Adam Hennen

1
Dialing in on Fraud Eliminating its Impact on
the Bottom Line

• Presented By
• Adam Hennen

2
The Global Impact of Fraud

• In 2010, the Association of Certified Fraud
  Examiners compiled a study of 1,843 fraud cases.
  It was estimated that the typical organization
  loses 5 of its annual revenue to fraud. Applied
  to the estimated 2010 Gross World Product, this
  figure translates to a potential total fraud loss
  of more than 3.15 trillion (733 billion dollars
  in the U.S. alone).
• The frauds lasted a median of 18 months before
  being detected.

3
Fraud in Telecommunications?

• Based on average operating revenues of telephone
  companies in 2010, the effect of fraud could
  result in the following losses

4
Fraud in Telecommunications?...REALLY?
5
Whos Responsible?
6
How Did it Happen?

• Occupational Frauds by Category (U.S. only)
  Frequency4

4The sum of percentages in this chart exceeds
100 because several cases involved schemes from
more than one category.
7
How Did it Happen? (Cont.)

• Occupational Frauds by Category (U.S. only)
  Median Loss

8
How Did it Happen? (Cont.)

• Schemes Committed by Perpetrators in the
  Accounting Department 367 Cases23

23The sum of percentages in this chart exceeds
100 because several cases involved schemes from
more than one category.
Data from the 2010 ACFE Report to the Nations on
Occupational Fraud and Abuse.
9
How Did it Happen? (Cont.)

• Schemes Committed by Perpetrators in the
  Purchasing Department 103 Cases28

28The sum of percentages in this chart exceeds
100 because several cases involved schemes from
more than one category.
Data from the 2010 ACFE Report to the Nations on
Occupational Fraud and Abuse.
10
How Did They Do it?

• Schemes Committed by Perpetrators in the Primary
  Operations of the Victim Organization 299 Cases1

1The sum of percentages in this chart exceeds
100 because several cases involved schemes from
more than one category.
11
Our Accountants Did What?

• CHECK TAMPERING Any fraud scheme in which a
  person steals his employers funds by
  intercepting, forging or altering a check drawn
  on one of the organizations bank accounts.
• EXAMPLE Thomas Bell, a fiscal officer of Let
  it Ring Phone Company, had access to company
  checks but was not authorized to sign them.
  Toms company used an automated check signer
  (a.k.a. a signature stamp), which was guarded
  by a custodian. Tom took some blank checks and
  made them payable to himself, then snuck into the
  custodians office and signed them with the check
  signer.

12
Check Tampering

• How many companies keep their signature stamp in
  a locked drawer.
• Does the accountant who prints checks have access
  to that drawer?
• Is the accountant who prints checks the custodian
  of the signature stamp?

13
Shifting Responsibilities

• Banks responsibility for check fraud
• Under UCC Regulations, changes were made to
  articles 3 and 4, which shifted liability for
  check fraud back to the companies that wrote the
  checks in question.
• The banks obligation to provide ordinary care
  may not include signature verification.

14
Our Purchasing Department Did What?

• BILLING SCHEMES Any scheme in which a person
  causes his employer to issue a payment by
  submitting invoices for fictitious goods or
  services, inflated invoices or invoices for
  personal purchases.
• EXAMPLE Jon Bell (Toms Brother) is in charge
  of purchasing on behalf of Let it Ring Phone
  Company. Instead of buying merchandise directly
  from a vendor, Jon sets up a shell company and
  purchases the merchandise through that fictitious
  entity. He then resells the merchandise to his
  employer from the shell company at an inflated
  price, thereby making an unauthorized profit on
  the transaction.

15
Billing Segregation

• Purchase requisitions should be reviewed and
  approved by someone other than the employee
  initiating the request.
• Purchase orders should only be generated by
  employees in the purchasing department. These
  employees should not have access to generate or
  authorize purchase requests or receive goods.
• Vendor invoice approval should be restricted to
  the employee who initiated and authorized the
  purchase request or a person independent of the
  purchasing function.
• A report of all Pos issued to vendors should be
  reviewed by a supervisory-level employee not
  involved in initiating purchase orders with
  vendors.

16
Fraud by Credit Card

• James, the chief of a small fire district in the
  state of Washington, obtained an unauthorized
  credit card in the districts name. He
  circumvented the districts internal controls by
  intercepting the mail, removing the monthly
  credit card statement and making personal
  payments on the account to conceal the
  unauthorized purchases. The chief made personal
  charges in excess of 7,700, and was finally
  detected after retiring for personal reasons and
  the signatories were changed on all the bank
  accounts. The chief reimbursed the district for
  the personal charges and was not charged
  criminally.

17
Fraud by Credit Card (Cont.)

• To better prevent fraud by credit card,
  organizations should
• Establish written policies and procedures for
  credit card use and train employees to ensure
  they use the cards only for official business.
• Always obtain purchase receipts from employees
  and never pay bills using only the monthly credit
  card statements.
• Properly train employees on the authorization and
  approval procedures for all disbursements.
• Appropriately segregate employee duties and
  periodically monitor the work of key employees to
  ensure its expectations are being met.

18
WE SUSPECT FRAUDNOW WHAT?

• Perform an internal investigation.
• Make inquiries.
• Observe Red Flag activity.
• Hire a professional investigation (CFE, CPA,
  Lawyer, etc..)

19
Profile of a Fraudster

• Living the fraud life. According to the 2010
  Report to the Nations, there are several
  behaviors that serve as red flags displayed by
  perpetrators. The two most common traits are a
  tendency to live beyond ones means, and a
  struggle with financial difficulties. More than
  a third of those identified displayed at least
  one of the aforementioned behaviors, and about 20
  percent had either a wheeler-dealer attitude,
  control issues (unwillingness to share duties),
  or personal problems, such as a divorce. Other
  red flags might include irritability or
  defensiveness, addiction problems, past legal
  problems, refusal to take vacation and
  complaining about inadequate pay.

20
Red Flags of Fraud

• Behavioral Red Flags of Perpetrators29

29The sum of percentages in this chart exceeds
100 because in many cases perpetrators displayed
more than one behavioral red flag.
21
Making Inquiries

• Suspects and witnesses often reveal more than
  they intend through their choices of words.
• Start by asking the question.
• Look for deviations that might suggest a person
  may be withholding, altering, or fabricating
  information.

22
10 Tell-Tale Signs of Deception

1. Lack of Self-Reference
2. Verb Tense
3. Answering Questions with Questions
4. Equivocation
5. Oaths
6. Euphemisms
7. Alluding to Actions
8. Lack of Detail
9. Narrative Balance
10. Mean Length of Utterance

23
Lack of Self Reference

• Truthful people make frequent use of the pronoun
  I to describe their actions
• EXAMPLE I arrived home at 630. The phone was
  ringing as I unlocked the front door, so I walked
  straight to the kitchen to answer it. I talked
  to my mother for 10 minutes before noticing that
  my TV and computer were missing from the living
  room.

24
Lack of Self Reference (Cont.)

• Deceptive people often use language that
  minimizes references to themselves, usually by
  describing events in the passive voice.
• EXAMPLES The safe was left unlocked rather
  than I left the safe unlocked. or The shipment
  was authorized rather than I authorized the
  shipment.

25
Answering Questions with Questions

• Even liars prefer not to lie. Outright lies
  carry the risk of detection. Before answering a
  question with a lie, a deceptive person will
  usually try to avoid answering the question at
  all. A common method of dodging questions is to
  respond with a question of ones own.

26
Answering Questions with Questions (Cont.)

• EXAMPLES
• Why would I steal from the company?
• Do I seem like the kind of person who would do
  something like that?
• Dont you think somebody would have to be pretty
  stupid to remove cash from their own register
  drawer?

27
Oaths

• Although deceptive people attempt to give as
  little useful information as possible, they try
  very hard to convince others that what they say
  is true. They do this by using oaths to try to
  make their statements sound more convincing.
• Deceptive people are more likely than truthful
  people to use statements such as I swear, on
  my honor, as God is my witness, cross my
  heart.
• Truthful people are more confident that the facts
  will prove their statements and feel less need to
  back their statements with oaths.

28
Lack of Detail

• Truthful statements usually contain specific
  details, some of which may not even be relevant
  to the question asked. This happens because
  truthful subjects are retrieving events from
  long-term memory, and our memories store dozens
  of facts about each experience (the new shoes we
  were wearing, the song that was playing in the
  background, the woman at the next table, etc.).
  At least some of these details will show up in a
  truthful subjects statement.

29
Lack of Detail (Cont.)

• Those who fabricate a story, however, tend to
  keep their statements simple and brief.
• Deceptive people will want to minimize the risk
  that an investigation will discover evidence that
  could contradict their story. (i.e., the fewer
  facts proven false, the better.)

30
Additional Investigation

• The endorsement on this check was made by a blind
  woman. The signature was forgedhow do we know?

31
Additional Investigation (Cont.)
32
Fraud is FoundNow What?

• Do you know the extent of the losses?
• Can you get it back?
• Have you already been made whole?
• Do you intend to prosecute?
• Discuss the situation with legal counsel or a
  CPA/CFE.

33
Fraud Prevention

• Small organizations are disproportionately
  victimized by occupational fraud. These
  organizations are typically lacking in anti-fraud
  controls compared to their larger counterparts,
  which makes them particularly vulnerable to
  fraud.
• As part of the 2010 study of fraud cases, the
  examiners compared the presence of anti-fraud
  controls at companies with fewer than 100
  employees to the controls at companies with more
  than 100 employees.
• Study results reveal that smaller companies have
  fewer fraud preventative controls in place than
  the larger companies.

34
Fraud Prevention (Cont.) Frequency of Anti-Fraud
Controls by Size of Victim Organization
35
Detection of Fraud Schemes
36
Detection of Fraud Schemes (Cont.)
37
Fraud Prevention

• While tips have consistently been the most common
  way to detect fraud, the impact of tips is, if
  anything, understated by the fact that so many
  organizations fail to implement fraud reporting
  systems (a.k.a Hotlines).
• Such systems enable employees to anonymously
  report fraud or misconduct by phone or through a
  web-based portal.

38
Fraud Prevention (Cont.)

• Formal codes of conduct and anti-fraud policies
  cost very little to implement, but serve as an
  effective way to make a clear and explicit
  statement against fraudulent and unethical
  conduct within an organization.
• Hotlines are consistently the most effective
  fraud detection method and would go a long way in
  helping small-business owners protect their
  assets from dishonest employees.
• The median loss for frauds at companies with
  hotlines was 59 smaller than the median loss for
  frauds at organizations without such a mechanism.

39
Fraud Prevention (Cont.)
17KEY External Audit of F/S Independent
external audits of the organizations financial
statements Internal Audit / FE Department
Internal audit department or fraud examination
department External Audit of ICOFR Independent
audits of the organizations internal controls
over financial reporting Management Certification
of F/S Management certification of the
organizations financial statements
40
Fraud Prevention (Cont.)

• How Important is Segregation of Duties?
• In nearly two thirds of the fraud schemes
  covered by the ACFEs 2010 report to the nations,
  the person committing the fraud acted alone.
• However, when collusion of two or more employees
  existed in a fraud case, the damages were much
  more costly.

41
Fraud Prevention (Cont.)

• Primary Internal Control Weakness Observed by CFEs

42
Creating the Perception of Detection

• The best way to prevent fraud is by creating a
  perception of detection. Generally speaking,
  occupational fraud perpetrators only commit fraud
  if they believe they will not be caught.
• The threat of surprise audits increases
  employees perception that fraud will be detected
  and thus has a strong deterrent effect on
  potential fraudsters.
• Surprise audits, fraud policies, hotlines,
  etcare only effective if people KNOW THEY EXIST!

43
Creating the Perception of Detection (Cont.)
44
Creating the Perception of Detection (Cont.)
45
THANK YOU!

• Adam J. Hennen, CPA, CFE
• Olsen Thielen, CPAs
• ahennen_at_otcpas.com
• 651-483-4521 (main office)
• 651-621-8523 (direct)