Category Archives for "Asset Misappropriation"

secret bank accounts
Feb 27

Secret Bank Accounts Cause Fraud Losses

By Charles Hall | Asset Misappropriation

Secret bank accounts lead to havoc. 

Substantial losses can occur when unauthorized bank accounts are opened by company personnel. 

secret bank accounts


Secret Bank Account Leads to $53 in Theft

A finance director opened an unknown bank account in the name of a city, stealing over $53 million

Four things happened:

1. The fraudster opened an unauthorized bank account in the name of the entity (and signed the bank’s signature card).

2. That person did not set up the secret bank account in the general ledger.

3. The fraudster transferred money from a legitimate bank account to a hidden one. (The thief provided fake invoices to support the payments.)

4. The fraudster withdrew money from the hidden account.

Covering Up the Theft

Here’s the journal entry when step 3 occurred:

Debit - Expense    $200,000

Credit - Cash                               $200,000

The payments from the secret bank account (step 4.) are not recorded (since that bank account is not on the entity’s general ledger). 

Weak Segregation of Duties

Such a scheme is possible when the fraudster can:

1. Sign checks for the real bank account (or by other means, transfer money from the legitimate bank account to the unauthorized bank account)

2. Reconciles the real bank account (and no one else sees the cleared checks)

Another Secret Bank Account Fraud

Another twist on this type of fraud:

1. A hospital CFO set up a secret bank account for State Medicaid payments. (CFO had signature authority for the bank account.)

2. The hospital CFO did not set up the unauthorized bank account in the general ledger.

3. The State made electronic payments to the secret bank account.

4. CFO wrote checks to himself (for over $10 million).

Actions to Take: Ask your banks for a list of all bank accounts; compare that list to the bank accounts on your general ledger. Additionally, you should contact other banks in your area, those with which your company does not do business. Finally, you should contact all payors (e.g., Medicaid) and confirm the bank accounts to which they make payments; see if those bank accounts are on the general ledger

Another Bank Account Fraud

In another fraud, a company made frequent payments to vendor bank accounts.

The company’s CFO set up bank accounts in the name of actual vendors and made payments to those accounts

The CFO withdrew funds from the secret vendor bank accounts

When the CFO was about to be caught, he fled and hid on the Appalachian Trail for over five years. 

Action to Take: Confirm bank account numbers with vendors. 

Thefts of cash
Nov 14

Thefts of Cash From Local Governments

By Charles Hall | Asset Misappropriation , Local Governments

Thefts of cash from local governments is common.

How many times have you seen a local newspaper article like the following?

Johnson County’s longtime court clerk admitted today to stealing $120,000 of court funds from 2019 through 2021. Becky Cook, 62, faces up to 10 years in federal prison after pleading guilty to federal tax evasion and theft.

Thefts of cash

Thefts of Cash from Local Governments

Usually, the causes of such cash thefts are (1) decentralized collection points and (2) a lack of accounting controls.

1. Decentralized Collection Points

First, consider that governments commonly have several collection points.

Examples include:

  • Recreation department
  • Police department
  • Development authority
  • Water and sewer department
  • Airport authority
  • Landfill
  • Building and code enforcement
  • Courts

Many governments have over a dozen receipting locations. With cash flowing in so many places, it’s no wonder that thefts of cash are common. Each cash receipt area may have different accounting procedures – some with physical receipt books, some with computerized receipting, and some with no receipting system at all. 

A more centralized receipting system reduces the possibility of theft, but many governments may not be able to centralize the receipting function. Why? Here are three reasons:

  1. Elected officials, such as tax commissioners, often determine how monies are collected without input from the final receiving government (e.g., county commissioners or school). Consequently, each elected official may decide to use a different receipting system.
  2. Customer convenience (e.g., recreation centers and senior citizen centers) may drive the receipting location decision.
  3. Other locations, such as landfills, are purposely placed on the outer boundary of the government’s geographic area.

What’s the result? Widely differing receipting systems. Since these numerous receipting locations have varying controls, the risk of theft is higher. 

Cash theft

2. Lack of Accounting Controls

Second, consider that many governments lack sufficient accounting controls for cash.

It’s more likely cash will be stolen if cash collections are not receipted. If the transaction is recorded, then the receipt record must be altered, destroyed or hidden to cover up the theft. That’s why it’s critical to capture the transaction as early as possible. Doing so makes theft more difficult.

Additional steps that will enhance your cash controls include the following:

  1. If possible, provide the government’s administrative office (e.g., county commissioners’ finance department) with electronic viewing rights for the decentralized receipting locations (e.g., landfill).
  2. Require the transfer of money on a daily basis; the government’s administrative office (e.g., county commissioners’ finance department) should provide a receipt to each transferring location (e.g., landfill).
  3. Limit the number of bank accounts.
  4. Deposit funds daily.
  5. Periodically perform surprise audits of outlying receipting areas.
  6. Use a centralized receipting location (and eliminate the decentralized cash collection points).
  7. Persons creating deposit slips and handling cash should not key those receipts into the accounting system.
  8. The person reconciling the bank statements should not also handle cash collections.
  9. Don’t allow the person billing customers to handle cash collections.

If segregation of duties is not possible (such as 7., 8. and 9. above), consider having a second person review the activity (either an employee of the government or maybe an outside consultant).

Final Thoughts About Fraud Prevention for Cash

When possible, use an experienced fraud prevention specialist to review your cash collection procedures. Can’t afford to? Think again. The average incidence of governmental fraud results in a loss of approximately $100,000.

Finally, make sure your government has sufficient fidelity bonding. If all else fails, you can recover your losses through insurance.

For more fraud prevention guidance, check out my book on Amazon: The Little Book of Local Government Fraud Prevention. Additionally, here’s a post telling you how to audit cash.

$16 million stolen from bakery
Feb 20

Collin Street Bakery Fraud: $16 Million

By Charles Hall | Asset Misappropriation

Sandy Jenkins, a controller, stole $16 million from the Collin Street Bakery. You read that right. A bakery.

Today I show you how large sums of money can be taken from a small business with one simple fraud scheme.

The Collin Street Bakery Fraud

Sandy Jenkins, the controller of Collin Street Bakery in Corsicana, Texas, made off with more than just fruitcakes. He took over $16 million, so says the FBI. And what did Mr. Jenkins do with the money?

He used the funds in the following ways:

  • $11 million on a Black American Express card
  • $1.2 million at Neiman Marcus in Dallas
  • 532 luxury items, including 41 bracelets, 15 pairs of cufflinks, 21 pairs of earrings, 16 furs, 61 handbags, 45 necklaces, 9 sets of pearls, 55 rings, and 98 watches (having an approximate value of $3.5 million)
  • Wine collection (having an approximate value of $50,000)
  • Steinway electronic piano (having a value of $58,500)
  • 223 trips on private jets (primarily Santa Fe, New Mexico; Aspen, Colorado; and Napa, California, among other places), with a total cost that exceeded $3.3 million
  • 38 vehicles, including many Lexus automobiles, a Mercedes Benz, a Bentley, and a Porsche
  • And more…

How the money was stolen from Collin Street Bakery

You might think that stealing $16 million would require an elaborate scheme. But did it? 

Here’s an example of his method: Jenkins would print a check to his personal credit card company, but he would void the check in the accounting system. (He still had the printed check.) Then, he would generate a second check for the same amount to a legitimate vendor, but the second check was never mailed. Next, Jenkins would send the first check to his credit card company.

The result: Jenkins’ credit card was paid, but the general ledger reflected a payment to an appropriate vendor.

Bakery theft

The Weakness that Led to the Collin Street Bakery Theft

No one was comparing the cleared check payees to the general ledger. (The Collin Street Bakery is not the only business that has suffered from this type of fraud; see my previous article titled Fraudsters Writing Checks to Themselves.)

The Fix that Will Detect the Theft

Someone other than those who create checks should reconcile the bank statements to the general ledger. As they do, they should compare the cleared check payees to the vendor name in the accounting system. Some businesses have hundreds (or even thousands of checks) clearing monthly. Therefore, they may not desire to examine every cleared check. 

Alternatively, the business could periodically sample the cleared checks, comparing the cleared checks to the vendor payments in the general ledger. The persons creating checks should know that this test work will be performed. Doing so creates the camera effect. When people know their actions (in this case, the creation of checks) will be examined, they act differently–they are much less likely to steal.

If you desire a preventive control, require a second-person review of canceled checks.

Additionally, someone should be reviewing the profit margins of the company, comparing the ratios with prior periods.

Lastly, when segregation of duties is not possible, have the bank statements mailed to someone outside the accounting department such as an owner. That person should review the cleared checks before providing them to the accounting department. Alternatively, provide online access to the reviewing person. The reviewer should examine the cleared checks and provide documentation of his or her examination to the accounting department.

What Happened to Sandy Jenkins?

Sandy Jenkins was sentenced by U.S. District Judge Ed Kinkeade to serve a total of 120 months in federal prison. His wife, Kay Jenkins also pleaded guilty to one count of conspiracy to commit money laundering. Ms. Jenkins was sentenced to five years of probation.

In March 2019, Sandy Jenkins passed away in a federal prison.

Fruitcake Movie

You may be familiar with the movie Catch Me If You Can which chronicled the exploits of Frank Abagnale, one of the most brilliant cons of all time. Now, there is a new movie about another: Sandy Jenkins. 

fictitious vendor fraud
Oct 13

Fictitious Vendor Fraud: How to Prevent It

By Charles Hall | Asset Misappropriation , Fraud , Local Governments

Twenty-four percent of governmental frauds are billing schemes such as fictitious vendor theft, so says the Association of Certified Fraud Examiners. Fictitious vendor fraud is usually committed by a person with the ability to establish new vendors in the accounting system (often the accounts payable clerk). If you are going to prevent this fraud, you need to know how it works. 

Fictitious Vendor Fraud

First, the clerk creates the fictitious vendor in the accounts payable system using his own address (or that of an accomplice). Alternatively, he may use a personal P.O. box (which is more common). Second, the clerk creates fictitious vendor invoices to support the payments; often, these invoices are for services rather than for a physical product. Since no shipped asset will be received by the government, it’s easier to conceal the fraud. Finally, the accounts payable clerk issues the vendor checks: since the fictitious vendor check address is that of the accounting clerk, the check is mailed directly to the fraudster (or his accomplice).

Here’s an example of how this fraud might happen.

Accounts Payable Clerk Fraud

John, the accounts payable clerk, sets up the fictitious vendor, Rutland Consulting, and keys his (John’s) address (P.O. Box 798, Atlanta, Georgia, 99890) into the vendor master file. To save time, the city has elected to have all checks signed electronically by the computerized system, so printed checks have signatures on them, and it just so happens that John prints all checks. John records an accounts payable amount of $53,322 to Rutland Consulting. 

To conceal the fraud, John creates a fictitious consulting services invoice from Rutland Consulting (especially designed for the auditors), and he codes the expense to an account which has plenty of remaining budgetary appropriation. Now John prints and mails the checks (including the fictitious vendor check).

Two days later John picks up his check at his P.O. box. John has opened a bank account for—you guessed it—Rutland Consulting; he is the only authorized check signer for the account. After depositing the city-issued check to the Rutland Consulting checking account, he writes checks to himself. Soon John’s friends are impressed with his shiny new bass boat.

Other Fraudulent Disbursement Schemes

While reading about John’s fraud, you may be thinking, “Not a problem in my government. Our checks are physically signed.” Consider, however, that signed checks can be created by:

  • Forging signatures on manual checks
  • Signing checks with signature stamps

The fraudster might also, in another twist to this scheme, just wire the money electronically and record the transaction with a journal entry. If the fraudster can get a fake vendor added to the payables system and create a signed check or wire funds, then the fictitious vendor scheme becomes a possibility.

Banks generally do not visually inspect checks as they clear (how could they, given the volume of daily checks?), so a forged signature will usually suffice. John’s theft described above becomes easier if he also reconciles the related bank statement—no second pair of eyes will inspect the cleared checks.

Department Head Fraud 

City or county department heads can also use a fictitious vendor scheme if they can submit believable new-vendor documentation. Many governments do not verify the existence of new vendors; therefore, a department head can merely send a fake invoice to the payables clerk and receive payment.

Oftentimes when an accounts payable clerk receives an invoice, he will add the new vendor to the accounts payable master file without verifying that the vendor is real. Since department heads often code and approve invoices (by writing the expense account number on the invoice and initialing the same), the payment will be recorded in an account of the department head’s choice.

Again, such invoices are usually for services (e.g., electrical repair)—that way, the accounts payable department is not waiting for receiving documents (e.g., packing slips) before payment is made.

fictitious vendor fraud

Fictitious Vendor Fraud Factors

The fictitious vendor fraud hinges on three factors: 

  1. Getting the fictitious vendor added to the accounts payable vendor list (along with the false address)
  2. Getting the payment made (either by controlling the whole payment process or by having the authority to approve disbursements)
  3. Getting the payment posted to an account where its presence goes unnoticed

Lessen Fictitious Vendor Threat

To mitigate the risk of fictitious vendors, do the following:

  • Require vendors to provide a physical address (even if payments are to be mailed to a P.O. box)
  • Require the accounts payable clerk to verify the existence of the new vendor (by calling the vendor or googling the vendor’s address)
  • Have someone outside of accounts payable (e.g., controller) review new vendors added
  • Segregate duties (namely the ability to add new vendors and the power to authorize payments); have at least two persons involved in processing all payables
  • Have someone other than an accounts payable person reconcile the bank statement and require that that person compare the payee on cleared checks to the general ledger; if this suggestion is not viable, periodically review all cleared checks for a month and review the payees on the checks
  • Periodically review the list of vendors in your accounts payable system

While this is not a comprehensive article about fictitious vendor fraud, hopefully it will prompt you to consider whether your internal controls are sufficient in relation to this threat.

Learn More About Fraud

For more information about fraud prevention, check out my book: The Little Book of Local Government Fraud Prevention.

Local Government Fraud Prevention

Available on Amazon in Kindle and paperback formats

Expense fraud
Aug 08

Expense Fraud: An Honest Theft

By Charles Hall | Asset Misappropriation

Honest people steal. Nice, innocent looking people take money that’s not theirs. How? One way is expense fraud.

The Honest Person’s Fraud

Expense fraud is one of the most common frauds. While the damage is usually low, this theft is pervasive in most businesses.

Expense fraud

I teach a college Bible study, and in it, I sometimes talk about “acceptable sins,” things like gossip, impatience, anger. My point is they are all issues and not acceptable, but we like to pawn them off as being okay–especially when it’s me that’s angry.

Likewise, expense report fraud is often viewed as acceptable, at least when it’s within bounds. But we all know fraud is fraud. The taking of something that does not belong to us is theft. But, I must say, it is so human to fudge on expense reports. We think things like: If I drove 355 miles, isn’t it okay to round up to 375? After all, I forgot to turn on my distance gauge until I was at least three miles out of town. Such rationalizations are easy to come by.

It always amazes me that executives–making six figures–are willing to jeopardize their positions for a few measly dollars. But C-suite employees commit expense report fraud just like new-hires. You might remember the Health and Human Services Secretary once resigned over questions about travel. While the Secretary was not accused of expense report fraud, it’s an example of how powerful people can abuse the use of travel privileges and, in this case, cost his employer (the federal government) money.

So how do people inflate their expense reports?

  • Inflating mileage
  • Filing the same receipt multiple times
  • Asking for advances and then requesting a second payment after returning from the trip
  • Submitting receipts of a nonemployee (e.g., spouse)
  • Submitting hotel reservation printouts (with projected cost) but not spending the night there

The Control Weakness

Usually, the weakness is that no one is properly reviewing the expense reports. Also, the company may not appropriately communicate the penalties (what happens when fraud is detected) for false reporting.

Correcting the Control Weakness

Create a written expense report policy that all employees sign, acknowledging their agreement to abide by the guidance.

The person reviewing the expense reports should be trained. He needs to know what is acceptable–and what is not. And most importantly, the person reviewing expense reports must be supported by the leadership of the entity–he has to know that the CEO or board chair has his back. (It’s difficult to stand up to high-level employees unless the reviewer knows the leader supports him.)

See a list of my other fraud-related articles.

1 2 3 6
>