February 2003

SAS 99: Detecting Fraud Using Benford’s Law and Preventing Computer Fraud in Small and Medium-Sized Companies

The new generally accepted audit standard relating to fraud, SAS 99, recently was issued. It includes specific guidance for fraud detection procedures in financial statement audits. SAS 99 mandates new audit procedures relating to fraud and, with the passage of the Sarbanes-Oxley Act, can subject the practitioner to larger penalties than previously for noncompliance.

In the wake of Enron, WorldCom and other financial reporting surprises, clients, bankers and users of audited financial statements, as well as the general public, have increasing expectations on the ability of the external auditor to detect fraud. Potentially, the public’s expectations and the liability for auditors to detect fraud may be no less for audits of nonpublic small and medium-sized entities than for Securities and Exchange Commission audits.

Learn about the history, theory and practical uses of Benford’s Law, a mathematical phenomena that has existed in theory for over 100 years and is helpful in identifying fraud trends in financial statement audits or fraud investigations, by attending the March 13 continuing professional education (CPE) evening technical session organized by the New York State Society of CPAs’ Technology Assurance (TA) Committee. Approximately 10 years ago, an auditor applied the theory behind Benford’s Law to identify potentially fraudulent transactions and financial trends. The idea behind the law is that the numerical value of a transaction can be used to identify potential fraudulent transactions.

The second part of the presentation will cover specific requirements of SAS 99 as it applies to computer fraud in small and medium-sized companies.

The topics covered will include:

The history of Benford’s Law
Auditor application of the theory behind Benford’s Law to identify potentially fraudulent transactions and financial trends
Practical uses of Benford’s Law that are helpful in identifying fraud trends in financial statement audits or fraud investigations
SAS 99 elements of fraud
Controls to prevent computer fraud in small and medium-sized companies
Auditor procedures to detect computer fraud in small and medium-sized companies.

Date: Thursday, March 13, 2003
Time: 5:30 p.m. to 6:00 p.m.: registration, networking, free sandwiches and soft drinks; 6:00 p.m. to 8:30 p.m.: CPE session
Presenters: Christopher J. Rosetti, Bruce H. Nearon
Location: NYSSCPA headquarters, 530 Fifth Ave. (between 44th and 45th streets), fifth floor, New York City

About the Presenters

Christopher J. Rosetti, CPA, CFE, DABFA, is a director for KPMG’s forensics unit. He previously conducted financial statement audits for KPMG before leaving to work as a confidential investigator for a governmental investigative agency.

Mr. Rosetti spent five years teaching accounting-related courses at Siena College, and developed and taught a forensic accounting course for Utica College. He has qualified and testified as an expert witness and given more than 50 fraud and/or forensic presentations to various private and public organizations.

Mr. Rosetti also served as national fraud instructor for KPMG’s recruits, has been a presenter at the last three annual seminars hosted by the Association of Certified Fraud Examiners (ACFE), developed training and self-study courses for the ACFE, and is an instructor for the Person Wolinsky CPA Review Course.

Bruce H. Nearon is the director of IT security audit for the Cohn Consulting Group, a division of J.H. Cohn LLP, in Roseland, N.J., and is chair of the NYSSCPA Technology Assurance Committee. He also is a member of the NYSSCPA Auditing Standards and Procedures Committee, the Information Systems Audit and Control Association, and an associate member of the Information Security Committee, Science and Technology section of the American Bar Association.

He received the American Institute of CPAs’ Elijah Watt Sells Award for performance with high distinction on the May 1989 CPA exam and holds a bachelor’s degree in accounting and a master’s of accountancy from the University of Florida.

Mr. Nearon is a frequent speaker at professional auditing and information technology seminars, and has published numerous articles in professional publications on IT auditing and network security.

Additional Information

This NYSSCPA/Foundation for Accounting Education CPE evening technical session is $45 for NYSSCPA members and $50 for nonmembers to qualify for three hours of CPE credit. A $25 additional walk-in fee will be charged to those who register at the door.

At the session you will get the chance to network with the profession’s and the industry’s IT leaders. Advance registration is recommended because seating is limited.

For additional information, contact Gary E. Carpenter at (315) 487-4567 or gcarpenter-cit@worldnet.att.net or Mr. Nearon at (973) 403-6955 or bnearon@jhcohn.com.

For more information on the Technology Assurance Committee, visit www.nysscpa.org, click on the Find Committees tab on the left-hand side of the page and then scroll down to the Technology Assurance Committee link.

Registration

To register: contact FAE at (212) 719-8383 or (800) 537-3635 or visit the Society’s website at www.nysscpa.org (you will need your Society member number to register). Go to the Technology Assurance Committee homepage and select “03/13/03-SAS 99: Detecting Fraud Using Benford’s Law and Preventing Computer Fraud in Small and Medium-Sized Companies” located under the Free IT CPE banner.

Acknowledgments

J.H. Cohn LLP and Carpenter Information Technologies, Inc., helped provide the funding and resources for the sandwiches and soft drinks, marketing and publicity, and administration of this event.