Category Archives for "Fraud"

Steal Like a Boss
Jun 18

Steal Like a Boss (and Feel Good About It)

By Charles Hall | Fraud

Can you steal like a boss? White collar crime takes special skills and thoughts. Do you have what it takes? Here’s my tongue-in-cheek look at how I would steal.

Steal Like a Boss

 

Six Steps to Steal Like a Boss

To steal, I need to:

  1. Be Believable
  2. Have a Cause
  3. Calm My Conscience
  4. Develop My Plan
  5. Execute My Plan
  6. If Caught, Settle Out of Court

1. Be Believable

Look trustworthy. The more age, experience, and education I have, the better. The longer I work for the organization, the more I am trusted.

And while I’m at it, I’ll do what I can to move to positions of higher authority which will provide me with greater opportunities. Being in authority enables me to steal like a boss.

If possible, I will gain the ability to authorize or initiate purchases. Kickbacks (paid to those who authorize payments) are difficult to detect, even by professional fraud examiners, and the dollars can be significant. Like taking candy from a baby.

But before I steal, I need motivation. 

2. Have a Cause

Any financial pressure will do–a gambling or drug habit, an affair, medical bills, or maybe I just want to appear more successful than I am. If I don’t have a need, I will create one. I am my own cause.

My unshareable need (cause) must not be known by others lest they suspect my need for cash. 

One problem I must take care of before I steal is my conscience.

3. Calm My Conscience

I hate when that little voice starts talking: “Charles, you can’t do this. You’ll embarrass your wife.” It takes skill and fortitude, but I must calm my conscience. All the more reason to have a cause (see point 2.). The nobler I can make my reasons, the better. Something like, “I’ve earned this. The company should realize my greatness and provide me with appropriate compensation. I have three kids in college, and they need my support. You know I want to be a good provider for my family.”

I may need to start stealing borrowing or compensating myself in small amounts and then build up. Such wise reasoning will make it easier to calm my conscience.

Thinking correctly is important. When that little voice speaks, I will rephrase the words. I know I can. After all, I’ve done so for years.

Now I need to develop a plan.

4. Develop My Plan

I will pay attention to control weaknesses.

Our auditors have told us for years that we lack appropriate segregation of duties in regard to purchasing. Opportunity awaits.

If I am going to steal be compensated appropriately, I need to make it worth my while. Be bold. Think big. I have noticed that one of our key vendors has been very kind to me, a free week-long trip to Vegas for the last three years.

A key contract renewal is coming up. The vendor should be more generous to me. Besides, last year the CFO received a nicer trip than I did (two weeks in Austria). And bribes gifts don’t hurt anyone; the vendor pays for them (though I have noticed the vendor’s pricing seems to be increasing…actually, exploding).

It’s game time. I need to “just do it.” But how?

5. Execute My Plan

Take I must compensate myself in a steady under-the-radar kind of way. Most folks get greedy. I must be diligent to work in a measured way, not taking receiving noticeable amounts. Greed is my enemy. Excess might land me on the front page of the paper.

Also, I think I can steal borrow money from the receipts cycle since I am in charge of daily deposits and all related accounting duties. This might cost me my vacation though. I need to be on the job to continue to hide perform my duties. But if the funds taken compensation is enough, it might be worth it.

But what if my actions become known to others?

6. If I Get Caught, Settle Out of Court

If I am discovered someone notices that I have borrowed funds, then I may have to beg for forgiveness and promise to pay it back. And, of course, I need to make sure the company understands my concern for its reputation. News like this does not support the company’s mission statement: Honesty and Compassion for Those We Serve.

I don’t need a criminal record, especially if I need to steal borrow funds from my next employer. It is comforting to know that in many cases companies don’t prosecute for fear of public embarrassment. 

More Fraud Information

You’ll find more information about fraud prevention in my book: The Little Book of Local Government Fraud Prevention.

See my series of fraud articles at White Collar Crime is Knocking at Your Door.

Key fraud findings
Jun 11

2018 ACFE Fraud Report to the Nations (Key Findings)

By Charles Hall | Fraud

Here are key findings from the 2018 ACFE Fraud Report. The survey is titled the 2018 Report to the Nations.

Key fraud findings

Every two years the Association of Certified Fraud Examiners (ACFE) issues a fraud report based on hundreds of actual fraud cases. The report provides great insights into how fraud occurs (the method), the persons stealing (the fraudster), and the damage (the amount of losses). 

If you are an auditor (internal or external), then you need to be familiar with the findings in this report. Understanding how theft occurs will enable you to detect and prevent it in the future.

Here are key points from the report.

2018 ACFE Fraud Report Findings

  • Organizations lose 5% of their revenues to fraud
  • check
    The median duration of a fraud was 16 months
  • The median loss per case was $130,000
  • The median loss per case when owners or executives were involved was $850,000
  • check
    Businesses with a 100 or fewer employees suffered a median loss per case of $200,000
  • check
    Businesses with more than 100 employees suffered a median loss per case of $104,000
  • check
    In 40% of the cases, tips were the initial detection method (53% of the tips came from employees of the organization; 32% of the tips came from vendors, customers, and competitors)
  • check
    Fraud losses were 50% smaller for organizations with fraud hotlines
  • check
    Only 4% of the fraudsters had a prior fraud conviction
  • check
    Occupational fraud was committed in the following categories: (1) asset misappropriation (89%), (2) corruption (38%), and (3) financial statement fraud (10%) -- in some cases, the fraudster used multiple schemes
  • check
    The median losses were (1) $114,ooo for asset misappropriation, (2) $250,000 for corruption, and (3) $800,000 for financial statement fraud
  • check
    70% of corruption cases were committed by someone in a position of authority
  • check
    82% of corruption cases were committed by males
  • check
    50% of corruption cases were detected by a tip
  • check
    Internal control weaknesses led to nearly half of the fraud
  • check
    Small businesses typically have fewer anti-fraud controls than larger organizations, leaving them more vulnerable
  • check
    Data monitoring/analysis and surprise audits were correlated with the largest reductions in fraud losses and duration (yet only 37% of victim organizations implemented these controls)
  • check
    A majority of the victim organizations recovered nothing
  • check
    Fraudsters that were with the company for more than five years stole an average of $200,000
  • check
    Fraudsters that were with a company for less than five years stole an average of $100,000
  • check
    The industries with the highest levels of fraud were (1) Banking and Financial, (2) Manufacturing, (3) Governments, and (4) Health Care
  • check
    The departments with the highest level of fraud were (1) Accounting (14%), (2) Operations (14%), (3) Sales (12%), and (4) Executive/upper management (11%)
  • check
    69% of frauds were commented by males with a median loss of $156,000 (the median loss from female thefts was $89,000)
  • check
    61% of the fraud cases involved someone with a university degree or postgraduate degree
  • check
    When one fraudster was involved, the median loss was $74,000
  • check
    When two fraudsters were involved, the median loss was $150,000
  • check
    When three or more fraudsters were involved, the median loss was $339,000
  • check
    Living beyond their means was the primary behavioral red flag (41% of cases) 
89%
of fraud from asset misappropriations

Get Your Free Copy of ACFE Report

Join the ACFE 

I have been a member of the Association of Certified Fraud Examiners since 2004. Why? Because I want to be a better auditor. And I have found that the ACFE has given me a much greater understanding of how fraud happens and how to prevent it. The organization has made me a much better auditor. Consider joining this organization. (You can join without becoming a Certified Fraud Examiner (CFE), though I recommend doing that as well. Learn more about becoming a CFE.) You'll be glad you did.

CPA Hall Talk Fraud Articles

For more information about fraud, see White Collar Crime is Knocking at Your Door. There you will see a list of fraud-related articles that I have written.

Fraud Prevention Book

Also check out my book on Amazon: The Little Book of Local Government Fraud Prevention. While the book focuses on governments, there is plenty of information relevant to all organizations.

Insert Symbol or Content Template
May 15

Fraudulent Payments Without Being on the Signature Card

By Charles Hall | Asset Misappropriation

Today I show you how bookkeepers can make fraudulent payments without being on the signature card.

Auditors often focus on authorized check signers when considering who can fraudulently disburse funds. But might it be possible to make payments without being on the bank’s signature card? The answer is yes. 

fraudulent payments without being on the signature card

Courtesy of a DollarPhoto.com

Fraudulent Payments without Being on the Signature Card

Here are a few ways to disburse funds without being on a signature card:

  1. Forgery
  2. Unsigned checks
  3. Wire transfer 
  4. Electronic bill pay 
  5. Signing checks with accounting software 
  6. Use of a signature stamp

1. Forgery

Since banks don’t usually inspect checks as they clear, a forged check will normally clear the bank.

2. Unsigned Checks

Again, since banks don’t normally inspect checks as they are processed, an unsigned check can clear the bank. (I saw one just last month.)

3. Wire Transfer

Many times–at the client’s direction–banks wire money with just one person’s approval. One nonprofit administrator stole $6.9 million in less than an hour because of this control weakness. 

I have also seen small-town business bookkeepers drop by a local bank and ask them to wire money. Banks, desiring to help their client, sometimes do.

Businesses should use the controls offered by banks. Otherwise, they might be on the hook for fraudulent wires.

4. Electronic Bill Pay

Anyone with the right passwords can make electronic bill payments to themselves or anyone else.

5. Signing Checks with Accounting Software

This one scares me the most.

Many businesses, in an effort to expedite the disbursement process, have authorized signatures embedded in the payables software, enabling the payables clerk to make a payment to anyone. If the payables clerk has access to check stock (and they usually do), watch out. Even if a second person is normally involved in processing checks with automatic signatures, how easy is it for the clerk to go by in the evenings and make fraudulent payments? This danger increases if the payables clerk also reconciles the bank account. Why? No second person is reviewing the cleared checks.

6. Use of a Signature Stamp

I cringe every time I see a signature stamp. Why not just ask the authorized signer to just sign plenty of blank checks? (Yes, I am being facetious.)

Just last year I worked on a case where the bookkeeper wrote manual checks to herself but entered payments in the general ledger to legitimate vendors for the same amounts. Why? To mask the payments.

Recipe for Disbursement Fraud

Give anyone (1) the ability to sign checks, (2) access to blank check stock, and (3) the ability to make the bookkeeping entry, and you have the recipe for theft–particularly if that same person reconciles the bank statement or if the person reconciling the bank statement does not examine the payee on cleared checks. If you can’t segregate duties (there are too few employees), here’s how to lessen segregation of duties problems in two easy steps

How to Audit Accounts Payable

Click here for detailed information about how to audit accounts payable and expenses.

corporate account takeover
May 02

Corporate Account Takeover (the Importance of Using Bank Security Procedures)

By Charles Hall | Accounting and Auditing , Fraud , Local Governments

Some thieves gain control of company bank accounts using a corporate account takeover scheme. And with that control, they steal money. Below you’ll see how this type of theft occurs.

On March 17, 2010, cyber thieves hacked into the computers of Choice Escrow and stole the login ID and password to their online banking account. With that information, the thieves were able to submit a $440,000 wire transfer from Choice Escrow’s bank account to an account in Cyprus.

Corporate account takeover

Courtesy of istockphoto.com

When Choice Escrow and the bank were unable to resolve their differences, Choice Escrow filed suit. The back-and-forth legal battle lasted until March 18, 2013, when a court ruled the loss was the responsibility of Choice Escrow. A major determining factor in the decision was Choice Escrow’s refusal of the dual control security mechanism offered by Bancorpsouth Bank. According to Article 4A of the Uniform Commercial Code, if an institution offers a reasonable security procedure to a commercial customer and that customer turns down that security procedure, then the customer is liable in the event of a loss.

Bancorpsouth Bank offered dual control to Choice Escrow twice. Not only did the bank offer this security feature to Choice Escrow, but Bancorpsouth also documented the customer’s refusal to use the security feature. The documentation of the customer’s refusal of the security features was a determining factor in this case. From a bank’s perspective, this case underscores the importance of a written agreement with commercial online banking customers and, more importantly, the importance of documenting the security procedures offered to those customers. From a user’s perspective, the case highlights the need to use the security procedures offered.

Corporate Account Takeover

Corporate account takeover is a term which has become more prevalent over recent years. Generally speaking, corporate account takeover occurs when an unauthorized person or entity gains access or control over another entity’s finances or bank accounts. This usually results in the theft of money in the form of fraudulent wire transfers or ACH transactions.

These fraud schemes first began to be noticed in 2005 but have since become much more widespread and frequent. Recent statistics have revealed that the fraudsters carrying out these schemes are actually becoming less successful in getting money out of a bank account. This reduction is due to both increased efforts on the part of the financial institutions, as well as better education of the customer to help them avoid becoming a target.

Usually, the financial institutions themselves are not the targets of the attack but rather the corporate customers of the institution. Using malware, social engineering, and various other methods, the fraudster obtains information about the customer’s online banking credentials. Once the online banking credentials have been obtained, a request for wire or ACH transfers is placed by the thief. Any business may be targeted for these types of attacks, but those at risk mostly are small businesses, governments, and nonprofits who have limited resources to protect against such threats.

receipt fraud test for auditors
Apr 03

Three Powerful Receipt-Fraud Tests (for Auditors)

By Charles Hall | Asset Misappropriation

Today I provide three receipt-fraud tests for auditors. 

The audit standards require that we introduce elements of unpredictability. Additionally, it’s wise to perform fraud tests. But I find that auditors struggle with brainstorming (required by AU-C 240, Consideration of Fraud in a Financial Statement Audit) and developing fraud tests. That’s why I wrote Five Disbursement Fraud TestsIt’s also why I am providing this post.

So, let’s jump in. Here are three receipt-fraud tests.

receipt-fraud tests for auditors

Three Receipt-Fraud Tests

1. Test adjustments made to receivables

Why test?

Receipt clerks sometimes steal collected monies and write off (or write down) the related receivable. Why does the clerk adjust the receivable? So the customer doesn’t receive a second bill for the funds stolen. 

How to test?

Obtain a download of receivable adjustments for a period (e.g., two weeks) and see if they were duly authorized. Review the activity with someone outside the receivables area (e.g., CFO) who is familiar with procedures but who has no access to cash collections.

If there are multiple persons with the ability to adjust receivable accounts (quite common in hospitals), compare weekly or monthly adjustments made by each employee.

Agree receipts with bank deposits.

2. Confirm rebate (or similar type) checks

Why test?

When rebate checks are not sent to a central location (e.g., receipting department), the risk of theft increases. Rebate checks are often not recorded as a receivable, so the company may not be aware of the amounts to be received. Stealing unaccrued receivable checks is easy.

How to test?

Determine which vendors provide rebate checks (or similar non-sales payments). Send confirmations to the vendors and compare the confirmed amounts with activity in the general ledger.

Theft of rebate checks is more common in larger organizations (e.g., hospitals) where checks are sometimes received by various executives. The executive receives a check in the mail and keeps it for a while (in his desk drawer – in case someone asks for it). Once he sees that no one is paying attention, he steals and converts the check to cash.

3. Search for off-the-book thefts of receipts

Why test?

The fraudster may bill for services through the company accounting system or an alternative set of accounting records and personally collect the payments.

How to test?

Compare revenues with prior years and investigate significant variances. Alternatively, start with source documents and walk a sample of transactions to revenue recognition, billing, and collection.

Here are a few examples of actual off-the-book thefts:

Police Chief Steals Cash

An auditor detected a decrease in police-fine revenue in a small city while performing audit planning analytics. Upon digging deeper, he discovered the police chief had two receipt books, one for checks that were appropriately deposited and a second for cash going into his pocket. Sometimes, even Andy Griffith steals.

Hospital CFO Steals Cash

hospital CFO, while performing reorganization procedures, set up a new bank account specifically for deposit of electronic Medicaid remittances. He established himself as the authorized bank account check-signer.

The CFO never set up the bank account in the general ledger. As the Medicaid money was electronically deposited, the CFO transferred the funds to himself.  What was the money used for? A beautiful home on Mobile Bay, new cars, and gambling trips.

Another Receipt Fraud to Consider

Sometimes it’s not the front-desk receipt clerk that steals. Surprisingly, your receipt supervisor can be on the take. So, consider that receipt theft takes place up-front and in the back-office.

governmental internal controls
Apr 02

Useful Governmental Internal Controls that You Need Know

By Charles Hall | Fraud , Local Governments

Below I provide useful governmental internal controls that you need to know.

Why am I providing this list of useful controls? Most small governments struggle with establishing sound internal controls. So, the list provides a foundation for preventing theft in your government. While not a comprehensive list, I thought I would share it.

Many of the internal controls listed below are also pertinent to nonprofits and small businesses as well. You will find this same checklist in The Little Book of Local Government Fraud Prevention (available on Amazon) which provides many more fraud prevention ideas.

I am providing general fraud prevention controls and then transaction-level controls for:

  • Cash receipts and billing
  • Cash payments and purchasing
  • Payroll

governmental internal controls

Useful Governmental Internal Controls

General Internal Controls

  1. Have bank statements mailed directly to someone outside of accounting; recipient should peruse bank statement activity before providing it to accounting
  2. Perform surprise audits (use outside CPA if possible)
  3. Elected officials and management should review the monthly budget to actual reports (and other pertinent financial reports)
  4. Map internal control processes by transaction cycle (preferably done by a seasoned CPA); once complete, provide the map to all employees involved in the cycle; when control weaknesses exist, institute additional controls (see 11. below)
  5. Use a whistleblower program (preferably use an outside whistleblower company)
  6. Reconcile bank statements monthly (have a second person review and initial the reconciliation)
  7. Purchase fidelity bond coverage (based on risk exposure)
  8. Periodically request from the government’s bank a list of all bank accounts in the name of the government or with the government’s federal tax I.D. number; compare the list to bank accounts set up in the general ledger
  9. Secure computer access physically (e.g., locked doors) and electronically (e.g., passwords)
  10. Do not allow the electronic transmission (e.g., email) of sensitive data (e.g., social security numbers) without the use of protected transmission technology (e.g. Sharefile); create policy and train staff
  11. Where possible, segregate who (1) authorizes transactions, (2) records transactions, (3) reconciles records, and (4) has custody of assets; when segregation of duties is not possible, require documented second-person review and/or surprise audits

Transaction Level Controls

Cash Receipts and Billing Controls

  1. Use a centralized receipting location (when possible)
  2. Assign each cash drawer to a separate person; require daily reconciliation to receipts; require second person review
  3. Deposit cash timely (preferably daily); require the composition of cash and checks to be listed on each deposit ticket (to help prevent check-for-cash substitution)
  4. Immediately issue a receipt for each payment received; a duplicate of the receipt or electronic record of the receipt is to be retained by the government
  5. A supervisor should review receipting-personnel adjustments made to accounts receivable
  6. Do not allow the cashing of personal checks (e.g., from cash drawers)

Cash Payments and Purchasing Controls

  1. Guard all check stock (as though it were cash)
  2. Do not allow hand-drawn checks; only issue checks through the computerized system; if hand-drawn checks are issued, have a second person create and post the related journal entry
  3. Do not allow the signing of blank checks
  4. Limit check signing authorization to as few people as possible
  5. Require two employees to effectuate each wire transfer
  6. Persons who authorize wire transfers should not make related accounting entries
  7. Require a documented bidding process for larger purchases (and sealed bids for significant purchases or contracts); specify procedures for evaluating and awarding contracts.
  8. Limit the number of credit cards and the chargeable maximum amount on each card
  9. Allow only one person to use an individual credit card; require receipts for all purchases
  10. Require a street address and social security or tax I.D. numbers for each vendor added to accounts payable vendor list (P.O. box numbers without a street address should not be accepted)
  11. Signed vendor checks should not be returned to those who authorized the payment; mail checks directly to vendors
  12. Compare payroll addresses with vendor addresses for potential fictitious vendors (usually done with electronic audit tools such as IDEA or ACL)

Payroll Controls

  1. Provide a departmental overtime budget/expense report to governing body or relevant committee
  2. Use direct deposit for payroll checks
  3. Payroll rates keyed into the payroll system must be supported by proper authorization in the employee personnel file
  4. Immediately remove terminated employees from the payroll system
  5. Use biometric time clocks to eliminate buddy-punching
  6. Check for duplicate direct-deposit bank account numbers
  7. A department head should provide written authorization for overtime prior to payment

Your Recommendations

What additional controls do you recommend? Share your thoughts below.

College aid theft
Feb 05

College Aid Official Funnels Student Funds of $4.1 Million to Herself

By Charles Hall | Asset Misappropriation

Theft from colleges happens more than we think. After all, aren’t these guardians tasked with looking after our children? Even in places where we expect unselfishness, sometimes there’s a bad apple. Today, we review a fraud involving a college aid official. 

The Theft

When I was a student at the University of Georgia, I needed every dollar I could find. I ate my share of cheap hamburgers and peanut butter sandwiches. In the summers, I scouted peanuts and cotton to make ends meet. So when I see a college aid official stealing student money, I wince.

theft from colleges

Picture is courtesy of AdobeStock.com

A New York college aid administrator used a simple scheme to steal $4.1 million of student aid funds. How? She made out financial aid checks to nonexistent students and then endorsed them over to the name of an alias. The administrator set up a bank account in the name of the alias and deposited the checks into the bank account, allowing her to convert the checks to cash.

How long did the theft go on? Over ten years. The fraudster stole most of the money in the last two years of the scheme. As is often the case, the thief became bolder over time. 

How many fraudulent checks did she issue? Over 1,000, each to a different student.

How was the fraudster caught? A change in the accounting system required cross-referencing of financial records.

The Weakness

No one was comparing the checks written to student admission files. Legitimate students have admission and other information that can be used to verify the students’ existence.

The Fix

A person other than the financial aid administrator should compare the student name on the check to student files to verify the existence of the student. If this control can’t be performed for each disbursement, it should be performed on a sample basis, and the persons creating and signing the checks should know their work is being monitored.

This test could be performed by someone in the financial aid office or by an external professional such as a CPA or a Certified Fraud Examiner.

The college can request from the bank the endorsement side of the cleared checks. If the back side of the checks are obtained, then the endorsements can be examined for appropriateness.

Banks Not Providing Cleared Checks

In an effort to save money, some banks don’t provide cleared checks to their clients. And very few banks (if any) provide the copies of the back side of checks. From a fraud prevention perspective, this is not good. Why? Because checks and endorsements can’t be inspected for potentially fraudulent activity. At least periodically, request some endorsements and test those on a sample basis. (The bank may require you to pay for these copies.) Additionally, as I said in another post, someone should be comparing cleared check payees to the general ledger–if not for every check, then at least on a sample basis.

Free Fraud Course

Click here for free ten-day fraud course.

 

Thrift store theft
Jan 30

Nonprofit Embezzlers Sell Donated Goods for Millions

By Charles Hall | Asset Misappropriation

Sometimes nonprofit embezzlers sell donated goods. Today, we examine how nonprofit employees can steal assets rather than cash and how you can prevent such thefts.

The Theft

Several workers at a California Goodwill pled guilty to taking over $15 million. Their scheme involved the selling of donated goods by the barrelful to private dealers who sometimes wheeled tractor trailers up to the rear of Goodwill stores.

nonprofit embezzlers sale donated goods

Picture is courtesy of AdobeStock.com

The dealers sold most of the goods in Mexico. The thefts–involving seven primary culprits, four of whom were sisters–occurred over a twenty-year period that started in the mid-70s.

So how were the fraudsters caught?

One culprit went through a bitter divorce, and the husband disclosed the scheme to authorities.

The Weakness

The article describing this case did not provide details of the store operations, but it appears–at the time–inventories of donated goods were not properly documented. When assets, of whatever form, are not inventoried, they are more likely to disappear.

The Fix

Account for all inventories. Also, clothing that is sold in bulk should be documented. So each time a truck backs up to a store, the activity should be recorded—who received the goods, the sales price, who approved the sale, why the goods were sold in bulk. The store should have a policy that cash is not to be received for such sales.

Consider adding a whistleblower hotline. Nonprofit employees sometimes see signs of theft. Make it easy for them to report fraudulent activity. Doing so creates the camera effect

Also, install a security camera that records all loading dock activity.

Note–This case was adjudicated in the 1990s, and Goodwill has, since that time, made significant improvements to its controls.

Library fraud
Jan 26

Do (Some) Librarians Steal? Yes (and With Vigor)

By Charles Hall | Asset Misappropriation

Do some librarians steal? While most don’t, some do. Today we see that some guardians of knowledge take that which belongs to the general public.

I remember my childhood librarian, Ms. Adams. She was a lady of rectitude, dignity, and uprightness. Never one to harm or take from her patrons—or the library. Theft by her? Unthinkable. The memory of her colors, in a positive way, my view these public servants. But not every librarian is Ms. Adams.

Recently I spoke to about 50 librarians about fraud prevention and was shocked by their stories of thefts from libraries. It appears library fraud is alive and well in the United States. No place is immune. The following is a story of one such librarian, Bob Rice Jr.

librarians steal

This picture is courtesy of AdobeStock.com

The Theft

Bob Rice Jr. served as the director of the Revere Public Library for twenty-seven years before he pled guilty to twenty counts of fraud and embezzlement. So, how did he steal?

Mr. Rice apparently could approve purchases by issuing requisitions and purchase orders. The library paperwork would reflect the acquisition of dictionaries, for example, but the real purchase might be a Rolex watch.

Rice also purchased items that appeared to be for the library such as computer software, but he would–after receiving the goods–sell them on eBay. Then, with the cash, he would purchase items for personal use.

Lastly, in some instances, he requested reimbursements for items he never received. Those reimbursement checks were cashed and placed in his bank account.

How Rice Used the Funds

And how was the money used?

Mr. Rice purchased personal items including:

  • A model of the Star Trek’s Starship Enterprise
  • A replica Tommy Sub-machine gun
  • Robo-Pets
  • A vacuum
  • A Leica camera
  • Star Wars collectibles
  • Rolex watch
  • An ice cream making machine
  • An elephant tusk sculpture

His total theft was estimated at $236,000.

The Weakness

And what internal control weakness allowed the theft? No one was comparing the purchase orders with the payments made or to cleared checks. (This same weakness allowed a $16 million theft from a bakery.) It also appears that Mr. Rice could issue purchase orders and sign checks.

The Fix

The person authorizing payment (e.g., issuing purchase orders) should not also make the payment. Supporting documentation (e.g., purchase requisition, purchase order, bids) should be provided to a second person for review. Thereafter, the reviewer can issue the check or authorize payment.

Check signers should not issue purchase orders. For instance, board members might sign the checks, while operating personnel request the purchase.

When possible, have a central receiving department. Goods received should be recorded upon receipt by a person that did not issue the purchase order. Why? Segregation of duties. One person authorizes the purchase and another receives the physical goods. Such a procedure makes it more difficult for someone to buy products and then sell them on websites such as eBay.

Finally, require appropriate documentation (e.g., invoice) for all reimbursements. A second person should approve these payments. The person buying the goods should not also approve the reimbursement payment.

What Happened to Mr. Rice?

Though he initially denied the charges against him, Mr. Rice pled guilty to 20 counts of fraud and embezzlement. He did provide $230,000 in restitution, which led to a reduction in his sentence. He received six months in jail. 

Nonprofit fraud
Jan 23

Nonprofit Fraud: Bid-Rigging, Kickbacks and Faulty Payments

By Charles Hall | Corruption

We sometimes think of nonprofit fraud as nonexistent. After all, these are the good guys. But today we see that nonprofit theft does occur–and to the detriment of those most in need.

The Nonprofit Fraud

We think of nonprofits as lovely places where only noble things happen. But some nonprofit leaders prey on not-for-profit entities, harming the very people the organization is designed to help.

One such nonprofit leader was charged with bid-rigging, receiving kickbacks, and making fraudulent payments to vendors.

Nonprofit fraud

Picture is courtesy of AdobeStock.com

The Department of Justice charged a “former director of operations at…a Manhattan substance abuse treatment center, with bid rigging, conspiracy to defraud, and income tax evasion, in connection with a conspiracy to embezzle approximately $2.34 million from the organization over an eight-year period.”

The Department of Justice stated the charges stemmed from the director “conspiring with several outside vendors to rig bids and allocate contracts awarded by”  the nonprofit “for the supply of food, meat, health and beauty supplies, baby supplies, office supplies, printed materials, janitorial supplies, and medical supplies from 1990 until at least April 1998.” According to the charge, the director “steered nearly $10 million in contracts to those vendors.”

The director was charged with taking kickbacks totaling at least $364,000 in cash or goods and services from vendors to ensure receipt of contracts. 

The Department of Justice went on to say, the director and seven vendors embezzled at least $2 million from  the nonprofit “by issuing false and fraudulent purchase orders to each of the seven vendors, who in turn issued corresponding invoices for goods and services that were never delivered or provided.”

Later, the director pleaded guilty to bid rigging, fraud, and tax charges.

What was the harm to the nonprofit’s 600 substance abuse patients? Well, money that should have aided the needy went into the pockets of fraudsters.

The Weaknesses

The first weakness was having a leader who was concerned more about his wealth than the people he served. Auditors often refer to this as the tone at the top–it’s the ethical makeup of those in charge. COSO calls it the control environment. Without a positive, honest culture, fraud is more likely to occur.

The second weakness was the bidding process never happened. There’s a reason for bidding: It keeps everyone honest, and it ensures the lowest price for the organization.

The third weakness was a lack of accounts payable controls (or the circumvention of such policies, if they existed). Collusion between an organization’s leaders and vendors can wreak havoc. In such cases, the vendors send invoices, but no service or product is provided. Since someone in the nonprofit is approving the invoice (with knowledge the invoice is fictitious), there is no gatekeeper, no one to prevent the theft. The person approving the invoices is aiding in the fraud.

The Fixes

First, fire unethical leaders. Nonprofits can’t afford the reputational damage.

Second, solicit (real) bids. Sealed bids should be received and opened in a public meeting.

Third, ask board members to review and vet the nonprofit’s vendor list, especially those vendors receiving payments over a certain threshold (e.g., $50,000). Alternatively, ask your external or internal auditors to verify the work of key outside vendors.

1 2 3 6
>