Fashioning a fraud: analysis of expense patterns exposes crime.[ILLUSTRATION OMITTED] EXECUTIVE SUMMARY * Businesses must clearly define the roles and responsibilities of employees who sign expense reports and those who process the reports. That should eliminate confusion about whether a manager's signature means that the individual is authorizing the expenses as reasonable business expenses or signifies that the manager reviewed the report and supporting detail and attests to the validity of the expenses. * Travel and expense transactions should be reviewed randomly for evidence of compliance with corporate policy, proper authorization and approval and the overall reasonableness of expenses. Internal auditors Internal auditor An employee of a company who analyzes the company's accounting records to that the company is following and complying with all regulations. should also conduct periodic reviews of the activities of employees with the highest expense reimbursement Reimbursement Payment made to someone for out-of-pocket expenses has incurred. totals. * Duties such as signing expense reports and monitoring /managing the budget should be segregated, A fraudster fraudster Noun a person who commits a fraud; swindler given both of those responsibilities can attempt to bury questionable expenses in under-budget categories. ********** This is the story of how a travel and expense report audit exposed a fraudster who siphoned money from the fashion company where she worked to fund her own lavish spending. The fraudster, Bobbie Jean Donnelly, had taken advantage of a lack of adequate controls over her division's budget and a lax system for reviewing expenses. The company's internal audit team detected her crime by analyzing patterns in a year's worth of reports from employees with the highest travel and expense bills. Donnelly was hired as an administrative assistant to the manager of a Los Angeles-based design division for a multibillion-dollar retail corporation. Based on her strong performance, she was quickly promoted to office manager for the division. In addition to managing her boss's needs, she supervised support personnel and prepared and oversaw o·ver·saw v. Past tense of oversee. the design department's budget. Her manager gave her the responsibility to provide the first level of expense report review. He relied on her to ensure that the expenses were valid before he signed them. On a few occasions, he even asked her to sign the expense reports on his behalf. As the business grew, management decided it was time to build a traditional internal audit department. That's where I came in. My internal audit team was conducting a routine travel and expense audit. We developed an audit program designed to ensure that employees were following the corporate travel and expense policy and that adequate internal controls for the processing and payment of expense reports were in place and operating effectively The team assembled a sample of individuals and transactions to test. The individuals were selected from the population of employees who submitted the highest dollar amounts over the course of the year for reimbursement. The transactions were selected randomly across the total population of submitted expenses. The approach and criteria used to audit the individuals differed significantly from the approach used to audit the transactions. The transactions were reviewed for compliance with the policy, proper authorization and approval, and overall reasonableness of the expense. That work yielded some audit exceptions--mostly small and isolated--but no major surprises. The more interesting results of the work came from the review of individuals. We looked at the reasonableness of the expenses based on the employee's role in the company and searched for any patterns of activity that seemed unusual. We quickly identified a group of individuals who routinely submitted their American Express American Express (NYSE: AXP), sometimes known as "AmEx" or "Amex", is a diversified global financial services company, headquartered in New York City. The company is best known for its credit card, charge card and traveler's cheque businesses. bills for reimbursement instead of submitting detailed receipts of individual expenses. A closer look revealed that many employees were submitting expenses twice. The bills began to show a pattern--one month of charges, the next month a late fee with old charges and new charges combined. It didn't take long for us to determine that the activity was coming from one area of the business--the design department. Several individuals had devised very inventive ways of submitting expenses for reimbursement. In some cases, employees submitted the same receipt multiple times but altered the size of the tip and total amount on each of the documents to make the duplication less obvious. I asked my lead auditor to gather all the expense reports for employees in that division. Several of the Los Angeles-based employees routinely traveled to New York New York, state, United States New York, Middle Atlantic state of the United States. It is bordered by Vermont, Massachusetts, Connecticut, and the Atlantic Ocean (E), New Jersey and Pennsylvania (S), Lakes Erie and Ontario and the Canadian province of on business and submitted New York City New York City: see New York, city. New York City City (pop., 2000: 8,008,278), southeastern New York, at the mouth of the Hudson River. The largest city in the U.S. taxi receipts for reimbursement, a legitimate expense. Upon examination of the actual taxi receipts, we noticed multiple receipts that appeared to come from the same taxi on the same day. New York City taxis taxis (tăk`sĭs), movement of animals either toward or away from a stimulus, such as light (phototaxis), heat (thermotaxis), chemicals (chemotaxis), gravity (geotaxis), and touch (thigmotaxis). are regulated and have electronic meters that print receipts. The receipts all show the taxi medallion number and the trip number. We found multiple receipts had sequential trip numbers from the same day. This seemed suspicious. The time stamps See timestamp. had small gaps between the end time of the receipt first in sequence, and the start time of the receipt next in sequence. The employee who had run up the highest expenses was the office manager, Bobble bob·ble v. bob·bled, bob·bling, bob·bles v.intr. To bob up and down. v.tr. To lose one's grip on (a ball, for example) momentarily. n. A mistake or blunder. Jean Donnelly. She had charged about $115,000 over the previous year, while her manager had submitted about $40,000 in expenses. It seemed strange that Donnelly's expenses would be so much higher than her manager's. I met with our general counsel and informed him of what we had identified in the audit. He agreed that we needed to conduct a thorough investigation of the design team's expenses, especially Donnelly's activities. To search for red flags in the expense reports, my lead auditor and I used data analysis software to sift through the data. The software allowed us to identify duplicate amounts and isolate the expense reports that we needed to review in tandem Adv. 1. in tandem - one behind the other; "ride tandem on a bicycle built for two"; "riding horses down the path in tandem" tandem . The expense reports were on paper and were voluminous, but we believed it would be worthwhile to invest the time of some members of our team to help build a database of the expense detail to facilitate the review. That investment paid off. Without the software we would never have identified that many of the expenses submitted multiple times for reimbursement were filed over the course of many months. Tools that could be used to examine and parse such data include IDEA Data Analysis Software, Audit Command Language According to the Internal Auditor magazine, Audit Command Language ACL is "the most widely used data extraction and analysis product" and "the most widely used product for fraud detection and prevention" used in audit profession. (ACL See access control list. 1. ACL - Access Control List. 2. ACL - Association for Computational Linguistics. 3. ACL - A Coroutine Language. A Pascal-based implementation of coroutines. ["Coroutines", C.D. ), Excel, Access, SQL SQL in full Structured Query Language. Computer programming language used for retrieving records or parts of records in databases and performing various calculations before displaying the results. , SAS--generally any database or query software. We separated the duplicates and, in some cases, expenses that were submitted numerous times. We found that Donnelly and four other design division employees were routinely submitting expenses multiple times for reimbursement. Our review linked Donnelly to about $12,000 in false expenses. But I had a nagging feeling about the sheer amount of expenses she was submitting, so I ran additional analyses on her expenses to aggregate them by category. I was surprised to see that the majority of her purchases were samples, items that design team members, who traveled extensively searching for inspiration for new product lines, purchased as part of their research and development. Using the audit software, I extracted all travel-related expenses Donnelly submitted to see if the sample purchases correlated to trips that other design team members took. I found that they did. It also appeared that her manager had sent her to Italy to recruit interns  This article or section is written like an .Please help [ rewrite this article] from a neutral point of view. Mark blatant advertising for , using . for the company Donnelly had submitted more than $6,000 in expenses for this one-week trip. It seemed that she had wined and dined the students at the finest restaurants in Italy. In reality, there was no recruiting trip. Those expenses coincided with a vacation that Donnelly and her husband took to Italy FLAWS IN THE SYSTEM The company's expense reporting process required individuals to describe the business purpose of an expense and have their manager sign off on the actual expense report. Donnelly's boss was amazed a·maze v. a·mazed, a·maz·ing, a·maz·es v.tr. 1. To affect with great wonder; astonish. See Synonyms at surprise. 2. Obsolete To bewilder; perplex. v.intr. by how accurately Donnelly forged his name on her fraudulent expense reports. Given the nature of its work, the design department's budget was made up of broad estimates of the types of expenses it would incur throughout the year. Some projects were specifically identified in the budgeting process, but there were general categories described only as "other" or "miscellaneous." Donnelly used these general categories to pad the budget in the planning process. By signing the expense reports on her manager's behalf and monitoring budget-to-actual variances each month, she could submit her fraudulent expenses coded to a budget line that was running below budget so that her manager would never detect the activity The final tally of Donnelly's fraud was approximately $275,000 over two and a half Editor's Note Editor's Note (foaled in 1993 in Kentucky) is an American thoroughbred Stallion racehorse. He was sired by 1992 U.S. Champion 2 YO Colt Forty Niner, who in turn was a son of Champion sire Mr. Prospector and out of the mare, Beware Of The Cat. Trained by D. : This article is an excerpt ex·cerpt n. A passage or segment taken from a longer work, such as a literary or musical composition, a document, or a film. tr.v. ex·cerpt·ed, ex·cerpt·ing, ex·cerpts 1. from Fraud Casebook A printed compilation of judicial decisions illustrating the application of particular principles of a specific field of law, such as torts, that is used in Legal Education to teach students under the Case Method system. : Lessons From the Bad Side of Business, a collection of case studies edited by JofA contributing editor A contributing editor is a magazine job title that varies in responsibilities. Most often, a contributing editor is a freelancer who has proven ability and readership draw. Joseph T. Wells and published in July by John Wiley John Wiley may refer to:
years. Almost 95% of her submitted expenses were false. The biggest category of her fraudulent expenses was samples, which she was not authorized to buy. Donnelly's manager recognized many of her expensed purchases as items that she wore regularly to work. Her purchases included a pair of $750 Jimmy Choo This article is about the shoe designer. For the company bearing his name, see Jimmy Choo Ltd. Dato' Jimmy Choo OBE, born Jimmy Choo Yeang Keat, [1] is a London-based luxury fashion designer best known for his hand-made women's shoes. shoes, $875 for a Hermes scarf and $1,250 for a Prada wallet. Donnelly and other design department employees who had abused the expense report system were terminated. Our investigation was unable to determine if a link existed between Donnelly's actions and the travel and expense fraud of other employees in the department. The company's general counsel and I took our findings to the district attorney's office, which agreed to prosecute Donnelly. At first, she was adamant about her innocence and refused to consider a plea agreement. Donnelly's manager and I testified before a grand jury that indicted INDICTED, practice. When a man is accused by a bill of indictment preferred by a grand jury, he is said to be indicted. her. Ultimately, she accepted a plea to a charge of grand larceny A category of larceny—the offense of illegally taking the property of another—in which the value of the property taken is greater than that set for petit larceny. At Common Law, the punishment for grand larceny was death. , a felony that came with a sentence of one to three years in prison. Donnelly served approximately three months of that time in jail. CORRECTIVE ACTION A corrective action is a change implemented to address a weakness identified in a management system. Normally corrective actions are instigated in response to a customer complaint, abnormal levels if internal nonconformity, nonconformities identified during an internal audit or When the case was over, I worked with the management team to recap the breakdowns in our systems and examine the lessons learned. Some changes the company made in the wake of the findings included: * Modifying travel and expense policies to be more detailed with respect to sup porting documentation for expenses. The company now requires original documentation and prohibits credit card statements and photocopies. Such requirements prevent employees from submitting duplicate expenses for reimbursement. * The company also now requires all employees to use a corporate credit card for business expenses. This significantly reduces the amount of expenses for which people claim to have paid cash and reduces their ability to split the credit card receipt from the detailed receipt and submit both for reimbursement. * Both the internal audit team and the travel and expense team within accounts payable have expanded the use of audit software to proactively look for warning signs of fraud in T&E data. The T&E team also developed auditing protocols to increase efficiency in auditing T&E data. Quarterly, team members separate big spenders Noun 1. big spender - one who spends lavishly and ostentatiously on entertainment; "the last of the big spenders" high roller scattergood, spend-all, spendthrift, spender - someone who spends money prodigally from the rest of the population to look for patterns that appear odd. Weekly, they randomly select expense reports to review against a set of audit criteria. Practical Tips * Never ask anyone in a business setting to reproduce your signature on any kind of document, even something as seemingly benign as a birthday card. Such a request can trigger claims that the individual was authorized to sign documents for you and can undercut undercut, n 1. the portion of a tooth that lies between its height of contour and the gingivae, only if that portion is of less circumference than the height of contour. 2. your legal standing if the individual forges your signature in the course of a fraud. AICPA AICPA See American Institute of Certified Public Accountants (AICPA). RESOURCES CPE (Customer Premises Equipment) Communications equipment that resides on the customer's premises. CPE - Customer Premises Equipment * Auditing for Internal Fraud, a CPE self-study course (#730278). * Fraud and the Financial Statement Audit: Auditor Responsibilities, a CPE self-study course (#731814JA). For more information or to make a purchase, go to www.cpa2biz biz n. Informal Business. biz Noun Informal business Noun 1. .com, or call the Institute at 888-777-7077. Web site The Antifraud Resource Center, http://antifraud.aicpa.org. OTHER RESOURCES Web site The Association of Certified Fraud Examiners Established in 1988 the Association of Certified Fraud Examiners is the professional organization that governs professional fraud examiners. Its activities include producing fraud information, tools and training. Fraud Resource Center, www.acfe.com/fraud/fraud.asp. RELATED ARTICLE: Assessing fraud risk. by Joseph T. Wells and John D. Gill Every organization faces some risk of fraud from within. Fraud exposure can be classified into three broad categories: asset misappropriation misappropriation n. the intentional, illegal use of the property or funds of another person for one's own use or other unauthorized purpose, particularly by a public official, a trustee of a trust, an executor or administrator of a dead person's estate, or by any , corruption and fraudulent financial statements. Answering the following 15 questions is a good starting point Noun 1. starting point - earliest limiting point terminus a quo commencement, get-go, offset, outset, showtime, starting time, beginning, start, kickoff, first - the time at which something is supposed to begin; "they got an early start"; "she knew from the for sizing up a company's vulnerability to fraud and creating an action plan for lessening the risks. The questions are based on information from the 2007 edition of the Fraud Examiners Manual published by the Association of Certified Fraud Examiners. 1. Do one or two key employees appear to dominate the company? If control is centered in the hands of a few key employees, those individuals should be under heightened scrutiny for compliance with internal controls and other policies and procedures Policies and Procedures are a set of documents that describe an organization's policies for operation and the procedures necessary to fulfill the policies. They are often initiated because of some external requirement, such as environmental compliance or other governmental . 2. Do any key employees appear to have a close association with vendors? Employees with a close relationship to a vendor should be prohibited from approving transactions with that vendor. Alternatively, transactions between these parties should be reviewed on a regular basis for compliance with internal controls. 3. Do any key employees have outside business interests that might conflict with their job duties? Take the example of a 32-year-old sales representative who started a software company using his employer's time, equipment and facilities. The software company he worked for discovered that the employee demonstrated his own products to the company's customers. Ultimately, the employee diverted $500,000 in business away from his employer. The example illustrates why key employees should provide annual financial disclosures that list outside business interests. Many companies, particularly publicly traded companies publicly traded company A company whose shares of common stock are held by the public and are available for purchase by investors. The shares of publicly traded firms are bought and sold on the organized exchanges or in the over-the-counter market. , require such disclosures. Interests that conflict with the organization's interests should be prohibited. Organizations should implement an explicit policy that forbids employee business activities that directly compete with the operations of the organization. Employees who have something to hide may lie or omit o·mit tr.v. o·mit·ted, o·mit·ting, o·mits 1. To fail to include or mention; leave out: omit a word. 2. a. To pass over; neglect. b. key facts on the disclosure form, but requiring the step still has advantages, such as making it easier to fire workers who fail to reveal potential conflicts. If an employer can show that an employee had such an interest and failed to disclose it on an annual reporting form, the employee can be fired simply for failing to follow company policy. 4. Does the organization conduct pre-employment background checks to identify previous dishonest or unethical unethical said of conduct not conforming with professional ethics. behavior? Organizations should conduct pre-employment background checks before offering employment to any key applicant. The scope of a background check varies by position, but a general list to consider includes: criminal records and convictions; Social Security number verification; credit history; previous employment; employment references; personal references; education verification; professional license verification; driver's license Noun 1. driver's license - a license authorizing the bearer to drive a motor vehicle driver's licence, driving licence, driving license license, permit, licence - a legal document giving official permission to do something verification and driving history check; and civil records and judgments. Employers should ensure that legal requirements are met for the use of and access to the information. For companies that have failed to do background checks, post-hire screenings may be appropriate in some cases, but should be conducted on the advice of legal counsel. A number of legal issues come into play when employers consider screening workers who are already on the job. 5. Does the organization educate employees about the importance of ethics and anti-fraud programs? All employees should receive training on the ethics and anti-fraud policies of the organization. The employees should sign an acknowledgement that they have received the training and understand the policies. 6. Does the organization provide an anonymous way to report suspected violations of the ethics and anti-fraud policies? Organizations should provide employees, vendors and customers with a confidential system for reporting suspected violations of the ethics and antifraud policies. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. the 2006 ACFE Report to the Nation on Occupational Fraud and Abuse, frauds are most commonly detected by a tip. The greatest percentage of those tips comes from employees of the victim organization. In one instance, an anonymous tip received by a fraud hotline thwarted thwart tr.v. thwart·ed, thwart·ing, thwarts 1. To prevent the occurrence, realization, or attainment of: They thwarted her plans. 2. a fraud scheme that had drained approximately $580,000 from a business. The caller reported that the company's accounts payable manager was approving fictitious Based upon a fabrication or pretense. A fictitious name is an assumed name that differs from an individual's actual name. A fictitious action is a lawsuit brought not for the adjudication of an actual controversy between the parties but merely for the purpose of invoices from his own outside company. The tip clued in company management to the scheme and brought an abrupt end to the manager's windfall. The fraudster was terminated and arrested. The company ultimately recouped most of its losses. 7. Is job or assignment rotation mandatory for employees who handle cash receipts and accounting duties ? Job or assignment rotation should be considered for employees who work with cash receipts and accounting duties. The frequency of the rotation depends on the individual's responsibilities and the number of people available for the revolving duties. 8. Has the company established positive pay controls with its bank by supplying the bank with a daily list of checks issued and authorized for payment? One method for a company to help prevent check fraud is to establish positive pay controls by supplying its banks with a daily list of checks issued and authorized for payment. Banks verify items presented for payment against the company's list and reject items that don't appear on the list. The use of those controls foiled a fraud attempt by an employee and his accomplice accomplice: see accessory. , who worked for a check-printing company. The accomplice printed blank checks Blank check A check that is duly signed, but the amount of the check is left blank to be supplied by the drawee. with the account number belonging to the perpetrator's employer. The perpetrator A term commonly used by law enforcement officers to designate a person who actually commits a crime. then wrote more than $100,000 worth of forgeries on the counterfeit To falsify, deceive, or defraud. A copy or imitation of something that is intended to be taken as authentic and genuine in order to deceive another. A counterfeit coin is one that may pass for a genuine coin and may include a lower denomination coin altered so that it may checks. When the checks were presented to the bank for payment, they did not appear on the organization's list of expected payments. The bank refused to cash them. The organization was notified, and the fraudsters were arrested. 9. Are refunds, voids and discounts evaluated on a routine basis to identify patterns of activity among employees, departments, shifts or merchandise? Companies should routinely evaluate those transactions to search for patterns of activity that might signal fraud. 10. Are purchasing and receiving functions separate from invoice processing, accounts payable and general ledger General Ledger A company's accounting records. This formal ledger contains all the financial accounts and statements of a business. Notes: The ledger uses two columns: one records debits, the other has offsetting credits. functions ? Segregation of duties is an important control. The failure to segregate seg·re·gate v. seg·re·gat·ed, seg·re·gat·ing, seg·re·gates v.tr. 1. To separate or isolate from others or from a main body or group. See Synonyms at isolate. 2. these duties allowed one large, publicly traded company to be duped by a member of its managerial staff. The individual managed a remote location of the company and was authorized to order supplies and approve vendor invoices for payment. For more than a year, the manager routinely added personal items and supplies for his own business to orders made on behalf of his employer. The orders often included a strange mix of items. For instance, technical supplies and home furnishings were purchased in the same order. In addition to ordering personal items, the employee changed the delivery address for certain supplies so they were shipped directly to his home or side business. Because the manager was in a position to approve his own purchases, he could get away with such blatantly obvious frauds. The scheme cost his employer approximately $300,000 in unnecessary purchases. 11. Is the employee payroll list periodically reviewed for duplicate or missing Social Security numbers? Organizations should check the employee payroll list periodically for duplicate or missing Social Security numbers that may indicate a ghost employee or overlapping payments to current employees. 12. Are there policies and procedures addressing the identification, classification and handling of proprietary information? To help prevent the theft and misuse of intellectual property, the company should implement policies and procedures addressing the identification, classification and handling of proprietary information. 13. Do employees who have access to proprietary information sign nondisclosure agreements? All employees who have access to proprietary information should sign nondisclosure agreements. It is easier to sue for breach of a nondisclosure agreement than it is to sue for theft of information. Nondisclosure agreements afford companies legal options for the use of nonpublic information Nonpublic information Information about a company that is not known by the general public, which will have a definite impact on the stock price when released. See: Insider trading. , not simply for information that is considered a trade secret. In most states, companies without nondisclosure agreements may be limited to suing for theft of trade secret information. 14. Is there a company policy that addresses the receipt of gifts, discounts and services offered by a supplier or customer? Organizations should implement a policy that sets ground rules about employees accepting gifts, discounts and services offered by a supplier or customer. If no explicit policy is in place, employees may find themselves in ambiguous situations without clear ethical guidelines. For example, a city commissioner negotiated a land development deal with a group of private investors. After the deal was approved, the commissioner and his wife were rewarded by one of the investors with an all-expenses-paid international vacation. While the promise of the trip may have influenced the commissioner's negotiations, this would be difficult to prove. However, had a clear policy regarding the receipt of gifts been implemented and enforced, the commissioner would have known that accepting the free vacation was a violation of the rules. The ambiguity of the situation would have been avoided. 15. Are the organization's financial goals and objectives realistic? Closely monitor compliance with internal controls over financial reporting if the financial goals and objectives appear to be unrealistic. Establish realistic financial goals and objectives for the organization. Common justifications for financial statement fraud include a desire to obtain bonuses linked to goals or frustration with objectives that were unachievable through normal means. Joseph T. Wells, CPA, CFE CFE Conventional Forces in Europe (treaty) CFE Cash Flow to Equity (finance/accounting) CFE Comisión Federal de Electricidad (México) CFE Certified Fraud Examiner , is founder and chairman of the Association of Certified Fraud Examiners and a contributing editor to the JofA. His e-mail address See Internet address. e-mail address - electronic mail address is jwells@acfe.com. John D. Gill, J.D., CFE, is research director for the Association of Certified Fraud Examiners. His e-mail address is jgill@acfe.com. Bethmara Kessler, CFE, CISA (Certified Information Systems Auditor) The award for successful completion of an examination in information systems audit, control and security from the Information Security Audit and Control Association. See ISACA. , leads enterprise business risk management for Limited Brands Inc. Her e-mail address is bkessler@limitedbrands.com. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion