How to spot fraud.Putting a squeeze on theft. While there is no sure-fire way to eliminate fraud and if there were, the cost probably would be prohibitive pro·hib·i·tive also pro·hib·i·to·ry adj. 1. Prohibiting; forbidding: took prohibitive measures. 2. with proper attention by management it can be minimized. This article explores the various ways CPAs in industry and in public practice can sharpen sharp·en tr. & intr.v. sharp·ened, sharp·en·ing, sharp·ens To make or become sharp or sharper. sharp their fraud-detection and -prevention skills. Part of the fraud problem is perception. For example, one controller recently said that "2% shrinkage Shrinkage The amount by which inventory on hand is shorter than the amount of inventory recorded. Notes: The missing inventory could be due to theft, damage, or book keeping errors. is normal in our industry; we are pleased that our experience is just under that amount." When asked what caused the shrinkage, she had no idea. She had already decided not to worry about it--even though the loss totaled about $1.5 million a year--because the unstated assumption Unstated assumption is a type of propaganda message which foregoes explicitly communicating the propaganda's purpose and instead states ideas derived from it. This technique is used when a propaganda's main idea lacks credibility, and thus when mentioned directly will result in the was that it wasn't possible in her industry to reduce shrinkage below the 2% "normal" range. When it was pointed out that the real issue was acceptable theft levels rather than acceptable shrinkage levels, she changed her thinking. After an investigation, she discovered that the inventory was systematically being stolen from the warehouses. The fact is few cases of fraud are uncovered by external auditors The examples and perspective in this article or section may not represent a worldwide view of the subject. Please [ improve this article] or discuss the issue on the talk page. . The most effective sleuths are the people who handle a business's day-to-day transactions. Sampling, by itself, is not always an effective way to uncover fraud. When auditors rely on sampling, which they almost always do, they see only a few' transactions. As a result, the odds are against the likelihood they will stumble on a fraudulent transaction. But those on staff who review transactions and maintain the relationships with external parties are in the best position to notice when something is fishy fish·y adj. fish·i·er, fish·i·est 1. Resembling or suggestive of fish, as in taste or odor. 2. Cold or expressionless: a fishy stare. 3. As a result, effective managers should issue policy guidelines guidelines, n.pl a set of standards, criteria, or specifications to be used or followed in the performance of certain tasks. that, in effect, tell each employee, "You are responsible for being aware of what can go wrong in your area. You also are responsible for detecting wrongdoing wrong·do·er n. One who does wrong, especially morally or ethically. wrong  do when it does occur." Everyone--including auditors-- should be on the alert and at least look for those frauds that only he or she is in a position to detect. To get better at finding fraud, auditors and employee managers should follow the following four-step approach: 1 FOCUS ON THE POSSIBILITIES Before getting down to the detailed job of devising controls, do some research on what can go wrong. Most financial and operating professionals have only a passing knowledge of the specific cons used by white-collar thieves. We hear about schemes involving credit cards, fake vendors, inventory theft, kick-backs, bad loans and other cases, but few executives really know the details of the deceptions. Managers who have been defrauded often say, "But we had controls in place to prevent this from happening!" Hard as it is to accept, most preventive controls can be beaten by a motivated thief. And when thieves are inside the organization, they may be part of the control effort itself. So, find out how past defrauders pulled off their crooked crook·ed adj. 1. Having or marked by bends, curves, or angles. 2. Informal Dishonest or unscrupulous; fraudulent. crook acts. What was the thief's role m the organization that gave him or her the freedom to commit the act? Ask yourself how management steps such as reengineering, downsizing (1) Converting mainframe and mini-based systems to client/server LANs. (2) To reduce equipment and associated costs by switching to a less-expensive system. (jargon) downsizing , outsourcing, computerization com·put·er·ize tr.v. com·put·er·ized, com·put·er·iz·ing, com·put·er·iz·es 1. To furnish with a computer or computer system. 2. To enter, process, or store (information) in a computer or system of computers. and globalization globalization Process by which the experience of everyday life, marked by the diffusion of commodities and ideas, is becoming standardized around the world. Factors that have contributed to globalization include increasingly sophisticated communications and transportation affect the reliability of controls--as well as the attitudes of those who have access to the assets. Other places to look are industry resources. Many industry organizations maintain data on fraud cases. Since banks, insurers and others all support fraud prevention, they keep useful information on the subject. In addition, contact your industry association's security professionals for guidance. Keep files of news reports of fraud. These articles often contain enough detail to allow you to understand how the deed was done. But be careful not to get caught up in the drama of the fraud: Put less emphasis on the thieves and their reasons for stealing, focusing instead on the modus operandi [Latin, Method of working.] A term used by law enforcement authorities to describe the particular manner in which a crime is committed. The term modus operandi is most commonly used in criminal cases. It is sometimes referred to by its initials, M.O. . Certainly take advantage of any formal training on fraud detection that's available. The American Institute of CPAs, the Institute of Internal Auditors “IIA” redirects here. For IIA in decision theory, see Independence of irrelevant alternatives. Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association of more than 128,000 members with global headquarters in and other professional associations frequently sponsor educational programs on this subject. To begin the research in your own company, first check the departments in your organization that might have been involved in handling fraud: security, audit, legal, information systems, human resources The fancy word for "people." The human resources department within an organization, years ago known as the "personnel department," manages the administrative aspects of the employees. and any other pertinent user department. Confidentiality of past cases can be maintained because you do not need to know who did what. All you want to know is what happened and how. Next examine potential fraud exposures by functional area. Start with current job positions in each area. Include external parties. Then brainstorm with colleagues how individuals in each of these positions could defraud To make a Misrepresentation of an existing material fact, knowing it to be false or making it recklessly without regard to whether it is true or false, intending for someone to rely on the misrepresentation and under circumstances in which such person does rely on it to his or the organization-focusing on the opportunities presented by the position, not on the identity of the individual who currently occupies the position. Typical questions you should ask: * What jobs are likely to provide opportunities for fraud? * What opportunities exist for employees, executives, vendors, contractors' agents, customers and others? * How could they get around approval or transaction confirmation controls? * What general ledger General Ledger A company's accounting records. This formal ledger contains all the financial accounts and statements of a business. Notes: The ledger uses two columns: one records debits, the other has offsetting credits. account and cost center could the fraud be charged to? * How could the thief deceive TO DECEIVE. To induce another either by words or actions, to take that for true which is not so. Wolff, Inst. Nat. Sec. 356. the manager in charge of those cost centers when the monthend reports are reviewed? After completing such research and brainstorming, begin to look at the controls that are in place. Make sure the current ones go beyond preventing fraud. Tell employees who to contact within the company should they suspect fraud. 2 KNOW THE SYMPTOMS Fraud symptoms--the specific, observable ob·serv·a·ble adj. 1. Possible to observe: observable phenomena; an observable change in demeanor. See Synonyms at noticeable. 2. signs that fraud might be present--may be of the actual fraud or of the cover-up attempt. The easiest symptoms to spot involve cash and inventory shortages. But even there, clever thieves find ways to obscure the symptoms. For example, it's hard to tell immediately whether missing original documentation may be due to filing errors or because someone destroyed the documents to cover up a theft. Here's a short list of some fraud symptoms: * Multiple endorsements on commercial checks. * The use of common or repetitive names for refunds--such as Smith or Jones or a commercial name that is very similar to one in your industry but is spelled slightly differently. * Line items in standard reconciliations that don't go away. * Customer complaints about having paid invoices for which they are being dunned. * Adjustments to either inventory records and customer accounts. * The addresses of vendors that are the same as employee addresses. * No proceeds from the disposition of used assets. When one of these symptoms appears, use caution. Often there are reasonable explanations and they usually don't lead to a thief--just an error or an ill-designed process. So don't jump to conclusions. Instead, track down the cause for the symptom. Be especially cautious when reacting to a person's suspicious life-style. While such signs should sound an alarm, by themselves they prove nothing, but certainly more investigation is warranted. 3 DESIGN CONTROLS AND AUDIT PROCEDURES The conventional control procedures used to identify errors or irregularities include quality assurance programs, sampling and reperforming the work of subordinates, review of unusual transactions on edit and cost center reports and detail review and approval of reconciliations. When segregation of duties is impractical im·prac·ti·cal adj. 1. Unwise to implement or maintain in practice: Refloating the sunken ship proved impractical because of the great expense. 2. , and in areas offering high opportunity--such as cash handling, funds transfer and reconciliation of inventory--pay extra attention, asking detailed questions about the process and the controls. In developing such procedures, be sure to include specific steps calculated to look for fraud symptoms. And while measuring fraud exposure, assess the reliability of such controls. Likewise, auditors should include steps in their programs designed both to identify fraud symptoms and to bring them to the surface. Sampling plans should consider the fraud exposures and the reliability of internal controls. Building audit programs to look for symptoms includes selecting large samples for limited fraud tests and using computer retrieval and matching techniques. Auditors must remember that in deciding sample sizes, they are also deciding the probability of having the opportunity to detect fraud. The probability depends on the amount of the fraud, the size of the population and the number of sample items selected. Stratification stratification (Lat.,=made in layers), layered structure formed by the deposition of sedimentary rocks. Changes between strata are interpreted as the result of fluctuations in the intensity and persistence of the depositional agent, e.g. of the population, directed sampling and discovery sampling may prove helpful. 4 FOLLOW THROUGH ON ALL SYMPTOMS OBSERVED Whoever finds a symptom of fraud--the external or internal auditor Internal auditor An employee of a company who analyzes the company's accounting records to that the company is following and complying with all regulations. or a company manager--should resolve the situation before going on. Operate with an attitude of healthy professional skepticism. Beware of pressures to complete work within unreasonable deadlines. Be aware that the single symptom you are looking at may not be an isolated occurrence; it may be one of many. If you believe the follow-up is beyond your capabilities, consider giving the problem to a professional investigator. There are legal liability dangers inherent in mishandling possible fraud cases. The bottom line is this: The only way to protect against fraud is to be sure that the company's managers stay alert to the possibilities and maintain a proactive role. Fraud Nomenclature nomenclature /no·men·cla·ture/ (no´men-kla?cher) a classified system of names, as of anatomical structures, organisms, etc. binomial nomenclature In accounting circles, the word fraud has long been missing from the lexicon and it is used rarely in polite conversation when referring to a dishonest financial practice. Even the official pronouncements avoided the term, using instead expressions such as material misstatements, irregularities, misappropriation misappropriation n. the intentional, illegal use of the property or funds of another person for one's own use or other unauthorized purpose, particularly by a public official, a trustee of a trust, an executor or administrator of a dead person's estate, or by any of assets, defalcations and misrepresentations. But that may be changing. The just-released exposure draft of a proposed Statement on Auditing Standards, Consideration of Fraud in a Financial Statement Audit (JofA, June96, page 17), uses the word prominently. That small linguistic move may be a positive step in dealing with fraud at the workplace. By calling it by its real name, the accounting profession may be taking steps to address the issue with vigor VIGOR Internal medicine A clinical study–Vioxx GI Outcomes Report comparing a proprietary COX-2 inhibitor to standard NSAIDs . The AICPA AICPA See American Institute of Certified Public Accountants (AICPA). is sponsoring a conference on fraud December 4-6 in Las Vegas Las Vegas (läs vā`gəs), city (1990 pop. 258,295), seat of Clark co., S Nev.; inc. 1911. It is the largest city in Nevada and the center of one of the fastest-growing urban areas in the United States. . The program will focus on ways to detect, investigate, report and prevent fraud. For more information and to register for the $625 program, call 800-862-4272. EXECUTIVE SUMMARY * WHILE THERE IS NO SURE-FIRE way to eliminate fraud--and if there were, the cost probably would be prohibitive--it can be minimized with proper attention by management. * PART OF THE FRAUD PROBLEM is perception. Once a controller sees shrinkage (which at low levels is often considered "normal") as theft, management will take steps to put an end to to destroy. - Fuller. See also: End it. * MOST CASES OF FRAUD aren't uncovered by auditors. The most effective sleuths are static people who handle a business's actual transactions. * SOME OF THE SIGNS that indicate fraud may be occurring: * Multiple endorsements on commercial checks. * The use of common or repetitive names for refunds--such as Smith or Jones or a commercial name that is very similar to one in your industry but is spelled slightly differently. * Line items in standard reconciliations that don't go away. * Customer complaints about having paid invoices for which they are being dunned. * Adjustments to inventory records and customer accounts. * Vendor addresses that are the same as employee addresses. * No proceeds from the disposition of used assets. JOHN J. HALL, CPA (Computer Press Association, Landing, NJ) An earlier membership organization founded in 1983 that promoted excellence in computer journalism. Its annual awards honored outstanding examples in print, broadcast and electronic media. The CPA disbanded in 2000. , is a consultant with Courtenay Thompson & Associates, Dallas. He specializes in fraud awareness and facilitates seminars on the subject for executives, operating managers and auditors. CASE STUDY The Rebate Scam A construction company's project manager engineered a simple scam that earned him about $250,000 before he was unmasked. Here's how he did it--and how he was tripped up: The project manager opened a bank account using a name very similar to the name of the construction project he was managing. He then approached three major suppliers and requested cash rebates m excess of normal industry practice. In exchange, he guaranteed each would be the sole source for their respective products. In addition, he promised they would be paid promptly for all materials delivered. He told them the rebates were due on the first of each month for all transactions of the proceeding month. The checks were to be made payable to the name on the bogus bo·gus adj. Counterfeit or fake; not genuine: bogus money; bogus tasks. [From obsolete bogus, a device for making counterfeit money. bank account. The suppliers agreed to the unusual terms in order to secure the business. None questioned the name on the checks because it was close enough to the actual project name. The arrangement worked smoothly for several months. Rebate checks were delivered to the project manager each month and he deposited them into his account. After the checks cleared, he withdrew most of the funds using cashier's checks cashier's check n. a check issued by a bank on its own account for the amount paid to the bank by the purchaser with a named payee, and stating the name of the party purchasing the check (the remitter). . The scheme came to light when a supervisor in the construction company's accounts payable department questioned why prompt-payment discounts weren't being made to the three suppliers. She had just attended a fraud-awareness seminar and remembered that such an unusual arrangement might be a symptom of fraud. Rather than question either the project manager or the suppliers, she correctly referred the matter to the corporate audit department for investigation. The auditors made simultaneous unannounced visits to all three suppliers. Two wouldn't talk, but the third explained the relationship and provided copies of the canceled rebate checks. Lessons learned from the case: * It's relatively easy to open unauthorized bank accounts because most banks have limited ability to verify the identity of the person opening an account. * Scam artists know how to cash checks--to any payee The person who is to receive the stated amount of money on a check, bill, or note. payee n. the one named on a check or promissory note to receive payment. PAYEE. The person in whose favor a bill of exchange is made payable. , in any amount. * Schemes that involve relationships with suppliers are particularly hard to prevent and detect. * When contracting with suppliers, try to secure the right to review any appropriate records. While this is fairly common in the contracting environment, it's also something to consider for other relationships in which purchase orders are used. |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion