Approaches to Fraud
Prevention
Bill Brown: Partner – Forensic & Litigation Services
Tel: 972-448-6966
E-mail: Bill.Brown@Weaver.com
Overview
• Introduction: Padlock vs. Bolt cutter
• Goal of Fraud Prevention
• Internal Controls, the “Conventional
Wisdom”
• Fraud’s Impact on Prevention
• The “People” Solution
Padlock Theory
Padlock Theory
•
•
•
•
Basic internal control
Controls physical access
Safeguards property/assets
Will keep the 95% “honest” people
honest
Bolt Cutter Theory
The Bolt Cutter Theory
• Controls will not deter the “other” 5%
• The dishonest people will find a way to
“beat” the controls
• They have time and energy on their side
• They know where to find the bolt
cutters!
Beaumont ISD
$4,041,705 Fraud
Beaumont ISD
• Collusion between CFO & Controller
• I8 fraudulent transfers over 16 months
• Each had “Unilateral” funds transfer
authority (no $$ limitation)
Beaumont ISD Cont’
• Assumed Name Record (dba) to create
bogus bank accounts: fooled the bank
• Legitimate sounding descriptions
documenting transfers: fooled the
District and others
Fraud Prevention Goal
The Goal of Fraud
Prevention
Fraud Prevention Goal
Anti-fraud programs should be aimed at
reducing the likelihood that if fraud occurs,
it will not go undetected for an
unreasonable amount of time
Cost vs. Benefit – can’t completely prevent fraud
Internal Controls
The Conventional Wisdom
Re: Controls
General Conception
•
•
•
•
•
Careful consideration & design
Proper implementation
Effective compliance/monitoring
Appropriate corrective/remedial actions
Reliance on routine auditing procedure
So What’s the Problem?
5% “Tool Kit”
Circumventing Internal
Controls
• 5% have intimate knowledge of controls
exposes weaknesses
• Collusion will circumvent most controls
• Flawed design
• Ineffective implementation
• Auditing procedures can be predictable &
easily fooled
Fraud’s Impact on
Prevention
What is Fraud?
A generic term, embracing all multifarious
means which human ingenuity can devise
and which are resorted to by individual(s) to
get advantage over another by
false suggestions or suppression of truth,
and includes surprise, trick, cunning, and any
unfair way by which another is cheated
Fraud Engineering
Fraudulent schemes are “engineered”
(meticulously designed) to perpetrate and
conceal the theft, including an exit strategy
complete with “fall guys” and “alibis”
Detection is Difficult
• Fraud is an “intentional” act, often involving
detailed planning and concealment
• Crooks “anticipate” the routine audit
procedures, audit evidence is often fabricated
• Exploits weaknesses in routine audit
procedures or internal controls
• Breach of trust
• Test crash dummy – observe & adapt
Initial Detection
•
•
•
•
•
•
Tip
Management Review
Internal Audit
By Accident
External Audit
IT Controls
43.3%
14.6%
14.4%
7.0%
3.3%
1.1%
Source: 2012 ACFE Report to the Nation
Tipsters vs. Controls
Why are tipsters, management, and internal
auditors the most effective sources for the
detection of fraud?
Inside Info
• Intimately familiar with “detailed”
information
• First-hand knowledge: know the entity, live
it daily
• See and hear what other employees say and
do (lifestyle changes)
• Understand the control systems and how to
circumvent
Prevention: The “People”
Solution
The “People” Solution
TONE at the Top
REMEDIATION
95%
EDUCATE EMPLOYEES
INVESTIGATE
REPORTING
MECHANISM
REDUCE
DETECTION
TIME
Tone at the Top
• Establishes standards for ethical behavior
• Affixes responsibility for maintaining
ethical culture
• Sets positive example for others to follow
El Paso ISD: Cheating
Scandal
El Paso ISD
• Wide-spread cheating scandal, state &
federal accountability standards
• Superintendent created “culture of
corruption”
– Top administration
– Campus Directors
– Cutoff communications between campuses &
Central Office
EPISD Cont’
• Arrest & Removal of Superintendent
created a “void”
• “Culture” devised new schemes to
continue the corrupt environment
• Internal audit manipulated by
Superintendent & top administration
• I/A reports “draft” form >over 18 months
EPISD Cont’ I/A Failures
• Internal audit manipulated by
Superintendent & top administration
• I/A reports kept in “draft” form >over 18
months to avoid public disclosure
• Board of Trustees unaware of internal
audit
Informed Employees
• Informed employees will be more likely
to act ethically
• Raises awareness of potentially
fraudulent conduct by other employees
or vendors
• Encourages reporting of fraudulent
conduct (early detection)
Reporting Mechanism
• Commitment to non-retaliation
• Anonymous reporting extremely
important
• Appropriate response (part of the
solution or part of the problem)
• Reduces detection time
• Cornerstone to enterprise-wide antifraud system
Investigation
• Objective/probing
• Identify stakeholders/isolate interested
individuals
• Utilize appropriate investigative
personnel (appropriate skills)
• Timely conclusion/recommendations
Remediation
• Report to appropriate level within entity
• Report facts upon which appropriate
action can be taken
• Detailed recommendations for corrective
actions
• Inform affected (especially the tipsters)
of investigative results and corrective
actions taken
Goal: Reduce Detection Time:
“reducing the likelihood that if fraud occurs, it
will not go undetected for an unreasonable
amount of time”
Engage the 95% to improve the
effectiveness of “detection” efforts
Fraudulent activity manifests itself in
changes in behavior
Common Red Flags
•
•
•
•
•
•
Living Beyond Means
Financial Difficulties
Close Association with Vendor
Control Issues
Divorce/Family Issues
Addiction Problems
Source: 2012 ACFE Report to the Nation
35.6%
27.1%
19.2%
18.2%
14.8%
8.4%
Observe Lifestyle
Changes
• Spending habits: people generally spend
what they steal. The more they steal, the
more they spend. Fraud almost always
starts small and grows.
• Behavioral changes: look for signs of drug
abuse, gambling or other patterns (dress,
work habits, or attitude toward others)
City Dixon, Illinois:
$53,000,000 Theft
City of Dixon, Ill
• 12/18/1990 thru 4/17/2012
• City Finance Officer indicted 5/1/2012,
• Transferred funds to bank account in
name of City with her as signatory
• Forged endorsement & deposit in fake
City account
City of Dixon, Cont’
• Always picked up City’s mail & no one
saw fake bank account statements, until
the end (accidental)
• Extravagant life style:
– Large horse ranch (150 horses)
– Two 18-wheel transport trucks
– Expensive real estate
– Lavish personal expenses
Change in lifestyle went on for over 12 years!
Hotline
• The most effective crime detection
device is the Hotline.
• Expands your view to all the “eyes” in
your organization.
• Cost effective
• Provides a vehicle for honest employees
to contribute to the well being of the
organization
95% Solution
• Your people are the best control system!
–Encourage
–Empower
–Enlist