Forensic Accounting Issues

Five Recommendations to Protect Your Business from CyberFraud

We all know that forming and running a business, as rewarding as it is, will keep the owners and managers extremely busy as they work to grow their operations. They will hear from professional accountants about the necessity of creating good internal controls to protect the company. But oftentimes, the ideal structure of internal controls may require more people to implement division of responsibilities. Then, reality sets in. Wages and benefits spent on hiring more employees who do not generate profits are called unhappy dollars. To reduce these unhappy dollars, divisions of responsibilities are collapsed into a fewer number of trusted employees to guard the money and intellectual property of the entity. Many businesses operate safely and profitably using fewer people to oversee the internal controls, but the risk of fraud increases as these controls are collapsed into the job descriptions of fewer people.
To be sure, determined crooks will defeat the best designs of internal controls in any size of business entity. However, more opportunity for mischief is created in smaller business models with more emphasis on the trust of fewer people, or maybe even one employee. Some of our most devastating embezzlement losses have occurred in this environment of complete trust engendered to a small number of people. This is particularly true in crooked accountant bookkeeper cases, whom I call crookkeepers.
It is extremely important to point out that the accounting and bookkeeping professions produce dedicated and reliable people to professionally maintain accurate books and records. Just like anything else, a few of these people create enormous problems when they decide to commit fraud. Other key employees in a company can also steal money and assets from a business. so let’s discuss some effective methods of preventing or discovering the misdeeds of corrupt employees.
After years of working as a financial crime investigator, I have had the advantage of interviewing a wide variety of criminals. I have always carefully questioned those crooks who agreed to be interviewed. In addition to having them describe the scheme, I would ask: Why did you do this? Well, what kept you up at night? How did you get caught? What would you have done differently to avoid detection? During your scheme, when was the first time you knew that you crossed the line into actual indefensible fraud? What recommendations would you forward to the victims of such schemes to prevent people like you from stealing from them? From this, I and many of my colleagues have gained valuable insights about how to make victims harder targets against fraudulent conduct. These suggestions are not usually found in accounting classes or online searches.
The knowledge gained from conducting the fraud autopsies of numerous cyber and financial fraud cases reveal many clues left behind by the fraudsters. These clues were in plain sight but overlooked during the schemes. More importantly, many of these same clues appear in different cases.
One of the challenges in the practice of Forensic Accounting is to leverage this information to identify practical and cost-effective fraud preventative solutions for business owners, to include partnerships, churches, and other non-profits. Therefore, I always try to find no-cost, low-cost, and then the high-cost solutions. Naturally, people want to hear about the no-cost solutions first, so I came up with a list of five things that stakeholders can apply today, at no-cost, to make their business models harder targets against corrupt employees. So, the list I provide and discuss is:
Know Your Employees
Know Your Vendors
Know Your Credit Cards
Know Your Business
Know Your Cyber System
I am convinced that these recommendations, if implemented, will not prevent the attempts at fraud schemes, but they will offer the best chances for prevention and early detection of problems. That’s the point. You want to identify the warning signs of problems in the early stages to prevent devastating losses from off-the-books and on-the-books fraud schemes. First, though, I want to describe the important differences between off-the-books and on-the-books schemes.

Off-the-books schemes primarily appear in cases where the perpetrator(s) will steal money and not really care if the transactions are recorded in the accounting system. Thefts of cash and other valuable assets, maybe from the inventory system, are common. Opportunities to steal cash make good people go bad and bad people go worse. Many thieves will steal cash knowing that it may be discovered one day. They rely on poor internal controls and lack of proof to keep from being fired or prosecuted. So, people like me will be telling business folks to reduce the opportunities for cash thefts by getting the cash into the bank accounts as soon as possible. Keeping cash in storage, even safes, will not deter the thieves. One secret in removing cash from the business is establishing a positive relationship with your financial institution about your banking procedures, particularly in cash deposits. Your banker is required to report suspicious patterns of cash deposits which may appear designed to avoid Currency Transaction Reporting requirements of cash transactions over $10,000.00. A more personal relationship with your financial institution may alleviate these concerns. Please do not forget about protecting your intellectual property and trade secrets from theft. These thefts would not necessarily appear on your accounting system.
On-the-books schemes are described as schemes where the corrupt employee is stealing money while creating false and fictitious accounting entries to hide the thefts. In a normal accrual-based dual-entry accounting system, each transaction will create a debit and credit entry. At the end of each transaction, at the end of each day, at the end of each accounting period, debits and credits should equal. The sophisticated thieves certainly know this. Some of our most significant and devastating losses from embezzlements are on-the-books schemes designed to survive the review and audit process. Undetected, these schemes can last several months or years, and may never be discovered. Payments of bribes and kickbacks can be hidden in webs of misdirected accounting entries. Corrupt business partners and company executives can drain the profits out of a business and hide behind falsified accounting entries. Crooks will look for and exploit weaknesses in the internal control systems. For example, we have seen many theft suspects in churches and non-profits admit to some form of taking money, but they will say that they are being reimbursed for previous personal expenditures. Without a reliable internal control system covering reimbursement of expenses, it becomes difficult to independently prove or disprove these representations. These schemes present significant challenges to the auditing profession and even more challenges to businesses operating without professional audits.
Know Your Employees
When doing presentations on fraud prevention, I field several questions about how to hire quality employees such as “What questions should be asked?” “Can we ask about their criminal record?” “Can we review their Social Media”. These are valid questions, but present-day government rules, regulations, procedures, and laws make the answers more complex. I always recommend the services of competent legal counsel to navigate these issues.
After investigating and studying numerous corrupt employee matters, I can say that clues were left behind by many of the thieves during the application and hiring process. I always request or subpoena the employee files to review the initial application and disclosures. In many, but not all, cases, the corrupt employee embellished accomplishments, omitted key information, or outright lied on the application. The clues were undiscovered because no one conducted research on the applicant’s representations. A Google search is not adequate. A misrepresentation on an application could very well be a mistake or honest oversight. The hiring and interview process offer the best chance to address these issues. Verification of key information about education, previous employers, awards, accreditations, are easily verified before an interview even takes place. These recommendations gain in importance when hiring people in key financial and management positions. Here are some additional steps for consideration:
Identify Employees in Sensitive Positions for increased vigilance
Review and Verify Applications/Resumes
Obtain Credit Reports
Consider Background Checks for Employees in Sensitive Positions
Consider Fidelity Bonds
Know Your Vendors
In the above discussion of on-the-books fraud schemes, I point out that the perpetrators will record false and misleading accounting entries to hide their fraud schemes. One of the most common methods of doing just this is to form fake vendors and add the vendors to the approved vendor list. Once the fake vendor is added to the approved list, fake invoices are submitted to the company for payment. The payments are then directed to bank accounts controlled by the embezzler. Sounds simple, right? This format appears in many long-term embezzlement cases causing hundreds of thousands or even millions of dollars in losses. This is why I recommend monitoring the vendor list and looking for the conflicts of interest and unholy financial relationships between vendors and your employees, particularly with new vendors.
Know Your Credit Cards
Investigators and Forensic Accountants often see cases where personal expenses are charged to the corporate credit cards. We also see situations where the embezzler will obtain personal credit cards from the same credit card company used to sponsor corporate credit cards, charge personal expenses on the new cards, and pay all the credit cards with corporate funds. I call these parasite credit cards. If the person using the credit cards is the same person responsible for paying the credit card companies, losses can accumulate very quickly. I have seen cases where the losses from parasite credit cards hits the six and seven-figure dollar range. Misuse of company credit cards does not always stand alone in a fraud scheme and is often combined with other methods of stealing money. Here are some additional steps for consideration:
Determine how many credit cards are being paid through the company
Determine who has custody over the credit cards
Clear company policies concerning proper use of credit cards should be in written guidelines.
Always review the credit card statements.

Know Your Business
Of course you know your business, but how closely do you monitor the different types of expenses being charged to the business? While unraveling on-the-books fraud schemes, we find that many of the expenses charged to fake companies made absolutely no sense to the business model of the victim. Many embezzlers will try to outfox you by charging “soft” costs like “consulting”, reasoning that no one can really tell what is going on. Careful monitoring of the expenses being paid is critical in catching schemes at an early stage.
Know Your Cyber System
I field many questions concerning protecting businesses from cyber-related crime. In short, we should consider the difference between financially motivated cyber fraud schemes vs. cyber-attacks designed to damage the computer system. Cyber fraud schemes can originate from corrupt employees or from outside forces intent on stealing assets. Intellectual property, trade secrets, and client lists, are glaring targets of corrupt employees and outside cyber criminals. For profit cyber-attacks include Business Email Compromise schemes, Email Account Compromise schemes, and Ransomware schemes. Cyber attacks designed to damage the cyber system can originate from outside the business or from disgruntled insiders. Here are some basic steps for consideration:
Learn about Common Attack Vectors and Mitigation Best Practices
Conduct a Security Audit and Assess Controls
Keep your Cyber system modern and up-to-date
Employee Training
Consider Business Insurance
Create a Response Plan
Conclusion:
I am convinced that any one or more of these no-cost recommendations would have prevented or discovered significant embezzlement schemes resulting in hundreds of thousands of dollars in losses in actual cases. These are lessons learned from analyzing internal fraud schemes as well as information gleaned from debriefing the actual thieves.
These recommendations are only briefly described to keep this blog within a reasonable length. I plan on writing additional blogs and podcasts to provide more detail on these matters, particularly on protecting the cyber system of businesses.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.