Some fraudsters funnel money into fake bank accounts. Today, I show you how one controller did so and walked away with millions—and then hid on the Appalachian Trail.
In May 2015 James Hammes was arrested for the theft of $8.7 million from his former employer, G&P Pepsi-Cola Bottlers. After Mr. Hammes was confronted about the theft in February 2009, he left his home and hid on the Appalachian Trail, which runs from Georgia to Maine. Hammes assumed a hiking name of “Bismarck” and spent several years on the popular trail. Fellow hikers enjoyed Bismarck since he seemed to be one of them.
So how did he steal the money?
The FBI reported the following:
Court documents show that Hammes’ embezzlement began around 1998. As a controller, he was responsible for all financial accounting and internal controls for his division, including supervising accounts payable to several hundred outside vendors. He carried out the fraud by establishing a new bank account for an existing vendor at a different bank. He then deposited hefty payments to that vendor—often $100,000 at a time—in the phantom account that he alone controlled. He then could transfer money from the phantom account to his personal accounts.
“He knew how to cover his tracks by manipulating audits and ledger entries,” Jones said. “He got away with it for so long because he knew how to manipulate his subordinates and how not to raise accounting red flags.”
So, Hammes opened a fraudulent bank account at a bank that the vendor did not use and deposited vendor checks into that account. Then he transferred funds out of the fraudulent bank account to himself. Since he opened the account, he was the authorized check signer. Simple but effective.
You may be wondering how the theft could occur so long without detection.
If extra payments were made to vendors (and it appears that occurred), then the company may not have been reviewing vendor payments. If appropriate controls are not in place, it’s easy for a fraudster to make fraudulent vendor payments without detection, especially if hundreds of monthly checks are processed.
Also, it appears the company may have lacked sufficient segregation of duties since Hammes was able to disburse extra vendor payments without detection.
Periodically, review the total payments made to each vendor. For example, generate the total monthly payments made to XYZ Company. Then compare the monthly payments over a two to three year period. If payments increase greatly, then someone within the company may be making additional payments and stealing those checks. Or there may a legitimate reason for the increase. Either way, it’s wise to review vendor payments for anomalies.
Another test you can perform is to look for multiple addresses for the same vendor. There may be legitimate reasons for more than one address, but you want to create a list of vendor addresses and verify that they are appropriate. The same is true for electronic vendor payments: see if there are multiple bank accounts you are wiring payments to. Then determine if these are appropriate. Additionally, obtain the physical address of each vendor and determine if the company is real. Do not accept P.O. Box addresses for verification purposes; again, you need to know if the company exists. (See my article Fictitious Vendor Fraud: How to Prevent It.)
If your company pays hundreds of vendors, you may want your internal audit (or external auditors) to periodically test vendor payments for appropriateness. Tell your payables personnel this will be done from time to time on a surprise basis. This will help keep them honest.
Maybe with these controls, you can prevent payments to fake bank accounts and keep your employees off the Appalachian Trail.
For more information about auditing payables, see my article Auditing Accounts Payable and Expenses: A Guide.
Get my free accounting and auditing digest with the latest content.
Charles Hall is a practicing CPA and Certified Fraud Examiner. For the last thirty years, he has primarily audited governments, nonprofits, and small businesses. He is the author of The Little Book of Local Government Fraud Prevention and Preparation of Financial Statements & Compilation Engagements. He frequently speaks at continuing education events. Charles is the quality control partner for McNair, McLemore, Middlebrooks & Co. where he provides daily audit and accounting assistance to over 65 CPAs. In addition, he consults with other CPA firms, assisting them with auditing and accounting issues.
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.