Category Archives for "Asset Misappropriation"

Rita Crundwell
Jul 19

Rita Crundwell Story: Why Some Ranches Stink

By Charles Hall | Asset Misappropriation

Is it possible for one person to steal over $53 million from a city with an annual budget of less than $10 million? Yes. The Rita Crundwell story provides a cautionary tale for small businesses, governments, and nonprofits.

The Rita Crundwell Theft

Rita Crundwell, comptroller, and treasurer of Dixon, Illinois stole $53 million over a twenty-year period. The city of 16,000 residents held Crundwell in high esteem. One friend described her as “sweet as pie.” Another said: “You could not find a nicer person.”

So why did she steal? It appears Rita just enjoyed the good life. She used the money to fund one of the top quarter horse ranches in the country, and she did it with style: Some of the funds were used to purchase over $300,000 of jewelry and a $2.1 million motor coach vehicle.

Rita Crundwell
Her annual salary? $80,000.

The city’s annual budget? $6 to $8 million

Were yearly audits performed? Yes.

Were budgets approved? Yes.

But even with budgets and audits, the Dixon, Illinois scandal happened. 

Too Much Trust

So how did this happen? Rita Crundwell won the trust of those around her—especially that of mayor and council. In April 2011, finance commissioner and veteran council member, Roy Bridgeman, praised Crundwell calling her “a big asset to the city as she looks after every tax dollar as if it were her own.” Too much trust in a bookkeeper can lead to huge problems. 

It was a disturbing moment when Dixon Mayor James Burke presented the FBI with evidence of Crundwell’s fraud. Burke later recalled his emotions and words: “I literally became sick to my stomach, and I told him that I hoped my suspicions were all wrong.” Such a response is understandable given that Crundwell had worked for the city for decades. She had fooled everyone.

Secret Bank Account

According to the mayor, the city’s annual audits raised no red flags, and the city’s primary bank never reported anything suspicious. So how did she steal the money? In 1990, Crundwell opened a secret bank account in the name of the city (titled the RSDCA account: the initials stood for reserve sewer development construction account). Crundwell was the only authorized check signer for the account, and the RSDCA bank account was never set up on the city’s general ledger. The City’s records reflected none of the RSDCA deposits or disbursements.

Crundwell would write and sign manual checks from a legitimate city capital project fund checking account, completing the check payee line with “Treasurer.” (Yes, Crundwell had the authority to issue checks with just her signature—even for legitimate city bank accounts.) She would then deposit the check into her secret account. From the bank’s perspective, a transfer had been made from one city bank account to another (from the capital projects fund to the reserve sewer development construction fund).

Accounting Cover-up

While the capital project fund disbursement was recorded on the city’s books, the RSDCA deposit was not. A capital project fund journal entry was made for each check debiting capital outlay expense and crediting cash. But no entry was made to the city’s records for the deposit to the RSDCA account. Once the money was in the RSDCA account, Crundwell wrote checks for personal expenses—and she did so for over twenty years.

To complete her deceit, Crundwell provided auditors with fictitious invoices from the Illinois Department of Transportation; these invoices included the following notation: Please make checks payable to Treasurer, State of Illinois. (So the canceled checks made out to Treasurer agreed with directions on the invoice, but the words “State of Illinois” were conveniently left off the check payee line.) Remember Crundwell was the treasurer of Dixon. 

Those invoices and the related checks were often for round dollar amounts (e.g., $250,000) and most were for more than $100,000. In one year alone, Crundwell embezzled over $5 million.

Vacation Leads to Arrest

So how was she caught? While Rita was on an extended vacation for horse shows, the city hired a replacement for her. For some reason, Crundwell’s substitute requested all bank account statements from the city’s bank. As the bank statements were reviewed, the secret bank account was discovered. And soon after that, the mayor contacted the FBI.

The Control Weakness

Why was Rita Crundwell able to steal $53 million? Wait for it. A lack of segregation of duties.

Rita could:

  • Write checks
  • Approve payments
  • Create and monitor the budget
  • Enter transactions into the accounting system
  • Reconcile the bank statements

The Accounting Fix

Multiple people should perform accounting duties, not just one.

Moreover, accounting employees should annually take a one-week vacation (or longer). And while they are gone, someone else should perform the vacant person’s duties. The vacation itself is not the key to this control. The performance of the absent accountant’s duties is. Why? Doing so allows the replacement person to understand the work of the vacant employee. But, more importantly, the substitute can note any unusual or fraudulent activity.

Here’s another action to take: Periodically contact your organization’s bank and ask for a list of all bank accounts. Then compare the list to the bank accounts in your general ledger. If a bank account is not on the general ledger, see why. And request a copy of the related signature card from the bank.

What Happened to Rita Crundwell?

So, what happened to Rita? She was sentenced to 19.5 years in prison. Here are pictures from the Chicago Tribune that shed light on the fraud.

All the Queens Horses

Kelly Richmond Pope has masterfully captured the Rita Crundwell tale in the movie All the Queen’s Horses, available on Amazon. Think auditing is boring? Then watch the movie. It does a better job of explaining the psychological and financial damage of fraud than any textbook. 

Fraudster’s refuge
Apr 17

Fake Bank Accounts and the Appalachian Trail

By Charles Hall | Asset Misappropriation

Some fraudsters funnel money into fake bank accounts. Today, I show you how one controller did so and walked away with millions—and then hid on the Appalachian Trail.

Fake bank accounts

Fake Bank Account

In May 2015 James Hammes was arrested for the theft of $8.7 million from his former employer, G&P Pepsi-Cola Bottlers. After Mr. Hammes was confronted about the theft in February 2009, he left his home and hid on the Appalachian Trail, which runs from Georgia to Maine. Hammes assumed a hiking name of “Bismarck” and spent several years on the popular trail. Fellow hikers enjoyed Bismarck since he seemed to be one of them.

So how did he steal the money?

How the Funds Were Stolen

The FBI reported the following:

Court documents show that Hammes’ embezzlement began around 1998. As a controller, he was responsible for all financial accounting and internal controls for his division, including supervising accounts payable to several hundred outside vendors. He carried out the fraud by establishing a new bank account for an existing vendor at a different bank. He then deposited hefty payments to that vendor—often $100,000 at a time—in the phantom account that he alone controlled. He then could transfer money from the phantom account to his personal accounts.

“He knew how to cover his tracks by manipulating audits and ledger entries,” Jones said. “He got away with it for so long because he knew how to manipulate his subordinates and how not to raise accounting red flags.”

So, Hammes opened a fraudulent bank account at a bank that the vendor did not use and deposited vendor checks into that account. Then he transferred funds out of the fraudulent bank account to himself. Since he opened the account, he was the authorized check signer. Simple but effective.

You may be wondering how the theft could occur so long without detection.

Vendor Payment Controls Lacking

If extra payments were made to vendors (and it appears that occurred), then the company may not have been reviewing vendor payments. If appropriate controls are not in place, it’s easy for a fraudster to make fraudulent vendor payments without detection, especially if hundreds of monthly checks are processed.

Also, it appears the company may have lacked sufficient segregation of duties since Hammes was able to disburse extra vendor payments without detection.

Vendor Payment Controls

Periodically, review the total payments made to each vendor. For example, generate the total monthly payments made to XYZ Company. Then compare the monthly payments over a two to three year period. If payments increase greatly, then someone within the company may be making additional payments and stealing those checks. Or there may a legitimate reason for the increase. Either way, it’s wise to review vendor payments for anomalies. 

Another test you can perform is to look for multiple addresses for the same vendor. There may be legitimate reasons for more than one address, but you want to create a list of vendor addresses and verify that they are appropriate. The same is true for electronic vendor payments: see if there are multiple bank accounts you are wiring payments to. Then determine if these are appropriate. Additionally, obtain the physical address of each vendor and determine if the company is real. Do not accept P.O. Box addresses for verification purposes; again, you need to know if the company exists. (See my article Fictitious Vendor Fraud: Preventing It.)

If your company pays hundreds of vendors, you may want your internal audit (or external auditors) to periodically test vendor payments for appropriateness. Tell your payables personnel this will be done from time to time on a surprise basis. This will help keep them honest.

Maybe with these controls, you can prevent payments to fake bank accounts and keep your employees off the Appalachian Trail.

For more information about auditing payables, see my article Auditing Accounts Payable and Expenses: A Guide.

Fictitious Vendor Transfer
Oct 03

Fictitious Vendor Fraud: Preventing It

By Charles Hall | Asset Misappropriation

Fictitious vendor fraud is one of the most dangerous ways employees steal. Today we look at how this theft works and how to prevent it. I’ll conclude with a video explanation of fictitious vendor fraud.

The Theft

Your accounts payable director (Susie Jones) sets up a fictitious vendor: ABC Project Management. Susie keys the new vendor into the payables system using her sister’s—Joan Albert—personal home address. (The payables director is the only person tasked with reviewing new vendors.) Susie also creates fictitious consulting invoices to support payments made to ABC Project Management.

Fictitious Vendor Transfer

The computer signs the checks. Therefore, no one reviews the invoice prior to physically signing a check. Joan receives the signed checks through the mail.

Joan opens a bank account in the name of ABC Project Management. She is the sole authorized signer. She deposits the ABC Project Management checks into the new bank account. Then, she writes checks—from the ABC Project Management bank account—to herself and Susie.

The Weakness

What’s the weakness? Susie is the only person reviewing new vendors for appropriateness. No one outside of the accounts payable department is performing periodic reviews of the vendor files.

The Fix

If possible, have the company’s computer system automatically email Susie and the controller (a person outside of the accounts payable department) each time a new vendor is added. The email should provide the name and address of each new vendor, and the name of the person that made the addition.

Require the accounts payable department to archive vendor verification documentation such as:

  • Google search for the business
  • Google search using the vendor address (Google often provides a picture of the location)
  • Phone call made by an accounts payable employee to the new vendor
  • Physical visit to the vendor’s business

Additionally, the company can also compare payroll addresses to vendor addresses using software packages such as IDEA or ACL. (Sometimes an employee will use their personal address in a vendor fraud such as the one above, rather than that of an accomplice such as a sister.)

Also, ask an outside CPA or Certified Fraud Examiner to sample and verify selected vendors. Accounts payable personnel are less likely to steal when you consistently perform such tests.

For more information, read my article about auditing accounts payable.

Explanation of Fictitious Vendor Fraud

$16 million stolen from bakery
Jul 01

Collin Street Bakery Suffers $16 Million Fraud

By Charles Hall | Asset Misappropriation

Sandy Jenkins, a controller, stole $16 million from the Collin Street Bakery. You read that right. A bakery.

Today I show you how large sums of money can be taken from a small business with one simple fraud scheme.

The Collin Street Bakery Theft

Sandy Jenkins, the controller of Collin Street Bakery in Corsicana, Texas, made off with more than just fruitcakes. He took over $16 million, so says the FBI. And what did Mr. Jenkins do with the money?

He used the funds in the following ways:

  • $11 million on a Black American Express card
  • $1.2 million at Neiman Marcus in Dallas
  • 532 luxury items, including 41 bracelets, 15 pairs of cufflinks, 21 pairs of earrings, 16 furs, 61 handbags, 45 necklaces, 9 sets of pearls, 55 rings, and 98 watches (having an approximate value of $3.5 million)
  • Wine collection (having an approximate value of $50,000)
  • Steinway electronic piano (having a value of $58,500)
  • 223 trips on private jets (primarily Santa Fe, New Mexico; Aspen, Colorado; and Napa, California, among other places), with a total cost that exceeded $3.3 million
  • 38 vehicles, including many Lexus automobiles, a Mercedes Benz, a Bentley, and a Porsche
  • And more…

How the money was stolen

You might think that stealing $16 million would require an elaborate scheme. But did it? 

Here’s an example of his method: Jenkins would print a check to his personal credit card company, but he would void the check in the accounting system. (He still had the printed check.) Then, he would generate a second check for the same amount to a legitimate vendor, but the second check was never mailed. Next, Jenkins would send the first check to his credit card company.

The result: Jenkins’ credit card was paid, but the general ledger reflected a payment to an appropriate vendor.

Collin Street Bakery

The Weakness that Led to the Collin Street Bakery Theft

No one was comparing the cleared check payees to the general ledger. (The Collin Street Bakery is not the only business that has suffered from this type of fraud; see my previous article titled Fraudsters Writing Checks to Themselves. And another article tells other ways employees steal without being on the signature card.)

The Fix that Will Detect the Theft

Someone other than those who create checks should reconcile the bank statements to the general ledger. As they do, they should compare the cleared check payees to the vendor name in the accounting system. Some businesses have hundreds (or even thousands of checks) clearing monthly. Therefore, they may not desire to examine every cleared check. 

Alternatively, the business could periodically sample the cleared checks, comparing the cleared checks to the vendor payments in the general ledger. The persons creating checks should know that this test work will be performed. Doing so creates the camera effect. When people know their actions (in this case, the creation of checks) will be examined, they act differently–they are much less likely to steal.

If you desire a preventive control, require a second-person review of canceled checks.

Additionally, someone should be reviewing the profit margins of the company, comparing the ratios with prior periods.

Lastly, when segregation of duties is not possible, have the bank statements mailed to someone outside the accounting department such as an owner. That person should review the cleared checks before providing them to the accounting department. Alternatively, provide online access to the reviewing person. The reviewer should examine the cleared checks and provide documentation of his or her examination to the accounting department.

What Happened to Sandy Jenkins?

Sandy Jenkins was sentenced by U.S. District Judge Ed Kinkeade to serve a total of 120 months in federal prison. His wife, Kay Jenkins also pleaded guilty to one count of conspiracy to commit money laundering. Ms. Jenkins was sentenced to five years of probation.

In March 2019, Sandy Jenkins passed away in a federal prison.

Forthcoming Movie

You may be familiar with the movie Catch Me If You Can which chronicled the exploits of Frank Abagnale, one of the most brilliant cons of all time. Now, it appears there will be a new movie about another: Sandy Jenkins. 

receipt fraud test for auditors
May 08

Three Receipt Fraud Tests

By Charles Hall | Asset Misappropriation

Today I provide three receipt-fraud tests for auditors. 

The audit standards require that we introduce elements of unpredictability. Additionally, it’s wise to perform fraud tests. But I find that auditors struggle with brainstorming (required by AU-C 240, Consideration of Fraud in a Financial Statement Audit) and developing fraud tests. That’s why I wrote Five Disbursement Fraud TestsIt’s also why I am providing this post.

So, let’s jump in. Here are three receipt-fraud tests.

receipt-fraud tests for auditors

Three Receipt-Fraud Tests

1. Test adjustments made to receivables

Why test?

Receipt clerks sometimes steal collected monies and write off (or write down) the related receivable. Why does the clerk adjust the receivable? So the customer doesn’t receive a second bill for the funds stolen. 

How to test?

Obtain a download of receivable adjustments for a period (e.g., two weeks) and see if they were duly authorized. Review the activity with someone outside the receivables area (e.g., CFO) who is familiar with procedures but who has no access to cash collections.

If there are multiple persons with the ability to adjust receivable accounts (quite common in hospitals), compare weekly or monthly adjustments made by each employee.

Agree receipts with bank deposits.

2. Confirm rebate (or similar type) checks

Why test?

When rebate checks are not sent to a central location (e.g., receipting department), the risk of theft increases. Rebate checks are often not recorded as a receivable, so the company may not be aware of the amounts to be received. Stealing unaccrued receivable checks is easy.

How to test?

Determine which vendors provide rebate checks (or similar non-sales payments). Send confirmations to the vendors and compare the confirmed amounts with activity in the general ledger.

Theft of rebate checks is more common in larger organizations (e.g., hospitals) where checks are sometimes received by various executives. The executive receives a check in the mail and keeps it for a while (in his desk drawer – in case someone asks for it). Once he sees that no one is paying attention, he steals and converts the check to cash.

3. Search for off-the-book thefts of receipts

Why test?

The fraudster may bill for services through the company accounting system or an alternative set of accounting records and personally collect the payments.

How to test?

Compare revenues with prior years and investigate significant variances. Alternatively, start with source documents and walk a sample of transactions to revenue recognition, billing, and collection.

Here are a few examples of actual off-the-book thefts:

Police Chief Steals Cash

An auditor detected a decrease in police-fine revenue in a small city while performing audit planning analytics. Upon digging deeper, he discovered the police chief had two receipt books, one for checks that were appropriately deposited and a second for cash going into his pocket. Sometimes, even Andy Griffith steals.

Hospital CFO Steals Cash

hospital CFO, while performing reorganization procedures, set up a new bank account specifically for deposit of electronic Medicaid remittances. He established himself as the authorized bank account check-signer.

The CFO never set up the bank account in the general ledger. As the Medicaid money was electronically deposited, the CFO transferred the funds to himself.  What was the money used for? A beautiful home on Mobile Bay, new cars, and gambling trips.

Another Receipt Fraud to Consider

Sometimes it’s not the front-desk receipt clerk that steals. Surprisingly, your receipt supervisor can be on the take. So, consider that receipt theft takes place up-front and in the back-office.

1 2 3 6
>