Category Archives for "Fraud"

receipt fraud test for auditors
Apr 03

Three Powerful Receipt-Fraud Tests (for Auditors)

By Charles Hall | Asset Misappropriation

Today I provide three receipt-fraud tests for auditors. 

The audit standards require that we introduce elements of unpredictability. Additionally, it’s wise to perform fraud tests. But I find that auditors struggle with brainstorming (required by AU-C 240, Consideration of Fraud in a Financial Statement Audit) and developing fraud tests. That’s why I wrote Five Disbursement Fraud TestsIt’s also why I am providing this post.

So, let’s jump in. Here are three receipt-fraud tests.

receipt-fraud tests for auditors

Three Receipt-Fraud Tests

1. Test adjustments made to receivables

Why test?

Receipt clerks sometimes steal collected monies and write off (or write down) the related receivable. Why does the clerk adjust the receivable? So the customer doesn’t receive a second bill for the funds stolen. 

How to test?

Obtain a download of receivable adjustments for a period (e.g., two weeks) and see if they were duly authorized. Review the activity with someone outside the receivables area (e.g., CFO) who is familiar with procedures but who has no access to cash collections.

If there are multiple persons with the ability to adjust receivable accounts (quite common in hospitals), compare weekly or monthly adjustments made by each employee.

Agree receipts with bank deposits.

2. Confirm rebate (or similar type) checks

Why test?

When rebate checks are not sent to a central location (e.g., receipting department), the risk of theft increases. Rebate checks are often not recorded as a receivable, so the company may not be aware of the amounts to be received. Stealing unaccrued receivable checks is easy.

How to test?

Determine which vendors provide rebate checks (or similar non-sales payments). Send confirmations to the vendors and compare the confirmed amounts with activity in the general ledger.

Theft of rebate checks is more common in larger organizations (e.g., hospitals) where checks are sometimes received by various executives. The executive receives a check in the mail and keeps it for a while (in his desk drawer – in case someone asks for it). Once he sees that no one is paying attention, he steals and converts the check to cash.

3. Search for off-the-book thefts of receipts

Why test?

The fraudster may bill for services through the company accounting system or an alternative set of accounting records and personally collect the payments.

How to test?

Compare revenues with prior years and investigate significant variances. Alternatively, start with source documents and walk a sample of transactions to revenue recognition, billing, and collection.

Here are a few examples of actual off-the-book thefts:

Police Chief Steals Cash

An auditor detected a decrease in police-fine revenue in a small city while performing audit planning analytics. Upon digging deeper, he discovered the police chief had two receipt books, one for checks that were appropriately deposited and a second for cash going into his pocket. Sometimes, even Andy Griffith steals.

Hospital CFO Steals Cash

hospital CFO, while performing reorganization procedures, set up a new bank account specifically for deposit of electronic Medicaid remittances. He established himself as the authorized bank account check-signer.

The CFO never set up the bank account in the general ledger. As the Medicaid money was electronically deposited, the CFO transferred the funds to himself.  What was the money used for? A beautiful home on Mobile Bay, new cars, and gambling trips.

Another Receipt Fraud to Consider

Sometimes it’s not the front-desk receipt clerk that steals. Surprisingly, your receipt supervisor can be on the take. So, consider that receipt theft takes place up-front and in the back-office.

governmental internal controls
Apr 02

Useful Governmental Internal Controls that You Need Know

By Charles Hall | Fraud , Local Governments

Below I provide useful governmental internal controls that you need to know.

Why am I providing this list of useful controls? Most small governments struggle with establishing sound internal controls. So, the list provides a foundation for preventing theft in your government. While not a comprehensive list, I thought I would share it.

Many of the internal controls listed below are also pertinent to nonprofits and small businesses as well. You will find this same checklist in The Little Book of Local Government Fraud Prevention (available on Amazon) which provides many more fraud prevention ideas.

I am providing general fraud prevention controls and then transaction-level controls for:

  • Cash receipts and billing
  • Cash payments and purchasing
  • Payroll

governmental internal controls

Useful Governmental Internal Controls

General Internal Controls

  1. Have bank statements mailed directly to someone outside of accounting; recipient should peruse bank statement activity before providing it to accounting
  2. Perform surprise audits (use outside CPA if possible)
  3. Elected officials and management should review the monthly budget to actual reports (and other pertinent financial reports)
  4. Map internal control processes by transaction cycle (preferably done by a seasoned CPA); once complete, provide the map to all employees involved in the cycle; when control weaknesses exist, institute additional controls (see 11. below)
  5. Use a whistleblower program (preferably use an outside whistleblower company)
  6. Reconcile bank statements monthly (have a second person review and initial the reconciliation)
  7. Purchase fidelity bond coverage (based on risk exposure)
  8. Periodically request from the government’s bank a list of all bank accounts in the name of the government or with the government’s federal tax I.D. number; compare the list to bank accounts set up in the general ledger
  9. Secure computer access physically (e.g., locked doors) and electronically (e.g., passwords)
  10. Do not allow the electronic transmission (e.g., email) of sensitive data (e.g., social security numbers) without the use of protected transmission technology (e.g. Sharefile); create policy and train staff
  11. Where possible, segregate who (1) authorizes transactions, (2) records transactions, (3) reconciles records, and (4) has custody of assets; when segregation of duties is not possible, require documented second-person review and/or surprise audits

Transaction Level Controls

Cash Receipts and Billing Controls

  1. Use a centralized receipting location (when possible)
  2. Assign each cash drawer to a separate person; require daily reconciliation to receipts; require second person review
  3. Deposit cash timely (preferably daily); require the composition of cash and checks to be listed on each deposit ticket (to help prevent check-for-cash substitution)
  4. Immediately issue a receipt for each payment received; a duplicate of the receipt or electronic record of the receipt is to be retained by the government
  5. A supervisor should review receipting-personnel adjustments made to accounts receivable
  6. Do not allow the cashing of personal checks (e.g., from cash drawers)

Cash Payments and Purchasing Controls

  1. Guard all check stock (as though it were cash)
  2. Do not allow hand-drawn checks; only issue checks through the computerized system; if hand-drawn checks are issued, have a second person create and post the related journal entry
  3. Do not allow the signing of blank checks
  4. Limit check signing authorization to as few people as possible
  5. Require two employees to effectuate each wire transfer
  6. Persons who authorize wire transfers should not make related accounting entries
  7. Require a documented bidding process for larger purchases (and sealed bids for significant purchases or contracts); specify procedures for evaluating and awarding contracts.
  8. Limit the number of credit cards and the chargeable maximum amount on each card
  9. Allow only one person to use an individual credit card; require receipts for all purchases
  10. Require a street address and social security or tax I.D. numbers for each vendor added to accounts payable vendor list (P.O. box numbers without a street address should not be accepted)
  11. Signed vendor checks should not be returned to those who authorized the payment; mail checks directly to vendors
  12. Compare payroll addresses with vendor addresses for potential fictitious vendors (usually done with electronic audit tools such as IDEA or ACL)

Payroll Controls

  1. Provide a departmental overtime budget/expense report to governing body or relevant committee
  2. Use direct deposit for payroll checks
  3. Payroll rates keyed into the payroll system must be supported by proper authorization in the employee personnel file
  4. Immediately remove terminated employees from the payroll system
  5. Use biometric time clocks to eliminate buddy-punching
  6. Check for duplicate direct-deposit bank account numbers
  7. A department head should provide written authorization for overtime prior to payment

Your Recommendations

What additional controls do you recommend? Share your thoughts below.

College aid theft
Feb 05

College Aid Official Funnels Student Funds of $4.1 Million to Herself

By Charles Hall | Asset Misappropriation

Theft from colleges happens more than we think. After all, aren’t these guardians tasked with looking after our children? Even in places where we expect unselfishness, sometimes there’s a bad apple. Today, we review a fraud involving a college aid official. 

The Theft

When I was a student at the University of Georgia, I needed every dollar I could find. I ate my share of cheap hamburgers and peanut butter sandwiches. In the summers, I scouted peanuts and cotton to make ends meet. So when I see a college aid official stealing student money, I wince.

theft from colleges

Picture is courtesy of AdobeStock.com

A New York college aid administrator used a simple scheme to steal $4.1 million of student aid funds. How? She made out financial aid checks to nonexistent students and then endorsed them over to the name of an alias. The administrator set up a bank account in the name of the alias and deposited the checks into the bank account, allowing her to convert the checks to cash.

How long did the theft go on? Over ten years. The fraudster stole most of the money in the last two years of the scheme. As is often the case, the thief became bolder over time. 

How many fraudulent checks did she issue? Over 1,000, each to a different student.

How was the fraudster caught? A change in the accounting system required cross-referencing of financial records.

The Weakness

No one was comparing the checks written to student admission files. Legitimate students have admission and other information that can be used to verify the students’ existence.

The Fix

A person other than the financial aid administrator should compare the student name on the check to student files to verify the existence of the student. If this control can’t be performed for each disbursement, it should be performed on a sample basis, and the persons creating and signing the checks should know their work is being monitored.

This test could be performed by someone in the financial aid office or by an external professional such as a CPA or a Certified Fraud Examiner.

The college can request from the bank the endorsement side of the cleared checks. If the back side of the checks are obtained, then the endorsements can be examined for appropriateness.

Banks Not Providing Cleared Checks

In an effort to save money, some banks don’t provide cleared checks to their clients. And very few banks (if any) provide the copies of the back side of checks. From a fraud prevention perspective, this is not good. Why? Because checks and endorsements can’t be inspected for potentially fraudulent activity. At least periodically, request some endorsements and test those on a sample basis. (The bank may require you to pay for these copies.) Additionally, as I said in another post, someone should be comparing cleared check payees to the general ledger–if not for every check, then at least on a sample basis.

Free Fraud Course

Click here for free ten-day fraud course.

 

Thrift store theft
Jan 30

Nonprofit Embezzlers Sell Donated Goods for Millions

By Charles Hall | Asset Misappropriation

Sometimes nonprofit embezzlers sell donated goods. Today, we examine how nonprofit employees can steal assets rather than cash and how you can prevent such thefts.

The Theft

Several workers at a California Goodwill pled guilty to taking over $15 million. Their scheme involved the selling of donated goods by the barrelful to private dealers who sometimes wheeled tractor trailers up to the rear of Goodwill stores.

nonprofit embezzlers sale donated goods

Picture is courtesy of AdobeStock.com

The dealers sold most of the goods in Mexico. The thefts–involving seven primary culprits, four of whom were sisters–occurred over a twenty-year period that started in the mid-70s.

So how were the fraudsters caught?

One culprit went through a bitter divorce, and the husband disclosed the scheme to authorities.

The Weakness

The article describing this case did not provide details of the store operations, but it appears–at the time–inventories of donated goods were not properly documented. When assets, of whatever form, are not inventoried, they are more likely to disappear.

The Fix

Account for all inventories. Also, clothing that is sold in bulk should be documented. So each time a truck backs up to a store, the activity should be recorded—who received the goods, the sales price, who approved the sale, why the goods were sold in bulk. The store should have a policy that cash is not to be received for such sales.

Consider adding a whistleblower hotline. Nonprofit employees sometimes see signs of theft. Make it easy for them to report fraudulent activity. Doing so creates the camera effect

Also, install a security camera that records all loading dock activity.

Note–This case was adjudicated in the 1990s, and Goodwill has, since that time, made significant improvements to its controls.

Library fraud
Jan 26

Do (Some) Librarians Steal? Yes (and With Vigor)

By Charles Hall | Asset Misappropriation

Do some librarians steal? While most don’t, some do. Today we see that some guardians of knowledge take that which belongs to the general public.

I remember my childhood librarian, Ms. Adams. She was a lady of rectitude, dignity, and uprightness. Never one to harm or take from her patrons—or the library. Theft by her? Unthinkable. The memory of her colors, in a positive way, my view these public servants. But not every librarian is Ms. Adams.

Recently I spoke to about 50 librarians about fraud prevention and was shocked by their stories of thefts from libraries. It appears library fraud is alive and well in the United States. No place is immune. The following is a story of one such librarian, Bob Rice Jr.

librarians steal

This picture is courtesy of AdobeStock.com

The Theft

Bob Rice Jr. served as the director of the Revere Public Library for twenty-seven years before he pled guilty to twenty counts of fraud and embezzlement. So, how did he steal?

Mr. Rice apparently could approve purchases by issuing requisitions and purchase orders. The library paperwork would reflect the acquisition of dictionaries, for example, but the real purchase might be a Rolex watch.

Rice also purchased items that appeared to be for the library such as computer software, but he would–after receiving the goods–sell them on eBay. Then, with the cash, he would purchase items for personal use.

Lastly, in some instances, he requested reimbursements for items he never received. Those reimbursement checks were cashed and placed in his bank account.

How Rice Used the Funds

And how was the money used?

Mr. Rice purchased personal items including:

  • A model of the Star Trek’s Starship Enterprise
  • A replica Tommy Sub-machine gun
  • Robo-Pets
  • A vacuum
  • A Leica camera
  • Star Wars collectibles
  • Rolex watch
  • An ice cream making machine
  • An elephant tusk sculpture

His total theft was estimated at $236,000.

The Weakness

And what internal control weakness allowed the theft? No one was comparing the purchase orders with the payments made or to cleared checks. (This same weakness allowed a $16 million theft from a bakery.) It also appears that Mr. Rice could issue purchase orders and sign checks.

The Fix

The person authorizing payment (e.g., issuing purchase orders) should not also make the payment. Supporting documentation (e.g., purchase requisition, purchase order, bids) should be provided to a second person for review. Thereafter, the reviewer can issue the check or authorize payment.

Check signers should not issue purchase orders. For instance, board members might sign the checks, while operating personnel request the purchase.

When possible, have a central receiving department. Goods received should be recorded upon receipt by a person that did not issue the purchase order. Why? Segregation of duties. One person authorizes the purchase and another receives the physical goods. Such a procedure makes it more difficult for someone to buy products and then sell them on websites such as eBay.

Finally, require appropriate documentation (e.g., invoice) for all reimbursements. A second person should approve these payments. The person buying the goods should not also approve the reimbursement payment.

What Happened to Mr. Rice?

Though he initially denied the charges against him, Mr. Rice pled guilty to 20 counts of fraud and embezzlement. He did provide $230,000 in restitution, which led to a reduction in his sentence. He received six months in jail. 

Nonprofit fraud
Jan 23

Nonprofit Fraud: Bid-Rigging, Kickbacks and Faulty Payments

By Charles Hall | Corruption

We sometimes think of nonprofit fraud as nonexistent. After all, these are the good guys. But today we see that nonprofit theft does occur–and to the detriment of those most in need.

The Nonprofit Fraud

We think of nonprofits as lovely places where only noble things happen. But some nonprofit leaders prey on not-for-profit entities, harming the very people the organization is designed to help.

One such nonprofit leader was charged with bid-rigging, receiving kickbacks, and making fraudulent payments to vendors.

Nonprofit fraud

Picture is courtesy of AdobeStock.com

The Department of Justice charged a “former director of operations at…a Manhattan substance abuse treatment center, with bid rigging, conspiracy to defraud, and income tax evasion, in connection with a conspiracy to embezzle approximately $2.34 million from the organization over an eight-year period.”

The Department of Justice stated the charges stemmed from the director “conspiring with several outside vendors to rig bids and allocate contracts awarded by”  the nonprofit “for the supply of food, meat, health and beauty supplies, baby supplies, office supplies, printed materials, janitorial supplies, and medical supplies from 1990 until at least April 1998.” According to the charge, the director “steered nearly $10 million in contracts to those vendors.”

The director was charged with taking kickbacks totaling at least $364,000 in cash or goods and services from vendors to ensure receipt of contracts. 

The Department of Justice went on to say, the director and seven vendors embezzled at least $2 million from  the nonprofit “by issuing false and fraudulent purchase orders to each of the seven vendors, who in turn issued corresponding invoices for goods and services that were never delivered or provided.”

Later, the director pleaded guilty to bid rigging, fraud, and tax charges.

What was the harm to the nonprofit’s 600 substance abuse patients? Well, money that should have aided the needy went into the pockets of fraudsters.

The Weaknesses

The first weakness was having a leader who was concerned more about his wealth than the people he served. Auditors often refer to this as the tone at the top–it’s the ethical makeup of those in charge. COSO calls it the control environment. Without a positive, honest culture, fraud is more likely to occur.

The second weakness was the bidding process never happened. There’s a reason for bidding: It keeps everyone honest, and it ensures the lowest price for the organization.

The third weakness was a lack of accounts payable controls (or the circumvention of such policies, if they existed). Collusion between an organization’s leaders and vendors can wreak havoc. In such cases, the vendors send invoices, but no service or product is provided. Since someone in the nonprofit is approving the invoice (with knowledge the invoice is fictitious), there is no gatekeeper, no one to prevent the theft. The person approving the invoices is aiding in the fraud.

The Fixes

First, fire unethical leaders. Nonprofits can’t afford the reputational damage.

Second, solicit (real) bids. Sealed bids should be received and opened in a public meeting.

Third, ask board members to review and vet the nonprofit’s vendor list, especially those vendors receiving payments over a certain threshold (e.g., $50,000). Alternatively, ask your external or internal auditors to verify the work of key outside vendors.

$16 million stolen from a bakery
Jan 17

How $16 Million was Stolen from a Bakery

By Charles Hall | Asset Misappropriation

Is it possible to steal over $16 million from a bakery? Today we see that large sums can be taken from a small, mundane business. And the scheme can be so very simple.

The Theft

Sandy Jenkins, the controller of Collin Street Bakery in Corsicana, Texas, made off with more than just fruitcakes. He took over $16 million, so says the FBI. And what did Mr. Jenkins do with the money?

He used the funds in the following ways:

  • $11 million on a Black American Express card
  • $1.2 million at Neiman Marcus in Dallas
  • 532 luxury items, including 41 bracelets, 15 pairs of cufflinks, 21 pairs of earrings, 16 furs, 61 handbags, 45 necklaces, 9 sets of pearls, 55 rings, and 98 watches (having an approximate value of $3.5 million)
  • Wine collection (having an approximate value of $50,000)
  • Steinway electronic piano (having a value of $58,500)
  • 223 trips on private jets (primarily Santa Fe, New Mexico; Aspen, Colorado; and Napa, California, among other places), with a total cost that exceeded $3.3 million
  • 38 vehicles, including many Lexus automobiles, a Mercedes Benz, a Bentley, and a Porsche
  • And more…

How the money was stolen

You might think that stealing $16 million would require an elaborate scheme. But did it? 

Here’s an example of his method: Jenkins would print a check to his personal credit card company, but he would void the check in the accounting system. (He still had the printed check.) Then, he would generate a second check for the same amount to a legitimate vendor, but the second check was never mailed. Next, Jenkins would send the first check to his credit card company.

The result: Jenkins’ credit card was paid, but the general ledger reflected a payment to an appropriate vendor.

$16 million stolen from a bakery

The picture is courtesy of AdobeStock.com

The Weakness

No one was comparing the cleared check payees to the general ledger. 

The Fix

Someone other than those who create checks should reconcile the bank statements to the general ledger. As they do so, they should compare the cleared check payees to the vendor name in the accounting system. Some businesses have hundreds (or even thousands of checks) clearing monthly. Therefore, they may not desire to examine every cleared check. 

Alternatively, the business could periodically sample the cleared checks, comparing the cleared checks to the vendor payments in the general ledger. The persons creating checks should know that this test work will be performed. Doing so creates the camera effect. When people know their actions (in this case, the creation of checks) are to be examined, they act differently–they are much less likely to steal.

If you desire a preventive control, you could require a second-person review of cancelled checks.

Lastly, when segregation of duties is not possible, have the bank statements mailed to someone outside the accounting department such as an owner. That person should review the cleared checks before providing them to the accounting department. Alternatively, provide online access to the reviewing person. The reviewer should examine the cleared checks and provide documentation of his or her examination to the accounting department.

What Happened to Sandy Jenkins?

Sandy Jenkins was sentenced by U.S. District Judge Ed Kinkeade to serve a total of 120 months in federal prison. His wife, Kay Jenkins also pleaded guilty to one count of conspiracy to commit money laundering. Ms. Jenkins was sentenced to five years probation.

Cash receipts theft
Jan 08

Is Your Cash Receipts Supervisor on the Take?

By Charles Hall | Asset Misappropriation

Sometimes the person you hire to prevent theft is the one stealing. This is one of the dangers of a trusted bookkeeper. Below I provide a real-life story of a cash receipts supervisor on the take.

The Theft

Is your cash receipts supervisor taking your cash? I once worked on a case where this person took over $300,000.

Cash receipts supervisor on the take

The picture is courtesy of AdobeStock.com

Cash Receipts Supervisor

Many businesses funnel cash receipts to a supervisor who counts the money from each cash drawer and compares the funds to the daily receipts. The purpose of this step is to ensure no front-desk clerks are stealing.

The cash collections supervisor has usually worked a cash drawer in the past. So she knows all about how the receipts enter the system and how they are deposited.

Typical Deposit Cycle

The collections process often works as follows:

  1. Money is collected at the front cash-collection desks and placed in the cash drawers that are assigned to each clerk; receipts are written for each payment
  2. These clerks tally their collections at the end of each day and reconcile the monies in their cash drawers to the receipts written
  3. The daily reconciliation for each cash drawer goes to the cash receipts supervisor who recounts the funds received and reconciles collections to the receipts written (performing the same reconciliation as the front desk clerks)
  4. The cash receipts supervisor creates a deposit slip for all funds collected (if there are seven cash drawers, then the deposit slip represents the total collections for all seven cash drawers)
  5. The cash receipts supervisor gives the checks and cash and deposit slip to a courier to take to the bank
  6. The courier receives a bank deposit receipt from the bank
  7. The courier provides the bank deposit receipt to the cash receipts supervisor (so she can compare the bank deposit receipt with the copy of the deposit slip–to ensure the courier did not steal any funds in transit)

The Cash Receipts Supervisor Steals

So how can the cash receipts supervisor steal funds in the above scenario?

In the case I worked on, the supervisor also reconciled the bank statement. After step 3., but before step 4., she would steal the cash and then lessen the deposit slip accordingly. So, if she took $2,200, the deposit slip would reflect the total daily collections less $2,200.

You’re thinking, “But then the bank account would not reconcile since the computers have recognized the front-desk collections?” You are correct—unless someone monkeys with the bank reconciliation. And that’s what she did. The supervisor adjusted the reconciling items–on the bank reconciliation–to cover up the stolen funds. The scheme worked until the annual audit.

When the auditors tested the outstanding items on the bank reconciliation, they could not tie substantial amounts to the subsequent bank statement. Generally, outstanding reconciling items clear the subsequent month’s bank statement—but large amounts on the year-end bank reconciliation could not be accounted for (because they were fictitious).

When confronted, the clerk confessed to her theft and method.

The Weakness

The weakness was the cash receipts supervisor who had custody of assets (cash) also performed the reconciliation of the related bank account.

The Fix

The person reconciling the bank statement should not also handle cash. It’s also a good idea to perform surprise tests of the receipting records. Doing so puts everyone on notice. The receipt employees know someone can appear at any time and review their work.

For additional assistance, see my article about how to audit cash.

using the camera effect to kill fraud
Jan 04

The Camera Effect Keeps Everyone Honest (Learn How)

By Charles Hall | Fraud

You can use the camera effect to kill fraud. Today I tell you what the camera effect is and how you can use it to reduce theft.

People are more prone to steal if they think no one is looking. But the camera effect is a powerful deterrent. So what is it? It’s the positive change that occurs when employees believe their actions are seen.

using the camera effect to kill fraud

43% of fraud detection comes by way of tips. This is why whistleblower programs are the number one way to reduce theft. Time and time again the Association of Certified Fraud Examiners’ surveys show that whistleblower programs lessen the number of and dollar amount of frauds. Employers provide 1-800 numbers whereby employees can anonymously report potential red flags 24/7. So why would a telephone number reduce fraud?

The camera effect.

Use the Camera Effect to Kill Fraud

We know that when potential fraudsters believe their thefts will be seen, they stay clean. No one wants to go to jail. No one desires to embarrass themselves or their family members.

The key is to introduce the threat of discovery.

This is why whistleblower programs are effective. When in place, such programs make employees feel that others see their actions. For example, if I make $40,000 a year, but I buy an $80,000 vehicle, my fellow employees (at least some) know this is a fraud signal. Now someone can report this signal using the whistleblower program. Think of the whistleblower programs as lots of roving cameras recording and communicating actions in real time. Now employees believe, “If I take, I will be seen.”

When I teach fraud prevention classes, I stand in front of the room and turn a security camera on. It whirls and turns, making class members feel as though they are being recorded. It’s funny; people act differently. They sit up, fix their hair, smile. After the camera rotates a couple of times, I say, “The camera is not hooked up to anything. You are not being recorded.” What did I just do? I made them think they were being taped.

My teaching point: We want employees to believe their actions are visible. The camera effect causes positive actions.

Examples of the Camera Effect

Here are examples of fraud prevention steps that create the camera effect:

  • Someone outside of the accounts payable department randomly selects ten cleared checks each month and reviews the payee, the signature, and the invoice support (let the accounts payable personnel know that this procedure will be performed periodically)
  • Mail the bank statements to someone outside of accounting who opens them and inspects the contents before providing the statements to the accounting department 
  • An outside CPA or CFE performs surprise tests of accounting information twice a year, picking whatever area she desires to inspect (now everyone knows their work is potentially subject to review)

Your Camera Effects

What are you doing to create the camera effect? White-collar crime is a real threat to your organization.

providing fraud prevention services to compilation clients
Jan 02

Providing Fraud Prevention Services to Compilation Clients

By Charles Hall | Fraud

This post discusses providing fraud prevention services to compilation clients.

providing fraud prevention services to compilation clients

How many clients do you provide compilation services to? For most small- to medium-sized CPA firms, the answer is plenty. Now let me ask you another question.

The Greater Risk for Your Client

What is the greater risk for your client?

  • Financial statements are misstated or
  • A trusted bookkeeper (or someone else) is stealing substantial sums of money from the business

You say, “But I’m not engaged to look for potential theft or prevent it.” Regarding compilation engagements, you are right. Notice, however, my question is about your client.

I find that most compiled financial statements are basically correct—often because of the CPA’s involvement. The risk of material misstatement is driven down, and obviously, this is a good thing, but what about the potential for theft?

It seems to me that CPAs seldom talk with their compilation clients about the potential of fraud, even though we know, for instance, that the client’s accounting staff consists of one bookkeeper. So, we are aware that the client’s accounting system lacks segregation of duties.

When fraud happens, clients will sometimes say, “my CPA is responsible”—even though compilations are not designed to prevent (or detect) fraud. Therefore, we must clearly define the services we are providing.

Defining Your Compilation Service

Here are two questions to consider in defining your compilation engagements.

  1. Do you get signed compilation engagement letters?
  2. Do you verbally explain the limits of your engagements (that you are not providing fraud prevention or detection services)?

These two actions lessen your risk when you provide only compilation services.

If you desire to provide fraud prevention services, then use a separate engagement letter to cover that work.

Providing Fraud Prevention Services to Compilation Clients

Do you ever suggest to your client that he or she have you (or someone else trained in fraud prevention) review the accounting system and make fraud prevention suggestions? Here is where I believe you can add value to the compilation service. I also believe it is largely an untapped source of revenue for small- to medium-sized CPA firms.

If you provide fraud prevention services, you need to create an engagement letter that addresses the boundaries of your work. It is wise to say what you are providing and, more importantly, what you are not providing.

I normally state that I am providing the additional fraud prevention service to mitigate fraud risk and that the additional work does not provide absolute assurance. I go on to say that once the work is complete, “that fraud can still occur.” (Check with your insurance carrier for appropriate language.)

In other words, your engagement is to lessen fraud risk, not to eliminate it, a reasonable proposition. (The risk of fraud can seldom, if ever, be fully eliminated. And I tell my clients this.)

Fraud Prevention Services Create Risk

But doesn’t providing fraud prevention services create additional risks for the CPA?

Yes.

Providing any additional service creates risk for the CPA. So this is ultimately a business decision for you and your firm. 

If you desire to provide fraud prevention services, consider becoming a Certified Fraud Examiner (CFE) or obtain your Certified in Financial Forensics Credential. I became a CFE in 2004 and found the training eye-opening. Though I had been a CPA since 1987, I gained valuable knowledge about system design and fraud prevention.

Independence

Will providing fraud prevention services impair your independence? Under existing AICPA independence standards, the answer could be yes (because you are assisting with the design of the internal control system). But the independence issue depends on what you do. Making recommendations probably would not impair independence. Fully designing the internal control structure would impair independence.

If your independence is impaired, you need to say so in the compilation report.

Agree or Disagree?

What do you think about offering fraud prevention services to compilation clients?

You can learn more about white-collar crime here.

1 2 3 6
>