Category Archives for "Fraud"

Ways Fraud Happens
Jul 13

25 Ways Fraud Happens: Ideas for Audit Brainstorming

By Charles Hall | Fraud

As auditors perform their fraud brainstorming, it helps to have ideas to consider. So today I provide you with 25 ways fraud happens. 

Ways Fraud Happens

25 Ways Fraud Happens

Here’s a list of common company thefts:

  1. Collection clerk steals cash prior to recording it
  2. Collection clerk steals cash after recording a customer receipt; he voids the receipt and adjusts (writes down) the customer’s account
  3. Collection clerk places a personal check (for $5,000) in the cash drawer and takes an equivalent amount of cash; the clerk leaves the check in the drawer for months—in effect the clerk has an unauthorized loan
  4. The cash collections supervisor steals cash after receiving funds from collection clerks but before the money is deposited; she adjusts the related bank reconciliation by the amount stolen
  5. The person opening the mail steals checks before they are receipted; these amounts had not previously been recorded as a receivable
  6. Employees steal capital assets (knowing that no one performs periodic inventories)
  7. Employees use company credit cards for personal purchases but code the transactions as company expenses
  8. Accounts payable clerks cut checks to themselves (or to an accomplice) but record the check as company expenses; the check signatures are forged
  9. Accounts payable clerks establish fictitious vendors using their own addresses, a P.O. Box, or that of an accomplice; payments are made to the fictitious vendor and covered up with fictitious invoices; the checks are signed electronically as they are printed
  10. Accounts payable employee intentionally double-pays an invoice, then requests that the vendor refund the extra payment (with the refund going directly to the payable clerk)—check is converted to personal use
  11. Payroll personnel increase the pay rate—in the master pay rate file—for themselves or for friends working in the company
  12. Payroll personnel pay themselves (or friends) twice for each payroll
  13. Payroll personnel purposefully overpay withholding taxes and inflate the withholding amount on their own W-2, resulting a tax refund that includes the excess payments
  14. Purchasing department personnel are bribed by a vendor; the vendor recoups the bribe costs by inflating its subsequent invoices
  15. State, city, county elected officials are bribed; the vendor recoups the bribe costs by inflating its subsequent invoices
  16. Vendors give favors (e.g., free vacations) to those with the power to buy—commonly called a gratuity; vendor recoups the cost of the favors by inflating its subsequent invoices
  17. CEO orders accounts payable staff to make payments to himself (with an implied threat); payments are coded in a manner that hides the payment
  18. Money is wired by the CFO to the CFO but is recorded as a legitimate expense using a journal entry
  19. Money is wired to the CFO who then leaves the country without trying to cover up the theft
  20. The CEO or CFO makes payments to someone who is threatening their life or is blackmailing them; the expense is coded as legitimate
  21. A secret bank account is opened in the name of the business by the CFO but the sole authorized check signer is the CFO; checks are made from a legitimate business bank account to the secret bank account; the CFO writes checks to himself from the secret account
  22. A sales person steals rebate checks that belong to the company; she deposits the checks into her personal bank account by writing “pay to the order of…” on the back of the check
  23. The payables clerk writes a manual check to himself and then records the check with a journal entry that reflects a legitimate vendor
  24. The CFO inflates revenue at year-end with fictitious journal entries; stock prices go up; the CFO sells personally-owned company stock, then the CFO reverses the year-end accruals
  25. The inventory clerk steals stock and covers the theft by altering the inventory records

Fraud Brainstorming for Auditors

In performing your fraud brainstorming, consider printing out this list and seeing if any of these thefts are relevant to your audit.

How to prevent payroll fraud
Jul 06

How to Prevent Payroll Fraud

By Charles Hall | Fraud

Do you know how to prevent payroll fraud? Today we take a look at how you can protect your business.

Direct deposit of payroll checks can open the door to theft. Also when one person is in control of payroll processes, danger lurks.

prevent payroll fraud

Picture is courtesy of DollarPhotoClub.com

I was teaching a fraud prevention class this past Friday, and one of the participants, a school payroll clerk named Dawn, asked me to address how fraud might occur in her department. So I asked her a series of questions.

“Does your school use direct deposit?” She answered yes.

“Do you fully control the issuance of W-2s?” Dawn said yes.

“Who adds the direct deposit information to your payroll software?” She answered, “I do.”

“Can anyone else change the direct deposit file?” Her answer was no.

“Who controls the master pay rate file?” Here again, she was the only one who had rights to this payroll function.

Then I asked Dawn if she reconciles the bank statement. She said that Randy, a gentleman sitting in front of her, reconciles the account. I was also told that they have hundreds of employees.

How Can Dawn Steal?

I told the class that a person in Dawn’s position could steal in multiple ways. Here are a few:

  • She can leave a terminated employee on the payroll and change that person’s bank account number to her own, allowing her to receive all payroll payments for the discontinued staff member. Then, she can also alter the related W-2s to cover her tracks.
  • She can change the master pay rate of any employee, including herself.
  • She can inflate the hours worked for any employee.

Prevent Payroll Fraud

After pointing out the flaws in internal control, I asked the class how they would reduce these threats. Angela (another student) sang out: “Create transparency by allowing another person to review or see what the payroll clerk is doing.” (This made me smile since I had been preaching this idea all morning.)

To lessen the threat of fraud, always ask, “how can I create transparency?” The answer will almost always involve allowing another individual to monitor the work of the primary persons in the process. And I am not proposing that this observing person be present 24/7—just that she periodically review the activity of the primary person (e.g., payroll clerk). 

The monitoring person can be someone that works with the entity or someone from the outside (e.g., external CPA). Here are sample fraud prevention measures for the above-described threats:

  • Download all the payroll records, including each employee and direct deposit bank account number; sort for identical bank account numbers (a same bank account number may mean that a terminated employee was left on the payroll, and their deposits are being routed to another person such as the payroll clerk)
  • Have someone (other than the payroll clerk) pull the payroll personnel files for twenty employees and then compare the authorized pay rates (in the personnel file) to the payroll master file (in the software); tell the payroll clerk that this procedure will occur with some frequency and will happen without notice
  • For hourly employees, have someone (other than the payroll clerk) pull the reported hours for two departments and review for appropriateness; inquire of the department head regarding any higher-than-normal hours
  • Examine the W-2s of the payroll personnel
  • Print a budget to actual salary report or a current year/prior year comparison of wages; provide the same to the governing body
  • Report findings from these procedures to the governing body; do this at least once per year (regularity makes the payroll personnel think twice about theft)

Take Away

By the way, the payroll clerk was the only person with access to the payroll master file. This is not necessarily a bad thing. You want to limit the number of persons with access to payroll master file, but a second person should monitor the payroll clerk’s inputs into the payroll software.

So how can you prevent payroll fraud? Think about your own payroll system. Are there any potential threats to your payroll system? Also, be aware of backdoor payroll thefts and ghost employees.

If you’ve seen payroll fraud, please share a comment about how it happened.

If you are interested in more information about white-collar crime, check out my other fraud prevention articles.

$16 million stolen from bakery
May 27

How $16 Million was Stolen from a Bakery

By Charles Hall | Asset Misappropriation

Is it possible to steal over $16 million from a bakery? You bet. Today I show you how large sums of money can be taken from a small business with one simple fraud scheme.

The Theft

Sandy Jenkins, the controller of Collin Street Bakery in Corsicana, Texas, made off with more than just fruitcakes. He took over $16 million, so says the FBI. And what did Mr. Jenkins do with the money?

He used the funds in the following ways:

  • $11 million on a Black American Express card
  • $1.2 million at Neiman Marcus in Dallas
  • 532 luxury items, including 41 bracelets, 15 pairs of cufflinks, 21 pairs of earrings, 16 furs, 61 handbags, 45 necklaces, 9 sets of pearls, 55 rings, and 98 watches (having an approximate value of $3.5 million)
  • Wine collection (having an approximate value of $50,000)
  • Steinway electronic piano (having a value of $58,500)
  • 223 trips on private jets (primarily Santa Fe, New Mexico; Aspen, Colorado; and Napa, California, among other places), with a total cost that exceeded $3.3 million
  • 38 vehicles, including many Lexus automobiles, a Mercedes Benz, a Bentley, and a Porsche
  • And more…

How the money was stolen

You might think that stealing $16 million would require an elaborate scheme. But did it? 

Here’s an example of his method: Jenkins would print a check to his personal credit card company, but he would void the check in the accounting system. (He still had the printed check.) Then, he would generate a second check for the same amount to a legitimate vendor, but the second check was never mailed. Next, Jenkins would send the first check to his credit card company.

The result: Jenkins’ credit card was paid, but the general ledger reflected a payment to an appropriate vendor.

$16 million was stolen from bakery

The Weakness that Led to the Theft

No one was comparing the cleared check payees to the general ledger. 

The Fix that Will Detect the Theft

Someone other than those who create checks should reconcile the bank statements to the general ledger. As they do, they should compare the cleared check payees to the vendor name in the accounting system. Some businesses have hundreds (or even thousands of checks) clearing monthly. Therefore, they may not desire to examine every cleared check. 

Alternatively, the business could periodically sample the cleared checks, comparing the cleared checks to the vendor payments in the general ledger. The persons creating checks should know that this test work will be performed. Doing so creates the camera effect. When people know their actions (in this case, the creation of checks) will be examined, they act differently–they are much less likely to steal.

If you desire a preventive control, require a second-person review of canceled checks.

Additionally, someone should be reviewing the profit margins of the company, comparing the ratios with prior periods.

Lastly, when segregation of duties is not possible, have the bank statements mailed to someone outside the accounting department such as an owner. That person should review the cleared checks before providing them to the accounting department. Alternatively, provide online access to the reviewing person. The reviewer should examine the cleared checks and provide documentation of his or her examination to the accounting department.

What Happened to Sandy Jenkins?

Sandy Jenkins was sentenced by U.S. District Judge Ed Kinkeade to serve a total of 120 months in federal prison. His wife, Kay Jenkins also pleaded guilty to one count of conspiracy to commit money laundering. Ms. Jenkins was sentenced to five years of probation.

Fraud Prevention for Small Governments
Feb 06

Fraud Prevention for Small Governments

By Charles Hall | Fraud , Local Governments

Many small governments suffer losses from theft since they lack a sufficient number of employees to segregate accounting duties. There are, however, steps you can take to protect your resources. In this post, I provide ideas for fraud prevention in small governments.

Most government officials don’t realize that external audits are not designed to detect immaterial fraud (immaterial can be tens of thousands of dollars – sometimes even more). Such officials incorrectly believe that a clean opinion means no fraud is occurring in their locale – this is a mistake. External financial statement opinion audits are not designed to look for fraud at immaterial levels. Even if your government has an external audit, consider implementing fraud prevention procedures.

Fraud Prevention for Small Governments

In a typical small government accounting setting, the city of In Between (as in between two stop lights) (population 1,202) has a mayor and three council members. The city has one bookkeeper (we’ll call him Dale) who orders and receives all purchased items; he writes all checks, reconciles bank statements, and keys all transactions into the accounting system. Dale also receipts all collections and makes all deposits. Mayor Chester signs all checks (vendor and payroll). (In a long-standing tradition, the mayor also graces the city Christmas parade float as Santa Claus.) With so little segregation of duties, what can be done?

The smaller the government, the greater the need for fraud prevention – even if Santa Claus in involved. And yet, these are the governments that most often don’t have the resources–whether the money to pay for outside assistance or employees to segregate duties–to prevent fraud. Here are few ideas for even the smallest of governments.

Low-Cost Fraud Prevention

First, let’s look at low-cost fraud prevention options:

  • Have all bank statements mailed directly to Mayor Chester who will open and inspect the bank statement activity before providing the bank statements to Dale; alternatively, provide online access to Mayor Chester who reviews bank statement activity and signs a monthly memo documenting his review
  • Once or twice a year, have council members pick two months at random (e.g., May and September) and review key bank statement activity (e.g., the operating and payroll accounts)
  • Once or twice a year, have council members randomly select checks (e.g., ten vendor checks and ten payroll checks) and review supporting documentation (e.g., invoices and time sheets)
  • Once or twice a year, have the mayor and council review receipt collections and related documentation (e.g., for two days deposits); agree receipts to bank deposits and to the general ledger
  • Provide monthly budget to actual reports to mayor and council
  • Provide monthly overtime summaries to mayor and council
  • Do not allow Dale to sign checks
  • Require two signatures on checks above a certain level (e.g., $5,000); have two of the council members (in addition to the mayor) on the bank signature cards; supporting documentation (e.g., invoice) should be provided to check signers for review
  • Require Mayor Chester and Dale to authorize any wire transfers
  • Have Dale provide the mayor with monthly bank reconciliations; the mayor should document (e.g., initial the reconciliation) his review
  • Don’t provide Dale with a credit card
  • If Dale is provided a credit card, provide him with one card; use a low maximum credit limit (e.g., $1,000); Dale’s credit card statements should be provided to the mayor when he signs the related check for payment
  • Use a centralized receipting location (if possible); receipts should always be written upon collection of a payment

Higher Cost Fraud Fraud Prevention

Now let’s examine some higher cost options (that are probably more effective):

  • Have an outside CPA or Certified Fraud Examiner (CFE) perform the receipting and payment tests listed above
  • Have an outside CPA or CFE map your internal control system and make system-design recommendations
  • Have an outside CPA or CFE make surprise unannounced visits (e.g., two per year) to examine the receipting system, payroll, and the payment system; at the beginning of the year, tell Dale that the surprise visits will occur (details of what will be tested should not be communicated to Dale)
  • Install a security camera to record all of Dale’s collection and receipting activity
  • Purchase fidelity bond to cover elected officials and Dale

Keep in mind that you can limit the cost of the outside CPA. The contract might read Surprise audit of vendor payments with cost limited to $1,500. Try to contract with a CPA or CFE with governmental experience. The surprise audits and the fidelity bond recommendations are, in my opinion, the most critical steps.

Some states like New York audit local governments for fraud; consequently, if your local government is frequently audited by a state agency, there may be less of a need to hire an outside CPA or CFE to perform fraud prevention procedures.

Additional Fraud Prevention Resources

Click here for a list of local government controls to consider.

For additional insights into preventing fraud in your government, get The Little Book of Local Government Fraud Prevention on Amazon.

Statement on Standards for Forensic Services No. 1
Jan 14

Statement on Standards for Forensic Services No. 1: An Exposure Draft

By Charles Hall | Fraud

The AICPA has issued an exposure draft titled Statement of Standards for Forensic Services No. 1 (SSFS 1), Forensic Services: Definitions and Standards. If approved, the standard will be effective for new engagements accepted on or after May 1, 2019. 

Statement on Standards for Forensic Services No. 1

Who Created SSFS 1?

Why SSFS 1?

The purpose of the standard is to improve the consistency and quality of forensic services provided by CPAs. 

It appears the AICPA is being responsive to a growing demand for forensic services. A report created by IBISWorld (a market research firm) showed that employment in forensic accounting grew at an annualized rate of 18% from 2012 to 2017.  

Services Covered by SSFS 1

Prohibitions

SSFS 1 includes two prohibitions:

  • A legal opinion can not be provided regarding the occurrence of fraud, and
  • Forensic services can't be provided on a contingent fee basis

Why can't a member provide a legal opinion regarding fraud? The final determination of whether fraud exists is determined by the "trier-of-fact," according to paragraph .08 of the standard. 

Applicability

The standard would apply to all AICPA members, AICPA members firms, and employees of AICPA member firms.

Paragraph .03 of the standard states "the key consideration of this Statement's applicability is the purpose  (e.g., Litigation or Investigation) for which the member was engaged." The applicability is not based on a particular service provided such as data analysis. But if data analysis, for example, is performed in relation to litigation or investigative services, then the statement would apply.

Understanding with Client

The understanding with the client regarding the nature, scope, and limitations of the services can be written or oral

1 2 3 11
>