Category Archives for "Fraud"

management override of internal controls
Nov 11

Management Override of Internal Controls

By Charles Hall | Auditing , Fraud , Risk Assessment

Management can override internal controls, resulting in fraudulent financial reporting. Below I provide examples of management override of internal controls and how you can audit for these potential threats. 

Controls can be overridden, even when properly designed and operating. Accounting personnel usually comply with the wishes of management either out of loyalty or fear. So if a trusted C.E.O. asks the accounting staff to perform questionable actions, they will sometimes comply because they trust the leader. Alternatively, management can threaten accounting personnel with the loss of their jobs if they don’t comply. Either way, management gets what it wants by overriding internal controls. 

Examples of Management Override of Internal Controls

Here are examples of management override of internal controls:

  1. Booking journal entries to inflate profits or cover up theft
  2. Using significant transactions outside the normal course of business to dress up the financial statements
  3. Manipulating estimates 
  4. Transferring company cash to their personal accounts 

Auditors consider management override in all audits (or at least, they should). Why? Because it’s always possible. That's why audit standards require that we respond to the risk of management override in all audits. 

First, let’s consider how management overrides controls with journal entries.

1. Journal Entry Fraud

Think about the WorldCom fraud. Expenses were capitalized to inflate profits. Income statement amounts were moved to the balance sheet with questionable entries. Once the fraud was discovered, the internal auditors were told the billion-dollar entries were based on what management wanted. The entries were not in accordance with generally accepted accounting principles. And why was this done? To increase stock prices. Management owned shares of WorldCom, so they profited from the climbing stock values. The fraud led to prison sentences and the demise of the company, all because of management override. 

Journal entries are an easy way to override controls. Consider this scenario: Management meets at year-end, and they have not met their goals; so they manipulate earnings by recording nonexistent receivables and revenues, or they record revenues before they are earned. For example, management accrues $10 million in fake revenue, or they book January revenues in December. 

Journal Entry Testing

Auditors should test journal entries for potential fraud, but how? First, understand the normal process for making journal entries: who makes them, when are they made, and how. Also, inquire about journal entry controls and consider any fraud incentives, such as bonuses related to profits. Then think about where fraudulent entries might be made and test those areas. Fraudulent journal entries are often made at year-end, so make sure you test those. Here are some additional journal entry test ideas:

  • Examine entries made to seldom-used accounts
  • Review consolidating entries (also known as top-side entries)
  • Test entries made at unusual hours (e.g., during the night) 
  • Vet entries made by persons that don’t normally make journal entries
  • Look at suspense account entries
  • Review round-dollar entries (e.g., $100,000)
  • Test entries made to unusual accounts

You don’t need to perform all of the above tests, just the ones that are higher risk in light of journal entry controls and fraud incentives. Data mining software can be helpful in vetting journal entries. For example, you can search for journal entries made by unauthorized persons. Just extract all journal entries from the general ledger and group them by persons making the entries; thereafter, scan the list for unauthorized persons. 

Fraudulent journal entries are not the only way to override controls. The books can be cooked with related party transactions. 

2. Funny Business

Sometimes, as an auditor, you’ll see funny transactions. No, I don’t mean they are amusing. I mean they are unusual. Management can alter profits with transactions outside the normal course of business, and these are often related party transactions. 

For example, Burning Fire, an audit client, is owned by Don Jackson. Mr. Jackson also owns another business, Placid Lake. As you are auditing Burning Fire, you see it received a check for $10 million dollars from Placid Lake. So you ask for transaction support, but there is little. The CFO says the payment was made for “prior services rendered,” but it doesn’t ring true. This could be fraud and is an example of a transaction outside the normal course of business. Why would a company record such an entry? Possibly to bolster Burning Fire’s financial statements. When you see such a transaction, consider whether a fraud incentive is present. For example, do loan covenants require certain financial ratios and does this transaction bring them into compliance? 

Next, we look at how management can juice up profits by manipulating estimates. 

management override of internal controls

3. Manipulating Estimates

Auditing standards require a retrospective review of estimates as a risk assessment procedure. Why? Because management can manipulate estimates to inflate earnings and assets. Auditing standards call such tendencies bias, a sign that fraudulent financial reporting might exist. That’s why auditors review prior estimates and related results. 

For instance, suppose a company has a policy of reserving 90% of receivables that are ninety days or older. If at year-end the greater-than-ninety-days bucket contains $1,000,000, management can increase earnings $400,000 by lowering the reserve to 50%. What an easy way to increase net income! 

Retrospective Review of Estimates

So, how does an auditor perform a retrospective review of an allowance for uncollectible accounts? Compare the year-end reserve with that of the last two or three years. If the reserve decreases, ask why. There might be legitimate reasons for the decline. But if there is no reasonable basis for the smaller allowance, bias could be present. Note such changes in your risk assessment summary. For example, in the accounts receivable section, you might say: The allowance for uncollectible accounts appears to have decreased without a reasonable basis. Why? Because you’ve identified a fraud risk that deserves attention. 

Complex estimates are easier to manipulate without detection than simple ones. Why? Because intricate estimates are harder to understand, and complexity creates a smokescreen, making bias more difficult to spot. As an example, consider pension plan assumptions and estimates. Very complex. And changes in the assumptions can dramatically affect the balance sheet and net income. 

Now, let's look at how to document your retrospective review. 

Documenting Your Retrospective Review

Document your retrospective review. How? List the current and prior year estimates and explain the basis for each. Also, examine the results of the prior year estimates. For example, compare the current year bad debts with the prior year uncollectible allowance. Additionally, consider including incentives for manipulating profits such as bonuses. 

Label the workpaper Retrospective Review of Estimates to communicate its purpose. Also, consider adding purpose and conclusion statements such as:

  • Purpose of workpaper: To perform a retrospective review of estimates to see if bias is present.
  • Conclusion: While the allowance estimate is higher in the current year, the judgments and assumptions are the same. It does not appear that bias is present. All other prior year estimates appear reasonable. 

Other conclusion examples follow:

  • Conclusion: The rate of return used in computing the pension liability increased by 1%. The increase does not appear to be warranted given the mix of investments and past history. Bias appears to be present and is noted in the risk assessment summary form (in the payroll and benefits section).
  • Conclusion: Based on our review of the economic lives of assets in the prior year depreciation schedule, no bias is noted.
  • Conclusion: We reviewed bad debt write-offs in the current year and compared them to the uncollectible allowance in the prior year. No management bias is noted.

Is there another way that management might override controls? Yes, sometimes management requires accounting personnel to transfer company cash to personal bank accounts. 

4. Transferring Company Cash to Personal Accounts

Years ago I audited a hospital in Alabama. The C.E.O. would sometimes go to Panama City Beach, and while there, direct his accounting staff to wire funds to his personal account—and they did. Why? The threat of losing their jobs. Some management personnel, especially those with muscle, can intimidate the accounting employees into doing the unbelievable. I’ve seen this happen and once the C.E.O. is called out, he pretends to know nothing about the prior conversations with accounting.  

Management Override of Internal Controls

In your future audits, consider that management override of internal controls is always a possibility.

So don't allow yourself to believe that management is too honest to commit fraud. (A personal friend of mine just went to jail for stealing $3.5 million; he was part of the company's management team. I've known him for twenty years, so I was stunned to hear this.) Conduct your audits to detect material misstatements, including fraud--even if you've known the management team for many years. 

Payment fraud tests
Jul 21

Payment Fraud Tests: Five Powerful Ideas

By Charles Hall | Auditing , Fraud

Are you looking for payment fraud tests? Ways to detect fraudulent payments and create unpredictable tests. Here’s your article.

You are leading the audit team discussion concerning disbursements, and a staff member asks, “Why don’t we ever perform fraud tests? It seems like we never introduce elements of unpredictability.”

You respond by saying, “Yes, I know the audit standards require unpredictable tests, but I’m not sure what else to do. Any fresh ideas?”

The staff member sheepishly responds, “I’m not sure.”

And you are thinking, “What can we do?”

Payment fraud tests

Five Payment Fraud Tests

Here are five payment fraud tests that you can perform in most any audit.

1. Test for duplicate payments

Why test for duplicate payments?

Theft may occur as the accounts payable clerk generates the same check twice, stealing and converting the second check to cash. The second check may be created in a separate check batch, a week or two later. This threat increases if (1) checks are signed electronically or (2) the check-signer does not normally examine supporting documentation and the payee name.

How can you test for duplicate payments?

Obtain a download of the full check register in Excel. Sort by dollar amount and vendor name. Then investigate same-dollar payments with same-vendor names above a certain threshold (e.g., $25,000).

2. Review the accounts payable vendor file for similar names

Why test for similar vendor names?

Fictitious vendor names may mimic real vendor names (e.g., ABC Company is the real vendor name while the fictitious name is ABC Co.). Additionally, the home address of the accounts payable clerk is assigned to the fake vendor (alternatively, P.O. boxes might be used).

The check-signer will probably not recognize the payee name as fictitious.

How can you test for similar vendor names?

Obtain a download of all vendor names in Excel. Sort by name and visually compare any vendors with similar names. Investigate any near-matches.

3. Check for fictitious vendors

Why test for fictitious vendors?

The accounts payable clerk may add a fictitious vendor. What address will be entered for the fictitious vendor? You guessed it: the payable clerk’s home address (or P.O. Box).

Pay particular attention to new vendors that provide services (e.g., consulting) rather than physical products (e.g., inventory). Physical products leave audit trails; services, less so.

How can you test for fictitious vendors?

Obtain a download in Excel of new vendors and their addresses for a period of time (e.g., month or quarter). Google the business addresses to check for validity. If necessary, call the vendor. Or ask someone familiar with vendors to review the list (preferably someone without vendor set-up capabilities).

YouTube player

4. Compare vendor and payroll addresses

Why compare vendor and payroll addresses?

Those with vendor-setup ability can create fictitious vendors associated with their own home address. If you compare all addresses in the vendor file with addresses in the payroll file, you may find a match. (Careful – sometimes the match is legitimate, such as travel checks being processed through accounts payable.) Investigate any suspicious matches.

How can you test for the same vendor and payroll addresses?

Obtain a download in Excel of (1) vendor names and addresses and (2) payroll names and addresses. Merge the two files; sort the addresses and visually inspect for matches.

5. Scan all checks for proper signatures and payees

Why test checks for proper signatures and payees?

Fraudsters will forge signatures or complete checks with improper payees such as themselves.

How can you test for proper signatures and payees?

Pick a period of time (e.g., two months), obtain the related bank statements, and scan the checks for appropriate signatures and payees. Also, consider scanning endorsements (if available).

Your Payment Fraud Tests

Those are a few of my payment fraud tests. Please share yours.

Need additional ideas regarding how fraud might occur. Check out my post: 25 Ways Fraud Happens.

My fraud book provides more insights into why fraud occurs, how to detect it, and–most importantly–how to prevent it. Check it out on Amazon by clicking here. The book focuses on local government fraud, but most of the information is equally applicable to small businesses.

receipt fraud test for auditors
May 08

Three Receipt Fraud Tests

By Charles Hall | Asset Misappropriation

Today I provide three receipt-fraud tests for auditors. 

The audit standards require that we introduce elements of unpredictability. Additionally, it’s wise to perform fraud tests. But I find that auditors struggle with brainstorming (required by AU-C 240, Consideration of Fraud in a Financial Statement Audit) and developing fraud tests. That’s why I wrote Five Disbursement Fraud TestsIt’s also why I am providing this post.

So, let’s jump in. Here are three receipt-fraud tests.

receipt-fraud tests for auditors

Three Receipt-Fraud Tests

1. Test adjustments made to receivables

Why test?

Receipt clerks sometimes steal collected monies and write off (or write down) the related receivable. Why does the clerk adjust the receivable? So the customer doesn’t receive a second bill for the funds stolen. 

How to test?

Obtain a download of receivable adjustments for a period (e.g., two weeks) and see if they were duly authorized. Review the activity with someone outside the receivables area (e.g., CFO) who is familiar with procedures but who has no access to cash collections.

If there are multiple persons with the ability to adjust receivable accounts (quite common in hospitals), compare weekly or monthly adjustments made by each employee.

Agree receipts with bank deposits.

2. Confirm rebate (or similar type) checks

Why test?

When rebate checks are not sent to a central location (e.g., receipting department), the risk of theft increases. Rebate checks are often not recorded as a receivable, so the company may not be aware of the amounts to be received. Stealing unaccrued receivable checks is easy.

How to test?

Determine which vendors provide rebate checks (or similar non-sales payments). Send confirmations to the vendors and compare the confirmed amounts with activity in the general ledger.

Theft of rebate checks is more common in larger organizations (e.g., hospitals) where checks are sometimes received by various executives. The executive receives a check in the mail and keeps it for a while (in his desk drawer – in case someone asks for it). Once he sees that no one is paying attention, he steals and converts the check to cash.

3. Search for off-the-book thefts of receipts

Why test?

The fraudster may bill for services through the company accounting system or an alternative set of accounting records and personally collect the payments.

How to test?

Compare revenues with prior years and investigate significant variances. Alternatively, start with source documents and walk a sample of transactions to revenue recognition, billing, and collection.

Here are a few examples of actual off-the-book thefts:

Police Chief Steals Cash

An auditor detected a decrease in police-fine revenue in a small city while performing audit planning analytics. Upon digging deeper, he discovered the police chief had two receipt books, one for checks that were appropriately deposited and a second for cash going into his pocket. Sometimes, even Andy Griffith steals.

Hospital CFO Steals Cash

hospital CFO, while performing reorganization procedures, set up a new bank account specifically for deposit of electronic Medicaid remittances. He established himself as the authorized bank account check-signer.

The CFO never set up the bank account in the general ledger. As the Medicaid money was electronically deposited, the CFO transferred the funds to himself.  What was the money used for? A beautiful home on Mobile Bay, new cars, and gambling trips.

Another Receipt Fraud to Consider

Sometimes it’s not the front-desk receipt clerk that steals. Surprisingly, your receipt supervisor can be on the take. So, consider that receipt theft takes place up-front and in the back-office.

Ways Fraud Happens
Jul 13

25 Ways Fraud Happens: Audit Brainstorming

By Charles Hall | Fraud

As auditors perform their fraud brainstorming, it helps to have ideas to consider. So today I provide you with 25 ways fraud happens. 

Ways Fraud Happens

25 Ways Fraud Happens

Here’s a list of common company thefts:

  1. Collection clerk steals cash prior to recording it
  2. Collection clerk steals cash after recording a customer receipt; he voids the receipt and adjusts (writes down) the customer’s account
  3. Collection clerk places a personal check (for $5,000) in the cash drawer and takes an equivalent amount of cash; the clerk leaves the check in the drawer for months—in effect the clerk has an unauthorized loan
  4. The cash collections supervisor steals cash after receiving funds from collection clerks but before the money is deposited; she adjusts the related bank reconciliation by the amount stolen
  5. The person opening the mail steals checks before they are receipted; these amounts had not previously been recorded as a receivable
  6. Employees steal capital assets (knowing that no one performs periodic inventories)
  7. Employees use company credit cards for personal purchases but code the transactions as company expenses
  8. Accounts payable clerks cut checks to themselves (or to an accomplice) but record the check as company expenses; the check signatures are forged
  9. Accounts payable clerks establish fictitious vendors using their own addresses, a P.O. Box, or that of an accomplice; payments are made to the fictitious vendor and covered up with fictitious invoices; the checks are signed electronically as they are printed
  10. Accounts payable employee intentionally double-pays an invoice, then requests that the vendor refund the extra payment (with the refund going directly to the payable clerk)—check is converted to personal use
  11. Payroll personnel increase the pay rate—in the master pay rate file—for themselves or for friends working in the company
  12. Payroll personnel pay themselves (or friends) twice for each payroll
  13. Payroll personnel purposefully overpay withholding taxes and inflate the withholding amount on their own W-2, resulting a tax refund that includes the excess payments
  14. Purchasing department personnel are bribed by a vendor; the vendor recoups the bribe costs by inflating its subsequent invoices
  15. State, city, county elected officials are bribed; the vendor recoups the bribe costs by inflating its subsequent invoices
  16. Vendors give favors (e.g., free vacations) to those with the power to buy—commonly called a gratuity; vendor recoups the cost of the favors by inflating its subsequent invoices
  17. CEO orders accounts payable staff to make payments to himself (with an implied threat); payments are coded in a manner that hides the payment
  18. Money is wired by the CFO to the CFO but is recorded as a legitimate expense using a journal entry
  19. Money is wired to the CFO who then leaves the country without trying to cover up the theft
  20. The CEO or CFO makes payments to someone who is threatening their life or is blackmailing them; the expense is coded as legitimate
  21. A secret bank account is opened in the name of the business by the CFO but the sole authorized check signer is the CFO; checks are made from a legitimate business bank account to the secret bank account; the CFO writes checks to himself from the secret account
  22. A sales person steals rebate checks that belong to the company; she deposits the checks into her personal bank account by writing “pay to the order of…” on the back of the check
  23. The payables clerk writes a manual check to himself and then records the check with a journal entry that reflects a legitimate vendor
  24. The CFO inflates revenue at year-end with fictitious journal entries; stock prices go up; the CFO sells personally-owned company stock, then the CFO reverses the year-end accruals
  25. The inventory clerk steals stock and covers the theft by altering the inventory records

Fraud Brainstorming for Auditors

In performing your fraud brainstorming, consider printing out this list and seeing if any of these thefts are relevant to your audit.

How to prevent payroll fraud
Jul 06

How to Prevent Payroll Fraud

By Charles Hall | Fraud

Do you know how to prevent payroll fraud? Today we take a look at how you can protect your business.

Direct deposit of payroll checks can open the door to theft. Also when one person is in control of payroll processes, danger lurks.

prevent payroll fraud

Picture is courtesy of DollarPhotoClub.com

I was teaching a fraud prevention class this past Friday, and one of the participants, a school payroll clerk named Dawn, asked me to address how fraud might occur in her department. So I asked her a series of questions.

“Does your school use direct deposit?” She answered yes.

“Do you fully control the issuance of W-2s?” Dawn said yes.

“Who adds the direct deposit information to your payroll software?” She answered, “I do.”

“Can anyone else change the direct deposit file?” Her answer was no.

“Who controls the master pay rate file?” Here again, she was the only one who had rights to this payroll function.

Then I asked Dawn if she reconciles the bank statement. She said that Randy, a gentleman sitting in front of her, reconciles the account. I was also told that they have hundreds of employees.

How Can Dawn Steal?

I told the class that a person in Dawn’s position could steal in multiple ways. Here are a few:

  • She can leave a terminated employee on the payroll and change that person’s bank account number to her own, allowing her to receive all payroll payments for the discontinued staff member. Then, she can also alter the related W-2s to cover her tracks.
  • She can change the master pay rate of any employee, including herself.
  • She can inflate the hours worked for any employee.

Prevent Payroll Fraud

After pointing out the flaws in internal control, I asked the class how they would reduce these threats. Angela (another student) sang out: “Create transparency by allowing another person to review or see what the payroll clerk is doing.” (This made me smile since I had been preaching this idea all morning.)

To lessen the threat of fraud, always ask, “how can I create transparency?” The answer will almost always involve allowing another individual to monitor the work of the primary persons in the process. And I am not proposing that this observing person be present 24/7—just that she periodically review the activity of the primary person (e.g., payroll clerk). 

The monitoring person can be someone that works with the entity or someone from the outside (e.g., external CPA). Here are sample fraud prevention measures for the above-described threats:

  • Download all the payroll records, including each employee and direct deposit bank account number; sort for identical bank account numbers (a same bank account number may mean that a terminated employee was left on the payroll, and their deposits are being routed to another person such as the payroll clerk)
  • Have someone (other than the payroll clerk) pull the payroll personnel files for twenty employees and then compare the authorized pay rates (in the personnel file) to the payroll master file (in the software); tell the payroll clerk that this procedure will occur with some frequency and will happen without notice
  • For hourly employees, have someone (other than the payroll clerk) pull the reported hours for two departments and review for appropriateness; inquire of the department head regarding any higher-than-normal hours
  • Examine the W-2s of the payroll personnel
  • Print a budget to actual salary report or a current year/prior year comparison of wages; provide the same to the governing body
  • Report findings from these procedures to the governing body; do this at least once per year (regularity makes the payroll personnel think twice about theft)

Take Away

By the way, the payroll clerk was the only person with access to the payroll master file. This is not necessarily a bad thing. You want to limit the number of persons with access to payroll master file, but a second person should monitor the payroll clerk’s inputs into the payroll software.

So how can you prevent payroll fraud? Think about your own payroll system. Are there any potential threats to your payroll system? Also, be aware of ghost employees.

If you’ve seen payroll fraud, please share a comment about how it happened.

If you are interested in more information about white-collar crime, check out my other fraud prevention articles.

>