T&E Expense Reporting: Tips, Techniques & Strategies to Minimize Reimbursement Fraud

T&E Expense Reporting: Tips, Techniques & Strategies to Minimize Reimbursement Fraud FEATURED FACULTY: Richard B. Lanza, CPA, CFE, CGMA, President of Cash Recovery Partners LLC 973-729-3944 rich@richlanza.com

Rich Lanza (CPA, CFE) President of Cash Recovery Partners, LLC Rich helps companies identify their hidden financial assets, mostly using technology and referring them to specialists. He has close to two decades of experience in audit technology and recovery auditing, becoming a leading authority in these areas. His free website, www.findmillions.net, helps companies to identify cost recovery and prospective savings in all areas of their business. He recently published a title for Wiley & Sons on a similar topic, with content specific to travel and expense auditing, entitled Cost Recovery: Turning Your Accounts Payable Department Into a Profit Center.

**Certificates of attendance and CEUs, when available, must be requested through the online evaluation.** Evaluation for Live Event: We d like to hear what you thought about the audio conference. Please take a moment to fill in the survey located here: http://www.c4cm.com/handouts/041114.htm Requests for continuing education credits and certificates of attendance must be submitted within 10 days of the live event. Evaluation for CD Recording: Please use the following link to submit your evaluation of the recorded event: http://www.c4cm.com/handouts/cdeval.htm Please note: All links are case sensitive Receive 1.5 CPE credits by attending the live Audio Conference! CCM is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be addressed to the National Registry of CPE Sponsors, 150 Fourth Avenue North, Suite 700, Nashville, TN, 37219-2417. Web site: www.nasba.org Program Level: Intermediate Prerequisites: This course is for participants with some exposure to the subject. Advanced Preparation: None Delivery: Group Live CPE Credits: 1.5 Recordings of the program do not qualify for CPE credits. For more information regarding administrative policies such as complaint and refund, please contact our offices at 877-900-C4CM (2426).

Cost Savings Process Improvements Prevent and Detect Fraud 1 About Rich Lanza, CPA, CFE, CGMA Richard B. Lanza, CPA, CFE, CGMA Over two decades of ACL / Excel / audit tools usage in building automated audit and cost recovery tools Helps companies automate their analytics departments and work towards becoming bionic auditors Winner of the 2 nd Annual ACL User Challenge Wrote the ACL publication on how to use the product in 101 ways (101 ACL Applications) Has written and spoken on the use of audit data analytics for over 15 years. Recently was a contributing author of: Global Technology Audit Guide (GTAG #13) Fraud in an Automated World Institute of Internal Auditors. Data Analytics A Practical Approach - research whitepaper for the Information System Accountability Control Association. Cost Recovery Turning Your Accounts Payable Department Into a Profit Center Wiley and Sons. AuditSoftwareVideos.com Training website devoted to audit analytic training Received the Outstanding Achievement in Business Award by the Association of Certified Fraud Examiners for developing the publication Proactively Detecting Fraud Using Computer Audit Reports as a research project for the IIA Has a (FREE!) website devoted to detailed audit software training at www.auditsoftwarevideos.com Please see full bio at www.richlanza.com 1

Identify errors and fraud to minimize losses and reduce business risk, Establish a plan for fraud detection and follow through for maximum impact on minimal effort, and What you must include in your internal T&E policies Strategies and how to tips for aggregating, monitoring and analyzing expense data Techniques to help you audit employees' compliance with spending policies What types of analyses you should perform to highlight fraud in your T&E process Red flags to look out for in expense reports Is 3 to 5% savings in T&E worth the controls? It probably won t be enough of an issue for SarbOx 98% of people are honest Do you want to hound them for the 2%? Is T&E a company benefit? Will you be able to take on the executives? Does your company do well with policies? Are you really ready to find fraud? 2

6 3

7 8 4

Mischaracterized personal expenses that are submitted as business. Overstated inappropriate overstatement of submitted expenses. Fictitious Receipt phony receipt used as support. Over-purchase purchase more than needed and keep the rest. Collusion manager and employee scheme the company Book a personal trip as a business one: Match dates of travel to airline dates Book an expensive refundable ticket and a cheaper ticket, cancel the refundable ticket, and then submit it for payment Obtain payment receipt (i.e., Visa bill for the month) and airline support 5

Edit the Email on an E-Ticket Obtain payment receipt (i.e., Visa bill for the month) and airline support Use one airline to get mileage points (even if not the best) Get a general sense of flight costs and airlines for key company locations Scan invoice and increase amounts Get extra invoice paper from hotel and type phony bill Complain to reverse charges and submit the original invoice Ask for a discount (i.e., AAA) after the bill is printed Obtain payment receipt (i.e., Visa bill for the month) and hotel support 6

Buy tear off receipts at office supply store and submit phony receipts Eat cheap meals or have someone else pay for them and then submit thrown away receipts Check dates are within travel period Obtain payment receipt (i.e., Visa bill for the month) and hotel support Put through phony taxi receipt and have someone drive you to the airport Obtain payment receipt (i.e., Visa bill for the month) Add more mileage to the mileage allowance Get a general sense of mileage between company locations or use Mapquest 7

Meals ($30 a day * 4 days * 20trips) = $2,400 Gas/Mileage ($20 per trip * 20 trips) = $400 Airline ($100 per trip * 20 trips) = $2,000 Hotel ($10 per day * 4 days * 20 trips) = $800 Entertainment ($50 per trip * 20 trips) = $1,000 Other ($50 per trip * 20 trips) = $1,000 Airline/Other miles for free tickets = $7,000 Total of $14,600 after tax or $20,000 before tax Think Prevention vs. Future Detection Identify issues earlier in their lifecycle Build a aura of deterrence within procure to pay Build a Continuous Review Process Technology Some staff time / external assistance Keep Improving the Model Model on identified frauds Remove false positives to isolate interesting events 16 8

Whistleblower Hotline Code of Conduct Employee Training Book It For Them Automated Workflow Review the Data Deal With the Fraudsters 9

Per EVERY ACFE Report to the Nation If you discover suspicious activity and don t have concrete proof, get help from Security and/or Legal before confronting an employee. A false accusation can cause irreparable harm to employee morale and could result in a lawsuit against your company. 10

General Employee Conduct Kickbacks and Secret Commissions Conflicts of Interest Organization Funds and Other Assets Outside Activities, Employment and Directorships Organization Records and Communications Relationships with Clients and Suppliers Dealing With Outside People and Organizations Gifts, Entertainment and Favors Prompt Communications Privacy and Confidentiality Fraud Policy Definitions of misconduct and dishonesty Organizational policy and responsibilities regarding reporting suspected misconduct. Deterrence and detection responsibilities of individuals with supervisory or review responsibility. Policy specifying the responsibility and authority related to the investigation of incidents of misconduct and dishonesty. General procedures for the follow up and investigation of reported incidents. Note that questions or other clarifications of the fraud policy should be addressed to the corporation s Chief Counsel. 11

Explain the basics of fraud How it starts How it grows fast Red flag signs Explain what to do if they sense it Make it fun Do case studies using past or fictional examples Profile departments and employees Based on past experience Based on data trends (see next section) Based on the departmental composition Based on particular employee knowledge 12

25 Get everyone involved in the slow months More people with time to review Cross-trains employees in T&E auditing Contact a few high risk employees even if there is no apparent issue Ask an innocent question Show then you are watching They may admit something 13

27 Review the business purpose of each expense for reasonableness. Validate expenses with proper receipts (when applicable). Recalculate the total reimbursable amount to test accuracy. Review each report for proper approval Trace and agree the total reimbursable amount on the T&E report to the disbursement(s). 14

Travel agency to process hotel, car, and air Administrative assistant can do it too Use a car service 15

Check details against established policies Prevent entry or simply flag and report Consistent process for all employees Automated approval workflow Real-time data analysis Enforce company financial policy Established system of approvals Increased visibility Sound internal controls Heightened accountability Reduced audit fees Peace of mind 16

You can improve what you measure Summary data (at the invoice level) is not enough for auditing Detail data Doesn t have to be an automated system (although one helps) Can be done in Excel/Access to get started 17

Online T&E system Travel company Procurement card Access database / Excel spreadsheet 18

Trend categories (meals, hotel, airfare, other) Trend mileage Trend departments Trend in the type of receipts Trend by vendor Trend by person and title Trend under limits (company policy) Unmatched query of cardholders to an active employee masterfile Cards used in multiple states (more than 2) in the same day Cards processing in multiple currencies (more than 2) in the same day Identify cards that have not had activity in the last six months Cardholders that have more than one card Extract any cash back credits processed through the card Extract declined card transactions and determine if they are frequent for certain cards Summary of card usage by merchant to find newly added merchants and most active 38 19

Web Search State Filing Search SAM.Gov / OFAC IRS TIN Matching 20

Benford s Law Continuous View Quarterly law 0.3500 0.3000 0.2500 0.2000 0.1500 0.1000 0.0500 0.0000 10 15 20 25 30 35 40 45 50 55 60 65 70 75 80 85 90 95 Frequency Benford 4th 3rd 2nd 1st Digits 21

22

45 46 23

Task needed for fraud Red flag types in data Red flag types in data Design of reports Reports generate thousands of red flags and false positives False positives Summarized and Ranked 500,000 Invoices 70,000 Red Flags Pull 50-75 exp reports based on fraud score 48 24

Instead of selecting samples from reports, transactions that meet multiple report attributes are selected (kill more birds with one stone). Therefore a 50 unit sample can efficiently audit: 38 duplicate charges 22 round invoice.and they are the best given they are mathematically the most severe. Sampling can be based on quadrants which takes into account different severity, volume, and value dimensions 49 1. Employees with low transaction, high dollar activity - 20 2. Employees with a high proportion of round dollar payments. - 25 3. Payments to any employees that exceed the twelve month average payments to that employee by a specified percentage (i.e., 200%) or 3x the standard deviation for that vendor. - 20 4. Employees with a high proportion of charges near approval limits - 35 25

Summarize by dimensions (and sub dimension) to pinpoint within the cube the crossover between the top scored location, time, and place of fraud based on the combined judgmental and statistical score 51 26

Have an incident response program Set the investigation plan Set accountabilities Do appropriate marketing Put everyone on notice that a team exists and is ready to investigate as needed Communicate wrongdoing through company newsletters even if it is done at a departmental level Terminate Make an example of those who get caught Put fraud on their W-2 Remember it is better to prevent and deter than try to reclaim later 27

28