CPAs & ADVISORS experience clarity // SECRETS, CONSPIRACIES AND HIDDEN PATTERNS Shauna Woody-Coussens, Managing Director-Forensics & Valuation Services AGENDA About occupational fraud Common fraud schemes and related red flags Cost-effective anti-fraud controls Update on forensic analytics 2 // experience clarity HARD COSTS OF OCCUPATIONAL FRAUD Typical organization loses 5% of its annual revenue to fraud Translates to a potential fraud loss of $750 billion for US (2013) Median loss was $140,000 for all companies One fifth of losses were over $1 million Frauds lasted 18 months before being detected 50% of entities recover nothing 3 // experience clarity SOFT COST OF OCCUPATIONAL FRAUD Damage to companies go beyond dollars and cents Reputation Loss of public confidence Damage to relationships Sagging staff morale Distraction from the mission 4 // experience clarity FRAUD TRIANGLE Perceived pressure facing individual Perceived opportunity to commit fraud Person’s rationalization or integrity 5 // experience clarity FRAUD TRIANGLE: PRESSURES Common pressures: Financial Not being able to pay one’s debts Business reversals Belief that one’s job is in jeopardy Emotional Fear of loss of status Difficulties in employer-employee relations Narcissistic entitlement Lifestyle Status gaining Drug/alcohol addiction Gambling 6 // experience clarity FRAUD TRIANGLE: OPPORTUNITY Common opportunities: Access to funds and/or inventory Ability to process transactions Weak internal controls Ineffective monitoring by management 7 // experience clarity FRAUD TRIANGLE: RATIONALE Common rationales: I’m only borrowing the money I work harder than management/owner They don’t pay me enough They gave my promotion to someone else Others in the organization are doing it 8 // experience clarity PROFILE OF A TYPICAL FRAUDSTER Male or female 36 to 45 years old College educated Works in finance function or finance-related role Holds a senior management position Employed by the company for more than 10 years No prior fraud charges or convictions 9 // experience clarity BEHAVIORAL RED FLAGS OF THE TYPICAL FRAUDSTER Lifestyle seems excessive for income Rarely takes vacation Does not/will not produce records/information voluntarily or on request Tends to shift blame and responsibility for errors Surrounded by “favorites” or people who do not challenge them Rumors/indications of personal bad habits/addictions/vices Bullies or intimidates colleagues Vendors/suppliers will only deal with this individual Refuses or does not seek promotion 10 // experience clarity BEHAVIORAL RED FLAGS OF THE TYPICAL FRAUDSTER Volatile and melodramatic, arrogant, confrontational, threatening, or aggressive when challenged Is suspected to have over-extended personal finances Cuts corners and bends rules Seems unhappy at work or is poorly motivated Accepts hospitality that is excessive or contrary to employers’ rules Seems stressed and under pressure Self-interested and concerned with own agenda Micromanages some employees; keeps others at arm’s length 11 // experience clarity VICTIM ORGANIZATIONS 12 // experience clarity ©2012 Association of Certified Fraud Examiners, Inc. TOP OCCUPATIONAL FRAUD SCHEMES BY SIZE OF ORGANIZATION 13 // experience clarity COMMON FRAUD SCHEMES AND RED FLAGS 14 // experience clarity BILLING FRAUD 15 // experience clarity BILLING FRAUD Any scheme in which a person causes his or her employer to issue a payment by submitting invoices for fictitious goods or services, inflated invoices or invoices for personal purchases Employee creates a shell vendor company and bills employer for services not actually rendered Pass-through schemes through an intermediary vendor who provides no real services or value Pay and return schemes whereby an intentional overpayment of a legitimate invoice gets returned and pocketed by employee 16 // experience clarity POTENTIAL RED FLAGS FOR BILLING FRAUD SCHEMES Invoices for unspecified consulting or other service Unfamiliar vendors Vendors with PO boxes Vendor name consisting of initials Rapid increases in purchases Multiple monthly billings Employee/vendor address match Consecutively numbered invoices from a vendor Repeated requests to expedite payments to particular vendors Invoice for round dollar amounts Delivery address other than institutional address Excessive returns to vendors 17 // experience clarity CORRUPTION 18 // experience clarity CORRUPTION Dishonest or fraudulent conduct by those in power, often involving bribery, kickbacks or conflicts of interest Improper and usually unlawful conduct intended to secure a benefit for oneself or another 19 // experience clarity JUNCTION CITY INVESTIGATION Big Red One to bring troops to Ft. Riley, KS base Lack of “rooftops” based on troop projections provided by military leaders Housing boom resulted Big D Development – David Freeman Wanted exclusive rights to develop two housing developments with more than 500 lots for SFR, duplexes and condos Development contracts were worth more than $12 million to Big D Former Junction City Mayor/City Commissioner – Mick Wunder Received $19,000 and requested the construction of a house in exchange for securing necessary votes Admitted taking the money, but said it was for his wife’s medical bills and that he gave Freeman sports memorabilia in exchange 20 // experience clarity JUNCTION CITY INVESTIGATION May 1, 2006 – Freeman issued a $5,000 check to Wunder’s wife “Loan for medical bills” May 6, 2006 – Freeman brags to business partners that he has a city commissioner in his pocket and can get anything approved July 6, 2006 – Freeman issued a $5,000 check to Wunder “Loan repayment” July 27 and September 8, 2006 – City Commission approved development agreements with Big D City Commission later approved payments in excess of $12 million for the benefit of Big D Late 2006 – City to renovate the historic Opera House Wunder delivered winning bid for a promise of $15,000 Freeman’s admin delivered $9,000 check to Wunder at an interstate rest stop 21 // experience clarity RED FLAGS FOR CORRUPTION Off-book fraud, so very hard to detect Payments often do not go through the organization’s accounting records Payments often paid in cash By-passing normal contracting procedures Missing documents or records regarding meetings or decisions Unexpected or illogical decisions accepting projects or contracts Unfavorable contracts or terms 22 // experience clarity RED FLAGS FOR CORRUPTION Look for “behavioral” red flags Too close a relationship between employee and vendor Private meetings Unexplained preferences for a particular vendor Acceptance of lavish gifts/trips Pressure for payments to be made urgently or ahead of schedule Credit problems Addition problems (gambling) 23 // experience clarity CHECK TAMPERING 24 // experience clarity CHECK TAMPERING Any scheme in which a person steals his or her employer’s funds by intercepting, forging or altering a check drawn on one of the organization’s bank accounts Employee steals blank company checks and makes them out to himself, an accomplice or cash Employee increases the amount of an expense reimbursement check after signature Employee steal an outgoing check to a vendor and deposits it into his or her own account 25 // experience clarity FORGED MAKER Maker = person who signs the check Most common type of check tampering Look for check #’s out of sequence (taken from bottom) Look for duplicate check numbers 26 // experience clarity FORGED ENDORSEMENTS Perpetrator steals an outgoing company check intended for a 3rd party and forges the endorsement of the intended payee Deposits into bank account 27 // experience clarity ALTERED PAYEE Perpetrator steals an outgoing company check intended for a 3rd party and alters the payee Insert fraudster or accomplice name Perpetrator steals an incoming check and alters the payee Insert fraudster or accomplice name 28 // experience clarity AUTHORIZED MAKER Person with authority to write checks makes out a fraudulent check for their own benefit Most difficult to defend against Internal controls (if in place) are often overridden by using influence, authority or intimidation 29 // experience clarity FEB 26, 2014, 7:35AM CST FORMER BOOKKEEPER FACES $543K EMBEZZLEMENT CHARGE KANSAS CITY BUSINESS JOURNAL Susan Elise Prophet, who was a bookkeeper for Dorfman Plumbing Supply Co., is accused of embezzling more than $543,000 between December 2012 and August 2013. According to the indictment, Prophet wrote 105 unauthorized checks that she used to purchase vehicles, furniture, electronics and other items. She is charged with 16 counts, including wire fraud, bank fraud, money laundering and identity theft. The case is being prosecuted by the U.S. Attorney's Office for the Western District of Missouri. It was investigated by the FBI and the Kansas City Police Department Kansas City-based Dorfman Plumbing Supply was acquired late last year by Ferguson Enterprises Inc. of Newport News, Va., The Kansas City Star reports RED FLAGS FOR CHECK TAMPERING Altered bank statements Voided checks do not match physical copies of checks Altered check register Altered check disbursement journal Altered cancelled checks Checks endorsed by employee or dual endorsements 31 // experience clarity SKIMMING THE REVENUE CYCLE 32 // experience clarity SKIMMING THE REVENUE CYCLE Employee pockets the payment from a customer/other and does not record the charge Stealing payments on accounts receivable and covering them up with adjustments or write-offs Lapping Customer A pays on account and employee pockets the payment. Customer B pays on account and employee records the payment by Customer B on Customer A’s account. This goes on until the employee is caught or covers up the fraud, usually through an adjustment or write-off 33 // experience clarity RED FLAGS FOR SKIMMING SCHEMES Employees who do not take vacation Employees who do not like others to perform their duties Missing register tapes or other records Consistent differences in register receipts to cash on hand 34 // experience clarity EXPENSE REIMBURSEMENT/CREDIT CARDS 35 // experience clarity EXPENSE REIMBURSEMENT/CREDIT CARDS Any scheme in which an employee makes a claim for reimbursement or fictitious or inflated business expenses Employee files fraudulent expense report, claiming personal travel, nonexistent meals, etc. Employee purchases personal items and submits and invoice to employer for payment Employee purchases goods/services for inappropriate uses and charges to employer for payment 36 // experience clarity ON-GOING INVESTIGATION Corporate AMEX Summary statement for 12 cards Each cardholder given their section and asked to provide original receipts All receipts reconciled to summary statement by CFO Everyone’s receipts in good order, except….. 37 // experience clarity CFO’S AMEX CHARGES Palm Beach Tan – 3 charges totaling $118.13 Turbotax Software – 2 charges totaling $113.50 Ticketmaster – 2 charges totaling $687.41 University of Cinncinati Tuition – 2 charges totaling $2,935.90 Delta Airlines - $514.44 Car repair expenses - $937.34 Gasoline – 64 purchases totaling $2,597.45 Local lunches for one – 27 charges totaling $394.30 USAA Life Insurnance Premiums - $1,372.11 2CO.com - $7,000 (payment processor for online businesses) 38 // experience clarity WHAT DID COMPANY KNOW ABOUT CFO? Resume indicated Seasoned financial professional with significant experience in a CFO capacity Effective communicator with strong leadership skills CFO/Treasurer experience at two other manufacturing companies (9 years) Vice President of a financial planning firm (6 years) Developed $20 million book of business from scratch CPA with Series 7, 63 and 65 Securities Licenses CFO had interviewed well and was very personable Hired because management liked that he had previous CFO experience in manufacturing industry 39 // experience clarity WHAT WE DISCOVERED ABOUT CFO Resume Most recent job on resume (2007-2009) was a CFO-To-Go Consulting Services Secretary of State website indicated the CFO was the owner of this company Internet Searches CFO was divorced in 2007 CFO had judgments against him (2010 and 2012) for non-payment of credit card bills and back taxes Wages were being garnished, but management was unaware Interview of co-worker CFO had some sort of relationship issues with ex-wife and oldest son CFO prided himself of appearing to be a workaholic CFO had a real need to be liked 40 // experience clarity WHAT WE DISCOVERED ABOUT CFO Email review CFO not able to pay for half of oldest son’s college costs-ex-wife continually threatening legal action CFO had signed away his parental rights during the “period of insanity” CFO took deductions on tax returns for children when he wasn’t entitled to CFO had had a serious drug problem which cost him his previous CFO position and his marriage CFO’s girlfriend currently had a serious drug problem 41 // experience clarity IN CONCLUSION From 2010 through April 2014, CFO “borrowed” over $100,000 CFO had paid back about $43,000 “Borrowings” generally coincided with timing of emails from ex-wife or oldest son CFO appeared to use corporate credit card for small purchases of meals, food and gasoline for personal car in the week before a pay date 42 // experience clarity RED FLAGS FOR EXPENSE REIMBURSEMENT /CREDIT CARD SCHEMES Purchases that do not appear to be business related Original documents supporting expenses missing Receipts are altered Many receipts from the same vendor Submitted receipts are consecutively numbered Expenses in round dollar amounts Expenses just below receipt submission threshold Expensive business lunch/dinner expenses without names/organizations of attendees and business purpose noted Excessive use of taxis on business trips 43 // experience clarity INTERNAL CONTROLS 44 // experience clarity MOST COMMON REASON OCCUPATIONAL FRAUD OCCURS One person is given complete control of the financial process without any oversight or monitoring from the supervisor or department head. Simply signing does not = oversight 45 // experience clarity PRIMARY INTERNAL CONTROL WEAKNESSES 46 // experience clarity EFFECTIVENESS OF INTERNAL CONTROLS Median Loss Based on Presence of Anti-Fraud Controls Control Management review Employee support programs Hotline Fraud training for managers/executives External audit of ICOFR Fraud training for employees Anti-Fraud policy Formal Fraud Risk Assessments Internal audit/FE department Job rotation/mandatory vacations Surprise audits Rewards for whistleblowers Code of conduct Independent audit committee Management certification of F/S External audit of F/S 47 // experience clarity % of Cases Implemented 60.5% 57.5% 54.0% 47.4% 67.5% 46.8% 46.6% 35.5% 68.4% 16.7% 32.2% 9.4% 78.0% 59.8% 68.5% 80.1% Control in Place $100,000 $100,000 $100,000 $100,000 $120,000 $100,000 $100,000 $100,000 $120,000 $100,000 $100,000 $100,000 $120,000 $125,000 $138,000 $140,000 Control Not in Place $185,000 $180,000 $180,000 $158,000 $187,000 $155,000 $150,000 $150,000 $180,000 $150,000 $150,000 $145,000 $164,000 $150,000 $164,000 $145,000 % Reduction 45.9% 44.4% 44.4% 36.7% 35.8% 35.5% 33.3% 33.3% 33.3% 33.3% 33.3% 31.0% 26.8% 16.7% 15.9% 3.4% COST EFFECTIVE ANTI-FRAUD CONTROLS 48 // experience clarity MOST COST EFFECTIVE ANTI-FRAUD CONTROL MECHANISM Fraud hotlines Occupational fraud more likely to be detected by a tip than by any other method Fraud hotlines help detect fraud 12 months faster Median loss 44% less 49 // experience clarity DETECTION OF FRAUD SCHEMES 50 // experience clarity IMPACT OF FRAUD HOTLINES 51 // experience clarity SOURCE OF TIPS 52 // experience clarity 2ND MOST COST EFFECTIVE ANTI-FRAUD CONTROL MECHANISM Employee fraud awareness training Makes employees your “eyes and ears” with regard to fraud prevention and detection Appropriate topics Employees’ roles within the internal control framework Who commits fraud and why Common fraud schemes in their industry/function/role Red flags to recognize common fraud schemes What to do when employees encounter red flags 53 // experience clarity 3RD MOST COST EFFECTIVE ANTI-FRAUD CONTROL MECHANISM Proper tone at the top Lead by example Establish a code of ethics and conduct Establish a fraud policy Carefully screen job applicants Assign proper authority and responsibility Mandate fraud and ethics training for staff Implement effective disciplinary measures Implement a confidential hotline Establish a “no retaliation” policy Follow through with reports of misconduct and promote effective internal controls 54 // experience clarity FORENSIC ANALYTICS 55 // experience clarity FORENSIC DATA MINING “Use of sophisticated procedures and technologies to identify concealed patterns in financial, nonfinancial and textual data that would not otherwise be detectable due to the size and complexity of the data.” WHAT’S THE BIG DEAL? Sampling doesn’t reveal patterns & trends “Big Data” – too much data for manual analysis System weaknesses lead to fraud - data mining finds them Suspicious activity is a 96.5% match to normal SIMPLE EXCEL-BASED EXAMPLE Tool Used: Excel, ACL, IDEA Functions: Simple sorting A LITTLE MORE COMPLICATED Automated web crawlers do not detect “presence” of name against outside data sources. Cross Reference Against: Postal contractors database Correctional facilities database High-risk ZIP codes Unexpected / unusual addresses The UPS Store 1221 East Kearney Springfield, MO GEOCODING MORE GEOCODING “Vinny’s Salvage Yard” GEOSPATIAL ANALYSIS (VISUAL) INVOICE ALTERATIONS GROWTH OF UNSTRUCTURED DATA LATENT SEMANTICS To: Vendor Rep From: Employee --------------------------------------------Thank you for the “gift” – I’m so excited! It looks great in my driveway! I can’t wait to take it out on the open road! My neighbors are soooo jealous! LATENT SEMANTICS To: Employee From: Vendor Rep --------------------------------------------Think nothing of it, you deserve a treat every now and then for all you’ve done for us. EMOTIONAL TONE OF OVERALL DEPARTMENT 67 // experience clarity SAYING IT WITHOUT SAYING IT Putin Presidential Address, December 2013 “together with our partners we managed to steer the course of events away from war” “extensive bloodshed” “conflict” “external military intervention” “dramatic situation” “resorting to forceful actions” “crisis” THANK YOU FOR MORE INFORMATION // For a complete list of our offices and subsidiaries, visit bkd.com or contact: Shauna Woody-Coussens, CFE // Managing Director swoodycoussens@bkd.com // 816.701.0250