IntroductionRadical changes that are taking place in organizations today do not only affect data management, business intelligence, and business informatics; the changes are also responsible for the rapid evolution and metamorphosis of the accounting practices in the financial sectors. Unlike many years back, accountants maintain few physical financial records and statements, thanks to the advent of exceptional computerized accounting tools with cloud backups. Modern accounting practices are responsible for the tremendous changes in the manners in, which auditors do their job. Instead of solely relying on physical paperwork, auditors can now dig deep into computers to find out everything that accountants have been doing for a period of time before making their final reports. Similarly, in the event financial impropriety or fraud, auditors, or investigators do not need to go into the manual paper work, as the computerized accounting system can provide enough evidence to prove or disapprove the fraud allegations. This paper will discuss the stepwise procedure and the legal considerations involved when carrying out digital forensic investigations to unearth financial fraud.
Conventional Sources of Digital Evidence
Typically, the suspects will always try to hide their fraudulent activities by making it difficult to trace and trail the route used to steal money from an organization. They will try as much as possible to manipulate by deleting files, uploading falsified documents, and making changes into the system with the intention of not being caught (In Gladyshev et al., 2014). However, one of their undoing is that the accounting system architecture records everything that happens over a long period. It is not always possible for end users to delete the system memory unless by reconfiguration. Convectional sources such as suspects’ computers, laptops, drivers, entity’s network servers, CDs, floppy drives, DVDs, Email printers, and primary memories record user activities that could be retrieved and analyzed during digital forensic investigation s in financial fraud (In Gladyshev et al., 2014). Investigators should examine storage devices such as the RAM, the hard drives, and the registry for detailed information regarding system usage in the event of forensic fraud investigations.
After getting evidence from conventional sources, the investigators should examine the network sources for additional information (Nigrini, 2011). Computer systems are connected to the entity servers via network connections. Since end users do not have access to the main servers, they cannot delete information on it. For this reason, investigations should extend to the entity servers, as it could reveal more activities even if the suspect deleted some information from their computers (Nigrini, 2011). The suspect might have used the internet to download and upload files into the system; they might have also sent and received emails leading to the crime over the entity network. When investigators do a thorough analysis of the system servers, they could find all these activities. Other sources of valuable information during forensic fraud investigations include offline storage devices such as CDS, DVDs, and floppy disks, peripheral storage sources such as the memory of the printers, personal computing devices such as PDAs, and communication sources email headers and other signature sources (Nigrini, 2011).
Critical Steps in Forensic Fraud Investigations
Forensic fraud investigations occur in four major steps. The first step is preserving data, second is acquiring data, third is data authentication, and the last step is analysis of the data (Crain, 2015). Data preservation and acquisition involves securing and extracting prices of evidence from all target sources, which include the registries, peripheral, network, and convectional sources. Data authentication and analysis involves verification and examination of the gathered information. When assessing and examination data gathered from the various resources, investigators look for inconsistencies, testing the details of every transaction and balances, sampling of system programs to retrieve data for auditing, testing application and general computer control, and recalculating all the transactions performed by the suspect (Crain, 2015). Fraud investigations need the input of qualified accountants aided by a qualified computer forensics professional.
The first step that the accountant and the forensic investigator should always be applying their respective professional skills in accounting and forensic science respectively to collect, preserve, secure, analyze data, and report their findings. During forensic investigations, both the accountant and the forensic investigator should explore all the physical and digital evidence to discern any red flags or warning signs.
Legal Impact on Digital Evidence
The law does not consider digital evidence gathered and analyzed by illegal procedures. If it happens that the investigative process did not follow the laid down legal procedures of carrying out forensic investigations, the investigator is likely to face the wrath of the law for gross misconduct (Crain, 2015). The investigators should always ensure that they follow data policies and within the confines of privacy laws to avoid any legal misconduct. If the evidence from a flawed process is presented before any court, the judges can throw it out because of the illegalities involved in its acquisition.
Fraudsters are extremely clever, as they will always try to make it nearly impossible for anyone to track them down after committing the offences. They will try to delete, alter, and corrupt documents, as well as the system just escape being caught on the act. Investigators should be smarter and look for minor mistakes and slightest trails left behind after a fraudulent accounting process. They should follow all data policies and legal procedure to get as much information as they can from physical and digital sources such as the computer registries, the memory devices, and network system sources.
- Crain, M. A. (2015). Essentials of forensic accounting.
- In Gladyshev, P., In Marrington, A., & In Baggili, I. (2014). Digital forensics and cyber crime: Fifth International Conference, ICDF2C 2013, Moscow, Russia, September 26-27, 2013, Revised selected papers
- Nigrini, M. J. (2011). Forensic analytics: Methods and techniques for forensic accounting investigations. Hoboken, N.J: Wiley.