These are the questions I would like help with answering please! I've attached and labeled the articles for each case below the questions! Please help! Lemme know if you need anything else!

Case 1:

Case 2:

Case 3:

1. What internal controls could have been used to prevent Kershey from carrying out the false billing scheme? 2. What factors might have contributed to the weak internal control environment that allowed this scheme to exist for 16 years? Case II: - Process for Selling Cakes Questions: 1. What internal controls have been used in Superior Cakes? 2. Compared with Case I, does Superior Cakes have stronger internal controls? What did you learn from these two cases? Case III: - SEC Article Questions: 1. Do you have suggestions for publicly traded companies related to internal controls after you read the case? In October 2014, a former Smucker employee, Mark Kershey, was charged with defrauding the J.M. Smucker Company of more than $4.1 million over a 16 year period. Kershey was the chief airplane mechanic at the company's hangar at the Akron-Canton Airport in Ohio from 1990 until he was discharged by Smucker in 2013. From 1997 until he left Smucker, Kershey invoiced Smucker for more than $4.1 million by using a fictitious entity he created. He billed Smucker for nonexistent parts and/or work that he himself actually performed as part of his duties as a salaried employee. Most of these invoices were for less than $10,000, which Kershey himself was authorized to approve. A supervisor to Kershey approved the few invoices that were for more than $10,000 based on his trust in Kershey. To carry out his false billing scheme, Kershey set up a post office box in Lake Township in Ohio using the fictitious entity name of Aircraft Parts Services Co (APS). He (as APS) would then invoice Smucker using non-sequential invoice numbers, so it looked like APS was invoicing other companies too. Kershey used the proceeds to purchase and maintain two planes, several automobiles, and to make payments on his house. Kershey was eventually caught in late 2012 when three checks written by Smucker to APS totaling $44,000 were not cashed. When a Smucker employee questioned Kershey about the APS uncashed checks, Kershey indicated that APS had been sold to another Smucker vendor. The false billing scheme began to unravel and Kershey was fired by Smucker. The Special Assistant United States Attorney has charged Kershey with mail fraud following an investigation by the Federal Bureau of Investigation, Canton, Ohio. Charges were filed in October 2014 and the case is pending. Superior Cakes, run by Marla and Jean, sells specialty cakes baked fresh to customer specifications. Marla receives customer orders in person at the store, by phone, or by email. Customers must pay for cakes at the time of the order. The payment details (e.g., the type of payment and details about the check or credit card) are recorded. A receipt (marked as "Paid" with a pick up date) is printed and provided to the customer. Marla sends an electronic copy of the order to Jean in the bakery located in the back of the store. Jean gathers the necessary ingredients, and then mixes, bakes, and frosts each specialty cake per the customer order. When a cake order is complete, Jean boxes it, prints a sticker containing the order details, and adheres the sticker to the box. When customers arrive to pick up cake orders, the customer presents his/her copy of the order marked "Paid." Marla scans both the customer receipt and the order sticker on the cake box to make sure they match. The cake is given to the customer and the transaction is recorded in the transaction processing system, including the financial (general ledger) records. The Securities and Exchange Commission released a report Tuesday warning publicly traded companies that they should consider cyber-threats when they implement internal controls. The report stems from an investigation by the SEC's Enforcement Division of nine unnamed companies that fell prey to cyber-criminals who stole millions of dollars from them. The investigators focused on instances where the cyber-criminals posed as company executives or vendors and used emails to fool legitimate employees, prompting them to send large sums of money to bank accounts controlled by the froudsters. The SEC calls these cases "business email compromises," or BECs. "Spoofed or manipulated electronic communications are an increasingly familiar and pervasive problem, exposing individuals and companies, including public companies, particularly those that engage in transactions with foreign customers or suppliers, to significant risks and financial losses," said the report. In some cases, the frauds went on for months at a time and were detected only after law enforcement authorities or outside parties intervened. Each company lost at least $1 million, and one of them was duped out of over $45 million. The nine companies transferred a total of close to $100 million, and most of it couldrit be recovered. The SEC didr't file charges against any of their companies or their employees, but it is encouraging public companies to beef up their internal controls over financial reporting. The commission noted that public issuers are subject to the internal accounting controls requirements of the Securities Exchange Act of 1934 and are required to calibrate their internal accounting controls to the current risk environment and assess and adjust policies and procedures accordingly. The Federal Bureau of Investigation has estimated that fraud involving business email compromises has cost companies over $5 billion since 2013 , with another $675 million in adjusted losses in 2017 , the highest amount of estimated out-of-pocket losses for any type of cybercrime in that period. The SEC issued the report in conjunction with National Cybersecurity Awareness Month. "Cyber frauds are a pervasive, significant, and growing threat to all companies, including our public companies," said SEC Chairman Jay Clayton in a statement. "Investors rely on our public issuers to put in place, monitor and update internal accounting controls that: appropriately address these threats