Computer Frauds

Installing a computer in the office to frauds can give a false sense of security because the computer is still man-operated.

Modus Operandi

Many companies today have opted to mechanize their financial and accounting jobs for speed and economy. Most executives have installed computers in the hope that they could discourage dishonesties. But computers cannot run without people who easily succumb to temptation. So, a new crime on the rise is the computer fraud.

There was a company whose EDP (electronic data processing) employee secretly removed the names of a great number of prospective customers from the computerized list and sold them to a competitor.

In another company, fictitious credit memos were generated by the computer. If the financial officers wanted to write off a credit memo, they would create a negative debit memo. The external auditors could not find any wrongdoing inasmuch as they were provided with all credit memos but they were not aware of debit memos.

A bank official programmed a computer to occasionally take off centavos from each account and to put the money in his private account. The official accumulated a considerable amount of money before his trick was discovered through an audit. The customers did not even know that they had lost some money in the process.

A programmer employed by another company stole a valuable computer program and had it ransomed for a large sum of money. An overseas bank made an error in transmitting $1 thousand to a certain individual in another country. The actual computer fund transfer was made at $1 million! The recipient defrauded the bank of the excess remittance.

Detection and Prevention

Upon receiving the statements of account mailed for confirmation by the company's internal auditor, some customers complained that their balances did not show centavos. In the investigation, the source documents copies (invoices, official receipts, credit and debit memos etc.,) were cross-checked randomly with the computers print-outs, The test-checks showed they were in order but some customers with centavo-ending balances did not show the centavos in the statement of account produced by the EDP. The computers abstract of savings accounts inevitably disclosed the unusual official's private account as the result of the manipulation.

Computer frauds fortunately are preventable. Here are some measures that can discourage electronic dishonesties: Computer programs should be controlled numerically and inventoried periodically by an employee not connected with the EDP, preferably the internal auditor. The surprise accounting of all EDP programs will deter employees from stealing them. A back-up or a duplicate copy of computer programs should be kept in a fireproof safe so that if a program is stolen there is an immediate replacement. As a safeguard, electronic protection (fences) should be built inside the computer to prevent one computer capturing data from another.

Another preventive measure is by instituting secret coding or password. For the security of EDP programs, the programmer should be made responsible to the highest finance officer so that no other official can manipulate the programs. Preparation of new programs, their revisions, or alterations should be properly authorized in writing to preclude manipulation of the programs. For audit purposes, the internal auditing department should be furnished a copy of the authorization.

Direct correction of EDP errors after the books have been closed should not be allowed. Corrections should be made on a journal voucher for approval of the authorized officer.

Recovery of excess EDP fund transfer proves to be tedious and expensive. Hence, to avoid such costly errors which may be deliberate or not, the receiving bank should confirm with the sending bank should confirm with the sending bank the correctness of the fund transfer on amounts $1 million and above especially when it is in round figures. As a deterrent, dishonest employees should be terminated without exception by all companies.