The New South Wales iVote System: Security Failures and Verification Flaws in a Live Online Election

In the world's largest-ever deployment of online voting, the iVote Internet voting system was trusted for the return of 280,000 ballots in the 2015 state election in New South Wales, Australia. During the election, we performed an independent security analysis of parts of the live iVote system and uncovered severe vulnerabilities that could be leveraged to manipulate votes, violate ballot privacy, and subvert the verification mechanism. These vulnerabilities do not seem to have been detected by the election authorities before we disclosed them, despite a pre-election security review and despite the system having run in a live state election for five days. One vulnerability, the result of including analytics software from an insecure external server, exposed some votes to complete compromise of privacy and integrity. At least one parliamentary seat was decided by a margin much smaller than the number of votes taken while the system was vulnerable. We also found protocol flaws, including vote verification that was itself susceptible to manipulation. This incident underscores the difficulty of conducting secure elections online and carries lessons for voters, election officials, and the e-voting research community

FRAUD RISK ASSESSMENTS: AN EMPIRICAL ANALYSIS

This paper provides the theoretical review of the fraud risk characteristics, systematization of the existing fraud knowledge and the causes of fraud occurrence. Moreover, it determines the roles and the responsibilities of managers and auditors in the fraud risk assessments. In addition, risk factors relating to the misstatements arising from fraudulent financial reporting have been examined. According to the results of numerous scientific and expert studies it is obvious that a system of internal controls, including fraud risk assessments as an elementary component of this system, contributes to reducing fraud occurrence. In order to gain information about the factors that could cause fraudulent financial reporting, the empirical research has been conducted on the sample of companies operating in the Republic of Croatia. The respondents, accountants and auditors, revealed how often they meet fraud risk factors. Although, according to respondents\u27 answers, companies rarely encounter circumstances that indicate the possibility of fraud, the obtained data imply that there are possibilities that financial statements contain misstatements as a result of fraud. Examples of circumstances indicating the possibility that the financial statements contain a material misstatement resulting from fraud include: last-minute adjustments that significantly affect financial results, followed by transactions that are not recorded in a complete or timely manner or are improperly recorded as to amount, accounting period, classification, or entity policy and unsupported or unauthorized balances or transactions. The problems, which the accountants most frequently encountered were undue time pressures imposed by management to resolve complex or contentious issues, an unwillingness to address identified deficiencies in internal control on a timely basis and missing documents

Accounting Regulation and Management Discretion in a British Building Society, Circa 1960

This article explores the manipulation of published financial reports in order to counter the potentially unfavourable impact of newly introduced regulation. In this case the reported capital ratio of a major building society was enhanced using a sale and leaseback transaction with a related party and a change in depreciation policy, methods which reflected limited alternatives. Analysis of the case is set in the context of the mid-term performance of the building society sector and addresses the questions of whether the manipulations involved were within then-prevailing generally accepted accounting principles and why, despite disclosure in the society’s financial statements, these failed to attract public comment or concern, regulatory action or an audit qualification. In examining a major British mutual financial organisation we depart from traditional analyses of managerial discretion in accounting choices in manufacturing, mining and transport companies prior to the watershed Companies Act 1948.Accounting manipulation; Creative accounting; Sale and leaseback; Depreciation; Building societies; United Kingdom