How can the fraud triangle be used to understand fraud? What are its limitations? What other tools and techniques can auditors use to best detect fraud?