D. Related party revenue transactions (1 mark)
ANSWER: B
6. Which one of the following is the BEST method that could be applied to detect corrupt payments?
A. Focus at the point of payment
B. Conducting an audit
C. Interviewing employees
D. Interviewing procurement manager (1 mark)
ANSWER: B
7. Which one of the following statements is ACCURATE in regard to the major objective of bid rigging in a competitive procurement process?
A. To inflate the prices of the bids
B. To support each other to win a bid
C. To manipulate the bids
D. To facilitate excessive buying (1 mark)
ANSWER: A
8. The directors of XYZ Company are also directors of ABC company. The two companies do substantial amount of business with each other. XYZ failed to disclose their relation with ABC Company in the financial statements. Which one of the following BEST describe the XYZ Company fraud scheme?
A. Reporting entities scheme
B. Inadequate disclosure
C. Fraudulent related party’s transactions
D. Changes of accounting policies scheme (1 mark)
ANSWER: B
9. Which one of the following BEST describe multifactor authentication technical security control?
A. Systems security control
B. Applications security control
C. Network security control
D. Data classification control (1 mark)
ANSWER: B
10. Which one of the following is NOT a type of an effective technical security control?
A. Data classifications
B. Training and awareness
C. Security audit test
D. Incident response plans (1 mark)
ANSWER: A
11. Which one of the following, financial transactions might be used to understate expenses?
A. Recording direct expenses incurred to generate revenue
B. Recording prepaid expenses
C. Accrual of expenses
D. Capitalisation of expenses (1 mark)
ANSWER: D
12. Which one of the following statements is ACCURATE in regard to concealment of liabilities in financial statements?
A. Capitalising expenses would result to concealment of liabilities
B. Omission of expenses would result to concealment of liabilities
C. Recording fictitious expenses would result to concealment of liabilities
D. Recording incurred expenses would result to concealment of liabilities (1 mark)
ANSWER: B
13. Which one of the following is a recommended control method of electronic transfer funds, fraud?
A. Removing Automated Clearing House (ACH) blocks and filters
B. Having separate bank accounts for checks and electronic payments
C. Direct payment of ACH transactions
D. Having one bank account for checks and electronic payments (1 mark)
ANSWER: B
14. Which one of the following elements is NOT an item of the statement of profit or loss?
A. Net sales
B. Discount allowed
C. Discount received
D. Payables (1 mark)
ANSWER 😀
15. Which one of the following statements BEST explains a situation where the current liabilities are two times more than the current assets?
A. The organisation will not be able to meet its immediate financial obligations
B. The organisation will have a good statement of cash flow from operation activities
C. The organisation might have overstated the current liabilities
D. The organisation, will be able to meet its immediate financial obligations (1 mark)
ANSWER: A
16. Which one of the following is a method that dishonest contractors use to give the appearance of competitive bidding?
A. Bidders submit complementary bids
B. Bidders rotate bids
C. Bidders withdraw bids the last minute
D. Competitive bidders refrain from bidding (1 mark)
ANSWER: A
17. Which one of the following financial analysis is used to measure the percentage change in revenue from one period to another?
A. Ratio analysis
B. Relational comparison
C. Horizontal analysis
D. Vertical analysis (1 mark)
ANSWER: C
18. Which one of the following schemes BEST describes social engineering scheme?
A. Piggybacking
B. Wire tapping
C. Business email compromise
D. Electronic piggybacking (1 mark)
ANSWER: C
19. Sequential purchases under the competitive bidding limits that are followed change orders is a red flag of, which of the following procurement fraud scheme?
A. Bid tailoring
B. Bid splitting
C. Need recognition
D. Bid specification scheme (1 mark)
ANSWER: D
20. Which one of the following is a fraud scheme associated with competent bidders refraining from bidding?
A. Market division
B. Bid rotation
C. Bid suppression
D. Bid manipulation (1 mark)
ANSWER: C
21. Which one of the following is NOT a fraud scheme perpetrated health care providers?
A. Coding
B. Excessive services
C. Experimental procedures
D. Intentional misrepresentation of the diagnosis (1 mark)
ANSWER: A
22. Which one of the following is NOT a red flag of bid specifications procuring entity’s employees?
A. Bid specifications that are too broad
B. Broad specification
C. Narrow specification
D. Bid specifications that are vague (1 mark)
ANSWER: B
23. Which one of the following BEST, describes the process which users are allowed to access computer systems and networks?
A. Computer administrative control
B. Technical access control
C. Logical access control
D. Physical access control (1 mark)
ANSWER: C
24. Which one of the following steps of a risk assessment process identifies the risks and threats of each asset, and calculates the probability of each risk materialising.
A. The third step of the risk assessment
B. The second step of the risk assessment
C. The first step of the risk assessment
D. The fourth step of the risk assessment (1 mark)
ANSWER: A
25. Which one of the following fraud schemes can be detected through a bank reconciliation statement?
A. Double disbursements
B. Cash that has not been recorded in the books
C. Funds not deposited
D. Fraudulent disbursements (1 mark)
ANSWER: C
26. A Certified Fraud Examiner (CFE) was hired to serve as an expert witness in an alleged financial statement fraud. As part of her expert testimony, she explained that under the International Financial Reporting Standards (IFRS) management must make every effort to ensure that the company’s financial statements are complete, neutral, and free from error. Which one of the following concepts was she explaining?
A. Faithful representation
B. Going concern
C. Comparability
D. Consistency (1 mark)
ANSWER: A
27. Which one of the following is NOT a method that dishonest contractors use to collude in order to beat the competitive bidding process?
A. Submit token bids
B. Rotate bids
C. Submit bids that are competitive in price.
D. Suppress bids (1 mark)
ANSWER: C
28. Which one of the following financial analysis techniques is used for measuring the relationship between any two different financial statement amounts?
A. Statement comparison
B. Relational comparison
C. Transaction detail analysis
D. Ratio analysis (1 mark)
ANSWER: D
29. Which one of the following social engineering schemes BEST describes a fraudster who uses the chief executives company email to impersonate him and then ask an accountant to make a wire transfer.
A. Pharming
B. Spear phishing
C. Business email compromise
D. Vishing (1 mark)
ANSWER: C
30. Which one of the following is an indicator of a bid splitting scheme?
A. Sequential purchases under the competitive bidding limits that are followed change orders
B. Use of sole-source procurement contracts
C. Low employee turnover in an organisation’s procurement department
D. Two or more purchases from the same supplier in amounts just above competitive bidding limits (1 mark)
ANSWER: A
31. Which one of the following is NOT a method that dishonest contractors use to collude to evade the competitive bidding process?
A. Dividing the market among themselves
B. Alternate business among themselves on a rotational basis
C. Refrain from submitting bids
D. Competent bidders agree that each bidder to submit very competitive bids (1 mark)
ANSWER: D
32. Examples of fraud schemes perpetrated health care institutions and their employees include all of the following,
EXCEPT .
A. up-coding of services
B. improper contractual relationships
C. billing for experimental procedures
D. unintentional misrepresentation of the diagnosis (1 mark)
ANSWER: D
33. Which one of the following is a common way a procuring employee might engage in a bid manipulation scheme?
A. Leaking of bids information
B. Extending bid opening dates with justification
C. Opening bids on the scheduled dates
D. Specification of narrow bids (1 mark)
34. Which one of the following is the MOST accurate description of logical access?
A. The process which users are allowed to access and use physical objects
B. The process which computer systems’ contents are encrypted
C. The process which users can bypass application security over the software and libraries
D. The process which users are allowed to use computer systems and networks (1 mark)
ANSWER 😀
35. Which one of the following statements is NOT accurate in regard to steps of risk assessment related to computers and computer systems?
A. Identifying the risks and threats of each asset and calculating the probability of each risk materializing, is the third step of a risk assessment
B. Determining the value of each asset of a risk assessment related to computers and computer systems is the second step
C. Recommending the counter-measures and other remedial activities is the fifth step of a risk assessment related to computers and computer systems
D. Identifying the risks and threats of each asset and calculating the probability of each risk materializing, is the first step of a risk assessment (1 mark)
ANSWER: D
36. Which one of the following statements would be affected capitalisation of expenditure?
A. Statement of profit and loss and statement of financial position
B. Statement of profit and loss
C. Statement of financial position
D. Statement of profit and loss and statement of cash flow (1 mark)
ANSWER: A
37. Which one of the following is NOT a method that a fraudster can use to conceal theft of inventory?
A. Writing off stolen inventory as scrap
B. Increasing the perpetual inventory balance
C. Adjusting the perpetual inventory records to decrease the balances
D. All the above (1 mark)
ANSWER: B
38. Which one of the following statements is NOT accurate in regard to the effect of fraudulent transactions on the current ratio?
A. Failure to write off bad debts will result to an inflated current ratio
B. Omission of expenses will result to an inflated current ratio
C. Failure to write off obsolete inventory will result to a deflated current ratio
D. All the above (1 mark)
ANSWER: C
39. Which one of the following is NOT a method that is used to manipulate and destroy data?
A. Availability of data
B. Disclosure of confidential information
C. Privilege escalation
D. Buffer overflow exploits (1 mark)
ANSWER: A
40. Which one of the following is ACCURATE in regard to cybercrime?
A. Entering an altered or falsified data in the computer an authorized employee, is a computer fraud offence
B. Modification of data an authorised employee is a type of cybercrime
C. Unauthorised disclosure of data to an external party using the computer using the internet is a cybercrime
D. Computer forgery an authorised person is cyber crime (1 mark)
ANSWER: C
41. Which one of the following is ACCURATE in regard to internet of things (IOT?
A. IOT technology tends to focus more on security than innovative design
B. IOT technology tends to focus more on innovative design than privacy
C. IOT devices commonly connect to networks using inadequate security
D. IOT devices commonly connect to networks using adequate security (1 mark)
ANSWER: C
42. Which one of the following describes the method used to gain unauthorised access through the use of a secret point into the program?
A. Malware software
B. Back door
C. Trap door
D. Salami techniques (1 mark)
ANSWER: C
43. Which one of the following is NOT a type of administrative security controls?
A. Intrusion detection software
B. Security awareness and education
C. Security reviews and audit
D. Security risk assessments (1 mark)
ANSWER: A
44. Apple and Green companies are major players in the construction industry. The two companies agreed that Green company refrain from bidding a contract tender issued a government entity. Which one of the following is a red flag of the scheme perpetrated the two companies?
A. Apple company sub-contracted Green company
B. There was a rotational biding pattern observed
C. The bid price submitted Apple company was competitive
D. Apple company did not sub-contract Green company (1 mark)
ANSWER: A
45. Which one of the following financial statement fraud schemes is NOT associated with financial position fraudulent reporting?
A. Overstated receivables
B. Overstated revenue
C. Understated liabilities
D. Overvaluation of non-current assets (1 mark)
ANSWER: B
46. Which one of the following terms BEST describes the type of corruption related to a public official receiving money from a contractor?
A. Kickbacks
B. Commercial Bribery
C. Official bribery
D. Conflict of interest (1 mark)
ANSWER: C
47. Which one of the following BEST describes a healthcare fraud scheme where the health provider bills for two procedures which are supposed to be one procedure
A. Unbundling
B. Up – coding
C. Fictitious billing
D. Overutilisation (1 mark)
ANSWER: A
48. Which one of the following statements is NOT a red flag of rotational bid rigging scheme?
A. Competent bidders rotate token bids
B. Rotational binding has a winning pattern
C. The price of the lowest bid is very high in comparison to the market price
D. Bidders bid each time the lowest (1 mark)
ANSWER: A
49. Which one of the following statements is NOT accurate in regard to misrepresentation of the financial statements?
A. Capitalisation of expenses will inflate the current ratio
B. Capitalising expenses would result to both inflated profit and overstated assets
C. Capitalising expenses would result to overstated assets
D. Capitalising expenses would result to understated expenses (1 mark)
ANSWER: A
50. Which one of the following is a common real estate fraud schemes?
A. Draw requests
B. Fraudulent appraisals
C. Flopping schemes
D. Flipping schemes (1 mark)
ANSWER: B
SECTION II (50 MARKS)
51. Discuss FIVE steps of a computer security risk assessment. (Total: 20 marks)
52. Explain FIVE financial statement fraud schemes. (Total: 15 marks)
53. Describe FIVE fraudulent transactions and their effect on the current ratio. (Total: 10 marks)
54. Identify FIVE methods of making corrupt payments. (Total: 5 marks)
……………………………………………………………………..