Fraudulent Payments Without Being on the Signature Card

By Charles Hall | Asset Misappropriation

Today I show you how bookkeepers can make fraudulent payments without being on the signature card.

Auditors often focus on authorized check signers when considering who can fraudulently disburse funds. But might it be possible to make payments without being on the bank’s signature card? The answer is yes. 

Courtesy of a DollarPhoto.com

Fraudulent Payments without Being on the Signature Card

Here are a few ways to disburse funds without being on a signature card:

1. Forgery
2. Unsigned checks
3. Wire transfer 
4. Electronic bill pay 
5. Signing checks with accounting software 
6. Use of a signature stamp

1. Forgery

Since banks don’t usually inspect checks as they clear, a forged check will normally clear the bank.

2. Unsigned Checks

Again, since banks don’t normally inspect checks as they are processed, an unsigned check can clear the bank. (I saw one just last month.)

3. Wire Transfer

Many times–at the client’s direction–banks wire money with just one person’s approval. One nonprofit administrator stole $6.9 million in less than an hour because of this control weakness. 

I have also seen small-town business bookkeepers drop by a local bank and ask them to wire money. Banks, desiring to help their client, sometimes do.

Businesses should use the controls offered by banks. Otherwise, they might be on the hook for fraudulent wires.

4. Electronic Bill Pay

Anyone with the right passwords can make electronic bill payments to themselves or anyone else.

5. Signing Checks with Accounting Software

This one scares me the most.

Many businesses, in an effort to expedite the disbursement process, have authorized signatures embedded in the payables software, enabling the payables clerk to make a payment to anyone. If the payables clerk has access to check stock (and they usually do), watch out. Even if a second person is normally involved in processing checks with automatic signatures, how easy is it for the clerk to go by in the evenings and make fraudulent payments? This danger increases if the payables clerk also reconciles the bank account. Why? No second person is reviewing the cleared checks.

6. Use of a Signature Stamp

I cringe every time I see a signature stamp. Why not just ask the authorized signer to just sign plenty of blank checks? (Yes, I am being facetious.)

Just last year I worked on a case where the bookkeeper wrote manual checks to herself but entered payments in the general ledger to legitimate vendors for the same amounts. Why? To mask the payments.

Recipe for Disbursement Fraud

Give anyone (1) the ability to sign checks, (2) access to blank check stock, and (3) the ability to make the bookkeeping entry, and you have the recipe for theft–particularly if that same person reconciles the bank statement or if the person reconciling the bank statement does not examine the payee on cleared checks. If you can’t segregate duties (there are too few employees), here’s how to lessen segregation of duties problems in two easy steps. 

How to Audit Accounts Payable

Click here for detailed information about how to audit accounts payable and expenses.

Three Powerful Receipt-Fraud Tests (for Auditors)

By Charles Hall | Asset Misappropriation

College Aid Official Funnels Student Funds of $4.1 Million to Herself

By Charles Hall | Asset Misappropriation

Theft from colleges happens more than we think. After all, aren’t these guardians tasked with looking after our children? Even in places where we expect unselfishness, sometimes there’s a bad apple. Today, we review a fraud involving a college aid official. 

The Theft

When I was a student at the University of Georgia, I needed every dollar I could find. I ate my share of cheap hamburgers and peanut butter sandwiches. In the summers, I scouted peanuts and cotton to make ends meet. So when I see a college aid official stealing student money, I wince.

Picture is courtesy of AdobeStock.com

A New York college aid administrator used a simple scheme to steal $4.1 million of student aid funds. How? She made out financial aid checks to nonexistent students and then endorsed them over to the name of an alias. The administrator set up a bank account in the name of the alias and deposited the checks into the bank account, allowing her to convert the checks to cash.

How long did the theft go on? Over ten years. The fraudster stole most of the money in the last two years of the scheme. As is often the case, the thief became bolder over time. 

How many fraudulent checks did she issue? Over 1,000, each to a different student.

How was the fraudster caught? A change in the accounting system required cross-referencing of financial records.

The Weakness

No one was comparing the checks written to student admission files. Legitimate students have admission and other information that can be used to verify the students’ existence.

The Fix

A person other than the financial aid administrator should compare the student name on the check to student files to verify the existence of the student. If this control can’t be performed for each disbursement, it should be performed on a sample basis, and the persons creating and signing the checks should know their work is being monitored.

This test could be performed by someone in the financial aid office or by an external professional such as a CPA or a Certified Fraud Examiner.

The college can request from the bank the endorsement side of the cleared checks. If the back side of the checks are obtained, then the endorsements can be examined for appropriateness.

Banks Not Providing Cleared Checks

In an effort to save money, some banks don’t provide cleared checks to their clients. And very few banks (if any) provide the copies of the back side of checks. From a fraud prevention perspective, this is not good. Why? Because checks and endorsements can’t be inspected for potentially fraudulent activity. At least periodically, request some endorsements and test those on a sample basis. (The bank may require you to pay for these copies.) Additionally, as I said in another post, someone should be comparing cleared check payees to the general ledger–if not for every check, then at least on a sample basis.

Free Fraud Course

Click here for free ten-day fraud course.

Nonprofit Embezzlers Sell Donated Goods for Millions

By Charles Hall | Asset Misappropriation

Sometimes nonprofit embezzlers sell donated goods. Today, we examine how nonprofit employees can steal assets rather than cash and how you can prevent such thefts.

The Theft

Several workers at a California Goodwill pled guilty to taking over $15 million. Their scheme involved the selling of donated goods by the barrelful to private dealers who sometimes wheeled tractor trailers up to the rear of Goodwill stores.

Picture is courtesy of AdobeStock.com

The dealers sold most of the goods in Mexico. The thefts–involving seven primary culprits, four of whom were sisters–occurred over a twenty-year period that started in the mid-70s.

So how were the fraudsters caught?

One culprit went through a bitter divorce, and the husband disclosed the scheme to authorities.

The Weakness

The article describing this case did not provide details of the store operations, but it appears–at the time–inventories of donated goods were not properly documented. When assets, of whatever form, are not inventoried, they are more likely to disappear.

The Fix

Account for all inventories. Also, clothing that is sold in bulk should be documented. So each time a truck backs up to a store, the activity should be recorded—who received the goods, the sales price, who approved the sale, why the goods were sold in bulk. The store should have a policy that cash is not to be received for such sales.

Consider adding a whistleblower hotline. Nonprofit employees sometimes see signs of theft. Make it easy for them to report fraudulent activity. Doing so creates the camera effect. 

Also, install a security camera that records all loading dock activity.

Note–This case was adjudicated in the 1990s, and Goodwill has, since that time, made significant improvements to its controls.

Do (Some) Librarians Steal? Yes (and With Vigor)

By Charles Hall | Asset Misappropriation

Do some librarians steal? While most don’t, some do. Today we see that some guardians of knowledge take that which belongs to the general public.

I remember my childhood librarian, Ms. Adams. She was a lady of rectitude, dignity, and uprightness. Never one to harm or take from her patrons—or the library. Theft by her? Unthinkable. The memory of her colors, in a positive way, my view these public servants. But not every librarian is Ms. Adams.

Recently I spoke to about 50 librarians about fraud prevention and was shocked by their stories of thefts from libraries. It appears library fraud is alive and well in the United States. No place is immune. The following is a story of one such librarian, Bob Rice Jr.

This picture is courtesy of AdobeStock.com

The Theft

Bob Rice Jr. served as the director of the Revere Public Library for twenty-seven years before he pled guilty to twenty counts of fraud and embezzlement. So, how did he steal?

Mr. Rice apparently could approve purchases by issuing requisitions and purchase orders. The library paperwork would reflect the acquisition of dictionaries, for example, but the real purchase might be a Rolex watch.

Rice also purchased items that appeared to be for the library such as computer software, but he would–after receiving the goods–sell them on eBay. Then, with the cash, he would purchase items for personal use.

Lastly, in some instances, he requested reimbursements for items he never received. Those reimbursement checks were cashed and placed in his bank account.

How Rice Used the Funds

And how was the money used?

Mr. Rice purchased personal items including:

• A model of the Star Trek’s Starship Enterprise
• A replica Tommy Sub-machine gun
• Robo-Pets
• A vacuum
• A Leica camera
• Star Wars collectibles
• Rolex watch
• An ice cream making machine
• An elephant tusk sculpture

His total theft was estimated at $236,000.

The Weakness

And what internal control weakness allowed the theft? No one was comparing the purchase orders with the payments made or to cleared checks. (This same weakness allowed a $16 million theft from a bakery.) It also appears that Mr. Rice could issue purchase orders and sign checks.

The Fix

The person authorizing payment (e.g., issuing purchase orders) should not also make the payment. Supporting documentation (e.g., purchase requisition, purchase order, bids) should be provided to a second person for review. Thereafter, the reviewer can issue the check or authorize payment.

Check signers should not issue purchase orders. For instance, board members might sign the checks, while operating personnel request the purchase.

When possible, have a central receiving department. Goods received should be recorded upon receipt by a person that did not issue the purchase order. Why? Segregation of duties. One person authorizes the purchase and another receives the physical goods. Such a procedure makes it more difficult for someone to buy products and then sell them on websites such as eBay.

Finally, require appropriate documentation (e.g., invoice) for all reimbursements. A second person should approve these payments. The person buying the goods should not also approve the reimbursement payment.

What Happened to Mr. Rice?

Though he initially denied the charges against him, Mr. Rice pled guilty to 20 counts of fraud and embezzlement. He did provide $230,000 in restitution, which led to a reduction in his sentence. He received six months in jail. 

How $16 Million was Stolen from a Bakery

By Charles Hall | Asset Misappropriation

Is it possible to steal over $16 million from a bakery? Today we see that large sums can be taken from a small, mundane business. And the scheme can be so very simple.

The Theft

Sandy Jenkins, the controller of Collin Street Bakery in Corsicana, Texas, made off with more than just fruitcakes. He took over $16 million, so says the FBI. And what did Mr. Jenkins do with the money?

He used the funds in the following ways:

• $11 million on a Black American Express card
• $1.2 million at Neiman Marcus in Dallas
• 532 luxury items, including 41 bracelets, 15 pairs of cufflinks, 21 pairs of earrings, 16 furs, 61 handbags, 45 necklaces, 9 sets of pearls, 55 rings, and 98 watches (having an approximate value of $3.5 million)
• Wine collection (having an approximate value of $50,000)
• Steinway electronic piano (having a value of $58,500)
• 223 trips on private jets (primarily Santa Fe, New Mexico; Aspen, Colorado; and Napa, California, among other places), with a total cost that exceeded $3.3 million
• 38 vehicles, including many Lexus automobiles, a Mercedes Benz, a Bentley, and a Porsche
• And more…

How the money was stolen

You might think that stealing $16 million would require an elaborate scheme. But did it? 

Here’s an example of his method: Jenkins would print a check to his personal credit card company, but he would void the check in the accounting system. (He still had the printed check.) Then, he would generate a second check for the same amount to a legitimate vendor, but the second check was never mailed. Next, Jenkins would send the first check to his credit card company.

The result: Jenkins’ credit card was paid, but the general ledger reflected a payment to an appropriate vendor.

The picture is courtesy of AdobeStock.com

The Weakness

No one was comparing the cleared check payees to the general ledger. 

The Fix

Someone other than those who create checks should reconcile the bank statements to the general ledger. As they do so, they should compare the cleared check payees to the vendor name in the accounting system. Some businesses have hundreds (or even thousands of checks) clearing monthly. Therefore, they may not desire to examine every cleared check. 

Alternatively, the business could periodically sample the cleared checks, comparing the cleared checks to the vendor payments in the general ledger. The persons creating checks should know that this test work will be performed. Doing so creates the camera effect. When people know their actions (in this case, the creation of checks) are to be examined, they act differently–they are much less likely to steal.

If you desire a preventive control, you could require a second-person review of cancelled checks.

Lastly, when segregation of duties is not possible, have the bank statements mailed to someone outside the accounting department such as an owner. That person should review the cleared checks before providing them to the accounting department. Alternatively, provide online access to the reviewing person. The reviewer should examine the cleared checks and provide documentation of his or her examination to the accounting department.

What Happened to Sandy Jenkins?

Sandy Jenkins was sentenced by U.S. District Judge Ed Kinkeade to serve a total of 120 months in federal prison. His wife, Kay Jenkins also pleaded guilty to one count of conspiracy to commit money laundering. Ms. Jenkins was sentenced to five years probation.

Is Your Cash Receipts Supervisor on the Take?

By Charles Hall | Asset Misappropriation

Sometimes the person you hire to prevent theft is the one stealing. This is one of the dangers of a trusted bookkeeper. Below I provide a real-life story of a cash receipts supervisor on the take.

The Theft

Is your cash receipts supervisor taking your cash? I once worked on a case where this person took over $300,000.

The picture is courtesy of AdobeStock.com

Cash Receipts Supervisor

Many businesses funnel cash receipts to a supervisor who counts the money from each cash drawer and compares the funds to the daily receipts. The purpose of this step is to ensure no front-desk clerks are stealing.

The cash collections supervisor has usually worked a cash drawer in the past. So she knows all about how the receipts enter the system and how they are deposited.

Typical Deposit Cycle

The collections process often works as follows:

1. Money is collected at the front cash-collection desks and placed in the cash drawers that are assigned to each clerk; receipts are written for each payment
2. These clerks tally their collections at the end of each day and reconcile the monies in their cash drawers to the receipts written
3. The daily reconciliation for each cash drawer goes to the cash receipts supervisor who recounts the funds received and reconciles collections to the receipts written (performing the same reconciliation as the front desk clerks)
4. The cash receipts supervisor creates a deposit slip for all funds collected (if there are seven cash drawers, then the deposit slip represents the total collections for all seven cash drawers)
5. The cash receipts supervisor gives the checks and cash and deposit slip to a courier to take to the bank
6. The courier receives a bank deposit receipt from the bank
7. The courier provides the bank deposit receipt to the cash receipts supervisor (so she can compare the bank deposit receipt with the copy of the deposit slip–to ensure the courier did not steal any funds in transit)

The Cash Receipts Supervisor Steals

So how can the cash receipts supervisor steal funds in the above scenario?

In the case I worked on, the supervisor also reconciled the bank statement. After step 3., but before step 4., she would steal the cash and then lessen the deposit slip accordingly. So, if she took $2,200, the deposit slip would reflect the total daily collections less $2,200.

You’re thinking, “But then the bank account would not reconcile since the computers have recognized the front-desk collections?” You are correct—unless someone monkeys with the bank reconciliation. And that’s what she did. The supervisor adjusted the reconciling items–on the bank reconciliation–to cover up the stolen funds. The scheme worked until the annual audit.

When the auditors tested the outstanding items on the bank reconciliation, they could not tie substantial amounts to the subsequent bank statement. Generally, outstanding reconciling items clear the subsequent month’s bank statement—but large amounts on the year-end bank reconciliation could not be accounted for (because they were fictitious).

When confronted, the clerk confessed to her theft and method.

The Weakness

The weakness was the cash receipts supervisor who had custody of assets (cash) also performed the reconciliation of the related bank account.

The Fix

The person reconciling the bank statement should not also handle cash. It’s also a good idea to perform surprise tests of the receipting records. Doing so puts everyone on notice. The receipt employees know someone can appear at any time and review their work.

For additional assistance, see my article about how to audit cash.

Would Andy Griffith Steal? Receipt Fraud in Law Enforcement

By Charles Hall | Asset Misappropriation

Would Andy Griffith steal? Maybe not. But other law officers do. Thankfully, most don’t.

The Theft

If you’ve watched Andy Griffith as much as I have, you may find it hard to believe a (small town) officer would steal–but it happens.

A friend of mine (we’ll call him John) audits a small Georgia city (this is a true story). One year he was reviewing the planning analytics for the audit, reviewing five years of comparative data. In scanning the comparisons, he noticed the police fines had fallen off significantly. So John asked the police chief why the fines were down.

The police chief (we’ll call him Robert) responded, “I took it.”

John laughed and said, “I’m serious, why do you think the fine revenue dropped?”

“I said I took it.”

John was stunned. It was hard for him to absorb what he was hearing. After all, fraudsters don’t generally confess on the spot–but this one did. And the chief was well-known and well-liked, a man known for his integrity.

The discussion continued as John inquired about how the chief took the money. Here’s the deal.

Robert had two receipt books, one for cash and one for checks. When checks were received, he would write a receipt from the checks receipt book–those funds were turned over to the city clerk. When cash was received, he wrote receipts from the cash receipts book–those monies went into his pocket. Simple, but effective, as he stole over $50,000.

The Weakness

So, what control weakness allowed this theft?

No one was controlling the issuance of the city receipt books. Also, the city clerk should have noticed the lack of cash payments being received for fines.

The Fix

How can we remedy this problem?

When governments use physical receipt books, assign the duty of purchasing and issuing receipt books to a particular person. He or she should maintain a log of the receipt books and who has each one.

Surprise audits of those receiving funds is another way to combat theft. These reviews can be performed by the government’s internal audit staff or by an outside CPA or Certified Fraud Examiner.

White-collar crime is real, so stay vigilant. (Even so, I still can’t believe the real Andy Griffith would steal.)

Stealing Unaccrued Receivable Checks is Easy

By Charles Hall | Asset Misappropriation

Stealing Unaccrued Receivable Checks

Some fraudsters steal unaccrued receivable checks and convert them to cash. In this article, I explain the mechanics of the theft and how you can prevent it.

The Theft

Susan is an hospital executive that has the authority to approve purchases of medical devices. She commonly receives rebate checks from vendors. Since she negotiates the purchase contracts, the vendors mail the rebate checks to her. Some of these checks are north of $50,000.

A while back she received a rebate check and placed it in her top left-hand drawer, thinking she would take it to accounting the next day. But she forgot.

Picture is courtesy of AdobeStock.com

A month later she opened her drawer, and there it was. Oops! She hurriedly took the check to the receipting department and said, “Gosh, I must be losing my mind.” They all laughed, knowing it was an innocent mistake. But in the course of these events, she realized that no one knew she had the check. Why would they? Susan approves the purchases, and she provides the rebate information to no one. So, the rebates are not accrued in the general ledger.

Not long thereafter, Susan decides to retain two of the rebate checks totaling over $100,000. She places them in the same left-hand drawer, but this time, she does so on purpose. And then she waits—several weeks. No one calls about the checks. It’s obvious that no one knows she has them.

Susan converts the checks to cash by depositing them into a new bank account that she has opened in the name of the hospital. She is the sole authorized signer for the new bank account.

Now, let’s see what the control weaknesses are and how we can remedy this problem. 

The Weakness

The weakness is that no one is tracking or accruing the rebate checks.

The Fix

How can we cure this weakness?

Determine what companies provide rebates checks (and any other checks commonly received and not accrued). Send confirmations to the paying parties and compare the confirmed amounts with activity in the general ledger.

A master list of rebate companies should be maintained by someone in accounting, and the related activity should be monitored by comparing receipting information to this list. When possible, accrue rebate receivables.

White-Collar Crime

This is one more example of white-collar crime. Click here for many more articles about theft. For a detailed article about auditing receivables, click here.

Splitting Payments to Circumvent Approval Requirements

By Charles Hall | Asset Misappropriation

Some fraudsters split payments to circumvent approval requirements. In this article, I show you how this type of theft works and what you can do to prevent it.

The Theft

The maintenance supervisor, Billy, wants to make a fraudulent payment to ABC Hardware for $9,900. (ABC Hardware is owned by his cousin.) So, Billy wants to avoid his company’s review process. He knows that all checks over $5,000 require the physical signature of the finance director. All checks below $5,000 are signed by the computer. What’s a boy to do? Well, Billy can split the transaction–two checks for $4,950 each. That will work.

Billy asks his cousin for two ABC Hardware invoices of $4,950 rather than the one for $9,900. Afterwards, Billy approves each invoice, and the payments are made.

Picture is courtesy of AdobeStock.com

So, Billy tries the scheme again, and it works. Then, he does so repeatedly. His cousin rewards him with free trips to South Dakota, his favorite hunting destination.

The Weakness

No one is querying the check register for payments just below the threshold. Also, bids were not obtained.

The Fix

Download the check register into Excel (or any database package). Then, sort the payments and look for repeated payments–just below the threshold of $5,000–to the same vendor.

Require bids for significant expenses, and retain the bids as support for the payments.

Difference in Bribes and Gratuities

Learning tip: The hunting trip is referred to as a gratuity rather than a bribe. Why? Bribes are inducement payments made before the purchase decision. Gratuities–free trips in this example–are given after the vendor payments. The purpose of the gratuity is to reward the complicit person (Billy). Then, in the future, Billy knows the drill and expects more of the same.

White-Collar Crime

Splitting payments is a form of white-collar crime. There are many ways that professionals steal. Click here for more fraud-related examples (some of which are hard to believe).