Sage Journals: Discover world-class research

Abstract

Fraud triangle theory is one of the central analytical lenses for assessing how and why organizations become exposed to fraudulent behaviour. At the same time, the Committee of Sponsoring Organizations of the Treadway Commission’s (COSO) Internal Control – Integrated Framework (hereafter ‘COSO Framework’) serves as a benchmark for designing, implementing and evaluating effective internal controls. This article applies the fraud triangle theory and COSO Framework to the case of EcoGreen International Group Limited (Stock Code: 02341HK) by examining its business operations, governance arrangements and the sequence of events that culminated in substantial discrepancies between reported and confirmed bank balances, indicative of a large-scale cash flow fraud scheme. The analysis integrates fraud triangle theory with a COSO-based internal control assessment to investigate how opportunity, pressure and rationalization interact with structural weaknesses in EcoGreen’s control environment, risk assessment, control activities, information and communication and monitoring. In addition, the article evaluates the performance of the external auditor, with particular attention to failures in professional scepticism, fraud risk assessment and audit procedures responsive to elevated fraud risks. The findings reveal how IT fragmentation and auditor inertia extended traditional fraud triangle dynamics beyond prior COSO case studies, advancing theory for modern cross-border contexts. Insights from this case inform researchers, regulators, auditors and governance bodies about key aspects of fraud risk management, auditor responsibilities and limitations of current control frameworks.

Keywords

Fraud triangle theory COSO Framework internal control weakness whistleblowing forensic accounting

1. Introduction and Research Objectives

1.1. Introduction

With the occurrence of numerous fraud cases happened in the past, for example, Enron and WorldCom Accounting scandals, fraud has received increasing attention from accounting and audit professionals (Albrecht et al., 2008; Wells, 2011). As these cases occurred some time ago and did not fully consider fraud triangle dynamics in current business environments, where most companies rely on computerized systems to carry out control activities, they provide only partial guidance to contemporary practice. This study therefore examines a recent fraud case that has drawn the attention of accounting and audit professionals, with a specific focus on IT-related control environments, explicitly extending prior Committee of Sponsoring Organizations of the Treadway Commission’s (COSO)/fraud triangle applications by demonstrating how unintegrated systems and prolonged auditor complacency dynamically amplify all three elements of fraud triangle in a Hong Kong-listed context—insights absent from static archival studies.

The abrupt decline of EcoGreen International Group (hereafter ‘EcoGreen’) has been studied by legislators, regulators and accounting professionals. At first, EcoGreen reported a ransomware attack, resulting in the loss of accounting data and significant discrepancies in its accounting and banking records. This could suggest that its management was not involved in fraudulent activities. However, as stipulated by the Hong Kong e-Legislation (2024) Companies Ordinance, directors are required to prepare financial statements that must give a true and fair view of the financial position and financial performance of the company. Thus, managers cannot simply claim ignorance or busyness to justify negligent financial reporting and must possess the necessary knowledge to fulfil their roles as capable directors. It is also unusual that EcoGreen’s management did not realize the substantial discrepancies between its accounting and banking records, suggesting potential fraud.

As more information emerged, it became evident that EcoGreen’s management failed to implement the COSO Framework to address the fraud risk factors highlighted in the fraud triangle theory. Although EcoGreen is currently delisted, which prevents a thorough examination of its organizational culture, the findings of independent investigations and EcoGreen’s announcements provide sufficient information to assess the fraud risk factors leading to its failure, including the role of IT-related controls such as system integration, access management, backup and recovery and the handling of the ransomware incident.

Recent empirical research demonstrates fraud triangle theory’s applicability: Kawedar et al. (2025) examined corruption among civil servants through opportunity, pressure and rationalization; Doan and Ta (2023) applied it to material misstatements in Vietnamese listed firms; while Rahman and Jie (2024) analyzed fraud detection patterns in companies listed on Chinese exchanges. This study complements past research studies by further demonstrating how prolonged auditor complacency, weak control and regulatory enforcement and technology-related control failures jointly shape the opportunity, pressure and rationalization elements over time.

1.2. Research Questions and Objectives

This article explores key issues surrounding the EcoGreen fraud case by addressing several research questions and objectives. The primary question examines how the three elements of the fraud triangle, namely opportunity, pressure and rationalization, manifested within EcoGreen’s organizational context and contributed to the ¥1,580 million bank balance discrepancy between reported and independently confirmed bank balances. The study further investigates which specific internal control weaknesses, IT-related control failures and governance failures allowed these misstatements of EcoGreen’s financial position to remain undetected over time.

Besides, this study considers which red flags and fraud indicators auditors should have employed to uncover similar cash flow manipulation schemes at an earlier stage and evaluates the broader implications for corporate governance practices, auditing standards and regulatory framework.

To achieve these aims, the study sets out several objectives: to apply fraud triangle theory systematically to explain the underlying behavioural, structural and technological drivers of EcoGreen’s accounting irregularities; to analyze EcoGreen’s internal control system using the COSO Framework and to pinpoint governance and control failures across its five components and to present detailed trend analysis, financial ratio analysis and financial information (Tables A1 –A7), where anomalies in relationship between operating cash flow and net income (Table A3), inconsistencies in current ratio and inventory turnover (Table A4) and warning signs in rising debts (Table A6) are illustrated.

This research also seeks to identify overlooked red flags that were insufficiently addressed by PwC and to propose practical recommendations for fraud prevention and detection.

Through these objectives, our article seeks to contribute to both the academic literature on fraud detection and to professional discourse on auditor effectiveness, IT-enabled internal control and fraud risk management in companies.

1.3. Research Significance

Fraud represents a substantial global economic cost, recently estimated at $4–5 trillion annually, with nearly half of cases attributed to inadequate internal controls (ACFE, 2022). The EcoGreen case constitutes one of the notable fraud incidents in the Asia-Pacific region, illustrating how a contemporary listed corporation can execute cash flow fraud schemes under the scrutiny of an international auditor.

Our study is significant for several reasons. First, EcoGreen’s events unfolded mainly during 2021–2022, which represents a recent and relevant addition to fraud detection literature. Second, EcoGreen operated as a publicly listed company on the Stock Exchange of Hong Kong (SEHK) and was therefore expected to comply with stringent listing rules and to maintain robust governance and internal control structures, yet experienced a catastrophic breakdown in control over cash balances. Third, it highlights auditor shortcomings, such as material discrepancies in cash and bank balances, which were only acknowledged after substantial delays, despite long-standing access to electronic banking records and system-generated reports. These factors make the EcoGreen case an important subject for understanding the fraud risks, audit effectiveness, IT-related control vulnerabilities and governance challenges in modern business environments.

2. Literature Review

2.1. Fraud Triangle Theory and Its Evolution

Fraud triangle theory, originating from Cressey’s (1953) study of trusted offenders, proposes that perceived opportunity, perceived pressure and rationalization must co-exist for fraud to occur. Over time, accounting and auditing research has adopted the fraud triangle as a core conceptual model for understanding financial statement fraud and misappropriation of assets. Its influence is evident in professional standards such as ISA 240, which explicitly links opportunities, incentives/pressures and attitudes or rationalizations to the risk of material misstatement.

More recent literature extends the fraud triangle model by incorporating psychological and attribution-based perspectives. Kawedar et al. (2025), for example, combined fraud triangle theory with attribution theory in a study of convicted civil servants and found that how individual perceptions of opportunity, pressure and rationalization are shaped by ethical leadership, organizational culture and religiosity. Their findings suggest that fraud triangle elements should not be viewed solely as static individual characteristics but as dynamic constructs.

2.2. Empirical Applications in Corruption and Occupational Fraud

Empirical research on corruption and occupational fraud frequently applies the fraud triangle to understand both psychological and structural drivers of misconduct. Kawedar et al. (2025) surveyed 99 civil servants convicted of corruption in Indonesia and found that perceived opportunity arising from weak internal controls and perceived financial pressure were significant positive determinant of corrupt behaviour, while ethical leadership and personal values helped reduce corruption tendencies. Their findings not only confirm that opportunity and pressure remain central to explaining fraud, but also show that rationalization is reinforced when unethical behaviour becomes habitual and organizational norms tolerate deviance.

These insights are relevant for corporate settings because they illustrate how opportunities (such as internal control weaknesses), pressures (such as lifestyle demands and social expectations) and justifying narratives co-evolve over time. They also support the view that interventions targeting ethical culture, leadership tone and whistleblowing arrangements can weaken one or more sides of the fraud triangle and thereby reduce the overall likelihood of fraud.

2.3. Fraud Triangle and Financial Statement Fraud

A large stream of research applies the fraud triangle directly to financial reporting outcomes, typically using archival data to link observable proxies for opportunity, pressure and rationalization to financial statement misstatements or fraud classifications.

Doan and Ta (2023) studied 150 listed firms in Vietnam and classified companies based on the materiality and direction of profit misstatements. Using a multinomial logistic regression, they found that a high leverage (debt ratio) and low profitability (pressure), a lower proportion of independent directors and the engagement of non-Big 4 auditors (opportunity) and auditor changes together with prior misstatements (rationalization) significantly increased the likelihood of material misstatements.

Similarly, Aripin et al. (2022) investigated fraudulent financial reporting among 334 non-financial companies listed on Bursa Malaysia between 2016 and 2020, using the Beneish M-score to distinguish likely manipulators from non-manipulators. In their logistic regression model, the rationalization construct, proxied by total accruals to total assets, showed a strong positive association with fraudulent reporting, whereas the opportunity proxy (board outside directors) and pressure proxy (return on assets) are statistically insignificant. These findings imply that at least one fraud triangle element, often rationalization, typically explains observed fraud behaviour.

Complementary evidence comes from sector-specific and ratio-based studies. Akbar et al. (2022) analyzed manufacturing firms in the Indonesian consumer goods industry and revealed that external pressure, measured by leverage, significantly increased the probability of fraudulent financial statements identified via the Beneish M-score.

Collectively, these studies demonstrate that fraud triangle theory can be operationalized through financial and governance variables such as leverage, profitability, board composition, auditor attributes, and that these proxies can be systematically integrated into fraud risk models used by risk management teams, auditors and regulators.

2.4. Evidence from China and Other Emerging Markets

Studies in emerging markets provide additional insight into how fraud triangle elements unfold in contexts marked by rapid economic growth, evolving regulatory frameworks and complex ownership structures.

Rahman and Jie (2024) investigated 16,063 firm-year observations for all companies listed on the Shanghai and Shenzhen Exchanges between 2010 and 2020, using fraud triangle theory to explain detected accounting-fraud cases. They reported that leverage and liquidity ratios were positively associated with fraud detection (pressure), whereas return on equity, audit-firm size and the proportion of independent directors were negatively associated with fraud, suggesting that stronger profitability, engagement of larger audit firms and more independent boards reduced both opportunities and incentives for manipulation.

These findings complement evidence from Vietnam and Malaysia by showing that, in different Asian markets, similar opportunity and pressure mechanisms are at work, albeit filtered through local regulatory and institutional conditions.

2.5. Case-based Extensions: Collusion and Complex Schemes

Case-study research applies the fraud triangle to interpret complex, multi-party frauds and to explore its limitations. As illustrated in a prior case study by Villaescusa and Amat (2022), who analyzed Pescanova (a listed company in Spain), involved in a large accounting-fraud scandal involving collusion among senior management and external parties. Villaescusa and Amat (2022) found that, while opportunity, pressure and rationalization were present, the fraud opportunity was effectively ‘designed’ through collusive arrangements, layered transactions and coordinated concealment. Their work suggests that, in collusive and highly structured schemes, opportunity may be institutionalized through governance and reporting processes, making it more difficult for traditional control mechanisms and standard audit tests to detect irregularities.

This case-based literature is particularly relevant for EcoGreen’s bank balance discrepancies and alleged cash flow manipulation because it illustrates how management override and complex group structures can create fraud opportunities that are not immediately visible through standard ratio analysis or routine audit procedures alone.

Unlike prior COSO/fraud triangle applications, EcoGreen uniquely demonstrates IT system fragmentation (unlinked Treasury/FA systems) and ransomware exploitation as modern extensions that sustain opportunities over prolonged periods—offering process-level theoretical advancement beyond illustrative applications. Integrating these qualitative insights with empirical fraud-triangle evidence strengthens the conceptual basis for analyzing EcoGreen’s internal control weaknesses, COSO-related deficiencies and the adequacy of auditor responses to red flags in later analytical sections of the article.

3. Research Methodology

3.1. Research Design and Data Collection

We adopt the interpretative approach to explain the business failure of EcoGreen. Yin (1994, p. 9) also stated that a case study is a preferable empirical method to analyze a company. By employing this design, the article can examine multiple variables within their real-world context and capture the intricate interactions between fraud triangle elements, COSO control components and IT-enabled control deficiencies. This approach is particularly suitable for understanding the EcoGreen case, where organizational, regulatory and auditing factors intersect.

The analysis relies primarily on secondary data drawn from several sources. Corporate announcements and regulatory filings provide insight into EcoGreen’s public disclosures and governance practices, including SEHK announcements issued between 2022 and 2024, insider information releases, investigation updates and historical financial reports. External investigation reports form a critical component of the dataset: findings from the independent investigation released on 19 October 2023, together with conclusions by the Independent Adviser and Investigation Committee, offer authoritative accounts of the nature, mechanisms and scope of the suspected fraud, including details on the ransomware incident, system connectivity between the Treasury System and the Financial and Accounting (FA) System and the handling of electronic records.

Auditor documentation sheds light on the role and responsibilities of PricewaterhouseCoopers (PwC) throughout the detection process. Key materials include correspondence on bank reconciliation discrepancies, audit findings letters dated 6 and 7 April 2022, PwC’s resignation letter and refusal to continue the 2021 audit in May 2023 and records of bank confirmation procedures and their outcomes. Financial data from EcoGreen’s consolidated financial statements for 2015–2020, including income statements (Table A5), balance sheets (Table A6) and cash flow statements (Table A7), form the basis for ratio analysis (Table A4) and trend assessment (Tables A1 and A2). Unaudited 2021 results and reconstructed records further highlight discrepancies in working capital and reported cash positions.

Regulatory and legal documents provide further context on consequences and accountability. These include SEHK Listing Committee decisions, the Hong Kong High Court’s winding-up petition and judgement dated 3 June 2024 and statutory demands issued by creditors, which collectively trace the transition from a going concern to liquidation. Academic and industry sources, including COSO Framework publications, research on fraud triangle theory, IT governance and cybersecurity controls and international auditing standards (e.g., ISA 240), underpin the theoretical framework.

3.2. Data Analysis Methodology

A multi-dimensional analytical strategy is adopted to investigate the EcoGreen fraud case. First, the fraud triangle is employed to analyze how opportunity, pressure and rationalization operated within EcoGreen’s organizational and IT control context, with each component systematically compared against operational evidence to identify the behavioural and structural conditions that enabled the fraud.

Second, the company’s internal control system is evaluated using the COSO Internal Control – Integrated Framework, focusing on the control environment, risk assessment, control activities, information and communication and monitoring. By mapping EcoGreen’s governance structures, policies, IT systems and practices onto these five components, the analysis isolates specific control weaknesses and design or operating deficiencies that allowed fraudulent behaviour to occur and remain undetected over an extended period.

Third, financial ratio analysis (Table A4) is conducted to identify irregularities and early warning indicators that should have attracted heightened scrutiny from management and auditors. Examination of trends in key ratios highlights inconsistencies in liquidity (Table A4), working capital (Table A4) and cash flow quality that point to possible misstatements.

Fourth, a timeline analysis, illustrated in Section 5.2, is used to reconstruct the sequence of critical events from EcoGreen’s pre-fraud operating period through discovery, investigation, regulatory intervention and eventual winding-up. This chronological reconstruction links key management decisions, IT and control breakdowns, auditor actions and regulatory responses.

Finally, the article systematically distils the red flags and fraud indicators that should have signalled elevated risk to the auditors, and these insights are used to develop practical recommendations for enhancing fraud detection and prevention.

4. Theoretical Framework

4.1. Fraud Triangle Theory

Fraud triangle theory, introduced by Cressey (1953), identifies three elements necessary and sufficient for fraud: opportunity, pressure and rationalization. The theory emphasizes psychological and causal factors that drive individuals to commit fraud and is widely used in fraud examination and forensic accounting research (Huber, 2012; Smith & Crumbley, 2009). The three elements have been applied in various fraud contexts (Dorminey et al., 2012; Morales et al., 2014).

4.1.1. Opportunity

Opportunity refers to conditions that make fraud feasible, typically arising from weak or poorly designed internal controls, ineffective supervision and the ability of management to override established procedures. When employees or managers perceive that control systems are absent, easily bypassed or not enforced, the perceived opportunity to commit financial statement fraud increases (Rezaee, 2005; Trompeter et al., 2013). Effective internal controls help deter such behaviour by reducing the likelihood that fraud can be carried out and remain undetected (Wells, 2011). Conversely, poor monitoring, inadequate segregation of duties and job rotation and a lack of meaningful consequences for prior misconduct all serve to expand perceived opportunities for fraud (Kenyon & Tilton, 2006; Sauser, 2007), and survey evidence indicates that nearly half of detected fraud cases are linked to insufficient internal controls (ACFE, 2022).

4.1.2. Pressure

Pressure within the fraud triangle refers to financial-, emotional- or performance-related forces that motivate individuals or management to engage in misconduct. Such pressure can arise from personal financial stress, career concerns or explicit incentives to manipulate reported results, for example, to increase bonus-linked compensation (Guidry et al., 1999; Healy, 1985; Holthausen et al., 1995) or to maintain the confidence and continued support of investors and creditors (Dechow et al., 1996; Lev, 2003). Prior studies show that real or perceived financial stressors rank among the most common drivers of fraudulent behaviour, with these pressures present in a large proportion of documented cases (Albrecht et al., 2008; Wells, 2011).

Pressure can also stem from organizational performance demands, as illustrated by Wells Fargo’s misconduct involving unauthorized account openings driven by aggressive sales targets (Sridharan & Hadley, 2018). Although incentive schemes and performance goals can encourage achievement, they may simultaneously promote unethical conduct when targets are perceived as unrealistic or when failure to meet them carries significant personal or organizational consequences (Sridharan & Hadley, 2018).

4.1.3. Rationalization

Rationalization refers to the internal process through which individuals reinterpret fraudulent actions as justified, necessary or harmless, enabling them to proceed with behaviour they know is unethical. Research shows that managers who engage in unethical financial reporting often share similar rationalizations, such as the belief that manipulating earnings or other figures is warranted to protect the company’s share price or to meet market expectations (Cohen et al., 2010).

Attitudes and underlying moral values strongly influence this process: when individuals hold favourable attitudes toward a given behaviour, they are more likely to engage in it (Ajzen, 2001; Park & Blenkinsopp, 2009; Trongmateerut & Sweeney, 2013). Empirical studies suggest that if a fraudulent act cannot be framed as ethically acceptable in the perpetrator’s mind, it is less likely to be carried out (Dorminey et al., 2010; Jackson et al., 2010). Common rationalizations include statements such as ‘I am only borrowing from the company’ or ‘The company owes me this’, which recast misconduct as temporary or deserved (Ramamoorti, 2008; Zikmund, 2008).

4.1.4. Prevention of Fraudulent Behaviour

To mitigate fraudulent behaviour, companies should implement robust internal controls and enforcement mechanisms, supplemented by training and ethical education programmes to strengthen employees’ ethical awareness and capacity to manage conflicts.

4.2. COSO Internal Control Framework

The COSO Integrated Framework outlines five essential components for effective internal control systems: control environment, risk assessment, control activities, information and communication and monitoring.

The control environment has a fundamental influence on the organization and encompasses shared assumptions, customs and behavioural norms (Schein, 1990). Corporate cultures can be healthy or unhealthy (Wong, 2002). Unhealthy cultures, characterized by authoritarianism, competition, corruption and dishonesty, are often linked to dysfunctional companies and unethical behaviour. Moreover, the control environment sets the organizational tone and shapes employees’ control consciousness, encompassing board and audit committee oversight, management philosophy, ethical standards, delegation of authority, accountability structures and human resource policies (COSO, 2013).

Risk assessment requires identification and evaluation of risks that could impede objectives (COSO, 2013), including entity-level and transaction-level assessments, fraud risk evaluations under ISA 240, risk ranking and continuous reassessment.

Control activities comprise specific measures, for instance, segregation of duties, authorization protocols, performance reviews, access controls, physical safeguards and reconciliations, to mitigate identified risks. Effective controls, including segregation of duties and proper authorization and approval of payments, are essential to prevent fraud (COSO, 2013; KPMG, 2013; Rezaee, 2005). Companies with strong internal controls can therefore better prevent fraud and provide reasonable assurance that their objectives are being achieved (COSO, 1992). When there are material weaknesses in internal controls, organizations may become more vulnerable to unethical or fraudulent issues because managers and employees can exploit these vulnerabilities. Goh et al. (2013) highlighted that internal controls are directly linked to an organization’s financial health, with lower earnings quality associated with material weaknesses in internal controls (Chan et al., 2008; Doyle et al., 2007).

Information and communication involve systems for capturing and disseminating relevant information, including financial reporting mechanisms, internal communication channels, whistle-blower programmes, external reporting and documentation policies.

Monitoring encompasses ongoing and periodic evaluations, including audit committee reviews, management oversight, internal audit functions, external audit procedures and investigation of anomalies. In this article, Section 6.1 explicitly demonstrates how EcoGreen failed across all five COSO components by linking specific control breakdowns and governance weaknesses to the opportunity dimension of the fraud triangle.

4.3. ISA 240 and Auditor Responsibilities for Fraud Detection

International Standard on Auditing 240 sets out the auditor’s responsibilities regarding fraud in the audit of financial statements. Key obligations include maintaining a high level of professional scepticism throughout the engagement, regardless of the auditor’s past experience with the client or the perceived integrity of management. Auditors are required to perform targeted fraud risk assessments, including inquiries of management and those charged with governance, analytical procedures and consideration of fraud risk factors.

ISA 240 further requires auditors to design and implement audit procedures that directly respond to the fraud risks identified, rather than relying solely on routine substantive testing. Typical procedures include bank reconciliations, direct bank confirmations obtained independently of management, extended or unpredictable testing of journal entries and examination of significant or unusual transactions, particularly those near the period end.

5. Background and Timeline of EcoGreen

5.1. Company Background

EcoGreen, established in 1994, was primarily engaged in fine chemicals, specializing in three product categories: chiral pharmaceuticals used in drug manufacturing, natural pharmaceutical raw materials derived from botanical origins and aroma chemicals supplied to flavours and fragrances for food and cosmetics. EcoGreen was listed on the SEHK on 9 March 2004 under stock code 02341, becoming a public reporting entity subject to SEHK listing rules and enhanced financial reporting and disclosure requirements.

By 2020, EcoGreen reported revenues of ¥2,510 million (approximately $350 million) (Tables A1 and A5), with around 85% of its sales generated from mainland China. The customer base was relatively concentrated: the top five customers contributed 22% of total revenue, with the single largest customer accounting for 9%, while the top five suppliers represented 26% of total purchases. As of 31 December 2020, EcoGreen disclosed total assets of ¥5,423 million, total liabilities of ¥2,766 million and total equity of ¥2,657 million (Table A6), with aggregated bank balances of approximately ¥1,580 million. Subsequent direct bank confirmations, however, indicated actual cash balances of only about ¥0.16 million (Table A8).

5.2. Critical Timeline of Events

The following chronology outlines the key milestones in EcoGreen’s financial reporting, audit and regulatory history from listing to liquidation, highlighting the progression from years of clean audit opinions to the eventual discovery of a major cash misstatement and winding-up.

9 March 2004: EcoGreen lists on SEHK and becomes subject to SEHK listing rules and enhanced financial reporting obligations.

FY 2015–2020: PwC continues to issue unqualified audit opinions, even though financial statements for later years are now associated with potential cash-balance fraud.

FY 2020: EcoGreen reports record profits of ¥408.4 million (Tables A1 and A5), representing an increase of about 78% year-on-year despite only modest revenue growth, raising subsequent concerns about earnings quality and the robustness of audit procedures.

29 March 2022: Management announces that publication of the audited financial statements will be delayed due to COVID-19-related disruptions.

30 March 2022: Unaudited 2021 results illustrate cash and cash equivalents of ¥1,655 million, a figure later shown to be inconsistent with amounts confirmed directly by banks.

4 April 2022: Trading in EcoGreen’s shares suspended pending clarification of financial reporting uncertainties.

6 April 2022: EcoGreen reports a ransomware attack that allegedly resulted in the loss of treasury and accounting records, complicating the audit trail (EcoGreen International Group Limited, 2023).

6 April 2022: PwC initially receives bank confirmations that appear to support reported cash balances of ¥1,580 million; these confirmations were later determined to be unreliable (EcoGreen International Group Limited, 2023).

7 April 2022: PwC announces a delay in completing the audit due to unresolved discrepancies between the company’s books and bank confirmations. The genuine bank confirmations directly from banks showed that the company’s bank aggregate balances were about ¥160,000.

7 April 2022: EcoGreen publicly discloses the discrepancy between reported ¥1,580 million and confirmed ¥160,000 in cash, revealing a substantial overstatement of cash balances.

25 April 2022: A statutory demand of approximately $3.8 million is issued, signalling the company’s severe liquidity pressure and going-concern risk.

May–August 2022: Key executives and directors, including Executive Director Han Huanguang, Company Secretary Lam Kwok Kin and Director Dr Lin, resign, exacerbating governance concerns and hampering investigative efforts.

4 May 2023: PwC resigns as auditor, citing its inability to complete the 2021 audit in the absence of investigation results, thereby underscoring unresolved audit issues and fraud-rise issues.

19 October 2023: An independent investigation report is released, attributing part of the problem to the ransomware incident, highlighting serious control failures and noting that key finance officers could not be contacted.

7–8 November 2023: SEHK’s Listing Committee declines to extend EcoGreen’s resumption deadline and effectively rejects the company’s resumption proposal, reflecting concerns about the reliability of its financial reporting.

Early 2024: Hang Seng Bank files a winding-up petition against EcoGreen, marking the shift from going concern issues to formal liquidation proceedings.

3 June 2024: The Hong Kong High Court orders EcoGreen to be wound up and appoints a liquidator to take control of the company’s affairs.

17 July 2024: SEHK cancels EcoGreen’s listing under Rule 6.01A(1) following a prolonged trading suspension and unsuccessful resumption attempts.

6. Fraud Triangle Analysis and COSO Analysis

6.1. Opportunity: Systematic Control and IT Failures

Using the COSO Framework, it is noted that the control environment of EcoGreen was severely compromised: independent directors showed weak oversight, executive directors disclaimed responsibility for treasury and finance functions, and leadership instability—evidenced by multiple resignations—eroded accountability and hindered investigations. For example, according to the external investigation report released on 19 October 2023, the Executive Directors had no involvement in the supervision and management of the FA Department and Treasury Department; and even worse, they were not involved in the approval of accounting records and were not aware that the actual bank balance amount differed materially from the amount reported on the financial statements.

Moreover, there was a high turnover at the senior management level, the FA Department and the Treasury Department within several months. Executive Director Han Huanguang, Director Dr Lin and the Company Secretary Lam Kwok Kin resigned between May and August 2022; and two officers of the FA Department and one officer of the Treasury Department resigned between April and May 2022. These factors all illustrated the deficiencies of EcoGreen’s control environment.

Second, the risk assessment processes of EcoGreen were inadequate and failed to incorporate IT-specific fraud and cyber risks. Despite deriving about 85% of its revenue from Mainland China, the company did not implement enhanced due diligence on subsidiary bank accounts, treasury concentration or local IT environments. Negative operating cash flows in 2016 and 2018 alongside positive earnings (Table A3) did not trigger heightened scepticism or targeted fraud risk assessments. The investigation further noted that the Treasury System of the Treasury Department was not connected to the FA System of the FA Department, and the treasury officer checked only some, but not all, subsidiary bank accounts, allowing discrepancies between actual and reported bank balances to persist in the absence of system-based reconciliations and automated exception reporting.

Third, EcoGreen’s control activities were deficient at both process and IT levels. For example, hard-copy bank statements showed about ¥160,000 in savings accounts while the company journal indicated ¥1.58 billion in the ledger, a huge discrepancy that went undetected because monthly bank reconciliations were not performed. In addition, it was found that manual journal vouchers lacked approver names, supporting documents were insufficient to justify large accounting adjustments, and the new responsible FA officer had no access rights to the FA System, providing opportunities for certain individuals to dominate system entries and adjustments without an independent review.

Fourth, the information and communication mechanism was ineffective in EcoGreen. For example, repeated inquiries about the financial records from senior staff were ignored, and the investigation committee received minimal cooperation from Executive Directors. Internal reporting on cash was fragmented and had no integrated view across subsidiaries due to a lack of system integration between the Treasury and FA systems. External communication to auditors was incomplete and obstructive. Document control weaknesses amplified these problems; an alleged ransomware attack destroyed the backup system, and there were no offsite backups or credible disaster recovery arrangements, making it easier to attribute discrepancies to ‘lost data’ and to obscure the underlying fraud.

Finally, monitoring activities at EcoGreen are inadequate. For example, the audit committee was ineffective, and there was no well-functioning internal audit capable of reviewing system logs and IT controls. Management reviews failed to detect a discrepancy approaching ¥1.6 billion, with executives claiming ignorance of cash positions and neglecting working capital analysis that could have revealed inconsistencies between system-reported balances and external confirmations.

Collectively, these deficiencies created a systemic opportunity structure in which weak governance, fragmented IT systems, poor access controls and absent monitoring allowed fabricated confirmations and fictitious cash balances to persist for several years.

6.2. Pressure: Financial and Organizational Stress

EcoGreen’s financial statements from 2017 to 2020 showed rising leverage growth and tightening liquidity, conditions that increased pressure on management to maintain the outward appearance of solvency and strong profitability.

Total debt increased from ¥1,214 million in 2017 to ¥2,237 million in 2020, while non-current borrowings more than doubled from ¥449 million to ¥1,376 million (Table A6), signalling a growing burden of debt service and refinancing in the face of unstable cash conversion. Working capital pressures worsened as trade receivables increased by roughly 75% between 2015 and 2020 (Table A6) without a commensurate rise in revenue, and the genuinely available year-end cash to meet short-term obligations was extremely limited, at only about ¥160,000.

Operationally, property, plant and equipment (PP&E) expanded by approximately 510% between 2017 and 2020 (Table A6), indicating substantial capital commitments and implicit expectations that future revenue and margins would justify these investments. In 2020, reported net profit surged 78% while revenue grew only 3.6%, reinforcing optimistic market expectations and potentially creating an internal narrative that favourable performance indicators needed to be preserved.

The COVID-19 pandemic created additional operational and reporting stresses by disrupting control environments, complicating oversight and affecting detection mechanisms, particularly where remote working arrangements increased reliance on IT systems, reduced physical supervision and made it more difficult to perform on-site checks or independent system audits.

Competitive conditions in the fine-chemicals industry—marked by intense rivalry and rapid technological change—together with EcoGreen’s heavy exposure to the mainland China market, added regulatory and market volatility.

These financial and operational pressures formed an acute and multifaceted pressure profile consistent with the motivational element of the fraud triangle, where mounting debt, expansion commitments and pandemic shocks incentivized aggressive accounting and concealment as a way to satisfy investors, creditors and other stakeholders.

6.3. Rationalization: Justification of Misconduct

In EcoGreen, direct insight into management’s thinking is constrained by encrypted records and the resignation or disappearance of key executives, but observable patterns of behaviour allow plausible rationalizations to be inferred. One likely rationalization was that misstatements of cash were only temporary and that future cash inflows would eventually ‘catch up’, so inflating balances was viewed as a short-term measure to bridge a liquidity gap. Another possible rationalization stems from a sense of perceived entitlement, whereby executives considered their compensation or recognition inadequate relative to the company’s growth and therefore felt justified in aligning personal gain with the maintenance of a positive performance image.

The organizational culture appears to have prioritized results over process, placing greater emphasis on meeting financial targets than on adherence to internal controls and IT governance standards, which may have normalized aggressive or borderline practices.

Competitive pressures and investor expectations may have reinforced beliefs that regulatory or auditor scrutiny could be managed, particularly when system access was concentrated among a small group of trusted staff, and auditors had long relied on electronic confirmations routed through management. Management might also have perceived misconduct as consistent with industry practice in complex multinational structures.

Enabling factors amplified these rationalizations: a long-standing audit relationship of more than 18 years likely fostered overconfidence that issues would not be challenged, while the reported ransomware incident offered a convenient narrative to explain missing records and inconsistencies in the timing and content of bank confirmations.

Evidence of coordinated actions between the FA Department and the Treasury Department to provide falsified confirmations, executive denials of knowledge despite fiduciary duties, obstruction of inquiry and clustered resignations of key officers after discovery indicates deliberate concealment rather than isolated error. These circumstantial indicators support the conclusion that rationalization played a central role in sustaining misconduct, uniquely extended here by IT opacity and ransomware narratives that prior fraud triangle cases overlook—shifting from individual psychology to organizational IT justification processes.

7. External Auditor Analysis: PwC’s Failures

7.1. Audit Responsibilities Under ISA 240

ISA 240 sets clear expectations for auditors’ responsibilities in relation to fraud. However, the conduct of PwC in the EcoGreen engagement indicates notable weaknesses in certain areas, including IT-related risks, electronic confirmations and system anomalies. Building on the COSO-based analysis of EcoGreen’s internal control environment in Section 6, this section focuses specifically on how PwC’s audit approach failed to respond appropriately to the fraud triangle conditions and control weaknesses identified.

7.1.1. Professional Scepticism Failure

PwC initially relied on bank confirmations (later found to be falsified by treasury officers) that appeared to substantiate the reported ¥1,580 million cash balance (Table A8). On 7 April 2022, PwC identified a discrepancy that effectively represented a near-total overstatement of cash balances, yet the firm did not resign from the engagement until 4 May 2023, leaving roughly 13 months during which no conclusive investigation outcome was available.

PwC had also issued unqualified audit opinions over multiple years despite evident indicators of weak earnings quality, for instance, positive reported profits alongside negative operating cash flows (Table A3) in 2016, without any evident recalibration of the audit strategy in response to these red flags.

7.1.2. Fraud Risk Assessment and IT-related Failure

The fraud risk assessment procedures were similarly inadequate. PwC did not sufficiently address risks associated with EcoGreen’s Mainland China operations, which generated approximately 85% of the group’s revenue and involved six subsidiary bank accounts that lacked strong oversight and were processed through non-integrated Treasury and FA systems. There is no indication that enhanced audit procedures were applied to these accounts or that there was extensive engagement with subsidiary auditors to independently verify bank balances.

As a result, the failure to question the plausibility of exceptionally large cash balances held across multiple People’s Republic of China (PRC) subsidiaries, incorrect confirmation practices, inadequate fraud risk procedures and the absence of robust IT system-based reconciliations illustrate that PwC did not exercise enough professional scepticism and fraud risk assessment.

8. Stakeholder Impact Analysis

8.1. EcoGreen and Its Management Team

EcoGreen and its Management Team faced reputational damages due to the high turnover rate of the Executive Directors within a short period of time, poor governance and internal control measures, ransomware attacks, unresolved discrepancies between reported ¥1,580 million and confirmed ¥160,000 in cash that revealed a massive overstatement, failure to comply with the listing requirements and eventual delisting from the stock exchange market and others. These created a negative impact on shareholders, employees, creditors, regulators and others.

8.2. Shareholders

Shareholders were unable to trade the shares and faced a significant impact following the suspension of trading on 4 April 2022; they were unable to cash out their investments and suffered severe losses due to the eventual delisting on 17 July 2024. Market capitalization collapsed, and given EcoGreen’s debt burden and liquidation outcome, recovery prospects are minimal. The case undermined shareholders’ confidence in corporate governance, audit effectiveness and regulatory oversight in regional markets.

8.3. Employees

Employees experienced significant disruption as executive resignations eroded management continuity, and finance and accounting staff could not be reached, apparently to avoid liability. Operational staff faced uncertainty over employment and job stability as they may be made redundant, while pension entitlements and other employee claims became subject to winding-up proceedings.

8.4. Creditors

Creditors incurred substantial losses, including statutory demands of about $3.8 million and unpaid trade payables exceeding ¥324 million. Hang Seng Bank’s winding-up petition signalled severe insolvency, and creditor recoveries are likely to be heavily impaired. It will take a long time to recover funds (if any), and the precise recovery rates remain uncertain.

8.5. Regulators and Others

Regulators faced reputational challenges: the SEHK Listing Committee’s decision to refuse further extensions and cancel listing, combined with the High Court’s winding-up order, highlighted gaps in early detection of cash frauds in cross-border structures. Business partners, including suppliers and customers, experienced supply chain disruptions, unpaid receivables and reputational damage that affected the supplier’s willingness to extend the credit (limit and time) and customer loyalty from association with the case.

9. Limitations and Future Research Directions

Although the present study examines the elements of the Fraud Triangle and how EcoGreen failed across COSO’s five components, it contains certain limitations due to restricted accessibilities of internal records, unapproachable resigned key individuals and limited public information on any criminal proceedings or director-specific civil claims, which restrict the analysis. Moreover, the precise role of ransomware remains ambiguous, whether it functions as a control failure, a deliberate tool for concealing fraud or a coincidental incident.

These limitations are mitigated through triangulation of EcoGreen’s publications, independent investigation reports, Hong Kong Exchanges and Clearing Limited (HKEX) announcements, regulatory and court documents, media coverage and financial statements. Taken together, these sources provide a sufficiently coherent evidential base for this case study.

The above limitations open up several avenues for future research. For example, incorporating the Fraud Diamond framework, which adds capability as a fourth element, enables scholars to examine which individuals or groups had the technical and positional capacity to perpetrate a fraud of ¥1,580 million and to analyze organizational hierarchies and system access structures for control-override authority.

The role of technology in both concealing and preventing fraud also merits deeper investigation. Future research could analyze how ransomware incidents enable the destruction or manipulation of audit trails, evaluate the potential application of blockchain to strengthen cash-management and transaction-level controls and employ machine-learning techniques for detecting unusual patterns or anomalies in financial statements indicative of fraud.

10. Recommendations

10.1. For Companies: Enhanced Internal Controls and Rotation of Audit Firm

Organizations should strengthen the control environment by establishing a genuinely independent audit committee composed mainly of independent directors, meeting regularly and maintaining direct communication with external auditors and whistle-blower channels.

A reliable and confidential whistleblowing policy is essential to encourage employees to report suspicious activities. Employee reporting is among the most effective fraud detection methods, accounting for over 40% of cases (ACFE, 2020; Dyck et al., 2010). Before reporting, employees consider ethical obligations, organizational loyalty and potential repercussions (Andrade, 2015; Miceli, 2004; Near & Miceli, 1985; Seifert et al., 2014). Reporting intention reflects the perceived likelihood of engaging in whistleblowing (Ajzen, 1991; Chiu, 2003; Hunt & Vitell, 1986).

Employees are more likely to report misconduct when they feel protected from retaliation and trust the fairness of the whistleblowing process (Gao & Brink, 2017; Lee & Xiao, 2018; Mesmer-Magnus & Viswesvaran, 2005; Near & Miceli, 1985; Zhang et al., 2013). Ensuring that whistle-blowers perceive reporting procedures as fair and impartial further enhances reporting likelihood (Seifert et al., 2010).

Emerging digital channels, including online and AI-based platforms, can provide convenient, low-cost and anonymous options for reporting (Whispli, 2019). Regular ethics training promotes awareness of integrity in business operations, while top management’s ethical leadership positively shapes employees’ moral decisions (Schwartz et al., 2005). The ‘tone at the top’ emphasized by COSO (2013) highlights the critical role of directors’ and managers’ ethical behaviour in maintaining effective internal control.

A formal fraud risk management programme is essential, including annual fraud risk assessments consistent with ISA 240, board-level oversight of fraud risks, management attestations on the effectiveness of internal controls over financial reporting and clearly documented fraud response protocols.

It is also essential to implement a clear separation of duties. Treasury segregation of duties should be reinforced by separating authorization, custody and reconciliation roles, requiring dual approval for significant transactions, restricting system access and periodically reviewing access rights. Subsidiary cash management must rely on direct bank confirmations initiated by auditors or parent finance, monthly reconciliations reviewed centrally, pre-approval of intercompany transfers and transparent disclosure of foreign-currency and restricted funds. Monthly reconciliations help to uncover inaccuracies and incomplete transactions and resolve discrepancies (COSO Framework 2013). For PRC operations, enhanced due diligence on local management, periodic physical observation of bank statements, regulatory compliance checks and documented related-party and transfer pricing arrangements are necessary.

IT and data preservation require daily offsite backups of accounting and treasury records, regularly tested disaster recovery plans, strong encryption and access-control mechanisms and robust document-retention policies to safeguard audit evidence. Monitoring should be strengthened through an internal audit function that reports directly to the audit committee, conducts regular fraud risk assessments, tests key transaction cycles and oversees exception tracking and investigations.

It was noted that PwC was the external auditor of EcoGreen since EcoGreen was listed until 2023. It could be better to rotate the audit firm periodically to enhance auditor independence, objectivity and professional scepticism; and this will also increase the trust of stakeholders, especially the shareholders.

10.2. For Auditors: Enhanced Fraud Detection Procedures

Auditors must strengthen professional scepticism by thoroughly documenting fraud risk brainstorming sessions, explicitly assessing the risk of management override, carefully scrutinizing unusual or complex transactions and journal entries and evaluating the incentives and opportunities that may motivate fraud. In high-risk situations, such as negative operating cash flows combined with positive reported earnings or unusually large cash balances, auditors should consider deploying forensic-style procedures as a standard response rather than an exception.

Bank confirmation practices must require direct communication between the auditor and the bank, the use of standardized confirmation templates, independent verification of bank contact information and rigorous follow-up on any exceptions or non-responses. For large bank balances (for example, 1% of annual revenue or 1%–2% of total company assets), auditors should trace significant cash movements to supporting documents, perform detailed analytical reviews against budgets and prior-year figures and, where feasible, consider surprise cash or bank statement observations.

When material discrepancies are identified, auditors should respond proportionately by investigating all significant exceptions, adopting a ‘fraud hypothesis’ for large or unexplained discrepancies and considering qualification, an adverse opinion or withdrawal from the engagement if management’s explanations remain inadequate.

10.3. For Regulators: Enhanced Oversight

Regulators should impose stricter requirements for issuers with substantial operations in higher-risk industries or businesses, including mandatory involvement of appropriately qualified local auditors, more stringent rules governing the independence and effectiveness of audit committees, periodic reporting of significant audit exceptions and associated management responses and strengthened legal protections for whistle-blowers.

Audit oversight mechanisms could be reinforced through mandatory rotation of engagement partners after defined periods, intensified inspections of firms with recurring deficiencies and compulsory investigations of major fraud cases.

Financial reporting standards should emphasize detailed cash flow reconciliations, expanded disclosures of related-party relationships and transactions, reporting of earnings quality metrics and disclosure of key loan covenants. At the international level, ISA 240 could be strengthened by specifying mandatory procedures for large cash accounts, requiring investigation of earnings quality anomalies and clarifying materiality thresholds and reporting expectations when fraud is suspected or detected.

11. Conclusion and Implications

This study offers in-depth theoretical and practical insights for researchers, regulators, auditors and governance bodies.

While Kawedar et al. (2025) examined corruption through individual psychological factors and ethical leadership, this study demonstrates how fraud triangle elements manifest within corporate governance structures and COSO Framework deficiencies, and IT-enabled control failures in a contemporary listed-company context. In contrast to Doan and Ta (2023) and Rahman and Jie (2024), who proxied fraud triangle constructs using archival variables, our study provides granular process evidence of how opportunity, pressure and rationalization evolve jointly over time within an IT-intensive control environment and under a long-standing Big 4 audit relationship. Theoretically, our findings suggest that fraud triangle analyses should also incorporate auditor incentives, regulatory capacity and IT governance as major considerations.

Additionally, evidence from our study indicates that weak internal controls, fragmented systems and deficient governance arrangements allowed material misstatements to persist undetected, with severe repercussions for shareholders, creditors, employees and other stakeholders. Publicly available information up to late 2025 suggests that while winding-up proceedings and regulatory actions have taken place, there remains limited visibility on any criminal prosecutions or personal liability actions against key individuals. Irrespective of eventual legal outcomes, the case reinforces the necessity for organizations to prioritize transparency, ethical conduct and proactive fraud risk management.

The recommendations outlined earlier in Section 10 are intended to reinforce governance structures, strengthen internal control and IT systems and foster an ethical organizational culture that collectively reduces both the likelihood and impact of fraud. By implementing these measures, such as independent and competent audit committees, integrated and well-controlled financial and treasury systems, robust backup and disaster-recovery arrangements, strong whistleblowing mechanisms and enhanced audit procedures, companies and auditors can better safeguard stakeholder interests, enhance confidence in financial reporting and support the long-term sustainability of corporate operations.

As discussed in Section 9, future research can incorporate the Fraud Diamond framework and blockchain and machine-learning technology, which can be effective in fraud prevention and control activities in companies.

Footnotes

Acknowledgements

The authors are grateful to the anonymous reviewers for their valuable suggestions to improve the quality of the article.

Authors’ Contribution

Raymond Kin Ho Wong: Conceived the research idea and designed the study, conducted the literature review and performed data analysis.

Chi Kit Wong: Conducted the financial analysis, refined the methodology section, validated results, and supported the interpretation and revision of the manuscript.

Declaration of Conflicting Interests

The authors declared no potential conflicts of interest with respect to the research, authorship and/or publication of this article.

Ethical Declaration

The authors abide by all the ethics involved in this academic work and have not submitted it to any other journal.

Funding

The authors received no financial support for the research, authorship and/or publication of this article.

ORCID iDs

Raymond Kin Ho Wong

Chi Kit Wong

Appendix A

Table A8. Differences Between Recorded and Confirmed Bank Balances for EcoGreen, 2021.

Item	As per Company Books/Original Confirmations	As per Bank Re-confirmations Obtained by PwC	Difference
Aggregate bank balances (31 December 2021)	¥1.58 billion	¥0.16 million	¥1.58 billion lower

Source: EcoGreen International Group Limited (2015–2021).

References

Ajzen

(1991). The theory of planned behavior. Organizational Behavior and Human Decision Processes , 50(2), 179–211.

Ajzen

(2001). Nature and operation of attitudes. Annual Review of Psychology , 52(1), 27–58.

Akbar

, Nur

, & Andru

(2022). Financial statement fraud detection with fraud triangle. International Journal of Emerging Trends in Social Sciences , 13(1), 14–21.

Albrecht

W. S.

, Albrecht

, & Albrecht

C. C.

(2008). Current trends in fraud and its detection: A global perspective. Information Security Journal , 17(1), 2–12.

Andrade

J. A.

(2015). Reconceptualizing whistleblowing in a complex world. Journal of Business Ethics , 128(2), 321–335.

Aripin

R. M.

, Mahmud

, Sabli

, & Tapsir

(2022). Fraudulent financial reporting in Malaysia from fraud triangle theory perspective. Advanced International Journal of Banking, Accounting, and Finance , 4(11), 30–48.

Association of Certified Fraud Examiners (ACFE). (2020). Report to the nations on occupational fraud and abuse . https://legacy.acfe.com/report-to-the-nations/2020/

ACFE. (2022). Occupational fraud 2022: A report to the nations . https://www.acfe.com/about-the-acfe/newsroom-for-media/press-releases/press-release-detail?s=2022-RTTN-launch

Chan

, Farrell

C. B.

, & Lee

(2008). Earnings management of firms reporting material internal control weaknesses under Section 404 of the Sarbanes-Oxley Act. Auditing: A Journal of Practice & Theory , 27(2), 161–179.

10.

Chiu

R. K.

(2003). Ethical judgment and whistleblowing intention: Examining the moderating role of locus of control. Journal of Business Ethics , 43(1–2), 65–74.

11.

Cohen

, Ding

, Lesage

, & Stolowy

(2010). Corporate fraud and managers’ behavior: Evidence from the press. Journal of Business Ethics , 95(S2), 271–315.

12.

Committee of Sponsoring Organizations of the Treadway Commission (COSO). (1992). Internal control—Integrated framework executive summary . https://egrove.olemiss.edu/cgi/viewcontent.cgi?article=1199&context=aicpa_assoc

13.

COSO. (2013). Internal control—Integrated framework executive summary . https://www.sechistorical.org/collection/papers/2010/2013_0501_COSOInternal.pdf

14.

Cressey

D. R.

(1953). Other people’s money: A study in the social psychology of embezzlement . Free Press.

15.

Dechow

P. M.

, Sloan

R. G.

, & Sweeney

A. P.

(1996). Causes and consequences of earnings manipulation: An analysis of firms subject to enforcement actions by the SEC. Contemporary Accounting Research , 13(1), 1–36.

16.

Doan

T. N.

, & Ta

T. T.

(2023). Factors of fraud triangle affecting the likelihood of material misstatements in financial statements: An empirical study. Journal of Governance and Regulation , 12(1), 82–92.

17.

Dorminey

, Fleming

, Kranacher

, & Riley

(2010). Beyond the fraud triangle. The CPA Journal , 80(7), 17–23.

18.

Dorminey

, Fleming

, Kranacher

, & Riley

R. A. Jr

. (2012). The evolution of fraud theory. Issues in Accounting Education , 27(2), 555–579.

19.

Doyle

, Ge

, & McVay

(2007). Determinants of weaknesses in internal control over financial reporting. Journal of Accounting & Economics , 44(1–2), 193–223.

20.

Dyck

, Morse

, & Zingales

(2010). Who blows the whistle on corporate fraud? The Journal of Finance , 65(6), 2213–2253.

21.

EcoGreen International Group Limited. (2015–2021). Annual reports. HKEXnews.

22.

EcoGreen International Group Limited. (2023, October 19). Inside information—Key findings of the independent investigation; and continued suspension of trading (Stock Code: 02341) . Hong Kong Exchanges and Clearing Limited. https://www1.hkexnews.hk/listedco/listconews/sehk/2023/1019/2023101800926.pdf

23.

Gao

, & Brink

A. G.

(2017). Whistleblowing studies in accounting research: A review of experimental studies on the determinants of whistleblowing. Journal of Accounting Literature , 38, 1–13.

24.

Goh

B. W.

, Krishnan

, & Li

(2013). Auditor reporting under Section 404: The association between internal control and going concern audit opinions. Contemporary Accounting Research , 30(3), 970–995.

25.

Guidry

, Leone

A. J.

, & Rock

(1999). Earnings-based bonus plans and earnings management by business-unit managers. Journal of Accounting and Economics , 26(1/3), 113–142.

26.

Healy

P. M.

(1985). The effect of bonus schemes on accounting decisions. Journal of Accounting and Economics , 7(1/3), 85–107.

27.

Holthausen

R. W.

, Larcker

D. F.

, & Sloan

R. G.

(1995). Annual bonus schemes and the manipulation of earnings. Journal of Accounting and Economics , 19(1), 29–74.

28.

Hong Kong e-Legislation. (2024). Cap. 622 companies ordinance . Hong Kong SAR Government.

29.

Huber

W. D.

(2012). Is forensic accounting in the United States becoming a profession? Journal of Forensic and Investigative Accounting , 4(1), 255–284.

30.

Hunt

S. D.

, & Vitell

(1986). A general theory of marketing ethics. Journal of Macromarketing , 6(1), 5–16.

31.

Jackson

, Holland

, Albrecht

, & Woolstenhulme

(2010). Fraud isn’t just for big business: Understanding the drivers, consequences, and prevention of fraud in small business. Journal of International Management Studies , 5(1), 160–164.

32.

Kawedar

, Handayani

R. S.

, & Milawati (2025). Perceptions of corruption by perpetrators: An empirical analysis of the fraud triangle and attribution theories. Problems and Perspectives in Management , 23(1), 515–527.

33.

Kenyon

, & Tilton

P. D.

(2006). Potential red flags and fraud detection techniques: A guide to forensic accounting investigation (1st ed.). John Wiley & Sons Inc.

34.

KPMG. (2013). COSO internal control—Integrated framework (2013). https://home.kpmg.com/content/dam/kpmg/pdf/2016/05/2750-New-COSO-2013-Framework-WHITEPAPER-V4.pdf

35.

Lee

, & Xiao

(2018). Whistleblowing on accounting-related misconduct: A synthesis of the literature. Journal of Accounting Literature , 41, 22–46.

36.

Lev

(2003). Corporate earnings: Facts and fiction. Journal of Accounting Perspectives , 17(2), 27.

37.

Mesmer-Magnus

J. R.

, & Viswesvaran

(2005). Whistleblowing in organizations: An examination of correlates of whistleblowing intentions, actions, and retaliation. Journal of Business Ethics , 62(3), 277–297.

38.

Miceli

M. P.

(2004). Whistle-blowing research and the insider: Lessons learned and yet to be learned. Journal of Management Inquiry , 13(4), 364–366.

39.

Morales

, Gendron

, & Guenin-Paracini

(2014). The construction of the risky individual and vigilant organization: A genealogy of the fraud triangle. Accounting, Organizations and Society , 39(3), 170–194.

40.

Near

J. P.

, & Miceli

M. P.

(1985). Organizational dissidence: The case of whistle-blowing. Journal of Business Ethics , 4(1), 1–16.

41.

Park

, & Blenkinsopp

(2009). Whistleblowing as planned behavior—A survey of South Korean police officers. Journal of Business Ethics , 85(4), 545–556.

42.

Rahman

M. J.

, & Jie

(2024). Fraud detection using fraud triangle theory: Evidence from China. Journal of Financial Crime , 31(1), 101–118.

43.

Ramamoorti

(2008). The psychology and sociology of fraud: Integrating the behavioral sciences component into fraud and forensic accounting curricula. Issues in Accounting Education , 23(4), 521–533.

44.

Rezaee

(2005). Causes, consequences, and deterence of financial statement fraud. Critical Perspectives on Accounting , 16(3), 277–298.

45.

Sauser

W. I.

(2007). Employee theft: Who, how, why, and what can be done. Advanced Management Journal , 72(3), 13–25.

46.

Schein

E. H.

(1990). Organizational culture and leadership . Jossey Bass.

47.

Schwartz

M. S.

, Dunfee

T. W.

, & Kline

M. J.

(2005). Tone at the top: An ethics code for directors? Journal of Business Ethics , 58(1–3), 79–100.

48.

Seifert

D. L.

, Stammerjohan

W. W.

, & Martin

R. B.

(2014). Trust, organizational justice, and whistleblowing: A research note. Behavioral Research in Accounting , 26(1), 157–168.

49.

Seifert

D. L.

, Sweeney

J. T.

, Joireman

, & Thornton

J. M.

(2010). The influence of organizational justice on accountant whistleblowing. Accounting, Organizations and Society , 35(7), 707–717.

50.

Smith

, & Crumbley

(2009). How divergent are pedagogical views toward the fraud/forensic accounting curriculum? Global Perspectives on Accounting Education , 6(1), 1–24.

51.

Sridharan

U. V.

, & Hadley

L. U.

(2018). Internal audit, fraud and risk management at Wells Fargo. International Journal of the Academic Business World , 12(1), 49–53.

52.

Trompeter

G. M.

, Carpenter

T. D.

, Desai

, Jones

K. L.

, & Riley

R. A.

(2013). A synthesis of fraud-related research. Auditing: A Journal of Practice and Theory , 32, 287–321.

53.

Trongmateerut

, & Sweeney

J. T.

(2013). The influence of subjective norms on whistle-blowing: A cross-cultural investigation. Journal of Business Ethics , 112(3), 437–451.

54.

Villaescusa

, & Amat

(2022). When collusion meets the fraud triangle: A case study approach. Journal of Financial Crime , 29(3), 805–815.

55.

Wells

J. T.

(2011). Corporate fraud handbook: Prevention and detection (2nd ed.). John Wiley & Sons Inc.

56.

Whispli. (2019). Why you need more than a whistleblowing hotline . https://resources.whispli.com/blog/anonymous-whistleblowing-hotline

57.

Wong

P. T. P.

(2002). Creating a positive, meaningful work climate: A new challenge for management and leadership. In

Pattanayak

& Gupta

(Eds.), Creating performing organizations: International perspectives for Indian Management . Sage Publications.

58.

Yin

R. K.

(1994). Case study research: Design and methods (2nd ed.). Sage Publications.

59.

Zhang

, Pany

, & Reckers

P. M.

(2013). Under which conditions are whistleblowing ‘‘best practices’’? Auditing: A Journal of Practice & Theory , 32(3), 171–181.

60.

Zikmund

P. E.

(2008). Reducing the expectation gap. The CPA Journal , 78(6), 20–25.

Application of Fraud Triangle Theory: Case Study for EcoGreen International Group Limited

Abstract

Keywords

1. Introduction and Research Objectives

1.1. Introduction

1.2. Research Questions and Objectives

1.3. Research Significance

2. Literature Review

2.1. Fraud Triangle Theory and Its Evolution

2.2. Empirical Applications in Corruption and Occupational Fraud

2.3. Fraud Triangle and Financial Statement Fraud

2.4. Evidence from China and Other Emerging Markets

2.5. Case-based Extensions: Collusion and Complex Schemes

3. Research Methodology

3.1. Research Design and Data Collection

3.2. Data Analysis Methodology

4. Theoretical Framework

4.1. Fraud Triangle Theory

4.1.1. Opportunity

4.1.2. Pressure

4.1.3. Rationalization

4.1.4. Prevention of Fraudulent Behaviour

4.2. COSO Internal Control Framework

4.3. ISA 240 and Auditor Responsibilities for Fraud Detection

5. Background and Timeline of EcoGreen

5.1. Company Background

5.2. Critical Timeline of Events

6. Fraud Triangle Analysis and COSO Analysis

6.1. Opportunity: Systematic Control and IT Failures

6.2. Pressure: Financial and Organizational Stress

6.3. Rationalization: Justification of Misconduct

7. External Auditor Analysis: PwC’s Failures

7.1. Audit Responsibilities Under ISA 240

7.1.1. Professional Scepticism Failure

7.1.2. Fraud Risk Assessment and IT-related Failure

8. Stakeholder Impact Analysis

8.1. EcoGreen and Its Management Team

8.2. Shareholders

8.3. Employees

8.4. Creditors

8.5. Regulators and Others

9. Limitations and Future Research Directions

10. Recommendations

10.1. For Companies: Enhanced Internal Controls and Rotation of Audit Firm

10.2. For Auditors: Enhanced Fraud Detection Procedures

10.3. For Regulators: Enhanced Oversight

11. Conclusion and Implications

Footnotes

Acknowledgements

Authors’ Contribution

Declaration of Conflicting Interests

Ethical Declaration

Funding

ORCID iDs

Appendix A

References