CFE-Fraud-Prevention-and-Deterrence Certified Fraud Examiner - Fraud Prevention and Deterrence Exam Questions and Answers

 Definition of Focus Groups:

Focus groups involve small groups of individuals discussing a specific topic under the guidance of a facilitator. This technique is used to gather qualitative insights through direct interaction and observation.

 Why A is Correct:

Observing employee interactions during a focus group provides rich, contextual data about attitudes, understanding, and engagement with fraud awareness training.

 Why Other Options are Incorrect:

B (Surveys):Collect quantitative data but lack interaction and observational opportunities.

C (Anonymous feedback mechanisms):Useful for confidentiality but do not allow observation.

D (Interviews):Individualized and do not involve group dynamics​​.

Findings from the 2020 Report to the Nations:

Tips are the most common method of detecting fraud, accounting for over 40% of detected cases.

Whistleblower hotlines and other reporting mechanisms are vital for obtaining tips.

Analysis of Other Options:

A. Internal audit:While effective, it is less common than tips.

B. Confession:Rarely the initial method of detection.

D. External audit:Detects fraud in a smaller percentage of cases.

Conclusion:Tips are the most common method of fraud detection according to the 2020 Report to the Nations.

Detective controls are designed to identify fraud or errors that have already occurred. Continuous audit techniques serve as a detective control by automatically monitoring transactions and flagging anomalies or irregularities for further investigation. On the other hand, preventive controls such as separation of duties, background checks, and hiring policies aim to stop fraud before it happens.

=================

Principles in the Fraud Risk Management Guide (COSO and ACFE):

Communicating expectations regarding fraud risk management.

Conducting comprehensive fraud risk assessments.

Implementing preventive and detective controls.

Monitoring and reporting the program’s effectiveness.

Analysis of Option D:

Fraud risk management requires ongoing evaluations, not one-time assessments, to adapt to evolving risks.

Conclusion:Option D is not included in the principles described in the Fraud Risk Management Guide.

Comprehensive and Detailed in Depth Explanation:

Government auditors typically cannot unilaterally withdraw from an audit engagement, even in cases where fraud is identified. Public-sector audits often follow mandates from higher authorities or statutes that require the auditor to continue and report findings to oversight bodies. Additionally, fraud and abuse (including misconduct and misuse of assets) are relevant to government audits under ISSAIs, contrary to A and B. Option D is incorrect because public-sector audit objectives are often broader, encompassing compliance, performance, and integrity aspects.

Comprehensive and Detailed in Depth Explanation:

Silk and Vogel’s research found that organizations often rationalize unethical or illegal behavior by diffusing responsibility across a group, thus minimizing perceived individual culpability. This"shared guilt" justification is reflected in option D. The other options either misunderstand the research or do not reflect actual rationalizations used in white-collar crime contexts.

Information, communication, and reporting involve the continual process of gathering and sharing relevant information across an organization to support decision-making and risk management. This ensures that all stakeholders are informed and that information flows effectively to enhance organizational performance.

=================

 Definition of Corporate Governance:

Corporate governance establishes the framework for decision-making and accountability within an organization. It includes roles, rights, and responsibilities of stakeholders such as the board, management, and shareholders.

 Why D is Correct:

The governance structure formalizes the distribution of roles and ensures clarity in accountability and oversight.

 Why Other Options are Incorrect:

A:Fraud risk management supports governance but is not its foundation.

B:Governance encompasses more than financial reporting accuracy.

C:Governance practices are essential even when owners are setting strategy​​.

Rational choice theory posits that crime is a deliberate and rational decision made by individuals who weigh the costs and benefits of their actions. Perpetrators commit crimes when they believe the potential benefits outweigh the risks. This theory also supports deterrence measures that increase the perceived risks or reduce the benefits of committing crimes, thereby discouraging rational actors from engaging in fraudulent behavior.

​

=================

ISO 31000:2018 emphasizes that effective risk management must be integrated into all activities across the organization—not just high-risk ones.

“An effective and efficient risk management program... is integrated into all organizational activities, is structured and comprehensive, and is customized and proportionate to the organization’s operations and objectives.”

Comprehensive and Detailed in Depth Explanation:

The G20/OECD Principles emphasize the importance of full disclosure, including timely, accurate, and transparent mechanisms to maintain investor confidence and market integrity. While they support the equal treatment of shareholders, not members of the governing body (rejecting B), and call for corporate—not government—governance responsibilities (rejecting C). Protecting management’s rights (A) is not a governance principle focus.

 Professional Responsibility Under ACFE Code of Ethics:

The ACFE Code of Professional Ethics requires Certified Fraud Examiners (CFEs) to disclose material information to the proper authorities. When fraud is discovered, the CFE must act in the best interest of the organization while adhering to ethical standards.

In this scenario, Gray must report Green's involvement in unrelated fraud to ABC Corporation's board of directors. This ensures transparency and accountability without breaching client confidentiality unnecessarily.

 Relevant Principles from ACFE Code of Ethics:

Integrity:CFEs must act honestly and report findings to the appropriate parties.

Objectivity:The CFE must avoid conflicts of interest and ensure impartiality in all findings and disclosures.

 Board Reporting Responsibility:

Reporting to the board is appropriate because they are responsible for corporate governance and oversight. Law enforcement involvement should follow organizational protocols unless laws explicitly mandate direct reporting​​.

Effect of Documenting Organizational Hierarchies:

Properly documenting hierarchies improves fraud prevention by clarifying responsibilities, ensuring accountability, and establishing clear information flow.

This reduces ambiguity and limits opportunities for fraud.

Why the Statement is False:

Documenting and communicating hierarchies strengthens fraud prevention, rather than hindering it.

Conclusion:The statement is false because clear hierarchies enhance fraud prevention initiatives.

Allowing employees to report fraud anonymously is a best practice in fraud reporting programs. This encourages whistleblowers to come forward without fear of retaliation or reprisal, increasing the likelihood of fraud detection. Transparency about confidentiality policies further supports employee trust in the reporting system.

=================

Fraud Risk Assessment Objectivity:

The assessment must remain unbiased, but any prior disagreements or conflicts may highlight areas where policies or procedures are unclear, increasing fraud risks.

Why C is Correct:

Incorporating disagreements provides context to evaluate risks objectively, ensuring that all relevant factors are considered without bias.

Why Other Options are Incorrect:

A:Confronting Brandon could create further conflict without adding value.

B:Delegating the task unnecessarily avoids responsibility.

D:Automatically designating the area as high-risk lacks justification and could undermine credibility​​.

References for All Questions:

ACFE Code of Professional Ethics and Fraud Examination Guide​​.

ISO 31000:2018 guidelines for risk management​​.

Criminological theories related to crime causation and fraud risk assessments​​.

Analysis of Each Option:

A. Green's conduct:Including unrelated deficiencies violates the principle of relevance and focus in reporting. It may lead to confusion or breach professional diligence.

B. Stephanie's conduct:Delegating tasks without oversight or review violates the ACFE Code's requirement for due diligence.

C. Susan's conduct:Failing to seek client authorization before disclosing records (even under a court order) breaches confidentiality provisions unless explicitly required by law.

Key Ethical Considerations:

CFEs must adhere to principles of confidentiality, diligence, and focus in their work.

Failing to follow these standards compromises the integrity and credibility of their practice.

Conclusion:All the described scenarios involve violations of the ACFE Code of Professional Ethics.

 Statistics on Fraud Prosecution:

Research indicates that many organizations prefer to handle fraud cases internally rather than involving law enforcement due to concerns over reputation, cost, and time.

 Why B is Correct:

Organizations often resolve fraud cases through internal disciplinary actions, such as termination or restitution, rather than pursuing criminal prosecution​​.

 Why Other Options are Incorrect:

While internal handling is common, other factors like fear of publicity and legal costs also influence the decision to avoid prosecution.

 Purpose of Fraud Risk Assessment:

Fraud risk assessment aims to identify vulnerabilities and evaluate the organization's exposure to fraud risks. It does not specifically provide an estimate of fraud losses.

 Why D is Correct:

Estimating fraud losses is not a standard objective of fraud risk assessments; rather, they focus on identifying and mitigating risks.

 Why Other Options are Correct:

A: Employee behavior is a critical factor in fraud risk.

B: Fraud awareness is a key outcome of the assessment.

C: High-risk designations indicate vulnerability, not confirmed fraud​​.

Ethical Obligations Under ACFE Code:

CFEs are obligated to report material findings, including deficiencies that may facilitate fraud, even if no fraud is found.

Providing such insights aligns with the principles of due diligence and professional responsibility.

Professional Reporting Practices:

Including opinions on internal control deficiencies adds value to the examination and supports fraud prevention efforts.

Conclusion:White may include her opinion on control deficiencies in her report.

Management is ultimately responsible for ensuring the effectiveness of the organization’s anti-fraudprogram. They set the tone at the top, establish internal controls, and ensure that the necessary resources and oversight mechanisms are in place to prevent and detect fraud. Other stakeholders, such as auditors and compliance officers, provide support but do not bear ultimate responsibility.

=================

Understanding Compliance Theory:

Compliance theory emphasizes preventing crime through incentives for voluntary adherence to laws and proactive administrative measures.

By addressing potential violations early, compliance theory aims to deter criminal behavior before it occurs.

Application of the Theory:

Examples include economic benefits for following regulations and monitoring mechanisms to identify early signs of noncompliance.

Conclusion:The statement accurately describes compliance theory.

Professional Skepticism Defined:

Professional skepticism is an attitude that includes a questioning mind and a critical assessment of evidence. Fraud examiners must remain vigilant to indications of potential fraud throughout an engagement.

Consistent Application:

ACFE standards emphasize that skepticism should be applied consistently, even if initial findings do not indicate fraud, to avoid overlooking potential risks.

Why D is Correct:

Relaxing skepticism can lead to missed evidence or poor judgment, undermining the examination's effectiveness​​.

COSO Definition of Internal Control:

COSO defines internal control as a process executed by an entity’s board, management, and personnel to provide reasonable assurance about achieving objectives in operations, reporting, and compliance.

Analysis of Options:

A. Corporate compliance:Corporate compliance focuses on adhering to laws and regulations, not the broader operational objectives.

B. Fraud risk management:This is a component of internal control, not its definition.

C. Risk assessment:This is a step within the internal control process but not the overarching process.

D. Internal control:Matches the COSO definition accurately.

Conclusion:Internal control is the correct answer as defined by COSO.

The G20/OECD Principles call for a corporate governance framework that ensures “the equitable treatment of all shareholders including minority and foreign shareholders.” This principle reinforces fairness and equal rights in governance systems.

“The Principles… call for a corporate governance framework that protects the exercise of shareholders’ rights and supports the equal treatment of all shareholders including minority and foreign shareholders.”

Step by Step Comprehensive Detailed Explanation with All References:

Proactive Fraud Auditing:

Proactive fraud audit procedures aim to prevent and detect fraud before it escalates. Implementing these procedures signals to employees and stakeholders that fraud will not be tolerated.

Such actions align with creating a strong anti-fraud culture within the organization.

Examples of Proactive Fraud Audits:

Surprise audits, continuous monitoring, and analytical procedures identify discrepancies and potential fraud risks.

Fraud prevention and deterrence are enhanced through consistent implementation.

Effectiveness and Prevention:

Unlike reactive measures, proactive approaches demonstrate an organization’s commitment to maintaining integrity and ethical standards​​.

Comprehensive and Detailed in Depth Explanation:

For a fraud reporting program to be effective, employees must clearly understand how to use it. Providing specific and user-friendly reporting methods, such as hotlines, email addresses, or online forms, increases accessibility and usage. Options A and D discourage reporting, while B limits it unnecessarily, especially in cases where supervisors may be involved.

 Professional Auditing Standards:

Standards such as ISA and GAAS emphasize the need for "unpredictability" in audit procedures to prevent fraudulent actors from anticipating audit actions.

 Why B is Correct:

Predictability undermines the effectiveness of audits by allowing individuals to manipulate activities in areas repeatedly tested in the same way.

 References:

ISA standards on fraud risk highlight the importance of incorporating unpredictability in audit approaches​​.

Government auditors, like their private-sector counterparts, must adhere to International Standard on Auditing (ISA) 240, which provides guidance on the auditor’s responsibilities related to fraud. This standard applies to both private- and public-sector audits, emphasizing the importance of addressing risks of material misstatement due to fraud. Alicia must carefully evaluate fraud risks and incorporate relevant procedures, as mandated by ISA 240, ensuring a comprehensive audit approach.

​

=================

ACFE research consistently shows that tips are the most common method for detecting occupational fraud. Organizations often rely on whistleblowing mechanisms such as hotlines to encourage employees and other stakeholders to report suspected fraud, which makes tips the most effective fraud detection tool.

=================

Reporting Fraud Risk Assessment Results:

Reports should align with the organization's operational language to ensure comprehension by management and stakeholders.

Why A is Correct:

Using business-appropriate language ensures effective communication of findings and recommendations.

Why Other Options are Incorrect:

B:Comprehensive details may overwhelm the audience; only key findings are usually reported.

C:Reports should reflect objective analysis, not subjective perspectives​​.

Focus of Risk Management:

Risk management seeks to balance the organization's risk appetite (the level of risk it is willing to accept) with its ability to achieve objectives.

Why D is Correct:

Effective risk management aligns the organization's risk tolerance with its strategic and operational goals to ensure sustainability and success.

Why Other Options are Incorrect:

A, B, and C:While internal controls, regulatory requirements, and resources are critical, the primary balance is between risk appetite and objectives​​.

References for All Questions:

ACFE Fraud Examination Guide and Risk Management Best Practices​​.

COSO frameworks for internal controls and fraud risk management​​.

Industry guidance on effective deterrence and governance practices​​.

Conducting a Fraud Risk Assessment:

Both internal and external parties can effectively conduct fraud risk assessments.

Internal teams provide organizational insight, while external parties bring objectivity and specialized expertise.

Analysis of Other Options:

B. External party only:Independence is important but not mandatory for effectiveness.

C. Belief that fraud cannot happen:This would bias the process and render the assessment ineffective.

D. Limiting management's influence:Management should actively participate to ensure comprehensive insights.

Conclusion:Fraud risk assessments can be effectively conducted by both internal and external parties.

Comprehensive and Detailed in Depth Explanation:

ISA 265 requires that significant deficiencies in internal control identified during an audit be communicated in writing to those charged with governance. The auditor is not obligated to inform regulatory agencies unless required by law (eliminating A). Internal control audits are not separate engagements under standard financial statement audits (eliminating B). Withdrawalfrom the engagement is a last resort and only appropriate under severe circumstances beyond internal control issues (eliminating D).

Fraud Response Responsibilities:

Management is responsible for responding to fraud because they oversee the organization's operations, culture, and compliance frameworks.

Other parties, such as internal auditors and the audit committee, provide oversight and recommendations but do not directly implement responses.

Conclusion:Management has the ultimate responsibility for responding appropriately to fraud.

 Professional Auditing Standards Requirement:

Standards such as the International Standards on Auditing (ISA) and Generally Accepted Auditing Standards (GAAS) require auditors to include elements of unpredictability in their audit procedures to reduce the risk of fraud.

 Purpose of Unpredictability:

By varying the scope, timing, and extent of audits, auditors prevent potential fraudsters from anticipating audit procedures and adjusting their behavior.

 Why A is Correct:

This aligns with established auditing principles to enhance fraud detection and maintain audit integrity​​.

Purpose of Anti-Fraud Education:

Education is most effective when employees understand the real consequences of fraud. Providing examples of prior incidents reinforces the importance of compliance.

Analysis of Other Options:

A. Include detection procedures:While this can increase awareness, it risks exposing sensitive controls.

C. Restricting to formal mechanisms:Education should be flexible and incorporate informal, ongoing messaging.

D. Executives and professionals only:While they play an essential role, education should engage employees at all levels.

Conclusion:Including examples of prior misconduct effectively conveys the seriousness of fraud prevention.

Understanding Behaviorism and Punishment:

Behaviorists like B. F. Skinner argue that punishment temporarily suppresses undesired behaviors rather than eliminating them.

Once the punitive stimulus is removed, the behavior is likely to reappear unless it is replaced with a more desirable behavior through reinforcement.

Analysis of Options:

B. Permanently suppressed:This contradicts the principles of behaviorism, as punishment alone does not permanently modify behavior.

C. Occur more frequently:Punishment typically decreases behavior temporarily.

D. Not affected by punishment:Punishment impacts behavior, but the effect is often temporary.

Conclusion:The most likely outcome is that the behavior will return once the punishment ceases.

The “Review and Revision” component is focused on evaluating how ERM practices contribute to organizational value and adapting them accordingly.

“As part of its ERM activities, the organization should review how well the ERM capabilities and practices have increased value over time and how they will continue to drive value.”

Corporate Governance in Multinational Corporations:

Multinational corporations must adhere to the legal, regulatory, and governance frameworks of each jurisdiction in which they operate. These frameworks may vary significantly across countries.

Why Other Options are Incorrect:

B:There is no Universal Corporate Governance Act applicable globally.

C:G20/OECD Principles provide guidelines but are not mandatory compliance requirements.

D:Operating in multiple jurisdictions increases governance complexity, but does not exempt corporations from compliance.

Why A is Correct:

It reflects the reality of multinational operations, where governance compliance must align with local laws and regulations​​.

References for All Questions:

ACFE and Treadway Commission fraud prevention guidelines​​.

ISSAI standards and international governance principles​​.

COSO framework and legal requirements for multinational corporations​​.

Hierarchy of Ethical Guidance Sources:

A. Contract law:Provides legal guidance on business agreements.

C. ACFE Code of Professional Ethics:Offers specific ethical standards for fraud examiners.

D. Philosophical principles:Offer foundational guidance on ethics.

B. Family and friends:While valuable for personal advice, they are the lowest reference point in determining professional ethics.

Conclusion:Guidance from family and friends is the lowest level of reference for determining ethical actions.

Fraud Risk Management Program Requirements:

Effective fraud risk management programs ensure transparency, consistency, and fairness.

Sanctions for noncompliance should be transparent and communicated to demonstrate a commitment to accountability.

Analysis of Options:

A. Mechanisms for breaches:Necessary to address compliance issues.

B. Consistent and firm punishment:Ensures a deterrent effect.

D. Designated compliance monitors:Vital for program enforcement.

C. Enacted privately:This is false because transparency is essential to maintain trust and deter similar actions.

Conclusion:Option C is false as formal sanctions should be communicated appropriately to promote deterrence and accountability.

Comprehensive and Detailed in Depth Explanation:

Management is ultimately responsible for setting the ethical tone of an organization, often referred to as the "tone at the top." This tone influences the overall ethical culture, guiding employee behavior and setting the standard for compliance and integrity. While legal, HR, and fraud professionals play supporting roles, it is leadership’s responsibility to establish, model, and reinforce ethical conduct.

Internal Auditor's Role in Fraud Risk Management:

Internal auditors are not directly responsible for establishing or maintaining anti-fraud controls (Option D). This responsibility lies with management.

They are also not responsible for obtaining reasonable assurance that financial statements are free of fraud (Option A). This is the role of external auditors.

Oversight of management's fraud risk actions (Option B) is primarily a governance role, not the auditor's direct responsibility.

Internal auditors focus on identifying and assessing fraud risks, evaluating controls, and recommending further action when necessary.

Conclusion:Option C aligns with the internal auditor's responsibilities as per the standards outlined in the ACFE's fraud risk management framework.

Importance of Hiring Ethical Individuals:

Ethical hiring practices are foundational to an effective compliance program. Employees with a high measure of discretion can significantly impact organizational behavior and risk.

Pre-hiring background checks, ethical screening, and thorough interviews help mitigate the risk of unethical behavior.

Conclusion:For a compliance program to be effective, management must ensure ethical hiring practices.

Composition of Fraud Risk Assessment Teams:

Effective teams require diverse perspectives, skills, and experiences to identify and address fraud risks comprehensively.

Why C is Incorrect:

Limiting team size to three individuals restricts diversity and may not provide sufficient expertise for a thorough assessment. Larger teams, with a range of skills, are often necessary.

Why Other Options are Correct:

A:Experience in gathering information is critical for the effectiveness of the team.

B:Including external experts adds objectivity.

D:Diverse perspectives enhance the assessment's scope​​.

References for All Questions:

ACFE Fraud Examination Guide and Standards​​.

ISA standards on audit procedures and unpredictability​​.

Fraud risk assessment guidelines from COSO and ACFE resources​​.

Understanding Conflicts of Interest:

The ACFE Code of Professional Ethics prohibits any engagements that impair the fraud examiner's objectivity, even with disclosure.

Ownership interests in a client organization create significant potential for bias, compromising the integrity of the evaluation.

Analysis of Other Options:

A. Secret infiltration:This is a clear ethical violation.

B. Engagements reducing employer duties:This constitutes a conflict of interest.

D. Representing both sides:Prohibited under the ACFE Code due to conflicting responsibilities.

Conclusion:Option C is a prohibited conflict of interest under the ACFE Code.

Purpose of a Code of Conduct:

A professional code of conduct serves as a guideline for ethical behavior, provides benchmarks for decision-making, and facilitates enforcement within the profession.

It does not replace the personal responsibility to exercise individual judgment and consult one's conscience.

Analysis of Other Options:

B, C, and D:These accurately describe the purposes of a professional code of conduct.

Conclusion:The code of conduct does not eliminate the need for personal ethical reflection, making Option A incorrect.

The G20/OECD Principles include:

“Guidance regarding board responsibilities, including establishing appropriate board structures, assigning clear responsibilities, and ensuring board accountability.”

Comprehensive and Detailed in Depth Explanation:

A key element of vendor due diligence is ensuring that third-party vendors have robust ethics and compliance programs. This helps align values, mitigate fraud risks, and establish clear expectations. While audits and questionnaires are good practices, they are not always mandatory or feasible before engagement. Moreover, transparency in seeking vendor information (unlike in A) is a norm in legitimate vetting practices.

Regulatory and Legal Misconduct:

This category includes practices that violate laws or regulations, such as anti-competitive behavior, insider trading, and conflicts of interest.

Why A is Correct:

Fraudulent customer payments are typically categorized under operational or financial fraud, not regulatory and legal misconduct.

Why Other Options are Incorrect:

B, C, and D:These practices involve violations of regulations or legal obligations, directly aligning with regulatory and legal misconduct​​.

References for All Questions:

ACFE Fraud Examination Guide and related professional standards​​.

International and jurisdictional auditing standards for public-sector auditors​​.

COSO and governance frameworks on fraud risk management​​.

McCaghy's Perspective on Organizational Deviance:Criminologist Charles McCaghy identified regulatory pressure as a significant factor influencing organizational deviance. Excessive or poorly implemented regulations can lead companies to cut corners or engage in fraudulent behavior to remain competitive.

Supporting Analysis:

Regulatory pressure can create a perception that compliance is too costly or burdensome, leading to unethical practices.

This aligns with the concept of "strain theory," where organizations under pressure may resort to deviance.

Conclusion:McCaghy's assertion that regulatory pressure is a key driver of organizational deviance is accurate.

Fraud Prevention Through Performance Management:Performance measurement and management programs can play a role in preventing fraud by ensuring accountability, setting ethical expectations, and reinforcing organizational goals.

Analysis of Options:

A. Ethics-based metrics:Encourages accountability and reduces fraud risks.

B. Regular training:Ensures employees are competent, reducing errors and opportunities for fraud.

D. Reasonable performance goals:Prevents pressure to commit fraud by setting realistic benchmarks.

C. Loosely defined job descriptions:This creates ambiguity, reduces accountability, and increases the risk of fraud, making it ineffective.

Conclusion:Option C is not an effective way to prevent fraud.

Rationalization in the Fraud Triangle:

Rationalization refers to the justification an individual uses to make fraudulent behavior acceptable in their mind.

In this case, Jody justifies his theft by believing the company owes him for his loyalty and hard work.

Why B is Correct:

Jody’s reasoning aligns with the rationalization leg of the fraud triangle, as he convinces himself his actions are justified.

Why Other Options are Incorrect:

A (Perceived non-shareable financial need):Involves financial pressure, not justification.

C (Perceived opportunity):Refers to the ability to commit fraud.

D (Lack of personal integrity):Reflects a broader ethical deficiency, not a specific rationalization​​.

 Criminogenic Nature of Organizations:

Research suggests that organizational culture and pressures can override an individual's personal values, especially when authority figures issue direct orders to engage in unethical behavior.

 Why B is Correct:

Strong personal values do not guarantee resistance to unethical orders, as obedience to authority is a powerful psychological force, as seen in studies like the Milgram experiment​​.

 Implication for Fraud Prevention:

Organizations must establish strong ethical environments to reduce the influence of authority pressure on employees

 Diane Vaughan's Theory on Organizational Crime:

Vaughan argued that organizational environments prone to crime exhibit a "normalization of deviance," often influenced by management decisions that misalign employee incentives with organizational objectives.

 Why C is Correct:

Misaligned goals create conflicting priorities, increasing the likelihood of unethical behavior to meet individual or team objectives.

 Why Other Options are Incorrect:

A:Challenging the status quo promotes innovation and ethical accountability.

B:Social functions fostering loyalty do not inherently encourage crime​​.

CFEs must act ethically and responsibly when handling sensitive information. Eliece should inform Jewel that she will try to maintain confidentiality but must adhere to professional and ethical obligations, which may require disclosing the information to appropriate parties such as her employer or relevant authorities. This balanced response encourages transparency while maintaining ethical standards.

=================