25 Ways Fraud Happens

Here's a list of common thefts

To prevent fraud, we must know how it happens.

Fraud Prevention

Picture is from AdobeStock.com

Common Frauds

Here’s a list of common company thefts:

  1. Collection clerk steals cash prior to recording it
  2. Collection clerk steals cash after recording a customer receipt; he voids the receipt and adjusts (writes down) the customer’s account
  3. Collection clerk places a personal check (for $5,000) in the cash drawer and takes an equivalent amount of cash; the clerk leaves the check in the drawer for months—in effect the clerk has an unauthorized loan
  4. The cash collections supervisor steals cash after receiving funds from collection clerks but before the money is deposited; she adjusts the related bank reconciliation by the amount stolen
  5. The person opening the mail steals checks before they are receipted; these amounts had not previously been recorded as a receivable
  6. Employees steal capital assets (knowing that no one performs periodic inventories)
  7. Employees use company credit cards for personal purchases but code the transactions as company expenses
  8. Accounts payable clerks cut checks to themselves (or to an accomplice) but record the check as company expenses; the check signatures are forged
  9. Accounts payable clerks establish fictitious vendors using their own addresses, a P.O. Box, or that of an accomplice; payments are made to the fictitious vendor and covered up with fictitious invoices; the checks are signed electronically as they are printed
  10. Accounts payable employee intentionally double-pays an invoice, then requests that the vendor refund the extra payment (with the refund going directly to the payable clerk)—check is converted to personal use
  11. Payroll personnel increase the pay rate—in the master pay rate file—for themselves or for friends working in the company
  12. Payroll personnel pay themselves (or friends) twice for each payroll
  13. Payroll personnel purposefully overpay withholding taxes and inflate the withholding amount on their own W-2, resulting a tax refund that includes the excess payments
  14. Purchasing department personnel are bribed by a vendor; the vendor recoups the bribe costs by inflating its subsequent invoices
  15. State, city, county elected officials are bribed; the vendor recoups the bribe costs by inflating its subsequent invoices
  16. Vendors give favors (e.g., free vacations) to those with the power to buy—commonly called a gratuity; vendor recoups the cost of the favors by inflating its subsequent invoices
  17. CEO orders accounts payable staff to make payments to himself (with an implied threat); payments are coded in a manner that hides the payment
  18. Money is wired by the CFO to the CFO but is recorded as a legitimate expense using a journal entry
  19. Money is wired to the CFO who then leaves the country without trying to cover up the theft
  20. The CEO or CFO makes payments to someone who is threatening their life or is blackmailing them; the expense is coded as legitimate
  21. A secret bank account is opened in the name of the business by the CFO but the sole authorized check signer is the CFO; checks are made from a legitimate business bank account to the secret bank account; the CFO writes checks to himself from the secret account
  22. A sales person steals rebate checks that belong to the company; she deposits the checks into her personal bank account by writing “pay to the order of…” on the back of the check
  23. The payables clerk writes a manual check to himself and then records the check with a journal entry that reflects a legitimate vendor
  24. The CFO inflates revenue at year-end with fictitious journal entries; stock prices go up; the CFO sells personally-owned company stock, then the CFO reverses the year-end accruals
  25. The inventory clerk steals stock and covers the theft by altering the inventory records

Fraud Brainstorming for Auditors

In performing your fraud brainstorming, consider printing out this list and seeing if any of these thefts are relevant to your audit.

How $16 Million was Stolen from a Bakery

Day 24 of 30 Days of Fraud

The Theft

Is it possible to steal over $16 million from a bakery?

Well, yes. Sandy Jenkins, controller of Collin Street Bakery in Corsicana, Texas, did just that, making off with more than just the fruitcakes.

$16 million stolen from a bakery

The picture is courtesy of AdobeStock.com

How was the money used?

  • $11 million on a Black American Express card
  • $1.2 million at Neiman Marcus in Dallas
  • 532 luxury items, including 41 bracelets, 15 pairs of cufflinks, 21 pairs of earrings, 16 furs, 61 handbags, 45 necklaces, 9 sets of pearls, 55 rings, and 98 watches (having an approximate value of $3.5 million)
  • Wine collection (having an approximate value of $50,000)
  • Steinway electronic piano (having a value of $58,500)
  • 223 trips on private jets (primarily Santa Fe, New Mexico; Aspen, Colorado; and Napa, California, among other places), with a total cost that exceeded $3.3 million
  • 38 vehicles, including many Lexus automobiles, a Mercedes Benz, a Bentley, and a Porsche
  • And more…

How the money was stolen

Jenkins would print a check to his personal credit card company, for example, but would void the check in the accounting system. Then, he would generate a second check for the same amount to a legitimate vendor, but he would not mail the second check. Jenkins would mail the first check to his credit card company. The result: Jenkins’ personal credit card was paid, but the general ledger reflected a payment to an appropriate vendor.

The Weakness

No one was comparing the cleared check payees to the accounting system.

The Fix

Someone other than those who create checks should reconcile the bank statements to the general ledger. As they do so, they should compare the cleared check payees to the vendor name in the accounting system.

How to Steal by Double Paying a Vendor

Day 12 of 30 Days of Fraud

The Theft

John, an accounts payable clerk, has worked at his company Zoom Inc. for ten years. Last year, he accidentally sent two check payments to the same company for the same invoice. He called the vendor, and they quickly returned the second check. While he was embarrassed about the mistake, he realized–in the course of these events–that had the check not been returned, no one would have noticed.

Payables Fraud

Picture is courtesy of AdobeStock.com

John has the itch to buy a new BMW. He has saved some money, but he needs more–much more. Where could he get the additional funds? And then he remembers the prior year double payment, and an idea comes to him. Yeah…that might work.

John intentionally pays the company’s vendor River Merchants, Inc. twice for the same invoice of $47,540. The checks are signed electronically by computer, so no one is physically inspecting the checks before mailing. John’s coworker, Liz, mails the checks; so he can’t just steal the second check before they are sent out.

Liz mails the checks on Wednesday. The next day John calls River Merchants, Inc. saying, “Sorry, but I just realized I sent two payments to you for the same invoice. Would you please return the second check? My address is…”

John receives the second check Monday morning. Now he converts the check to cash by opening a bank account in the name of River Merchants, Inc. and depositing the check. John is the authorized check signer on the account, so he writes a check to himself. He’s soon cruising the boulevard in his new red Beemer.

The Weakness

No one is monitoring the accounts payable process. While the company did implement a sound policy of having a second person mail the checks, no one is reviewing check disbursements for double payments.

The Fix

Periodically download the check register to Excel; you only need the following columns:

  1. Vendor name
  2. Check number
  3. Invoice number
  4. Check amount (amount paid)

Sort the payments by vendor name; then scan the list for same amounts paid to the same vendor. If you see payments to the same vendor with the same invoice number and the same check amount, then definitely dig deeper. (Accounts payable software should not allow the processing of two checks with the same invoice number–even so, some systems allow an override; alternatively, the fraudster may bypass this restriction by altering the invoice number.) If it appears that a double payment has occurred, call the vendor to verify that they received two payments (and that they have not returned one).

Obviously, some payments to vendors should be for the same amount (such as rent)–these should be ignored for the purposes of this test.

Note–Sometimes, in performing this test, you will find double payments–made by mistake–that the vendor has not returned. The first time I did this test I found such a payment for over $75,000.

More Fraud Prevention Tips

For more information about fraud prevention, check out my book on Amazon. Click the book icon below.

How Accounting Tricks Guarantee Increased Earnings

Day 11 in 30 Days of Fraud

The Theft

One Wall Street Journal article said a California company used “a dozen or more accounting tricks” including “one particularly bold one: booking bogus sales to fake companies for products that didn’t exist.”

Accounting Trickery

The picture is courtesy of AdobeStock.com

Companies can magically create earnings by:

  • Accruing fictitious income at year-end with journal entries
  • Recognizing sales for products that have not been shipped
  • Inflating sales to related parties
  • Recognizing income in the present year that occur in the next year (leaving the books open too long)
  • Recognizing shipments to a re-seller that is not financially viable (knowing the products will be returned)
  • Accruing projected sales that have not actually occurred

Think about it: A company can significantly increase its net income with just one journal entry at the end of the year. How easy is that?

You may be thinking, “But no one has stolen anything.” Yes, true, but the purpose of most revenue inflation tricks is to increase the company’s stock price. Once the price goes up, the company executives sell their stock and make their profits. Then the company might reverse the prior period’s inflated numbers.

The Weakness

Such chicanery usually flows from unethical owners, board members, or management. This issue is the “tone at the top” is not favorable. These types of accounting tricks usually don’t happen in a vacuum. Normally the top brass demands “higher profits,” often not dictating the particulars. (These demands are normally made in closed-door rooms with no recorders and no written notes.) Then years later, once the fraud is detected, those same leaders will plead ignorance saying their lieutenants worked of their own accord.

The Fix

The fix is transparency. This sounds too simple, but transparency will usually remove the temptation to inflate earnings. If you work for a company (or a boss) that is determined to “win at any cost,” and repeatedly hides things (“don’t tell anyone about what we’re doing”), it is time to look for another job. When people hide what they are doing, they know it is wrong–otherwise, why would they hide it?

Stealing and Converting Company Checks

Day 8 of 30 Days of Fraud

The Theft

In a recent post, we saw that John opens the mail and receipts checks made out to the City of Whoville. Can he convert these checks to cash without using a check-for-cash scheme? Yes.

Picture is courtesy of AdobeStock.com

Picture is courtesy of AdobeStock.com

John can open a new bank account in the name of the city. Everyone in the community knows that John works in the city’s accounting department; so it appears perfectly normal for him to open a new account. John conveniently signs the signature card as the sole authorized signature. Now he steals checks made out to the city and deposits them into his off-the-books checking account (the new bank account is never set up in the city’s general ledger). Then John, as the need arises, writes checks to anyone he chooses–including himself. (Rita Crundwell used an off-the-books checking account to steal $53 million dollars.)

The Weakness

The fundamental weakness is John opens the mail and receipts the checks by himself. Also, this type of theft often occurs when no one is comparing revenues to budget or prior period amounts. A lack of security cameras allows John’s thefts to go undetected.

The Fix

Two people should be present when the mail is opened and receipted. Another alternative is to use a lockbox; that way, all checks go directly to the city’s bank rather than to the city.

The city should install security cameras so that all activity is recorded.

Periodically request a list of all accounts from the bank. Then see if each account is set up in the city’s general ledger.

Trains, Planes, and Automobiles: The Theft of Capital Assets

Day 7 of 30 Days of Fraud

The Theft

A USA Today article began with, “Stolen and sensitive U.S. military equipment, including fighter jet parts wanted by Iran…have been available to the highest bidder on popular Internet sales sites.” The article went on to say that the equipment, “purchased with taxpayer money,” was available for purchase on eBay and Craigslist and included “components from F-14 fighter jets” and “used Nuclear Biological Chemical protective suit.”

Capital asset theft

Picture is courtesy of Adobe pStock.com

Capital assets often go missing because no one is paying attention, and the thief knows it. Such assets can be stolen with the intent to sell and convert to cash or simply for personal use.

The thefts often occur when employees place equipment or other capital assets in their vehicles and drive home. If the employee wants to cover their tracks, they might complete accounting paperwork for disposal of assets (saying the equipment was junked). More often than not, however, the asset is just stolen because the employee knows that no one will notice, or, if someone does, he can say, “I don’t know what happened to that piece of equipment.”

Long-term employees realize that the external auditors seldom audit existing capital assets. Yes, the auditor will examine an invoice, but how many auditors physically inspect plant, property and equipment?

The Weakness

The main enabling factor is usually a lack of accountability. Many companies and small governments do not perform periodic fixed asset inventories. Often equipment is purchased and added to the depreciation schedule, but no one–at a later date–compares this master list of fixed assets to what is (or should be) physically present.

The Fix

First assign each capital asset to a person (usually a department head or a supervisor); let this person know that he or she is personally responsible for the item. Then have someone external to each department perform periodic inventories of departmental assets.

Also, install security cameras to record all activity.

How to Use the Camera Effect to Kill Fraud

The threat of being seen diminishes theft

43% of fraud detection comes by way of tips. This is why whistleblower programs are the number one means of reducing theft. Time and time again the Association of Certified Fraud Examiners’ surveys prove that whistleblower programs lessen the number of and dollar amount of frauds. Employers provide 1-800 numbers whereby employees can anonymously report potential red flags 24/7. So why would a telephone number reduce fraud?

The camera effect.

Fraud Prevention

Picture is courtesy of AdobeStock.com

We know that when potential fraudsters believe their thefts will be detected they will often stay clean. No one wants to go to jail. No one desires to embarrass themselves or their family members.

The key is to introduce the threat of discovery.

We don’t necessarily need a program that detects every theft (which can be quite expensive), but we do need potential thieves to believe–that if they take–they will get caught.

This is why whistleblower programs are effective. When in place, such programs make employees feel that others will see and communicate fraud signals such as the new $80,000 car on a $40,000-a-year income. Think of the whistleblower programs as lots of roving cameras recording and communicating actions in real time. Now employees think, “If I take, I might be seen.”

When I teach fraud prevention classes, I turn a security camera on, and it whirls and turns making class members feel as though they are being recorded. It’s funny; people act differently when the eye of the camera is on them. They sit up straight, fix their hair, smile. After the camera rotates a couple of times, I say, “The camera is not hooked up to anything. You are not being recorded.” What did I just do? I made them think they were being taped.

My point: We want employees to believe their actions are visible though they may not be.

Examples of Fraud Prevention Using the Camera Effect

Here are examples of fraud prevention steps that create the camera effect:

  • Someone outside of the accounts payable department randomly selects ten cleared checks each month and reviews the payee, the signature, and the invoice support (and the accounts payable personnel know this occurs)
  • The bank statements are mailed to someone outside of accounting who opens them and inspects the contents before providing the statements to the accounting department (even if the bank statements were only opened and the contents were not reviewed, the accounting department thinks the checks are being reviewed)
  • An outside CPA or CFE performs surprise tests of accounting information twice a year, picking whatever area she desires to inspect (now everyone knows their work might be reviewed)

Your Camera Effects

What fraud prevention procedures have you implemented that create the camera effect?

How to Prevent the Theft of Fixed Assets

Why it's so easy to steal equipment and electronic devices

A USA Today article began with, “Stolen and sensitive U.S. military equipment, including fighter jet parts wanted by Iran…have been available to the highest bidder on popular Internet sales sites.” The article went on to say that the equipment, “purchased with taxpayer money,” was available for purchase on eBay and Craigslist and included “components from F-14 fighter jets” and “used Nuclear Biological Chemical protective suit.”

Picture is courtesy of DollarPhotoClub.com

Picture is courtesy of DollarPhotoClub.com

Why do thefts of physical assets occur?

The main culprit is usually a lack of accountabilityMany companies and small governments do not perform periodic fixed asset inventories. (Fixed assets are also referred to as plant, property and equipment in commercial businesses and as capital assets in governments.) Often equipment is purchased and added to the depreciation schedule, but no one–at a later date–compares this master list of fixed assets to what is (or should be) physically present.

Most external auditors audit the additions and reductions of fixed assets in a given year but seldom, if ever, audit existing fixed assets–those that were owned at the beginning of the year. Consequently, theft of fixed assets may go undetected even when annual audits are performed. So what should you do?

Nip It in the Bud

To use the words of the inimitable Barney Fife, “Nip it. Nip it. Nip it in the bud.” But how?

It’s quite simple (though it can be time-consuming).

Have your department heads perform an annual inventory of the assets, comparing the master list of fixed assets purchased with what is physically present; then this annual reconciliation should be reviewed by someone outside the department. You should also, by policy, assign responsibility for each fixed asset to a particular employee (e.g., department head). For example, a city could assign responsibility for all public works equipment to the public works director. Once the director has completed the annual inventory reconciliation, an outside person (e.g., the finance director or an external auditor) should review it. If any of the equipment in that department is not present, then the director is accountable.

Train your personnel to take annual inventories, and let everyone in the organization know about your fixed asset policy. Transparency and accountability are critical; if each asset is not assigned to a particular person, you will make little progress in decreasing theft.

Capitalization Thresholds

Most organizations adopt a threshold for additions to the depreciation schedule (fixed asset inventory). For example, a business might use a $2,000 threshold; all fixed assets purchased for less than this amount are not capitalized (added to the depreciation schedule)–they are expensed (and not added to the depreciation schedule). Using a capitalization threshold is good, but there is a problem: Smaller dollar assets are more likely to be stolen (think iPads), especially if they are not inventoried.

If you adopt a capitalization threshold for your depreciation schedule (e.g., $2,000), consider maintaining a second list of all equipment purchases above a lower dollar level (say $250). Assign the responsibility for these lower value items to someone in each department. Inventorying small dollar items is sometimes critical.

The Wall Street Journal reported that the U.S. Marshals Service had lost a few thousand encrypted communication devices (mainly radios); such devices, in the wrong hands, can allow persons to listen in on policing operations and, as a result, potentially compromise the safety of officers and citizens. And what was the cause of the loss of these devices that ranged in prices between $2,000 to $5,000? A lack of appropriate inventorying software and accounting.

GFOA Capitalization Guidelines

The Government Finance Officers Association (GFOA) recommends that state and local governments consider the following guidelines in establishing capitalization thresholds:

  • Potentially capitalizable items should only be capitalized if they have an estimated useful life of at least two years following the date of acquisition
  • Capitalization thresholds are best applied to individual items rather than to groups of similar items (e.g., desks and tables) unless the effect of doing so would be to eliminate a significant portion of total capital assets (e.g., books of a library district)
  • In no case should a government establish a capitalization threshold of less than $5,000 for any individual item
  • In determining capitalization thresholds, governments that are recipients of federal awards should be aware of federal requirements that prevent the use of capitalization thresholds more than certain specified amounts
  • Governments should exercise control over potentially capitalizable items that fall under the capitalization threshold

Your Capital Asset Procedures

How does your organization lessen the threat of theft?