Category Archives for "Fraud"

Gift a bribe
Oct 30

When is a Gift a Bribe?

By Charles Hall | Auditing , Corruption

When is a gift a bribe?

Vendors often give sporting event tickets to clients. Or maybe they take them out for a nice dinner. Others might pay for a trip to Vegas.

So, at what point does a gift become a bribe? A friend of mine recently asked me this question. He said, "I give football tickets to clients. Is that a bribe?" I responded, "Maybe not, but if you give them season-long tickets, probably yes." (Such tickets cost several thousand dollars.) My friend followed with, "What if I go to every game with them?" My answer was, "That makes no difference." And doing so could be worse.

Cozy Vendor Relationships

20% of the 2022 fraud cases in the ACFE's recent study revealed "unusually close association with a vendor" as a red flag.

I've lost count of the fraud cases involving close vendor-client relationships. For example, the vendor and client might take annual family vacations together (think Aspen ski trip), with the former footing the bill.

I once spoke at a conference with vendors in the audience. One of them asked, "What can vendors give?" I responded, "I can't give you a list, but I would never give cash." He wanted a list of acceptable gifts. So, here's one: planes, trains, and automobiles. Yes, I'm trying to be funny, though I know of one vacation home gifted to a CEO. Why? So, a construction company could win a bid.

Some presents (like a vacation home) are obviously a bribe, but lower-cost ones are more difficult to define.

Gray Gift Decisions

You may wonder, "How can I know when a gift is okay?" There's no easy answer to this question. But consider these scenarios. A vendor offers one of the following to you:

-A sleeve of golf balls
-Takes you to play golf
-Pays for you to attend a PGA tournament at Pebble Beach and all expenses for a week-long trip (including your spouse and children)
-Pays your annual dues at your local country club (cost is $25,000 annually)

I'll take the sleeve of balls and play golf, but I'm uncomfortable with the other two.

Front Page Litmus Test

When there is a gray ethical decision, I always say, "Put it on the front page of the paper and see how you feel." If you're comfortable with it, you're probably okay. If not, then don't do it. Another step you might take is to ask an honest friend what they think, someone who has no vested interest. (If you're unwilling to ask your friend the question, your conscience is probably telling you, "This is not okay.")

Most vendors want to give gifts without crossing the line (they want to avoid going to jail). But the line is not usually defined, and naming particulars can be futile. After all, how many things could be on such a list? So, creating a list of proper (or improper) gifts may not work.

So, how do we know if a gift is a bribe?

Quid Pro Quo

In the context of bribery, the concept of "quid pro quo" plays a significant role. This Latin phrase means a direct exchange, where something is given with the expectation of receiving something in return. To determine if a gift can be considered a bribe, one key question is: Was the gift given with the expectation of receiving something in return?

It's easier to argue that a gift is not a bribe if it's small or of low value. In such cases, it may appear more like a token of appreciation than an inducement for a particular action. However, when a vendor gives an expensive gift, it becomes much more challenging to assert that there's no expectation of something in return. Expensive gifts raise red flags and make it more likely that the present is, in fact, a bribe.

So, your company should create a gift policy, defining what is acceptable and unacceptable.

Gift Policies

Gift policies should limit amounts to a specific dollar amount, such as $100 annually. As I said earlier, cash (at least, in my mind) is never an acceptable gift.

The gift policy might provide examples of proper activity with a vendor, such as playing golf together once or twice a year. It might also provide examples of improper actions, such as going on vacations with vendors.

You could list unacceptable gifts, but this is challenging. I would instead define inappropriate gifts in terms of dollars. Doing so is a blanket covering all types of activity.

Moreover, consider including actions the company might take if the employee violates the policy. You may want to say that violations could lead to the loss of their job. But, consult with your legal advisors about the written policy.

And remember to communicate the policy.

Communicate the Gift Policy

Give your written gift policy to new employees, and discuss the importance of transparency regarding vendor gifts. Additionally, remind existing employees of the policy. You might do so in annual training classes.

So, should companies require written disclosure of gifts received?

Gift Disclosure Forms

Companies might also require a signed disclosure form once a year where employees provide details of what they receive from vendors. (Here’s a sample disclosure form.) Additionally, provide such disclosures to your compliance department if you have one. If not, consider giving these to the company owner.

And who might you require to complete such a disclosure form? Anyone with the power to purchase, whether a person issuing a purchase order, a department head authorizing payments, or someone signing checks--anyone able to pay a vendor (or cause a vendor to be paid).

Again, consult with your legal advisors about your disclosure form and processes.

So, is bribery a significant threat to most businesses?

Bribery is Real

ACFE fraud surveys continue to reveal that bribery is one of the leading causes of fraud. 50% of the ACFE's 2022 fraud cases involved corruption (bribery is a form of corruption). Why is this so?

Because it's easy for employees to receive illegal payments (or gifts) without anyone's knowledge, but make no mistake: This activity adversely affects the employer. How? The vendors usually pass the bribe cost to the company through inflated prices or substandard goods. Strangely enough, the vendor often sees a bribe as a cost of doing business, albeit an illegal one.

earnings manipulation
Aug 22

Accounting Tricks Used to Inflate Earnings

By Charles Hall | Financial Statement Fraud

Companies can inflate earnings easily with accounting tricks such as cookie jar reserves.

This article explores how businesses inflate profits and sometimes decrease them, depending on the company’s desires. 

Today, I show you how fraudsters alter financial statements to magically transform a company’s appearance. Then, you will know how to detect these tricks.

earnings manipulation

Inflate Earnings

Companies can inflate earnings by:

  • Accruing fictitious income at year-end with journal entries
  • Recognizing sales for products that have not been shipped
  • Inflating sales to related parties
  • Recognizing revenue in the present year that occurs in the next year (leaving the books open too long)
  • Recognizing shipments to a re-seller that is not financially viable (knowing the products will be returned)
  • Accruing projected sales that have not occurred
  • Intentionally understating receivable allowances

Think about it: A company can significantly inflate earnings with just one journal entry at the end of the year. How easy is that?

You may be thinking, “But no one is stealing anything.” Yes, true, but the purpose of manipulating earnings might be to increase the company’s stock price. Once the price goes up, the company executives sell their stock and make their profits. Then, the company can, in the subsequent period, reverse the prior period’s inflated entries.

Inflate Earnings: Control Weakness

Such chicanery usually flows from unethical owners, board members, or management. The “tone at the top” is not favorable. These types of accounting tricks typically don’t happen in a vacuum. Usually, the top brass demands “higher profits,” often not dictating the particulars. Then, years later, they plead ignorance once the fraud is detected, saying their lieutenants worked alone.

Such possibilities are why the control environment, an entity-level control, is so important. Ethical leadership is foundational to a company’s health. Additionally, controls such as codes of conduct and conflict of interest statements matter. 

So, how can companies lessen the risk of earnings manipulation?

Inflate Earnings: Lower the Risk

Transparency is the remedy to someone inflating earnings. 

This sentence sounds simple, but transparency usually removes the temptation to inflate earnings. When fraudsters believe they’ll get caught, they usually will not act.

A robust internal audit department can put some fear in the heart of fraudsters and provide additional transparency. The board should hire internal auditors who report directly to them. Moreover, the company’s internal auditors should know that the board has their back. 

But what if board members don’t desire transparency such as the WorldCom fraud? Consider removing them, if possible. 

Now, let’s consider whether a company might desire decreased earnings. 

Deflate Earnings (Cookie Jar Reserves)

Though much less likely, some businesses fraudulently decrease their earnings. Why? The company may want to save current year earnings for future periods, especially if highly profitable in the current period.

For example, what if a company bases bonuses on profits and has high current-year earnings? Then management might defer some of the profits to the following period (to increase the possibility of bonuses in the next year).

Deferring earnings is called a cookie jar reserve.

For example, if a company’s allowance for uncollectible receivables is acceptable within a range (say 1% to 2% of receivables), it might use the higher percent in the current year. The higher reserve decreases current-year earnings (the allowance is credited, and bad debt expense is debited, increasing expenses and decreasing net income). Then, the following year, the company might use 1% to increase earnings (even though 1.75% might be more appropriate).

Such actions are called smoothing.

Inflate Earnings Summary

So, as an auditor, know whether your audit client desires higher or lower profits–or whether they want the numbers to fall honestly

And be aware of fraud incentives such as management bonuses. Then, audit accordingly. 

How to Audit Journal Entries

If you want to know how to audit for potential fraudulent journal entries used to inflate earnings, see Get a Grip on Journal Entry Testing.

secret bank accounts
Feb 27

Secret Bank Accounts Cause Fraud Losses

By Charles Hall | Asset Misappropriation

Secret bank accounts lead to havoc. 

Substantial losses can occur when unauthorized bank accounts are opened by company personnel. 

secret bank accounts


Secret Bank Account Leads to $53 in Theft

A finance director opened an unknown bank account in the name of a city, stealing over $53 million

Four things happened:

1. The fraudster opened an unauthorized bank account in the name of the entity (and signed the bank’s signature card).

2. That person did not set up the secret bank account in the general ledger.

3. The fraudster transferred money from a legitimate bank account to a hidden one. (The thief provided fake invoices to support the payments.)

4. The fraudster withdrew money from the hidden account.

Covering Up the Theft

Here’s the journal entry when step 3 occurred:

Debit - Expense    $200,000

Credit - Cash                               $200,000

The payments from the secret bank account (step 4.) are not recorded (since that bank account is not on the entity’s general ledger). 

Weak Segregation of Duties

Such a scheme is possible when the fraudster can:

1. Sign checks for the real bank account (or by other means, transfer money from the legitimate bank account to the unauthorized bank account)

2. Reconciles the real bank account (and no one else sees the cleared checks)

Another Secret Bank Account Fraud

Another twist on this type of fraud:

1. A hospital CFO set up a secret bank account for State Medicaid payments. (CFO had signature authority for the bank account.)

2. The hospital CFO did not set up the unauthorized bank account in the general ledger.

3. The State made electronic payments to the secret bank account.

4. CFO wrote checks to himself (for over $10 million).

Actions to Take: Ask your banks for a list of all bank accounts; compare that list to the bank accounts on your general ledger. Additionally, you should contact other banks in your area, those with which your company does not do business. Finally, you should contact all payors (e.g., Medicaid) and confirm the bank accounts to which they make payments; see if those bank accounts are on the general ledger

Another Bank Account Fraud

In another fraud, a company made frequent payments to vendor bank accounts.

The company’s CFO set up bank accounts in the name of actual vendors and made payments to those accounts

The CFO withdrew funds from the secret vendor bank accounts

When the CFO was about to be caught, he fled and hid on the Appalachian Trail for over five years. 

Action to Take: Confirm bank account numbers with vendors. 

Thefts of cash
Nov 14

Thefts of Cash From Local Governments

By Charles Hall | Asset Misappropriation , Local Governments

Thefts of cash from local governments is common.

How many times have you seen a local newspaper article like the following?

Johnson County’s longtime court clerk admitted today to stealing $120,000 of court funds from 2019 through 2021. Becky Cook, 62, faces up to 10 years in federal prison after pleading guilty to federal tax evasion and theft.

Thefts of cash

Thefts of Cash from Local Governments

Usually, the causes of such cash thefts are (1) decentralized collection points and (2) a lack of accounting controls.

1. Decentralized Collection Points

First, consider that governments commonly have several collection points.

Examples include:

  • Recreation department
  • Police department
  • Development authority
  • Water and sewer department
  • Airport authority
  • Landfill
  • Building and code enforcement
  • Courts

Many governments have over a dozen receipting locations. With cash flowing in so many places, it’s no wonder that thefts of cash are common. Each cash receipt area may have different accounting procedures – some with physical receipt books, some with computerized receipting, and some with no receipting system at all. 

A more centralized receipting system reduces the possibility of theft, but many governments may not be able to centralize the receipting function. Why? Here are three reasons:

  1. Elected officials, such as tax commissioners, often determine how monies are collected without input from the final receiving government (e.g., county commissioners or school). Consequently, each elected official may decide to use a different receipting system.
  2. Customer convenience (e.g., recreation centers and senior citizen centers) may drive the receipting location decision.
  3. Other locations, such as landfills, are purposely placed on the outer boundary of the government’s geographic area.

What’s the result? Widely differing receipting systems. Since these numerous receipting locations have varying controls, the risk of theft is higher. 

Cash theft

2. Lack of Accounting Controls

Second, consider that many governments lack sufficient accounting controls for cash.

It’s more likely cash will be stolen if cash collections are not receipted. If the transaction is recorded, then the receipt record must be altered, destroyed or hidden to cover up the theft. That’s why it’s critical to capture the transaction as early as possible. Doing so makes theft more difficult.

Additional steps that will enhance your cash controls include the following:

  1. If possible, provide the government’s administrative office (e.g., county commissioners’ finance department) with electronic viewing rights for the decentralized receipting locations (e.g., landfill).
  2. Require the transfer of money on a daily basis; the government’s administrative office (e.g., county commissioners’ finance department) should provide a receipt to each transferring location (e.g., landfill).
  3. Limit the number of bank accounts.
  4. Deposit funds daily.
  5. Periodically perform surprise audits of outlying receipting areas.
  6. Use a centralized receipting location (and eliminate the decentralized cash collection points).
  7. Persons creating deposit slips and handling cash should not key those receipts into the accounting system.
  8. The person reconciling the bank statements should not also handle cash collections.
  9. Don’t allow the person billing customers to handle cash collections.

If segregation of duties is not possible (such as 7., 8. and 9. above), consider having a second person review the activity (either an employee of the government or maybe an outside consultant).

Final Thoughts About Fraud Prevention for Cash

When possible, use an experienced fraud prevention specialist to review your cash collection procedures. Can’t afford to? Think again. The average incidence of governmental fraud results in a loss of approximately $100,000.

Finally, make sure your government has sufficient fidelity bonding. If all else fails, you can recover your losses through insurance.

For more fraud prevention guidance, check out my book on Amazon: The Little Book of Local Government Fraud Prevention. Additionally, here’s a post telling you how to audit cash.

Segregation of Duties
Sep 30

Segregation of Duties: How to Overcome

By Charles Hall | Auditing , Fraud

Segregation of duties is key to reducing fraud. But smaller entities may not be able to do so. Today, I tell you how overcome this problem, regardless of the entity’s size.

Segregation of duties

The Environment of Fraud

Darkness is the environment of wrongdoing.

Why?

No one sees us. Or so we think.

Fraud occurs in darkness.

In J.R.R. Tolkien’s Hobbit stories, Sméagol, a young man murders another to possess a golden ring, beautiful in appearance but destructive in nature. The possession of the ring transforms Sméagol into a hideous creature–Gollum.

And what does this teach us? That which is alluring in the beginning can be destructive in the end.

Fraud opportunities have those same properties: they are alluring and harmful. And, yes, darkness is the environment where fraud happens.

What’s the solution? Transparency. It protects businesses, governments, and nonprofits.

But while we desire open and understandable processes, our businesses often have just a few employees that perform the accounting duties. And, many times, no one else understands how the system works.

It is desirable to divide accounting duties among various employees, so no one person controls the whole process. This division of responsibility creates transparency. How? By providing multiple eyes to see what’s going on.

But this segregation of duties is not always possible.

Lacking Segregation of Duties

Some people says here are three key duties that must always be separated under a good system of internal controls: (1) custody of assets, (2) record keeping or bookkeeping, and (3) authorization. I add a fourth: reconciliation. The normal recommendation for lack of segregation of duties is to separate these four accounting duties to different personnel. But many organizations are unable to do so, usually due to a limited number of employees.

Some small organizations believe they can’t overcome this problem. But is this true? I don’t think so.

Here’s two easy steps to create greater transparency and safety when the separation of accounting duties is not possible.

1. Bank Account Transparency

First, consider this simple control: Provide all bank statements to someone other than the bookkeeper. Allow this second person to receive the bank statements before the bookkeeper. While no silver bullet, it has power.

Persons who might receive the bank statements first (before the bookkeeper) include the following:

  • A nonprofit board member
  • The mayor of a small city
  • The owner of a small business
  • The library director
  • A church leader

What is the receiver of the bank statements to do? Merely open the bank statements and review the contents for appropriateness (mainly cleared checks).

In many small entities, accounting processes are a mystery to board members or owners. Why? Only one person (the bookkeeper) understands the disbursement process, the recording of journal entries, billing and collections, and payroll.

Relying on a trusted bookkeeper is not a good thing. So how can you shine the light?

Allow a second person to see the bank statements.

Segregation of duties

Fraud decreases when the bookkeeper knows someone is watching. Suppose the bookkeeper desires to write a check to himself but realizes that a board member will see the cleared check. Is this a deterrent? You bet.

Don’t want to send the bank statements to a second person? Request that the bank provide read-only online access to the second person. And let the bookkeeper know.

Even the appearance of transparency creates (at least some) safety. Suppose the second person reviewer opens the bank statements (before providing them to the bookkeeper) and does nothing else. The perception of a review enhances safety. I am not recommending that the review not be performed. But if the bookkeeper even thinks someone is watching, fraud will lessen.

When you audit cash, see if these types of controls are in place.

Now, let’s look at the second step to overcome a lack of segregation of duties. Surprise audits.

2. Surprise Audits

Another way to create small-entity transparency is to perform surprise audits. These reviews are not opinion audits (such as those issued by CPAs). They involve random inspections of various areas such as viewing all checks clearing the May bank statement. Such a review can be contracted out to a CPA. Or they can be performed by someone in the company. For example, a board member.

Additionally, adopt a written policy stating that the surprise inspections will occur once or twice a year.

The policy could be as simple as:

Twice a year a board member (or designee other than the bookkeeper) will inspect the accounting system and related documents. The scope and details of the inspection will be at the judgment of the board member (or designee). An inspection report will be provided to the board.

Why word the policy this way? You want to make the system general enough that the bookkeeper has no idea what will be examined but distinct enough that a regular review occurs. 

Segregation of duties

Surprise Audit Ideas

Here are some surprise audit ideas:

  • Inspect all cleared checks that clear a particular month for appropriate payees and signatures and endorsements
  • Agree all receipts to the deposit slip for three different time periods
  • Review all journal entries made in a two week period and request an explanation for each
  • Inspect two bank reconciliations for appropriateness
  • Review one monthly budget to actual report (look for unusual variances)
  • Request a report of all new vendors added in the last six months and review for appropriateness

The reviewer may not perform all of the procedures and can perform just one. What is done is not as important as the fact that something is done. In other words, the primary purpose of the surprise audit is to make the bookkeeper think twice about whether he or she can steal and not get caught.

I will say it again. Having multiple people involved reduces the threat of fraud.

Segregation of Duties Summary

In summary, the beauty of these two procedures (bank account transparency and surprise audits) is they are straightforward and cheap to implement. Even so, they are powerful. So shine the light.

What other procedures do you recommend?

For more information about preventing fraud, check out my book: The Little Book of Local Government Fraud Prevention.

1 2 3 10
>