How Accounting Tricks Inflate Earnings: How to Understand It and Prevent It

Day 11 in 30 Days of Fraud

The Theft

Accounting tricks can inflate earnings.

One Wall Street Journal article said a California company used “a dozen or more accounting tricks” including “one particularly bold one: booking bogus sales to fake companies for products that didn’t exist.” These machinations inflated earnings, making the company look more profitable than it really was. 

Today I show you how fraudsters use financial statement fraud to magically transform a company’s appearance. Then you will better know how to prevent these schemes.

Accounting tricks inflate earnings

The picture is courtesy of AdobeStock.com

Financial Statement Fraud

Companies can magically create earnings by:

  • Accruing fictitious income at year-end with journal entries
  • Recognizing sales for products that have not been shipped
  • Inflating sales to related parties
  • Recognizing revenue in the present year that occurs in the next year (leaving the books open too long)
  • Recognizing shipments to a re-seller that is not financially viable (knowing the products will be returned)
  • Accruing projected sales that have not occurred
  • Intentionally understating receivable allowances

Think about it: A company can significantly increase its net income with just one journal entry at the end of the year. How easy is that?

You may be thinking, “But no one has stolen anything.” Yes, true, but the purpose of most revenue inflation tricks is to increase the company’s stock price. Once the price goes up, the company executives sell their stock and make their profits. Then the company can, in the subsequent period, reverse the prior period’s inflated entries.

The Weakness

Such chicanery usually flows from unethical owners, board members, or management. The “tone at the top” is not favorable. These types of accounting tricks usually don’t happen in a vacuum. Normally the top brass demands “higher profits,” often not dictating the particulars. (These demands are typically made in closed-door rooms with no recorders and no written notes.) Then years later, once the fraud is detected, those same leaders will plead ignorance saying their lieutenants worked alone.

The Fix

The fix is transparency. This sounds too simple, but transparency will usually remove the temptation to inflate earnings. If you work for a company (or a boss) that is determined to “win at any cost,” and repeatedly hides things (“don’t tell anyone about what we’re doing”), it is time to look for another job. When people hide what they are doing, they know it is wrong–otherwise, why would they hide it?

A robust internal audit department can enhance transparency. The board should hire the internal auditors. Then these auditors should report directly to the board (not management). The company’s internal auditors should know that the board has their back. If not, then you’ll continue to have opaque reporting processes. Why? The internal auditors’ fear of reprisal from management (or the board itself).

And what if the leaders of an organization won’t allow transparency? If possible, remove them. Unethical leadership will destroy a business.

Also, use retrospective reviews of the receivable allowance account. By comparing current period allowances with the prior period, you might detect the intentional lowering of receivable allowance accounts. Why would a company do this? Lower allowances result in higher profits. It’s another form of financial statement fraud.

A Fraudster’s Refuge: The Appalachian Trail

Day 10 of 30 Days of Fraud

The Theft

Some fraudsters steal money by opening a fraudulent bank account and funneling funds into that account. Today, I show you how one controller did this and walked away with millions.

In May 2015 James Hammes was arrested for the theft of $8.7 million from his former employer, G&P Pepsi-Cola Bottlers. After Mr. Hammes was confronted about the theft in February 2009, he left his home and hid on the Appalachian Trail, which runs from Georgia to Maine. Hammes assumed a hiking name of “Bismarck” and spent several years on the popular trail. Fellow hikers enjoyed Bismarck since he seemed to be one of them.

Wanted poster from the FBI

Wanted poster from the FBI

How the Funds Were Stolen

The FBI reported the following:

Court documents show that Hammes’ embezzlement began around 1998. As a controller, he was responsible for all financial accounting and internal controls for his division, including supervising accounts payable to several hundred outside vendors. He carried out the fraud by establishing a new bank account for an existing vendor at a different bank. He then deposited hefty payments to that vendor—often $100,000 at a time—in the phantom account that he alone controlled. He then could transfer money from the phantom account to his personal accounts.

“He knew how to cover his tracks by manipulating audits and ledger entries,” Jones said. “He got away with it for so long because he knew how to manipulate his subordinates and how not to raise accounting red flags.”

So, Hammes opened a fraudulent bank account at another bank (one the company did not use) and deposited vendor checks into that account. Then he transferred funds out of the fraudulent bank account to himself.  Since he opened the account, he was the authorized check signer. Simple but effective.

The Weakness

If extra payments were made to vendors (and it appears that occurred), then the company may not have been reviewing vendors payments. It’s easy to just make vendor payments without seeing patterns, especially if hundreds of checks are processed each month.

Also, it appears the company may have lacked sufficient segregation of duties since Hammes was able to disburse extra vendor payments without detection.

The Fix

Periodically, review total payments made to each vendor. For example, generate the total monthly payments made to XYZ Company. Then compare the monthly payments over a two to three year period. If payments dramatically increase, then someone within the company may be making additional payments and stealing those checks. Or there may a legitimate reason for the increase. Either way, it’s wise to review vendor payments for anomalies. 

Fraudsters Writing Checks to Themselves: How to Understand It and Prevent It

Day 9 of 30 Days of Fraud

The Theft

Fraudsters do write company checks to themselves. Today I tell you how they do so and how you can prevent this type of theft.

Randy Toms, a city accounting clerk, creates a manual check for $5,200 that is made out to himself and signs it with a signature stamp. (The stamp is used when the mayor is out of town.) Randy enters the transaction into the accounting system–using a journal entry–as a payment to Macon Hardware. The result: The general ledger reflects a payment to Macon Hardware, but the check is made out to Randy. Also, he codes the disbursement to an account with sufficient remaining budgetary balance. The subterfuge works since the expense accounts reflects appropriate vendor activity (a check to Macon Hardware), and expenses don’t exceed budget. Randy performs the monthly bank reconciliation, so he alone sees the cleared checks.

Given Randy’s success with the first check, he continues the fraud for several years.

(Here’s another twist to this type of theft. Some companies print their checks with the signature affixed, so the computer (in effect) signs the check. When this is true, some fraudsters will print the check to a legitimate vendor. Then they will destroy the check and write a manual check (from other company check stock) to themselves. In such cases, they are either authorized signers or they forge the signature.)

Fraudsters writing checks to themselves

This is picture is courtesy of AdobeStock.com

The Weakness

The following provides the perfect environment for this theft:

  1. The existence of the signature stamp
  2. The clerk posts journal entries without a second-person review (approval)
  3. The clerk reconciles the related bank account (ensuring that no one–other than Randy–sees the cleared checks)

As you can tell there is a lack of segregation of duties. Many small organizations are unable to segregate accounting duties since they have a limited number of employees. Even so, there are steps you can take to reduce the possibility of theft.

You may be thinking, “Wouldn’t the auditors catch this type of fraud?” Probably not. Auditors seldom compare cleared checks to supporting invoices. (If you’re an auditor, you may want to consider this potential theft in your fraud brainstorming sessions.)

The Fix

The fix includes the following:

  1. Get rid of the signature stamp
  2. Require second party approval of all journal entries
  3. Have someone other than the clerk reconcile the bank account (and review cleared checks)

Some governments or businesses have bank statements mailed to someone outside the accounting department such as the city mayor or business owner. This person opens the bank statement and performs a cursory review of the cleared checks–once done, the bank statement is routed to the accounting department. Since cleared checks are viewed by someone else, there is less of a chance that the accounting staff will write checks to themselves.

Converting Company Checks to Cash: How to Understand It and Prevent It

Day 8 of 30 Days of Fraud

The Theft

In a recent post, we saw that John opens the mail and receipts checks made out to the City of Whoville. He was stealing cash by using the check-for-cash fraud scheme. That’s one way to steal.

But consider that converting company checks to cash—even without using a check-for-cash scheme—is possible. 

In this post, I show you how fraudsters turn company checks into cash.

converting company checks to cash

Picture is courtesy of AdobeStock.com

John can open a new bank account in the name of the city. Everyone in the community knows that John works in the city’s accounting department; so it appears perfectly normal for him to open a new bank account. John conveniently signs the signature card as the solely authorized signature. The name he uses for the bank account is Whoville Projects. So, the account name appears reasonable, and John has what he wants–a bank account for which he is the solely authorized signer.

John alone opens the mail. Now he steals checks made out to the city and deposits them into the Whoville Projects bank account (the new account is never set up in the city’s general ledger). Then John writes checks from his fraudulent bank account to anyone he chooses–including himself. (Rita Crundwell used an off-the-books checking account to steal $53 million dollars.)

Many companies incorrectly believe that fraudulent bank accounts can’t be opened in their name, especially if they are incorporated. Why? Because most banks ask for copies of company corporate documents. But consider that fraudsters can open a “doing business as” bank account in the name of ABC Company. Since the bank account is a personal (and not a corporate) bank account, the bank will not ask for corporate documentation.

Also, fake corporate documents can be created, if Susie wants to go the route of opening the bank account in the name of ABC Company, Inc.

The Weakness

The fundamental weakness is John opens the mail and receipts the checks by himself. Also, this type of theft often occurs when no one is comparing revenues to budget or prior period amounts. A lack of security cameras allows John’s thefts to go undetected.

The Fix

Two people should be present when the mail is opened and receipted. Another alternative is to use a lockbox; that way, all checks go directly to the city’s bank rather than to the city.

The city should install security cameras and record all activity.

Periodically request a list of all accounts from the bank. Then see if each account is set up in the city’s general ledger.

Theft of Capital Assets: How to Understand It and Prevent It

Day 7 of 30 Days of Fraud

The Theft

In businesses, nonprofits, and governments, the theft of capital assets happens often. Today I explain how these thefts occur and how you can prevent them.

A USA Today article began with, “Stolen and sensitive U.S. military equipment, including fighter jet parts wanted by Iran…have been available to the highest bidder on popular Internet sales sites.” The article went on to say that the equipment, “purchased with taxpayer money,” was available for purchase on eBay and Craigslist and included “components from F-14 fighter jets” and “used Nuclear Biological Chemical protective suit.”

Capital asset theft

Picture is courtesy of Adobe pStock.com

Capital assets often go missing because no one is paying attention, and the thief knows it. Such assets can be stolen with the intent to sell and convert to cash or simply for personal use.

The thefts often occur when employees place equipment or other capital assets in their vehicles and drive home. If the employee wants to cover their tracks, they might complete accounting paperwork for disposal of assets (saying the equipment was junked). More often than not, however, the asset is just stolen because the employee knows that no one will notice, or, if someone does, he can say, “I don’t know what happened to that piece of equipment.”

Long-term employees realize that the external auditors seldom audit existing capital assets. Yes, the auditor will examine an invoice, but how many auditors physically inspect plant, property and equipment?

The Weakness

The main enabling factor is usually a lack of accountability. Many companies, nonprofits, and small governments do not perform periodic fixed asset inventories. Often equipment is purchased and added to the depreciation schedule, but no one–at a later date–compares this master list of fixed assets to what is (or should be) physically present.

The Fix

Performing periodic inventories is the key to lessening the threat of capital asset theft.

First assign each capital asset to a person (usually a department head or a supervisor); let this person know that he or she is personally responsible for the item. Then have someone external to each department perform periodic inventories of departmental assets.

Also, install security cameras to record all activity.

Uncollected Prior Year Fees: Can They Impair Your Independence?

Can uncollected prior year fees impair your independence?

Answer: It depends. If a covered member has unpaid fees from an attest client for any previously rendered professional service provided more than one year before the date of the current-year report, he is not independent.

Section 1.230.010 (Unpaid Fees) of the Code of Professional Code states:

Threats to the covered member’s compliance with the “Independence Rule” would not be at an acceptable level and could not be reduced to an acceptable level by the application of safeguards if a covered member has unpaid fees from an attest client for any previously rendered professional service provided more than one year prior to the date of the current-year report (my bold). Accordingly, independence would be impaired. Unpaid fees include fees that are unbilled or a note receivable arising from such fees.

uncollected prior year fees

The picture is courtesy of DollarPhotoClub.com.

Applies to All Fees

Note that the rule states that independence is impaired if a covered member has unpaid fees from an attest client for any previously rendered professional service. Impairment exists when any prior year fee has not been paid, including tax or consulting work.

Billed or Unbilled Services

Also, the CPA should look back one year from the report date to see if billed or unbilled amounts exist. Here’s an example:

  1. The CPA provided tax services to ABC Company on April 25, 2015.
  2. The CPA billed for the tax services on June 1, 2015.
  3. ABC Company needs an audit report with a May 15, 2016, date.
  4. ABC Company has not paid the June 1, 2015, bill.

Is the CPA independent? If the audit report is dated May 15, 2016, the CPA is not independent.

Why? If we look back one year from the report date of May 15, 2016, we see that the April 25, 2015 work has not been paid. So an unpaid service for more than one year before the report date exists. If the CPA issues the May 15, 2016 report, he is in violation of the Code of Conduct.

How do you cure the independence impairment? ABC Company has to pay for the April 25, 2015 service.

An Odd Collection Procedure

Oddly, the potential impairment of independence may assist you in collecting past-due accounts. If the client needs the current year audit report, and the CPA can’t provide it to him without payment for the prior-year work, then the client may be willing to come up with the money.

Check-for-Cash Fraud: How to Understand It and Prevent It

Day 6 of 30 Days of Fraud

The Theft

The check-for-cash fraud scheme is a simple yet effective way for employees to steal. Today I explain how this type of theft occurs and how you can prevent it.

Kelly is a receipts clerk in the City of Whosville. She usually collects about $25,000 each day with $8,000 of this being in cash and the remainder in checks. Kelly, based on city policy, receipts all monies she receives, but she does not note on the receipt whether the payment is cash or check.

check-for-cash fraud

Kelly also opens the mail and receipts those checks. Each month the city receives about a dozen alcohol tax checks–each made out to the City of Whosville–in the range of $3,000 to $6,000 each. These payments are paid by the alcohol distributors based on their sales, so the revenue is recognized upon receipt (and no receivable is accrued before payment).

Kelly wants to take a trip overseas, but she needs about $15,000 which he doesn’t have. But then she has a novel idea.

Since she opens the mail, she can steal cash in the following manner:

  1. Don’t receipt a check received in the mail (e.g., an alcohol tax check for $4,503)
  2. Place that check in her cash drawer
  3. Take $4,503 from her cash drawer and place it in her purse

The $4,503 in cash came from legitimate collections. Receipts were written for the payments, but Kelly did not note whether cash or checks were received. 

Over a three month period, Kelly steals $17,505, and no one notices.

The Weakness

Though receipts are issued, the type of payment (cash or check) is not noted. No one (such as a supervisor) is reconciling the composition–total cash and total checks–to the receipts.

The Fix

As receipts are issued, require collection personnel to note the type of payment received (whether cash or check). A supervisor should reconcile the amount of cash and checks in the collection drawer to the receipts. If total cash and total checks don’t reconcile to the receipts, then the check-for-cash fraud might be occurring.

Compare the budgeted alcohol tax amount to the total received.

Also, consider installing a camera to record cash collections activity and do not allow purses or other bags in the collections area.

Backdoor Payroll Theft of Withholdings

Day 5 of 30 Days of fraud

The Theft

Gertrude, the payroll clerk, intentionally overpays state withholding taxes by $25,000. She then amends her own W–2 so that it includes the excess payment (the $25,000 is added to her state withholding total). Once Gertrude files her personal state tax return, she receives an extra $25,000. In effect, she is using the state government as a funnel for theft.

In this business, Gertrude processes payroll, files all related payroll tax reporting information, makes payroll withholding payments and records payroll entries in the general ledger—not uncommon in a smaller organization. Also, no second person reviews the W-2s before mailing.

Backdoor Payroll Fraud

Picture is courtesy of AdobeStock.com

The Weakness

One person is performing all payroll functions, so her actions are not visible to anyone else. Also, no second person–in addition to Gertrude–is reviewing the W-2s before filing.

The Fix

Have someone outside the payroll department review and mail the W-2s. (If the W-2s are returned to the payroll clerk, she could change them.)

Ghost Employee Fraud: How to Understand It and How to Prevent It

Day 4 of 30 Days of Fraud

The Theft

Last year I received a phone call. The payroll clerk of a local business had been monkeying around with the company’s direct deposits. As employees left the business, the payroll clerk left them in the system. Why? To steal those continuing payments. Auditors refer to this as ghost employee fraud–the employees are in the system, but they are not real.

Ghost employee fraud

The picture is courtesy of AdobeStock.com

Knowing no one was paying attention, the clerk changed the terminated employees’ direct deposit bank account numbers to her own. The result?She received multiple direct deposits each payroll. The clerk was able to steal over $800,000 before the theft was detected. 

Also, the payroll clerk had not filed tax returns, so the Internal Revenue Service rubbed salt into the wound by levying fines.

The Weakness

The owners trusted the payroll clerk too much and did not monitor her work. The clerk performed all payroll services with no supervision. While the owners were aware of the lack of segregation of duties, they took no steps to prevent the theft. (Even when a business doesn’t segregate its accounting duties, there are ways to lessen the threat of theft.)

The Fix

Export all direct deposit bank account numbers along with employee names into an Excel spreadsheet and sort the bank account numbers. (The bank account numbers should be in one column and the employee name in a separate column.) Sort the bank account numbers, and the duplicate numbers will appear in adjacent rows. So once you sort the bank account numbers, see if there are any duplicates. If there are, see why.

Another fix is for the owners to review a list of all employees paid (just request a list of all employees paid for one or more payrolls). Since the owners normally know which employees have left, they will know if payroll payments are made beyond the departure dates.

Wire Transfer Fraud: How to Understand It and Prevent It

Day 3 of 30 Days of Fraud

The Theft

In one of the simplest thefts I’ve read about, a nonprofit administrative officer wired $6.9 million from an Ohio bank account to a private Austrian account. In this post, I’ll show you how wire transfer fraud occurs and how to prevent it.

wire transfer fraud

Stealing a Cool $6.9 Million

The nonprofit administrator originated with the wire with a fax, taking less than an hour. Since the officer was authorized to make wire transfers, no one at the bank questioned the transaction–until it was too late. 

The fraudster landed in Austria, called his wife and said, “I’m not coming home.” Interestingly, the wife called the police and turned in her husband. He later came back to the states of his own volition. I guess, after a few boat rides down the Danube, he missed his family. Did he go to jail? Yes.

The Weakness

The nonprofit entity did not establish appropriate controls over cash wire transfers. One person (by himself) could move funds.

The Fix

The fix for this weakness is to require (at least) two persons to consummate all wire transfers.  

As you think about wire transfers, consider that they can originate with:

  • Faxes,
  • Phone calls,
  • Personal visits to banks, and
  • Computers

Determine how your bank handles wire transfers, and craft your internal controls accordingly.

Prevention Steps

Organizations should do the following to mitigate wire transfer fraud:

  • Require the bank to limit daily wire transfer amounts (e.g., $25,000 per day for each employee)
  • Require two persons to consummate all wire transfers to external parties (an essential control in my opinion)
  • If the wire transfer request is made with a phone or fax, require the bank to call your organization back before the wire transfer is consummated
  • The bank should require the use of unique passwords to access wire-transfer software; consider using a bank that provides bank token keys (small hand-held devices that generate unique identification numbers; these numbers are required to make wire transfers)
  • Restrict bank accounts so that wire transfers can be made only to bank accounts of the organization (e.g., transfer from operating bank account to payroll bank account)
  • Have someone peruse the daily bank account activity (using online access); at a minimum, reconcile bank statements in a timely fashion (large organizations should consider reconciling bank accounts more frequently than once a month; some reconcile daily)
  • Require sufficient documentation for all wire transfer journal entries; require a second-person review of these entries
  • Consider using a dedicated computer for all wire transfers; do not use this machine for any other purpose (malware is often picked up by computers as users visit tainted websites)
  • Use all bank-provided wire transfer controls
  • Any transactions over a certain high dollar amount (e.g., $50,000) must have the approval of the business owner/CEO

If you’re an auditor, consider–as you audit cash–whether these controls are in place.

30 Days of Fraud Series

If you found today’s post helpful, consider subscribing to my blog below. I am providing 30 posts like this one showing how various frauds occur and how you can prevent them.