How $16 Million was Stolen from a Bakery

Day 24 of 30 Days of Fraud

Is it possible to steal over $16 million from a bakery? Today we see that large sums can be taken from a small, mundane business. And the scheme can be so very simple.

The Theft

Sandy Jenkins, the controller of Collin Street Bakery in Corsicana, Texas, made off with more than just fruitcakes. He took over $16 million, so says the FBI. And what did Mr. Jenkins do with the money?

He used the funds in the following ways:

  • $11 million on a Black American Express card
  • $1.2 million at Neiman Marcus in Dallas
  • 532 luxury items, including 41 bracelets, 15 pairs of cufflinks, 21 pairs of earrings, 16 furs, 61 handbags, 45 necklaces, 9 sets of pearls, 55 rings, and 98 watches (having an approximate value of $3.5 million)
  • Wine collection (having an approximate value of $50,000)
  • Steinway electronic piano (having a value of $58,500)
  • 223 trips on private jets (primarily Santa Fe, New Mexico; Aspen, Colorado; and Napa, California, among other places), with a total cost that exceeded $3.3 million
  • 38 vehicles, including many Lexus automobiles, a Mercedes Benz, a Bentley, and a Porsche
  • And more…

How the money was stolen

You might think that stealing $16 million would require an elaborate scheme. But did it? 

Here’s an example of his method: Jenkins would print a check to his personal credit card company, but he would void the check in the accounting system. (He still had the printed check.) Then, he would generate a second check for the same amount to a legitimate vendor, but the second check was never mailed. Next, Jenkins would send the first check to his credit card company.

The result: Jenkins’ credit card was paid, but the general ledger reflected a payment to an appropriate vendor.

$16 million stolen from a bakery

The picture is courtesy of AdobeStock.com

The Weakness

No one was comparing the cleared check payees to the general ledger. 

The Fix

Someone other than those who create checks should reconcile the bank statements to the general ledger. As they do so, they should compare the cleared check payees to the vendor name in the accounting system. Some businesses have hundreds (or even thousands of checks) clearing monthly. Therefore, they may not desire to examine every cleared check. 

Alternatively, the business could periodically sample the cleared checks, comparing the cleared checks to the vendor payments in the general ledger. The persons creating checks should know that this test work will be performed. Doing so creates the camera effect. When people know their actions (in this case, the creation of checks) are to be examined, they act differently–they are much less likely to steal.

If you desire a preventive control, you could require a daily second-person review of cancelled checks.

Lastly, when segregation of duties is not possible, have the bank statements mailed to someone outside the accounting department such as an owner. That person should review the cleared checks before providing them to the accounting department. Alternatively, provide online access to the reviewing person. The reviewer should examine the cleared checks and provide documentation of his or her examination to the accounting department.

What Happened to Sandy Jenkins?

Sandy Jenkins was sentenced by U.S. District Judge Ed Kinkeade to serve a total of 120 months in federal prison. His wife, Kay Jenkins also pleaded guilty to one count of conspiracy to commit money laundering. Ms. Jenkins was sentenced to five years probation.

Hosting Services Impair a CPA’s Independence

Your independence could be impaired (and you may not know it)

Hosting services impair a CPA’s independence, so says the AICPA. And most firms are providing hosting services (though they may not know it). This article explains why your possession of client records, whether electronic or hard-copy, can affect your independence.

Hosting Services Impair a CPA’s Independence

Starting September 1, 2018, your possession of client documents (e.g., tax records) or information (e.g., the housing of QuickBooks files on our server) can, in some instances, create an independence impairment. (If you temporarily possess original documents (e.g., tax records) but return them to the client in a short period, then the possession of the original documents does not impair your independence.)

The AICPA recently adopted a new interpretation, “Hosting Services,” which appears in the Code of Conduct under nonattest services. See 1.295.143 of the Code.

Why would possessing documents or information potentially impair independence? Because you accepted the responsibility for designing, implementing or maintaining internal controls for the records in your possession. And this is considered a management function.

In effect, the AICPA is saying there is an implicit understanding that you (the CPA) will safeguard the client’s records. And to safeguard the information, you agree to create controls to ensure the safety of the information in your possession.

To understand the actions that would impair your independence, see Catherine Allen’s article in the Journal of Accountancy. Specifically, look at her examples of where independence is impaired and where it is not. 

Is Your Cash Receipts Supervisor on the Take?

Day 23 of 30 Days of Fraud

Sometimes the person you hire to prevent theft is the one stealing. This is one of the dangers of a trusted bookkeeper. Below I provide a real-life story of a cash receipts supervisor on the take.

The Theft

Is your cash receipts supervisor taking your cash? I once worked on a case where this person took over $300,000.

Cash receipts supervisor on the take

The picture is courtesy of AdobeStock.com

Cash Receipts Supervisor

Many businesses funnel cash receipts to a supervisor who counts the money from each cash drawer and compares the funds to the daily receipts. The purpose of this step is to ensure no front-desk clerks are stealing.

The cash collections supervisor has usually worked a cash drawer in the past. So she knows all about how the receipts enter the system and how they are deposited.

Typical Deposit Cycle

The collections process often works as follows:

  1. Money is collected at the front cash-collection desks and placed in the cash drawers that are assigned to each clerk; receipts are written for each payment
  2. These clerks tally their collections at the end of each day and reconcile the monies in their cash drawers to the receipts written
  3. The daily reconciliation for each cash drawer goes to the cash receipts supervisor who recounts the funds received and reconciles collections to the receipts written (performing the same reconciliation as the front desk clerks)
  4. The cash receipts supervisor creates a deposit slip for all funds collected (if there are seven cash drawers, then the deposit slip represents the total collections for all seven cash drawers)
  5. The cash receipts supervisor gives the checks and cash and deposit slip to a courier to take to the bank
  6. The courier receives a bank deposit receipt from the bank
  7. The courier provides the bank deposit receipt to the cash receipts supervisor (so she can compare the bank deposit receipt with the copy of the deposit slip–to ensure the courier did not steal any funds in transit)

The Cash Receipts Supervisor Steals

So how can the cash receipts supervisor steal funds in the above scenario?

In the case I worked on, the supervisor also reconciled the bank statement. After step 3., but before step 4., she would steal the cash and then lessen the deposit slip accordingly. So, if she took $2,200, the deposit slip would reflect the total daily collections less $2,200.

You’re thinking, “But then the bank account would not reconcile since the computers have recognized the front-desk collections?” You are correct—unless someone monkeys with the bank reconciliation. And that’s what she did. The supervisor adjusted the reconciling items–on the bank reconciliation–to cover up the stolen funds. The scheme worked until the annual audit.

When the auditors tested the outstanding items on the bank reconciliation, they could not tie substantial amounts to the subsequent bank statement. Generally, outstanding reconciling items clear the subsequent month’s bank statement—but large amounts on the year-end bank reconciliation could not be accounted for (because they were fictitious).

When confronted, the clerk confessed to her theft and method.

The Weakness

The weakness was the cash receipts supervisor who had custody of assets (cash) also performed the reconciliation of the related bank account.

The Fix

The person reconciling the bank statement should not also handle cash. It’s also a good idea to perform surprise tests of the receipting records. Doing so puts everyone on notice. The receipt employees know someone can appear at any time and review their work.

For additional assistance, see my article about how to audit cash.

How to Use the Camera Effect to Kill Fraud

The threat of being seen diminishes theft

You can use the camera effect to kill fraud. Today I tell you what the camera effect is and how you can use it to reduce theft.

People are more prone to steal if they think no one is looking. But the camera effect is a powerful deterrent. So what is it? It’s the positive change that occurs when employees believe their actions are seen.

using the camera effect to kill fraud

43% of fraud detection comes by way of tips. This is why whistleblower programs are the number one way to reduce theft. Time and time again the Association of Certified Fraud Examiners’ surveys show that whistleblower programs lessen the number of and dollar amount of frauds. Employers provide 1-800 numbers whereby employees can anonymously report potential red flags 24/7. So why would a telephone number reduce fraud?

The camera effect.

Use the Camera Effect to Kill Fraud

We know that when potential fraudsters believe their thefts will be seen, they stay clean. No one wants to go to jail. No one desires to embarrass themselves or their family members.

The key is to introduce the threat of discovery.

This is why whistleblower programs are effective. When in place, such programs make employees feel that others see their actions. For example, if I make $40,000 a year, but I buy an $80,000 vehicle, my fellow employees (at least some) know this is a fraud signal. Now someone can report this signal using the whistleblower program. Think of the whistleblower programs as lots of roving cameras recording and communicating actions in real time. Now employees believe, “If I take, I will be seen.”

When I teach fraud prevention classes, I stand in front of the room and turn a security camera on. It whirls and turns, making class members feel as though they are being recorded. It’s funny; people act differently. They sit up, fix their hair, smile. After the camera rotates a couple of times, I say, “The camera is not hooked up to anything. You are not being recorded.” What did I just do? I made them think they were being taped.

My teaching point: We want employees to believe their actions are visible. The camera effect causes positive actions.

Examples of the Camera Effect

Here are examples of fraud prevention steps that create the camera effect:

  • Someone outside of the accounts payable department randomly selects ten cleared checks each month and reviews the payee, the signature, and the invoice support (let the accounts payable personnel know that this procedure will be performed periodically)
  • Mail the bank statements to someone outside of accounting who opens them and inspects the contents before providing the statements to the accounting department 
  • An outside CPA or CFE performs surprise tests of accounting information twice a year, picking whatever area she desires to inspect (now everyone knows their work is potentially subject to review)

Your Camera Effects

What are you doing to create the camera effect? White-collar crime is a real threat to your organization.

CPA’s Office Setup: A Behind-the-Scenes Spotlight

See my personal office setup

Is a CPA’s office setup important? You bet.

Like you, I am continually looking for ways to be more productive. I buy books, watch videos, and take note of how others work.

I like to see the offices of other CPAs. Here’s mine.

Multiple Monitors

Docking Station – I use a docking station that allows me to push one button to disconnect and place my laptop into a bag for travel. The docking station provides connectivity inputs behind my computer. Rather than disconnecting several wires to “set my computer free,” I push one button.

Multiple Monitors – I use multiple monitors. See how to review financial statements on computer screens.

50″ Monitor (on a swivel hinge) – This monitor is about two feet behind my desk. I use this screen as a fourth working monitor. For example, when I am reviewing financial statements, I sometimes place the balance sheet on the 50″ screen and a second copy of the financial statements on my lower center monitor. Then as I review the remainder of the statements (e.g., notes), I can glance at the balance sheet.

The 50″ monitor hangs from a swivel hinge. The swivel hinge allows me to tilt the screen in other directions when I am sharing information from my laptop with others in my office. We also use the monitor to watch webcasts. 

Todoist Checklist – I place all my outstanding to-do items in Todoist. Since Todoist integrates with Outlook, I usually have Outlook docked on the 50″ monitor. With just a glance, I can quickly see what I need to complete. With one click, I can add a new to-do item. And the to-do items I add on my laptop show up on my iPad and iPhone Todoist apps (and vice versa)–this integration is why I started using Todoist.

Logitech Camera – I often have online meetings and share information on my computer screen with those I am speaking with (I use Zoom). This Logitech camera creates an excellent picture and sound so those I’m sharing with can see and hear meLogitech C930e 960-000971 USB 2.0 1920 x 1080 Video Webcam

Bose Bluetooth Speaker – Music can make us more productive. And why not have quality sound? You spend such much of your waking day in your office. Bose SoundLink Mini Bluetooth Speaker II (Carbon)

iPhone on a Stand – Do you ever lay your phone down and later you can’t find it? (We used just to lose our keys, now it’s the phone and the keys.) This stand provides me with a consistent place for my phone. elago M2 Stand for all iphones, Galaxy and Smartphones (Angled Support for FaceTime), Black

printer shot

Fujitsu ScanSnap iX500 Scanner – When I receive physical paper documents, my usual first step is to scan the paper and place it (the paper) in my shred box. I use this scanner several times a day. I like the scanner (but I have had problems with paper jams). Fujitsu ScanSnap iX500 Scanner for PC and Mac (PA03656-B005)

Deluxe Shred Box – My deluxe shred box is a box top. I know, sophisticated, huh?

Landline Phone – I keep my phone over on my side table to keep it off my main desktop.

HP Printer – Many CPAs use a central printer for several people but think about the cumulative time you waste walking to the printer. HP LaserJet P2035 Monochrome Printer (CE461A#ABA)

CPA's Office Setup

iPad – This is my favorite device. I use it mainly outside the office, but I place it on the corner of my desk, so I can quickly pick it up as I go out.

The Physical Library – I order most publications electronically, but for my physical books, I keep them handy here.

Adjustable Standup Desk – In my attempt to be a (little) more healthy, I bought this standup desk about three years ago. About once a day, I will print and stand while I review a set of financial statements–mainly to get my rear out of the chair. There has been a great deal of press lately about professionals (slowly) killing themselves by sitting too much. This desk does adjust down to the level of my main desktop, and it is mobile, so I use it–when I’m tired of standing–as an extension of my main desktop.

Paper-in Tray – I use a three-level tray for my incoming paper. The top shelf is for newly arrived paper information.

conference space

Corner Meeting Spot –  I use this corner area as a place to meet with partners and staff, especially if they bring paper copies in to discuss.

Coffee Maker – This is probably the most important appliance in my office. No coffee, no Charles.

whiteboard

Whiteboard – If someone needs to draw an idea out, here’s the place. I sometimes take iPhone pictures of the information drawn on the board and then store it in Evernote.

Watercooler – Drinking plenty of water each day will enhance your stamina. You want to create energy that sustains you.

See what’s on my computer desktop for software ideas.

Your Ideas

How would you change my office? What additional ideas would you add to these?

Providing Fraud Prevention Services to Compilation Clients

Could it be that fraud prevention assistance is more beneficial than a compilation engagement?

This post discusses providing fraud prevention services to compilation clients.

providing fraud prevention services to compilation clients

How many clients do you provide compilation services to? For most small- to medium-sized CPA firms, the answer is plenty. Now let me ask you another question.

The Greater Risk for Your Client

What is the greater risk for your client?

  • Financial statements are misstated or
  • A trusted bookkeeper (or someone else) is stealing substantial sums of money from the business

You say, “But I’m not engaged to look for potential theft or prevent it.” Regarding compilation engagements, you are right. Notice, however, my question is about your client.

I find that most compiled financial statements are basically correct—often because of the CPA’s involvement. The risk of material misstatement is driven down, and obviously, this is a good thing, but what about the potential for theft?

It seems to me that CPAs seldom talk with their compilation clients about the potential of fraud, even though we know, for instance, that the client’s accounting staff consists of one bookkeeper. So, we are aware that the client’s accounting system lacks segregation of duties.

When fraud happens, clients will sometimes say, “my CPA is responsible”—even though compilations are not designed to prevent (or detect) fraud. Therefore, we must clearly define the services we are providing.

Defining Your Compilation Service

Here are two questions to consider in defining your compilation engagements.

  1. Do you get signed compilation engagement letters?
  2. Do you verbally explain the limits of your engagements (that you are not providing fraud prevention or detection services)?

These two actions lessen your risk when you provide only compilation services.

If you desire to provide fraud prevention services, then use a separate engagement letter to cover that work.

Providing Fraud Prevention Services to Compilation Clients

Do you ever suggest to your client that he or she have you (or someone else trained in fraud prevention) review the accounting system and make fraud prevention suggestions? Here is where I believe you can add value to the compilation service. I also believe it is largely an untapped source of revenue for small- to medium-sized CPA firms.

If you provide fraud prevention services, you need to create an engagement letter that addresses the boundaries of your work. It is wise to say what you are providing and, more importantly, what you are not providing.

I normally state that I am providing the additional fraud prevention service to mitigate fraud risk and that the additional work does not provide absolute assurance. I go on to say that once the work is complete, “that fraud can still occur.” (Check with your insurance carrier for appropriate language.)

In other words, your engagement is to lessen fraud risk, not to eliminate it, a reasonable proposition. (The risk of fraud can seldom, if ever, be fully eliminated. And I tell my clients this.)

Fraud Prevention Services Create Risk

But doesn’t providing fraud prevention services create additional risks for the CPA?

Yes.

Providing any additional service creates risk for the CPA. So this is ultimately a business decision for you and your firm. 

If you desire to provide fraud prevention services, consider becoming a Certified Fraud Examiner (CFE) or obtain your Certified in Financial Forensics Credential. I became a CFE in 2004 and found the training eye-opening. Though I had been a CPA since 1987, I gained valuable knowledge about system design and fraud prevention.

Independence

Will providing fraud prevention services impair your independence? Under existing AICPA independence standards, the answer could be yes (because you are assisting with the design of the internal control system). But the independence issue depends on what you do. Making recommendations probably would not impair independence. Fully designing the internal control structure would impair independence.

If your independence is impaired, you need to say so in the compilation report.

Agree or Disagree?

What do you think about offering fraud prevention services to compilation clients?

You can learn more about white-collar crime here.

Top 10 CPA Scribo Blog Posts for 2017

Top articles based on your sharing

Below are the top ten CPA Scribo blog posts for 2017. Some of these were written in prior years, but here are the top 2017 posts based on social media sharing statistics. Thanks for sharing!

Top 10 CPA Scribo blog posts for 2017 

  1. Audit Documentation: If It’s Not Documented, It’s Not Done
  2. Evernote for CPAs: Developing a Super Power
  3. 25 Ways Fraud Happens
  4. Twenty Mistakes CPAs Make
  5. How Honest People Steal
  6. How $16 Million was Stolen from a Bakery
  7. Seven Deadly Audit Sins
  8. Why Should Auditors Perform Audit Walkthroughs?
  9. How to Lessen Segregation of Duties Problems in Two Easy Steps
  10. The Most Efficient Way to Issue Financial Statements