I2FC

InterdisciplinaryInsightsonFraudandCorruption

Red flags and publicly available information: an effective combination for

reducingthecostsoffraud

IsabelleAugsburger‐Bucheli

DoctorinLaw,ProfessorofLaw,DeanofInstitutdeluttecontrelacriminalitééconomique(ILCE‐InstituteofEconomicCrimeInvestigation),DeputyDirectoroftheHauteécoledegestionArc(HEGArc–BusinessSchool),UniversityofAppliedSciencesandArtsWesternSwitzerlandHES‐SO

Espacedel’Europe21,CH‐2000Neuchâtel(Switzerland)

isabelle.augsburger@he‐arc.ch

Abstract

Recentdevelopmentsinthefieldofthefightagainsteconomiccrimehaveshowna

focusondevelopingdetectiontoolsbasedoncompanies'internaldata.Ourproject

exploresothersourcesinordertoestablishtowhichextenttheriskoffraudina

Swiss company can be assessed using publicly accessible data. We have also

analyzed and classified a large number of fraud red flags, exogenous as well as

endogenous, deriving from both financial and extra‐financial information. This

processhasallowedustodevelopseveralcopyrightedlistsandspreadsheetsthat

could be extremely helpful in fraud assessment. Publicly accessible data still

representsanuntappedsource in the fightagainst suchcrimes: ifused the right

way, it could become an asset for businesses, investors, and public authorities

-2-

alike.Severalobstacles,however,mustbeovercomeinordertoachievethisgoal:

first and foremost,non‐financial red flagsare rarely referenced ‐ andwhile they

sometimes highlight interesting tendencies, they are not guaranteed to reveal

actualfraudcases.Secondly,thevalidityofresultsobtainedwhenusingsuchred

flagsnecessarilydependsonthereliabilityofthesources.Suchissuesnaturallycall

forfurtherresearchwork.

Keywords: occupational fraud, red flags, fraud prevention, fraud detection,

economiccrime,Switzerland.

JELcodes:K14CriminalLaw,K42IllegalBehaviourandtheEnforcementofLaw,

K22BusinessandSecuritiesLaw,L53EnterprisePolicy

-3-

1. Introduction

Studies by advisory firms and professional associations indicate that economic

crimeisontherise,dueinparticulartothedevelopmentoffinancialengineering,

the use of new technologies and the globalization of economy (see for example:

KPMG2009,2013a;PwC2011a,2011b,2014a,2014b).Occupationalfraudisatthe

heartofthisproblem;itcanbedefinedas“theuseofone’soccupationforpersonal

enrichment through the deliberate misuse or misapplication of the employing

organization’sresourcesorassets”(ACFE,2014:6).Occupationalfraudgenerates

enormouscostsforemployers:ACFE2014reportsthattypicalorganizationslosea

medial of 5% to all types of fraud. As a result, the implementation of efficient

strategiesallowingtopreventanddetectfraudisapriorityformanyofthem.

Most of the strategies in place today involve themonitoring and surveillance of

employees,internalcontrol,andthedetectionofredflagsthroughtheanalysisof

internalinformation(suchasaccountingdata).Redflagsaredefinedassituations

ortransactionsthatrevealoraresusceptibletorevealafraud,orthataretypicalof

an environment where fraudulent behaviors can arise and proliferate (see,

Hounnongandji,2010:251).Whilefraud,likemostformsofeconomiccrime,does

notmanifestitselfinadirectorimmediateway(likestreetcrimeusuallydoes),it

stillleavestraces.

Red flags are based on information and situations that typically show up in

connectionwithfraud.Therefore,inacontextofpreventionorinvestigation,they

canbe readaspiecesof evidence that sucha crimehasoccurred, is about tobe

committed, or is likely to take place in the analyzed environment. They are

powerful weapons, alongside internal control and whistleblowing, in the fight

-4-

againstfraud.Theycanbeparticularlyusefulinthepreventionphase,astheycan

helpreducethenumberandimpactoffraudcasestogetherwiththerelatedcosts.

Those inuse today,however,dependalmostexclusivelyon internal information,

which is oftenkeptprivate. Thishas two consequences: becauseof the focuson

internal data, the possible role of publicly available information (any data

originating from public or private sources that is available to anyone, without

restrictions, freeofchargeorotherwise) in frauddetectionhasbeenoverlooked.

The second consequence is that a serious assessment of fraud risk can be

conducted exclusively by the company itself. Third parties such as business

partnersorinvestors,whichmayhavealegitimateinterestinassessingsuchrisks,

donothaveaccesstonecessaryinformation,andcannotuseittoidentifypossible

redflags.

Ourprojectwasmeantasafirststepinanattempttofillthesegaps.Weexplored

otherpossiblesourcesofinformationinordertoestablishtowhichextenttherisk

of fraud in a Swiss company could be assessed using red flags based on public

information. At the same time,we created a series of risk assessment tools that

workwithred flagssuitable to facilitate the tasksof thosehavingaccess toboth

internal and external information, but alsouseful to interested thirdparties.We

also endeavored to create a functional red flags database that integrates public

informationasapossiblesourceofdetection.

-5-

2. Literature review

Although the ideaofusingpublic information for thepurposeof assessmenthas

alreadybeenimplementedinothersectors,ithasnotyetbeenextendedtofraud

andeconomiccrimeingeneral.TheFondationIbrahimhasestablishedacollection

ofquantitativedataleadingtoayearlyevaluationoftheperformances,intermsof

governance,withinAfrican countries. Similarly, theBaselInstituteonGovernance

(anon‐profitorganizationtightlyassociatedwiththeLawFacultyoftheUniversity

ofBasel)hasdevelopedan index thatuses red flags (developedbasedonpublic

reports byGAFI andby theWolfsbergGroup) to classify countriesbased on the

risklevelinrelationwithmoneylaundering,terrorismfinancing,andcorruption.

Whiletheaboveprojectsshowcasethepotentialofpublicinformation‐derivedred

flags, theydoso ina context far removed frombusinessandoccupational fraud.

When it comes to the latter, the available literature focuses, as expected, on red

flags that depend on internal information (e.g. information related to internal

service compliance, etc.), and which is therefore suitable for internal use only

(Pons,2006;Gallet,2010).Severalauthorshavedevelopedchartscontainingred

flagsthatcanbedetectedandevaluatedbasedonsuchdata(see:Cauvin&Bescos,

2005;Ouaniche,2009;Pons&Berche,2009).TheforensicservicesoftheBigFour

(Deloitte, EY, KPMG, and PricewaterhouseCoopers), who assist companies in

internalinvestigations,doemployredflagsaspartoftheirprocess,buttheirtools

‐besidesbeingshredinsecrecy‐alsorequireaccesstointernaldata.

Partofourproject involved the identificationof typesofpublic information that

can lead to the detection of fraud red flags. As purely financial information is

typicallykeptprivate,thedataavailabletothepublic is largelyofanon‐financial

-6-

nature. Studies conducted in the auditing field, where financial information is

paramount, have showed thatnon‐financial information ‐ suchas thenumberof

employees,consumersatisfaction,andthenumberofopenaccounts(Amesetal.,

2012) ‐ should also be taken into consideration (American Institute of Certified

Public Accountant (AICPA), 2002; Cohen et al., 2000), as it helps to generate a

more trustworthy assessment of a company, unveil irregularities, verify the

validity of financial performances, and sometimes even predict the latter. The

importanceofnon‐financialinformationhasbeenalsohighlightedbyanumberof

other studies focusing on corporate governance and social and environmental

responsibility(e.g.Mauléon,2007;Peter&Jaquemet,2014.).

Despite this, anddespite the fact that companies' communications arebecoming

more focused on extra‐financial information (Mauléon, 2007), few authors have

explored thequestionof its roleand importance in frauddetection (e.g. Ittner&

Larcker,1998).Thestudiesconductedsofar,however,havethemeritofshowing

thatextra‐financialinformationcanindeedproveuseful.Brazeletal.(2009)have

shownacorrelationbetweenfinancialresultsandextra‐financialinformation,and

arguethatvariationswithinthiscorrelationcansuggestthatfinancialresultshave

beenmanipulated.Extra‐financial information,whilehardertobetamperedwith

than its financial counterpart (Cohen et al., 2011), can still be falsified by the

management, but the risk factor becomes higher: this is because its veracity is

more easily verifiable (Bell et al., 2005), and also because the circle of people

involvedinthefraudislikelytobeextendedbysuchmaneuvers.Finally,Grove&

Basilico (2008; 11) “demonstrate the usefulness of both types of red flags ‐

quantitative fraud ratios and qualitative corporate governance factors ‐ for

-7-

detectingfraudulentfinancialreporting.Thequalitativecorporategovernancered

flags are just as, or even more, important than the quantitative ones for both

detecting and preventing fraudulent financial reporting, according tomany fund

managers,shortsellers,financialanalysts,andfinancialpresswriters”.

In conclusion, extra‐financial data that is publicly available represents a valid

sourceof information that ‐whileoftenoverlooked ‐ canplayan important role

not only in fraud detection, but also in fraud prevention. Indeed, according to

KPMG(2013b),“failuretoadequatelyassessclients,agentsandbusinesspartners,

andtoknowhowtheyoperate,canexposeorganizationstoreputationaldamage,

operationalriskandgovernmentinvestigations,aswellasmonetarypenaltiesand

potentialcriminalliability”.

3. Methodology

Red flags are powerful tools in the fight against fraud. They are particularly

importantbecausetheycanallowtopreventfraudandassesstheriskthereof,thus

helping companies to drastically reduce the costs linkedwith the phenomenon.

Today, as we have seen, red flags are detected using almost exclusively private

information,especiallyofafinancialnature.Ourprojectaimedtoevaluatewhether

theuseofpubliclyavailableinformationcouldleadtoamoreefficientdetectionof

redflagsandatthesametimewidenthecircleofpeoplethataresusceptibletouse

such red flags, ultimately transforming the latter into a more complete and

universaltooloffraudprevention.

We have structured our project in four phases. The first phase consisted in

establishingageneralinventoryofreliablefraudredflags.Inthesecondphasewe

-8-

identified types of publicly available information that could, realistically, lead to

thedetectionofthelistedredflags(forpracticalreasons,welimitedourselvesto

informationavailableinSwitzerlandandpertainingtoSwisscompanies).Thethird

phase consisted in cross‐referencingeach red flagwith the information found in

phase two; it allowed us to determine which red flags could theoretically be

detectedusingthelatter,andinwhichcasessuchinformationcouldcontributetoa

moreefficientdetection.Phasefouriscurrentlyinprogress:wearetestingthered

flagsidentifiedinphasethree,withtheobjectiveofevaluatingtowhichextentthey

couldbeusedtoassesstheriskoffraudwithinaSwisscompany.

3.1Establishingacatalogueofoccupationalfraudredflags

Weachievedthisthroughathreestepsprocess,whichisdescribedbelow.

3.1.1Identificationoffraudtypologies

As a starting point, we have based ourselves on the three main categories of

occupational fraud established by the Association of Certified Fraud Examiners

(ACFE&Peltier‐Rivest,2007:8):

‐ Assetmisappropriation: “Any scheme that involves the theftormisuseof an

organization’sassets,suchasskimmingsales,fraudulentbilling,payrollfraud,

orexpensereimbursementfraud.”

‐ Corruption:“Anyschemeinwhichaperpetratoruseshisorherinfluenceina

businessorofficial transaction toobtainanunauthorizedbenefitcontrary to

thatperson’sdutytohisorheremployer.Commonexamplesincludepayingor

acceptingbribesor illegal gratuities, engaging in self‐dealing transactionsor

engaginginconflictsofinterests.”

-9-

‐ Fraudulent financial statements: “Any scheme that involves the deliberate

falsificationofanorganization’sfinancialstatementstomaketheorganization

appearmoreorlessprofitable.Examplesincluderecordingfictitioussalesand

concealingliabilitiesorexpenses.”

Wehavethenselectedaseriesofcrimesandsituationswithinsuchcategories;we

havebasedour choices especiallyon surveysbyACFEand theBigFour, bothof

which have a long‐standing expertise in financial investigation and advisory

services (see forexample:ACFE2012;ACFE&Peltier‐Rivest,2007;KPMG2009,

2013a; Isenring&al.,2014;PwC2011a,2011b,2014a,2014b).Havingobserved

thatseveralfraudsthatoccurfrequently(suchase‐mailscams)havelittlefinancial

consequences,andthatrarertypologies(suchasfraudulentfinancialstatements)

can have an enormous impact, we have decided to take both categories into

account.

3.1.2 Redflagscollection

Throughaliteraturesearchinwhichwehaveconsultedmultiplesources(suchas

Brown&DLAPiperLLP,2012;Colby,2004a,2004b,2004c;DiNapoli,2010;Gallet,

2010;Goldenetal.,2011;KPMG,2012a,2012b;Ouaniche,2009;Pons&Berche,

2009;Singleton&Singleton,2006;Zimbelman&Albrecht,2011)wehavegathered

a large collection of red flags lists and tables, as well as articles and papers

discussing one or more red flags. We have retained and listed those that are

applicabletooccupationalfraud.

We have then conducted an empirical research in which we have studiedwell‐

documented fraudcasesandanalyzed therelevant jurisprudence fromtheSwiss

FederalSupremeCourt(Tribunalfédéral).Wehavealsoconductedinterviewswith

-10-

several forensic accounting experts, with the objective of listing the techniques

usedbyfraudstersaswellastheevidencetheyleavebehind.Throughthisprocess

wehaveconfirmedsomeoftheredflagscollectedduringourliteraturesearchand

alsoestablishednewredflags,whichhavebeenaddedtothelist.

3.1.3 Redflagindexing

Thelargeamountofinformationcollectedin3.1.2wastakenfromseveraldifferent

sources, andas such itneeded tobeorganizedandhomogenizedbefore it could

proveuseful.Wehavethereforeplacedtheretainedredflags(aroundathousand)

in a spreadsheet and applied filters (with theobjectiveofmerging similar items

andeliminatingduplicates),thusgeneratingacatalogueconsistingof403redflags.

For these we have developed an ad hoc classification inspired by the works of

Zimbelman and Albrecht (2011), by the Swiss SME chart of account (Plan

comptablesuissePME),andbytheCOSO(CommitteeofSponsoringOrganizations

oftheTreadwayCommission)framework.Everyredflagincludedinthefinal list

hasbeentaggedwiththefraudcategory(ies)itpertainstoandplaced,basedonits

impact and its nature, in one of the tiers described below. The categorization

accordingtofraudtypewasmadewiththegoalofobtainingacleareroverviewof

thecatalogueandtorenderthesearchofspecificredflagseasier.Itisnotintended

to be final nor completely accurate, as it involved several decisionswhichwere

madeaccordingtoourproject’sneeds.

Endogenousredflags

Endogenous red flags are those that are detectable using companies' internal

information.Theycanbefurtherclassifiedinfoursub‐categories:

-11-

‐ Organisation: includes red flags linked with a company's functioning,

structure, management, and performance, as well as with its employees'

behaviorsandissues.

‐ InternalControlSystem(ICS).Inordertodecidewhichredflagstolistunder

this category, we have drawn inspiration from the COSO framework, which

providesabenchmarkforinternalcontrolstandardsand“helpsorganizations

design and implement internal control in light ofmany changes in business

and operating environments” (COSO, 2013). One of the functions of internal

control is to allow companies to identify and eliminate fraud opportunities,

thusdrasticallyreducingthechancesthatsuchacrimewilloccur.Accordingto

Cressey'fraudtriangletheory,allfraudsarecharacterizedbythesimultaneous

occurrenceofthreeelements:motivation,opportunity,andrationalization.As

Chapuisetal. (2016)pointout, thediscoveryofgapsandweaknesses in the

controls inplace,orofacertain lackofdiscipline intheirapplication,canbe

perceived as opportunities and encourage fraudsters to act. Since in the

majorityofcasesindividualsdonotactivelylookforbreaches,butarewilling

to take the opportunities that arise, eliminating such opportunities is

particularlyeffectivewhentryingtolimitfraudcases.

‐ Accounting: companies' activities generate a large number of transactions,

entries,movements,andratiocalculations:anomalieswithinsuchdatamight

indicatethatafraudhasbeencommitted.Inordertoidentifywhichdatacould

behelpfulinfrauddetection,wehavestudiedthestructureoftheSwissSME

chartofaccount(PlancomptablesuissePME;Sterchietal.,2014)).

-12-

‐ Documents: this last category concerns all information originating from

companydocumentssuchasbills,contracts,etc.

Exogenousredflags

Exogenous red flags,which are detectable through information originating from

sourcesthatareexternaltothecompany,havebeenclassifiedinthreecategories.

‐ Internal control and surveillance: includes red flags connected with the

company'srelationswithitsauditors.

‐ Environment and business sectors: includes red flags connected with the

conditionsandthechangeswithincompanies’externalenvironment(political,

social,etc.),andwithproblemslinkedtocompanies’businesssectors.

‐ Thirdparties:businesspartners,suppliers,andserviceproviders: this category

concerns people and organizations that do business with the assessed

company, such as business partners, suppliers, and service providers. It

includes red flags connectedwith their behaviors and business activities, as

wellaswitheventualcomplaints,lawsuits,anddenunciations.

3.2 IdentifyingpubliclyavailableinformationrelatingtoSwisscompanies

Inordertodeterminewhichoftheredflagsincludedinourlistcouldbedetected

usingpubliclyavailableinformation,wefirsthadtoestablishwhichinformationof

this kind is available in our country.As a reminder,wedefinepublicly available

informationasanydataorinformationoriginatingfrompublicorprivatesources

that isavailabletoanyone,withoutrestrictions, freeofchargeorotherwise.This

conceptmustbedifferentiated from that of opendata,which includes any “data

and content that can be freely used, modified, and shared by anyone for any

purpose” (opendefinition.org). We achieved this by analyzing the Swiss legal

-13-

framework and conducting semi‐structured interviews with investigation and

financialinvestigationexpertsworkingforlawenforcementagenciesaswellasfor

privateentities.

3.2.1 ThelegalframeworkinSwitzerland

Fewlaws,inSwitzerland,establishtheobligationtopublishcompanyinformation.

Withregardtofinancialinformation,theSwissCodeofObligations(CO)setsforth

that “Following their approval by the competent management body, the annual

accountsandconsolidatedaccountstogetherwiththeauditreportsmusteitherbe

publishedintheSwissOfficialGazetteofCommerceorsentasanofficialcopyto

anypersonwhorequests thesamewithinoneyearof theirapproval” (Art.958e

CO).Annualaccountsincludethebalancesheet,theprofitandlossaccountandthe

notestotheaccounts(art.958al.2COand959ff.CO).Otherlawsestablishspecial

dutieswithregardtopublicationofinformation:theseapplyforexampletolisted

companies, (see for example the Federal law on stock exchanges and the

commerceofsecurities(Loisurlesbourses,RS954.1),toestablishmentssubjectto

the Federal Law on Banks (Loi sur les banques, RS 952.0) and to the Swiss

NationalBank(LoisurlaBanquenationale,RS951.11).

According to researchers (e.g. Del Bosco & Misani; 2011) as well as to human

rights,environmental,andanti‐corruptionorganizations,publishedextra‐financial

information represents an important asset in the context of fraud detection.

However, there is no legislation related to such publishing, and the Swiss

governmentshowsnointentionoftakingstepsinthisdirection(Rapportdedroit

comparé, 2014), like the European Union has recently done

(Directive2014/95/EU).

-14-

3.2.2 Classification

Having established the legal framework, we searched for possible sources of

publiclyavailableinformationrelatedtoSwisscompanies.Wehaveidentified352

typesofinformation,whichcanbeclassifiedinfivecategories:

‐ Officialdocuments(asdefinedbyart.5and6oftheFederalActonFreedomof

Information in the Administration (Freedom of Information Act, FoIA, RS

152.3),suchasdocumentsissuedbypublicauthorities(residents'registration

offices, debt collection and insolvency offices, commercial registers, land

registers,chancelleries,etc.);

‐ Reportsestablishedbycompaniesandservicesthatprovidebusiness,economic,

andsolvencyinformation. Such information ismadeavailable to thepublic in

variousforms(reports,adhocreports,bytelephone,automatically,etc.),free

of charge or for a fee. Swiss law (art. 13.2 of the Federal Act on Data

Protection,FADP,RS235.1)statesthatitislegaltoprocesspersonaldatafor

the purpose of evaluating another person's creditworthiness, under the

condition thatsuchdata“isneithersensitivepersonaldatanorapersonality

profile”,andthatitis“disclosedtothirdpartiesonlyifthedataisrequiredfor

theconclusionortheperformanceofacontractwiththedatasubject”;

‐ Directories that provide unrestricted access to information on people and

corporationsthathaveatelephonesubscription;

‐ Internet, social media and blogs: these sources can provide an enormous

amount of useful (though not always reliable) information on people and

companies;

-15-

‐ Official company websites and other official documents such as brochures,

yearly reports,management reports, etc. These sources provide information

aboutcompanies’profiles,theirstructure,sectorsofactivity, financialhealth,

etc. Availability and quality of such information varies highly between

companies.

3.2.3 Determiningwhichredflagscanbedetectedusingpubliclyavailable

information

Wehave placed the 403 red flags in three categories, depending on the level of

accessibility of the information that can lead to their detection: 1) Red flag

detectable through private internal information; 2)Red flags detectable through

publicly accessible internal information,3)Red flagsdetectable throughpublicly

accessibleinformation.Themajorityofredflagshavebeen,asexpected,classified

inthefirstcategory.Wehavehoweveridentifiedasatisfyingnumbersofredflags

(67) that depend on publicly accessible information. We have then cross‐

referenced the latter with our publicly available information index, and

determinedthat43redflagscanbe,intheory,detectedbyusingexclusivelysuch

data (e.g. profits that are systematically lower than the business sector average,

information that diverge from the financial performance, and presence of shell

companies).

3.3.4 Testing

This phase of the project is currently in progress. We have conducted a

preliminary test, which consisted in assessing the risk of fraud within a Swiss

organizationsuspectedofwidespreadcorruptionpracticesusingthe43redflags

discussedabove.Further,intensivetestswillbeconductedin2015‐16bystudents

-16-

ofILCE'sMasterofAdvancedStudiesinEconomicCrimeInvestigation(MASECI),

aswell as by several Swiss experts and entrepreneurs, in order to determine to

witch extent the results generatedby its application canbe considered accurate

andreliable.

4. Results and discussion

Themainoutputoftheprojectconsistsintwouniqueredflagdatabases.Thefirst

includes our 403 hand‐picked red flags pertaining to occupational fraud. It is

availableintwoformats:aprotectedExcelspreadsheet,completewithfiltersthat

allowtoquicklyaccessthedesired information,andasimplifiedprintedversion.

This database has the potential of empowering any person having access to

internal and/or external information regarding a company to rapidly foresee or

detectandpreventpotentialfraudsituations.Expertswhohavealreadybeengiven

access to thedatabaseagree thata toolgroupingreliableoccupational fraudred

flags in one place is a highly valuable asset; they also lauded its flexibility and

potential for customization, which will allow professionals to adapt it to their

needsand to the situations theywish toanalyze.Theybelieve that thedatabase

will proveuseful at an internal level (in particular to audit committees, internal

auditors, management, risk committees, compliance bodies, ICS surveillance

bodies, quality control bodies, and process managers), but also state that third

parties (such as the business partners, competitors, and investors) could also

benefitfromitsuse.Finally,theexpertssuggestthatthedatabasecouldbeusedfor

educationpurposes, inthecontextofspecializedtrainingforprofessionals inthe

fightagainsteconomiccrime.

-17-

The second database includes the 43 fraud red flags that could possibly be

evaluated using only publicly available information. As mentioned above, these

havebeentestedinthelastphaseofourproject.Whilethisfirsttesthasgenerated

positiveresults,theyarebynomeansconclusive.Furthertestingwilltakeplacein

2015‐16. We will however not be able to corroborate our results with reliable

statistical elements, as the latter are, at the moment, insufficient. Finally, the

validationofseveralsourcesofinformationonwhichtheredflagsarebasedcould

provetobeproblematic,becauseofthehighvolumeofdata,thelackofuniformity

ofsuchsources,andoftheabsenceofevaluationstandardsinthefield.

5. Conclusion

As of today, publicly available information cannot, by themselves, allow the

detection of sufficient red flags to be considered a reliable source for the

assessmentoffraudriskwithinSwisscompanies.Thisduetothelegalframework

in Switzerland and to the fact that most financial information, on which many

provenredflagsdepend,iskeptprivate.Publiclyavailableinformationdoesfulfil,

however,animportantfunctioninthefightagainstfraud.Whilenotpermittinga

complete assessment, it can in some cases provide a general, preliminary

evaluation of a company, and can lead to the spotting of problems (or problem

areas)thatdeservefurtherinvestigation.Assuchtheycanproveusefultopeople

who have access to both private and public information as well as to people

external to the company. Those in the first category can also combine the two

sources in order to achieve a more complete and efficient red flag‐based

assessment.

-18-

Public available information has the potential to play an even bigger role in the

context of fraud detection and prevention. Further research, in particular with

regard to the reliability and quality of the data (source validation) and to the

corroborationoftheresultswithreliablestatisticaldata,willbeneededinorderto

determineunderwhichconditionsthispotentialcouldbeexploited.Thevolumeof

publicly available information is constantly growing, thanks also to media

platformssuchasTwitterandFacebook‐whichareusedbycountlesscompanies

andorganizations.The identificationofpotentiallyuseful informationwithinthis

oceanofdatawillbeoneofthemainchallengesforthefuture.

-19-

References

ACFE.2014.Reporttothenationsonoccupationalfraudandabuse.

http://www.acfe.com/rttn/docs/2014‐report‐to‐nations.pdf

ACFE.2012.Reporttothenationsonoccupationalfraudandabuse.

http://www.acfe.com/uploadedFiles/ACFE_Website/Content/rttn/2012‐

report‐to‐nations.pdf,October28,2015.

ACFE,&Peltier‐Rivest,D.2007.Ladétectiondesfraudescommisesenentrepriseau

Canada:uneétudedesesvictimesetdesesmalfaiteurs.

http://www.acfe.com/uploadedFiles/ACFE_Website/Content/documents/rttn‐

french‐canadian.pdf,October28,2015.

AmericanInstituteofCertifiedPublicAccountant(AICPA).2002.Considerationof

FraudinaFinancialStatementAudit.StatementonAuditingStandardsNo.99.

http://www.aicpa.org/Research/Standards/AuditAttest/DownloadableDocume

nts/AU‐00316.pdf,October28,2015,AICPA.

Ames,D.,Brazel,J.F.,Jones,K.L.,Rich,J.S.,&Zimbelman,M.F.2012.Using

NonfinancialMeasurestoImproveFraudRiskAssessments.CurrentIssuesin

Auditing,6(1):C28–C34.

Bell,T.B.,Peecher,M.E.,Solomon,I.,&KPMGInternational.2005.The21stcentury

publiccompanyaudit:conceptualelementsofKPMG’sglobalaudit

methodology.[S.l.]:KPMGInternational.

Brazel,J.F.,Jones,K.L.,&Zimbelman,M.F.2009.UsingNonfinancialMeasuresto

AssessFraudRisk.JournalofAccountingResearch,47(5):1135–1166.

Brown,S.A.,&DLAPiperLLP.2012.Identificationof“RedFlags”forpossibleviolations

ofkeyUSlawsforcompaniesoperatingoverseas.StrangerinaStrangeLand:

-20-

EthicalandComplianceChallengesinInternationalDisputes.Presentedatthe

ABASectionofLitigation2012SectionAnnualConference,Miami,Florida,

http://www.americanbar.org/content/dam/aba/administrative/litigation/mat

erials/sac_2012/12‐1_identification_red_flags.authcheckdam.pdf,September5,

2014.

Cauvin,E.,&Bescos,P.2005.Lesdéterminantsduchoixdesindicateursdansles

tableauxdeborddesentreprisesfrançaises :uneétudeempirique.Finance

ContrôleStratégie,8(1):5–25.

Chapuis,B.,Granito,D.,Jaquier,S.,&Lavanchy,P.‐Y.2016.Investigationcomptable.

Précisd’investigationfinancière.Lausanne:Pressespolytechniqueset

universitairesromandes.

Cohen,J.,Holder‐Webb,L.,Nath,L.,&Wood,D.2011.RetailInvestors’Perceptionsof

theDecision‐UsefulnessofEconomicPerformance,Governance,andCorporate

SocialResponsibilityDisclosures.BehavioralResearchinAccounting,23(1):

109–129.

Cohen,J.R.,Krishnamoorthy,G.,&Wright,A.M.2000.Evidenceontheeffectof

financialandnonfinancialtrendsonanalyticalreview.Auditing,19(1):27–48.

Colby,E.2004a.Lafraudeetlecontrôleinterne,Premièrepartie :l’importancedes

contrôles.https://www.cga‐

pdnet.org/Non_VerifiableProducts/ArticlePublication/FraudInternalControls_F

/FraudInternalControls_p1_F.pdf,August5,2014.

-21-

Colby,E.2004b.Lafraudeetlecontrôleinterne,Deuxièmepartie :concevoirdes

contrôlespourenrayerlesmenaces.https://www.cga‐

pdnet.org/Non_VerifiableProducts/ArticlePublication/FraudInternalControls_F

/FraudInternalControls_p2_F.pdf,August5,2014.

Colby,E.2004c.Lafraudeetlecontrôleinterne,Troisièmepartie :lesstratagèmesde

fraudeinterne.https://www.cga‐

pdnet.org/Non_VerifiableProducts/ArticlePublication/FraudInternalControls_F

/FraudInternalControls_p3_F.pdf,August5,2014.

COSO.2013.

http://www.cpa2biz.com/AST/PricingStructureAssortments/Section_Credentia

ls/Pricing_Tax_Section_Member/PRDOVR~PC‐990025/PC‐

990025.jsp?selectedFormat=Paperback,October28,2015.

DelBosco,B.,&Misani,N.2011.Keepingtheenemiesclose:Thecontributionof

corporatesocialresponsibilitytoreducingcrimeagainstthefirm.Scandinavian

JournalofManagement,27(1):87–98.

DiNapoli,T.P.2010.RedFlagsforFraud:14.

http://www.osc.state.ny.us/localgov/pubs/red_flags_fraud.pdf,August5,2014,

StateofNewYork,OfficeoftheStateComptroller.

Directive2014/95/EUoftheEuropeanParliamentAndoftheCouncilof22October

2014,amendingDirective2013/34/EUasregardsdisclosureofnon‐financial

anddiversityinformationbycertainlargeundertakingsandgroups.

Gallet,O.2010.Halteauxfraudes,Guidepourauditeursetdirigeants.Paris:Dunod.

Golden,T.W.,Skalak,S.L.,Clayton,M.M.,&Pill,J.S.2011.Aguidetoforensic

accountinginvestigation(2nded.).Hoboken,NJ:Wiley.

-22-

Isenring,G.L.,Mugellini,G.,&Killias,M.2013.Surveytoassessthelevelandimpactof

crimesagainstbusinessesinSwitzerland.

http://www.unisg.ch/~/media/internet/content/dateien/unisg/schools/ls/leh

rstuhl%20killias/final%20report_swiss%20business%20crime%20survey_201

3.pdf,August5,2014,UniversityofZurich.

Ittner,C.D.,&Larcker,D.F.1998.AreNonfinancialMeasuresLeadingIndicatorsof

FinancialPerformance?AnAnalysisofCustomerSatisfaction.Journalof

AccountingResearch,36:1–35.

KPMG.2009.Enquêtesurlacriminalitééconomique2009,GlobalEconomicCrime

Survey.

https://www.pwc.ch/user_content/editor/files/publ_adv/pwc_global_economi

c_crime_survey_09_ch_f.pdf,August5,2014.

KPMG.2012a.AuditCommitteeInstitute,Outil11:indicateursd’alerte.

https://www.kpmg.com/FR/fr/AuditCommitteeInstitute/Documents/Fiches_O

utils_ACI_11.pdf,August5,2014.

KPMG.2012b.Lafraudedansleprocessusd’approvisionnement.

http://www.kpmg.com/ca/fr/topics/at‐risk‐magazine/pages/procurement‐

fraud‐are‐you‐prepared.aspx,August5,2014.

KPMG.2013a.Wirtschaftskriminalität:Deutschland,Österreich,SchweizimVergleich.

http://www.kpmg.com/CH/de/Library/Articles‐

Publications/Documents/Advisory/ch‐pub‐20130313‐wirtschaftskriminalitaet‐

de.pdf,October28,2015.

-23-

KPMG.2013b.Astrusinsights.KPMG'sanalysisofthird‐partyintegrityrisks.

https://www.kpmg.com/Global/en/IssuesAndInsights/ArticlesPublications/Do

cuments/astrus‐insights.pdf,October28,2015.

Mauléon,F.2007.Lacommunicationextrafinancièrecommenouvelleformede

l’éthiquedel’entreprise.

http://quoniam.info/competitive‐

intelligence/PDF/PhDs_Guidance/PhD_Fabrice_Mauleon.pdf

Ouaniche,M.2009.Lafraudeenentreprise :Commentlaprévenir,ladétecter,la

combattre.Paris:Maxima.

Peter,H.,&Jaquemet,G.,2014.CorporateSocialResponsibility,Analysedesrapports

2013desdixplusgrandessociétésduSMI.L’Expert‐Comptablesuisse,2014|11:

1027‐1037.

Pons,N.2006.Colsblancsetmainssales.Economiecriminelle,moded’emploi.Paris:

OdileJacob.

Pons,N.,&Berche,V.2009.Arnaques:lemanuelanti‐fraude.Paris:CNRS.

PwC.2011a.Cybercrimeinthespotlight,SwissEconomicCrimeSurvey2011.

http://www.pwc.ch/user_content/editor/files/publ_adv/pwc_global_economic_

crime_survey_11_CH_e.pdf,August5,2014.

PwC.2011b.Lafraudeenentreprise :tendancesetrisquesémergents,6eédition

GlobalEconomicCrimeSurvey2011.

https://form.pwc.fr/dev/formulaire_pwc_publication/formulaire_pwc_publicati

on_1.0.0/index.php?id=3932,August5,2014.

-24-

PwC.2014a.Economiccrime:Athreattobusinessglobally,GlobalEconomicCrime

Survey2014.https://www.pwc.com/gx/en/economic‐crime‐

survey/downloads.jhtml,July28,2014.

PWC.2014b.Lafraudecontinueàêtreunevraiemenacepourlesentreprises.

http://www.pwc.fr//assets/files/pdf/2014/02/pwc_etude_fraude2014_fr.pdf

Rapportdedroitcomparé.Mécanismesdediligenceenmatièrededroitsdel'hommeet

d'environnementenrapportaveclesactivitésd'entreprisessuissesàl'étranger.

Rapportrédigéenexécutiondupostulat12.3980.2mai2014.

http://www.ejpd.admin.ch/content/dam/data/bj/aktuell/news/2014/2014‐

05‐28/ber‐apk‐nr‐f.pdf,October29,2015.

Singleton,T.W.,&Singleton,A.J.2006.Fraudauditingandforensicaccounting(3rd

ed.).Hoboken,NJ:Wiley.

Sterchi,W.,Mattle,H.,&Helbling,M.2014.PlancomptablesuissePME.Lausanne:LEP,

LoisirsetMont‐sur‐Lausanne.

Zimbelman,M.F.,&Albrecht,C.C.2011.Forensicaccounting(4thed.,International

ed.).Mason,OH,etc.:South‐Western/CengageLearning.