Fraud Prevention and Detection August 2025

CERTIFIED FORENSIC FRAUD EXAMINER (CFFE) MODULE THREE
FRAUD PREVENTION AND DETECTION
MONDAY: 18 August 2025. Morning Paper. Time Allowed: 3 hours.
Answer ALL questions. This paper has two sections. SECTION I consists of fifty (50) Multiple Choice Questions carrying fifty (50) marks. SECTION II has four (4) structured questions carrying fifty (50) marks. Marks allocated to each question are indicated at the end of the question.

Click here to Access Answers with explanations to All these CFFE Past Paper Questions(Revision kit)

Click here to Access Answers with explanations to All these CFFE Past Paper Questions(Revision kit)

SECTION I (50 MARKS)
1. Which one of the following is a factor of assessing the impact of fraud risk if the risk materialised?
A. Past instances of a particular fraud in the organisation
B. Prevalence of the particular fraud at the organisation
C. Management support of fraud prevention initiatives
D. People or department associated with fraud risk (1 mark)

2. Which one of the following parties are associated with the risk of inadequate oversight?
A. Board of directors
B. Management
C. Employees
D. Internal auditors (1 mark)

3. Which one of the following parties have the primary responsibility for monitoring the effectiveness of the internal controls?
A. Board
B. Management
C. Internal auditors
D. Internal auditors and management (1 mark)

4. Which one of the following risks are NOT fraud related risks?
A. Lack of loyalty
B. Inadequate controls
C. Rationalisation
D. Low personal integrity (1 mark)

5. Which one of the following statements BEST describes fraud risk associated with a situation that encourage employees in engaging in fraudulent activities?
A. Situational pressure
B. Financial pressure
C. Social pressure
D. Low perception of detection (1 mark)

6. Which one of the following fraud principles of the COSO is associated with communicating the expectations of the board?
A. Risk assessment
B. Fraud risk governance
C. Fraud risk oversight
D. Monitoring (1 mark)

7. Which one of the following fraud controls can help to mitigate low perception of detection?
A. Adequate oversight
B. Training and awareness
C. Surprise audits
D. Comprehensive compliance program (1 mark)

8. Which one of the following statements is ACCURATE in regard to fraud prevention?
A. Fraud controls are hard controls that effectively prevent fraud
B. Fraud controls are basic controls that effectively prevent fraud
C. Fraud control is a process that is aimed at reducing incidences of fraud and also maximising detection
D. Fraud controls are made of policies and control activities that minimise the occurrence of fraud while maximising detection of fraud respectively (1 mark)

9. Which one of the following are components of fraud prevention health checkup related to developing policies and strategy for fraud prevention?
A. Fraud risk oversight
B. Proactive detection
C. Fraud risk assessment
D. Control environment (1 mark)

10. Which one of the following parties have the primary responsibility for monitoring the effectiveness of a compliance program?
A. Internal auditor
B. Risk officer
C. Management
D. Compliance officer

11. Which one of the following parties have the final responsibility for creating a culture of zero tolerance for fraudulent and corrupt activities in an organisation?
A. Managers and supervisors
B. Internal auditor
C. The board
D. Management (1 mark)

12. Which one of the following actions demonstrates management’s zero tolerance for fraud? Management has
.
A. designed and implemented strong controls
B. designed and implemented a case to case basis response
C. enhanced internal controls
D. to put procedures in place to maximise detection (1 mark)

13. Which one of the following statements is INACCURATE in regard to employees’ responsibility for fraud?
A. Employees have responsibility for reporting fraud
B. Employees have responsibility for assisting in establishing a culture of integrity

C. Employees have a responsibility for assisting in identification of fraud risks
D. None of the above (1 mark)

14. Which one of the following assessments would be ACCURATE in regard to management’s integrity?
A. Board’s perception
B. Internal auditor’s perception
C. External auditor’s perception
D. None of the above (1 mark)

15. Which one of the following statements is INACCURATE in regard to integrity in performance of investigations?
A. A forensic auditor requires independence of mind and avoidance of conflict of interest
B. A forensic auditor should have very high level of moral philosophy
C. A forensic auditor cannot admit mistakes
D. A forensic auditor must put the interest of the client before personal desires (1 mark)

16. Which one of the following statements is INACCURATE in regard to the internal auditor’s responsibility for fraud
prevention?
A. Internal auditor should identify and assess the risks of fraud
B. Internal auditor should detect fraud in the course of an audit engagement
C. Internal auditor should evaluate the effectiveness of the fraud risk management program
D. Internal auditor should continuously monitor the effectiveness of the fraud risk management program
(1 mark)

17. Which one of the following statements is INACCURATE in regard to perception of detection fraud risk?
A. Low perception of detection is a motivating factor for fraudulent activity
B. Low perception of detection risk can be mitigated detective controls
C. Low perception of detection risk can be mitigated effectively preventive controls
D. Low perception of detection is a root cause of fraudulent activities (1 mark)

18. Which one of the following actions BEST describes an area that is associated with performance-based compensation risk?
A. Financial reporting
B. Asset misappropriation
C. Corruption
D. Disbursements (1 mark)

19. Which one of the following controls can help in enforcing controls to effectively discourage employees from engaging in fraudulent activities?
A. Fraud risk assessment
B. Code of ethics
C. Training and awareness
D. Fraud audits (1 mark)

20. Which one of the following statements is ACCURATE in regard to special audits? Special audits
.
A. are reactive activities that is conducted in response to suspicion of fraud

B. should be part of the fraud prevention policy
C. are proactive fraud prevention activities
D. help to increase the perception of detection (1 mark)

21. Which one of the following statements is ACCURATE in regard to factors that lead to fraudulent activities, according to B.F. Skinner?
A. Putting too much trust in key employees
B. Trusting key employees
C. Lack of clear lines of authority
D. Situations and circumstances (1 mark)

22. Which one of the following is ACCURATE in regard to the most common types of preventive controls according to the 2024 report to the nations?
A. Separation of duties
B. Internal audit
C. Separation of duties
D. Management review (1 mark)

23. Which one of the following statements are examples of anti- fraud controls that are both preventive and detective?
A. Independent analytical reviews
B. Internal audit
C. External audit
D. Effective reporting programs (1 mark)

Click here to Access Answers with explanations to All these CFFE Past Paper Questions(Revision kit)

Click here to Access Answers with explanations to All these CFFE Past Paper Questions(Revision kit)

24. According to the 2024 report to the nations, which one of the following methods is ranked last in regard to fraud detection?
A. Tips
B. Internal audit
C. Management review
D. External audit (1 mark)

25. Which one of the following statements is ACCURATE in regard to evaluation of the effectiveness of the internal controls?
A. Evaluation of the effectiveness of the internal controls involves implementing control activities and procedures
B. Evaluation the effectiveness of the internal controls involves checking if the five COSO components are place and working together
C. Evaluation of the effectiveness of the internal controls involves testing if the controls are working
D. Evaluation the effectiveness of the internal controls involves checking if fraud has occurred (1 mark)

26. Evaluation elements of fraud risk oversight involves .
A. independent evaluations of the board’s fraud prevention oversight
B. identification and assessment of fraud risks
C. knowledge and training on fraud risk ownership
D. implementation of proactive detective controls (1 mark)

27. Which one of the following statements is INACCURATE in regard to fraud related controls?
A. Detective controls are type of soft controls that discourage fraudulent activities
B. Detective controls are proactive procedures that discourage fraudulent activities

C. Preventive controls are proactive controls that encourage people in the organisation not to engage in fraudulent activities
D. Detective controls are reactive control procedures for responding to discovery of fraud (1 mark)

28. Which one of the following statements is ACCURATE in regard to controls that are aimed at achieving compliance in relation to fraud prevention?
A. Basic controls are supposed to be enforced to effectively prevent and detect fraud
B. Basic controls are supposed to be enhanced to effectively prevent and detect fraud
C. Basic controls that are well enhanced are effective in preventing and detecting fraud
D. Strong basic controls are those that are well enforced (1 mark)

29. Which one of the following BEST describes fraud prevention health check–up component that is related to knowledge and training of fraud risks identification and monitoring?
A. Fraud risk ownership
B. Fraud risk tolerance and risk management policy
C. Internal control environment
D. Fraud risk oversight (1 mark)

30. Which one of the following statements is ACCURATE in regard to developing effective fraud prevention controls?
A. Enhancing internal controls would help in improving fraud prevention
B. Enhancing detective controls would help in improving fraud prevention
C. Reorganising internal controls would help in improving fraud prevention
D. None of the above (1 mark)

31. An effective environment in regard to fraud prevention is an environment with .
A. an internal control system that is integrated with preventive and detective controls
B. strong internal controls
C. enhanced controls
D. an internal control system integrated with preventive controls (1 mark)

32. Which one of the following statements is INACCURATE in regard to the auditors’ responsibility for fraud while
auditing financial statements?
A. International Standard on Auditing (ISA 240) has put express responsibility on the auditors to detect fraud in the course of auditing financial statements
B. Auditors have responsibility for identifying fraud risks in all the processes
C. Auditors have a responsibility for identifying red flags of fraud in all the processes
D. International Standard on Auditing (ISA 240) has put express responsibility on the auditors to investigate any material fraud detected during the audit of financial statements (1 mark)

33. Which one of the following statements is ACCURATE in regard to situational pressure to commit fraud?
A. “Management is engaging in corruption, so it is okay”
B. “I deserve more compensation for the work I am doing”
C. “We need to be show high performance”
D. None of the above (1 mark)

34. Which one of the following BEST describes an auditor’s responsibility for evaluating the effectiveness of the
internal control system?
A. Primary responsibility

B. Ultimate responsibility
C. Overall responsibility
D. None of the above (1 mark)

35. Which one of the following statements is INACCURATE in regard to fraud and internal controls?
A. Absence of internal controls is a red flag of fraud
B. Absence of internal controls is a root cause of fraud
C. Absence of internal controls is not a root cause of fraud
D. None of the above (1 mark)

36. Which one of the following is NOT a process of ensuring compliance in an organisation?
A. Continuous monitoring of the compliance program
B. Fraud audit facilitated non-compliance
C. Periodic evaluation of the compliance program
D. On-going evaluation of the compliance program (1 mark)

37. Which one of the following statements is ACCURATE in regard to evaluation of an organisation’s fraud prevention health where it has not engaged an independent anti- fraud consultant to evaluate the fraud prevention components?
A. Fraud risk oversight components would score 10 out of 20 points if the board has developed fraud policies and strategy for fraud prevention
B. Fraud risk assessment component would score 5 points out of 10 if the organisation has conducted a formal structured risk assessment
C. Proactive detection component would score 8 out of 10 points if most of the detective controls were in place
D. None of the above (1 mark)

38. Which one of the following statements is ACCURATE in regard to compromised internal controls?
A. Compromised internal controls are always ineffective
B. Compromised internal controls can be effective if they are enforced with soft controls
C. Compromised internal controls need to be enhanced for them to be effective
D. None of the above (1 mark)

39. Which one of the following statements BEST describes the fraud risk associated with overwhelming desire for wealth?
A. Situational pressure
B. Sense of entitlement
C. Social pressure
D. Financial pressure (1 mark)

40. Which one of the following statements describes the BEST assessment method of employee’s integrity? Employees integrity .
A. is assessed testing if they can engage in corrupt or fraudulent activities
B. can be assessed evaluating the culture of the organisation
C. can be assessed the number fraud incidences
D. can be assessed evaluating incidences of non-compliance (1 mark)

41. Which one of the following statements is NOT accurate in regard to elements that facilitate fraudulent activities?
A. Rationalisation to commit fraud is a root cause of fraud
B. Rationalisation to commit fraud is a risk of fraud

C. Rationalisation to commit fraud can be mitigated a comprehensive code of ethics
D. Rationalisation to commit fraud can be mitigated proactive fraud detection (1 mark)

42. Which one of the following statements is NOT accurate in regard to perception of detection in relation to fraud risk management?
A. Low perception of detection is a motivating factor for fraudulent activity
B. Low perception of detection risk can be mitigated detective controls
C. Low perception of detection risk can be mitigated strong separation of duties
D. Low perception of detection is a root cause of fraudulent activities (1 mark)

43. Which one of the following BEST describes a fraud scheme associated with financial pressure?
A. Financial reporting
B. Embezzlement
C. Corruption
D. Disbursements (1 mark)

44. Which one of the following controls can effectively eliminate the incidences of fraud?
A. Fraud risk assessment
B. Analytical data review
C. Proactive forensic audits
D. None of the above (1 mark)

45. Which one of the following statements is ACCURATE in regard to proactive and reactive audits?
A. Surprise audit is a reactive measures aimed at detecting any fraudulent activities
B. Surprise audit is a proactive measures aimed at detecting fraud
C. Surprise audit should be conducted only when there is suspicion of fraud
D. An organisation should not inform employees about their intention to be conducting regular surprise audits as a best practice of fraud prevention (1 mark)

46. Which one of the following parties have the overall responsibility for creating a culture of zero tolerance for fraudulent and corrupt activities?
A. Managers and supervisors
B. Internal auditor
C. The board
D. Management (1 mark)

47. According to the 2024 report to the nations, which one of the following methods detected more than 40% of cases in the study?
A. Tips
B. Internal audit
C. Management review
D. External audit (1 mark)

48. Which one of the following statements is NOT accurate according to 2024 report to the nations fraud statistics?
A. Fraud perpetrated executives/owners was seven times of those perpetrated employees
B. Larger percentage of the frauds in the case study were perpetrated employees

C. In more than 80% of the cases the perpetrators had shown red flags
D. The highest fraud median loss was caused employees and it was also the most common type of fraud
(1 mark)

49. Brian, a Certified Fraud Examiner (CFE), locks the door to the interview room and refuses to allow the fraud suspect to leave. Which one of the following statements is TRUE in regard to the fraud examiners conduct?
A. This conduct would not be a violation of the ACFE Code of Professional Ethics under any circumstances
B. This conduct would be a violation of the ACFE Code of Professional Ethics
C. This conduct would be a violation of the ACFE Code of Professional Ethics only if Brian knew the conduct was illegal
D. This conduct would be a violation of the ACFE Code of Professional Ethics only if the suspect was innocent of fraud (1 mark)

50. Which one of the following statements is ACCURATE in regard to disclosure of confidential client information?
A. Confidential information provided to a fraud examiner a client is considered privileged and therefore legally exempt from disclosure in all circumstances
B. A fraud examiner is only allowed to respond to a legal court order when their client grants them authorisation to do so
C. A fraud examiner can reveal confidential client information when responding to a legal court order
D. A fraud examiner is always bound confidentiality, even when refusing to disclose information violates the law. (1 mark)

SECTION II (50 MARKS)

51. Discuss FIVE challenges of fraud and corruption prevention in an organisation. (Total: 20 marks)

52. Evaluate FIVE methods of demonstrating zero tolerance for fraudulent and corrupt activities in an organisation.
(Total: 15 marks)
53. Explain FIVE reasons why increasing perception of detection helps in fraud prevention. (Total: 10 marks)

54. Identify FIVE fraud prevention check list components. (Total: 5 marks)

………………………………………………………………………..
Click here to Access Answers with explanations to All these CFFE Past Paper Questions(Revision kit)

Click here to Access Answers with explanations to All these CFFE Past Paper Questions(Revision kit)