Ziplag, a large company, experienced a fraud in the cash payments processed for employees supplementary medical benefit claims. Fictitious benefit claims were paid by the company, which self-insured up to $40,000 per employee for supplementary benefits costs, for such as physiotherapy and acupuncture not covered by other medical and benefits coverage plans. The expense account that included legitimate and false charges was employee supplementary medical benefits.

As manager of the claims payment department, Lillian was considered one of Ziplag s best employees. She never missed a day of work in 8 years, and her department had one of the companys best efficiency ratings. Controls were considered good, including the verification by a claims processor that (1) the patient was a Ziplag employee, (2) treatments were covered by the company-sponsored plan, (3) the charges were within approved guidelines and not covered by another plan, (4) the cumulative claims for the employee did not exceed $40,000 & if over $40,000 , a claim was submitted to an insurance company, and (5) the calculation for payment was correct. After verification processing, claims were sent to the claims payment department to pay the medical practitioner directly. No payments ever went directly to employees. Lillian prepared false claims on real employees, forging the signature of various claims processors, adding her own review approval, naming bogus medical practitioners who would be paid by the payment department. The payments were mailed to various post office box addresses and to her husbands business address.

Nobody ever verified claims information with the employee. The employees received no reports of medical benefits paid on their behalf. While the department had performance reports by claims processors, these reports did not show claim-by-claim details. No one verified the credentials of the medical practitioners. Over the last seven years, Lillian and her husband stole $3.5 million, and, until the last, no one noticed anything unusual about the total amount of claims paid.

The falsified claim forms were in Ziplags files, containing all of the fictitious data on employee names, processor signatures, medical practitioners bills, and phony medical practitioners addresses. The cancelled cheques, endorsed by the doctors, were returned by the bank and kept in Ziplags files. Lillian and her husband were somewhat clever: they deposited the cheques in various banks in accounts opened in the names and identification of the medical practitioners.

Lillian did not make any mistakes in covering the paper trail. She drew the attention of an auditor who saw her take her 25 claims-processing employees out to an annual staff appreciation luncheon in a fleet of stretch limousines.

The auditors objective is to obtain evidence determining whether employee medical benefits existed in the sense of being valid claims paid to valid medical practitioners.

Controls relevant to the process are good as far as they go. The claims processors used internal data in their workemployee files for identification and treatment descriptions submitted by medical practitioners with comparisons to plan provisions and mathematical calculations. This work amounted to all the approval necessary for the claims payment department to prepare a cheque. No controls connected the claims data with outside sources, such as employee acknowledgement or investigation of medical practitioners.

Required: Total 35 marks

1. You are the auditor for Ziplag. State the objective of this audit in this case. 2 marks
2. What is your first step in this audit? Describe it in detail. 3 marks.
3. Upon inspecting the client, identify the audit controls that is put in place by the management. How do you rate the controls currently in place? What type of controls specifically can you identify? What tests of controls and details of balance would you look into? 15 marks (3marks for each control identification and explanation 9 marks; 3 marks for test of controls and details of balance 6 marks)
4. After studying the case what audit procedures would you undertake to identify Lillians theft? Use at least two substantive tests to support your work in your audit performance and identify the audit assertions along with it. I.e existence, completeness, ownership, valuation and presentation (Hint: use your chapters exhibits on performing the audit to answer this question) 15 marks