Fraud: Real Stories, Real People, Real Impact

Fraud: Real Stories, Real People, Real Impact Chris Harper, CPA, MBA Senior Manager

Types of Fraud Asset misappropriation Fraudulent financial reporting Identity theft

Detection Skills

The Fraud Triangle Incentive/Pressure Rationalization/Attitude Opportunity

Incentive / Pressure Gambling Extramarital activity Alcohol and drug abuse Unexpected expenses Illness Loss of employment Living beyond means Loan covenants Benchmarks and target metrics

Rationalization / Attitude The company owes me. I am just borrowing for a short time. A little bit will not matter to this big company. My employer deserves this. I am helping keep this company afloat. Many jobs depend upon the company s ability to stay in business. If we can just make it through this loan renewal we will be able to persevere.

Opportunity Familiarity with operations, including cover-up capabilities Employee in a position of trust Close association with suppliers and other key parties (conflicts of interest) Weak or non-existent internal controls Improper implementation of internal controls Management overrides Collusion

Asset Misappropriation Tactics Skimming Lapping Reversing Entries Shell Companies Check Tampering Ghost Employees Kickbacks Identity Theft

COSO Framework Control Environment Risk Assessment Control Activities Information and Communication Monitoring

Case Study: One for You One for Me Scenario - Delivery company issued credit cards for fuel purchases. The Theft - Employee had family members meet him at the gas station when filling the company vehicle. Employee would pass the nozzle over to the family member and fill the personal car on the company s dollar.

Case Study: One for You One for Me The Result - The theft went on for several months before management was notified via an anonymous tip. Prevention and Lessons Learned Closely monitor employee use of credit cards. Review DETAILED receipts for all purchases. Look at items being purchased for reasonableness. Check quantity of items purchased. Perform trend analysis/exception testing.

Case Study: Bogus Freight Charges Scenario - Unscrupulous trucking company inflated shipping weights on deliveries, falsifying records and ultimately overbilling a company for nearly $840,000. The Theft - Invoices were checked for mathematical accuracy and approved rates. However, nobody compared invoiced weights with actual weights. This lack of control allowed the trucking company to greatly inflate the weights listed on their invoices.

Case Study: Bogus Freight Charges The Result - The theft went undetected for three years before an accounts payable clerk caught on to the scheme. Prevention and Lessons Learned No background check was performed on the operator of the trucking company. Always compare invoices to purchase orders and shipping and receiving reports. Even sampling would be better than nothing!

Case Study: The Crafty Courier Scenario - A medical office courier stole $250,000 from a physician practice by skimming cash. The Theft - A log of all payments was maintained by staff at each location. Cash was counted by both the courier and receptionist when the deposit slip was completed along with a copy of the daily receipt log, which was sent to the administration building for filing. However, after the slip was completed, the courier would remove all the cash from the deposit and complete a new deposit ticket excluding the amounts of cash.

Case Study: The Crafty Courier The Result - The theft went undetected for three years before an employee found some unaltered original deposit slips in the courier s desk. Prevention and Lessons Learned Reconcile bank deposits to receipt log for amounts and type of receipt (check vs. cash). The courier was living beyond his means and was very showy with his money. Though it seemed like decent controls were in place, this employee exploited a loophole.

Case Study: Personal Procurement Scenario A procurement contractor created a proprietary company and made it an accepted vendor for a company. The Theft She was able to embezzle $114,000 for promotional work by submitting false invoices for work that was never performed.

Case Study: Personal Procurement The Result This fraud was halted in a relatively quick fashion, but certainly offered opportunities for tightening internal controls. Prevention and Lessons Learned Vendor approval processes Authority relegated to a contractor? Vouching and authorization of invoices Data mining as a monitoring tool

Case Study: One for the Road Scenario A grocery store required the manager on duty to unlock the back door when associates needed to exit the building for work duties. The Theft A high school grocery clerk learned that he could ask certain managers to lend keys. He stowed a case of beer in the outside garbage compactor and subsequently retrieved the beer at the end of his shift.

Case Study: One for the Road The Result This scheme unraveled when the grocery clerk initiated a fight with a produce clerk who had inadvertently destroyed a case of beer in the trash compactor. Prevention and Lessons Learned A control was circumvented. The clerk had earned management s trust. Operational constraints may have prevented the control from consistently implemented. Collusion could have invalidated the control.

Case Study: Rita Crundwell Scenario - Rita Crundwell served as the treasurer and comptroller for Dixon, IL from 1983 to 2012. She embezzled $53.7 million from the city over two decades. The Theft Crundwell established a secret bank account that she controlled. She diverted city funds to the account under the false premise of capital expenditures.

Case Study: Rita Crundwell The Result - While Crundwell was on an extended vacation, a city clerk who served as acting comptroller during Crundwell's absence discovered the account and disbursements. Prevention and Lessons Learned Lack of segregation of duties Overreliance on a trusted individual Lack of supervisory oversight Little skepticism regarding her lifestyle Crundwell s vacation Where were the auditors?

Case Study: Parmalat Scenario In the late 1990s, this Italian firm embarked on a leveraged acquisition of international subsidiaries. Parmalat dramatically overstated cash and understated debt. The Theft Management took cash for personal purposes but did not record the transactions on the company s books. Over $11 billion of cash was fabricated during a ten-year period!

Case Study: Parmalat The Result Approximately 35,000 shareholders lost money in the largest European bankruptcy. Ultimately, 29 former Parmalat executives were implicated in the fraud. Prevention and Lessons Learned Understanding management s motivations Paying attention to even the littlest details The importance of professional skepticism and analytical procedures Management s ability to override controls

Prevention and Detection Techniques Design and implement procedures and internal controls to help deter, prevent and detect fraud. Emphasize independent monitoring and review. Have a fraud risk evaluation performed by an external professional. Conduct internal/external surprise audits. Establish an internal fraud hotline.

Prevention and Detection Techniques Have ongoing fraud education and ethics training in the workplace. Create a culture of honesty and ethics in your organization. Foster a culture of accountability. Create an environment in which employees believe that dishonest acts will be detected, are not tolerated and are punished.

Prevention and Detection Techniques Require an original invoice of all bills before writing checks and verify amount of the check is for the exact amount on the bill. Require invoices and receipts for all reimbursements to individuals for purchases of goods and services.

Prevention and Detection Techniques Submit bank statements (with bank reconciliations) regularly to the CFO, owner or other supervisory individual. Consider having bank statements sent directly to the owner s home. Perform background checks on certain employees.

Prevention and Detection Techniques Separate custody of assets from recordkeeping of the assets. Separate authorization from procurement of acquisitions. Perform regular reconciliations (or spot checks at a minimum) of transactions that are susceptible to defalcation (e.g. company credit card purchases and expense reports).

Prevention and Detection Techniques Use an asset tracking system for valuable and/or portable assets. Consider using a third-party payroll service. Cross-train employees and periodically rotate duties. Require employees to take vacations each year. Perform exception/trend analyses with databases.

Chris Harper charper@hungerfordnichols.com