Category Archives for "Asset Misappropriation"

church theft
Jan 22

Preventing Church Theft: Tips and Best Practices

By Charles Hall | Asset Misappropriation

Church theft happens, and it’s not uncommon–though I wish it was.

Pastors, deacons, church members, priests, and even nuns steal. Yes, they do. Every time I see an article about this, I shake my head. But they are flawed human beings just like me. So theft happens in churches, synagogues, and other places of worship.

In this article, I explain why fraud is (more) common in the places you least expect. And I provide tips for preventing theft. 

church theft

Theft of Church Offerings

My mother gave me nickels and dimes to put in the offering plate as a kid, but I never thought about where they went. In my mind, maybe to God or Heaven. But no, they went to a church bank account to pay the expenses of our place of worship. And, thankfully, there were no thefts (that I know of).

But over the years, I’ve seen thefts from churches, synagogues, parishes, church schools, seminaries, campus ministries, relief agencies, and Bible colleges.

Why?

People are Flawed

As I said earlier, first, people are flawed, even religious folks. As I’m fond of saying, “Why is ‘Thou shalt not steal’ one of the Ten Commandments? Because people steal.”

Too Much Trust

Secondly, religious persons (and I’m one) tend to be too trusting. We think that because someone works for a ministry or a church-affiliated organization, they are always honest. While this is largely true, some religious people steal, especially when no one is paying attention to what they do. In other words, when there are no internal controls and no oversight.

Ironically, when religious bodies place too much trust in people, they tempt those pastors, priests, deacons, and others. Religious people usually don’t plan to steal but realize–after years of being in a position–they can. After all, no one is watching because trust is over-abundant. And since we can rationalize our actions, we do things we know we should not. No different than any other temptation.

Don’t Tempt Your People

Religious bodies do their people a favor by creating and maintaining proper internal controls. Yes, a favor. Temptation goes down because there are multiple eyes on the processes, as there should be.

I sometimes hear people say that a church is not a business, but a ministry, as though sound business practices are not necessary in a religious environment. My rejoinder is we need to be good stewards of the funds entrusted to us (funds that can be used for wonderful purposes). Ministries lose the trust of their contributors when theft occurs. So, churches need to institute sound internal controls. 

Church theft is common due to the nature of cash flowing into a place of worship. 

The Church Cash Problem

Most religious institutions receive cash contributions to support their missions. And that’s wonderful, but if you’re a fraud prevention guy like me, that’s problematic. Cash, especially physical currencies (like that received during church services), is easily stolen. So, all religious bodies need to review how cash comes into a church body to see if there are internal controls all along the way.

Monies coming in during church services, mail, or any other way need to make it to the bank account safely. So, consider how funds come into your places of worship or support organizations. And make sure multiple people are involved in the collection and deposit process, what we commonly refer to as segregation of duties.

For instance, multiple people (e.g., ushers or deacons) should count funds collected during a church service, and a count sheet should be signed by those present. Later, someone other than the count team should compare the count sheet to the bank deposit. Enter all contributions in the accounting software and periodically provide statements to those persons. The person making these bookkeeping entries should not be on the count team or have any access to cash. Why? The church bookkeeper could steal money but still make entries to the contributions software. Then, the contributor receives a periodic statement reflecting the amount given, but the money doesn’t make it into the church bank account.

In addition to considering regular church services receipts, think about those that are outside your normal processes. For instance, people might drop by the church during the week and provide a contribution to the bookkeeper. 

Church Cash Outflows

While theft of cash inflows is more common, funds can be stolen as they are disbursed. So, be sure you review your payment controls. Again, you want multiple people involved in the process. For example, the persons signing the checks should not be the person entering those transactions in the bookkeeping system. And it’s preferable for the person reconciling the bank account to not sign checks. Then, the person reconciling the bank statement can review the cleared checks for appropriate payees. 

Additionally, make sure your controls over credit cards are strong as well. Support (e.g., receipts) should be provided for each credit card charge, and the person using the card should not be the same person reviewing transactions for appropriateness. 

Obviously, religious bodies also need appropriate payroll controls to ensure those funds are paid to the right persons and in the correct amount.  

Church Theft

In summary, religious bodies need internal controls, just like any entity that receives and spends money. Placing too much trust in religious people is a mistake and can increase church theft. So, protect your church and your people by implementing sound internal controls for funds flowing into and out of your place of worship.  

secret bank accounts
Feb 27

Secret Bank Accounts Cause Fraud Losses

By Charles Hall | Asset Misappropriation

Secret bank accounts lead to havoc. 

Substantial losses can occur when unauthorized bank accounts are opened by company personnel. 

secret bank accounts


Secret Bank Account Leads to $53 in Theft

A finance director opened an unknown bank account in the name of a city, stealing over $53 million

Four things happened:

1. The fraudster opened an unauthorized bank account in the name of the entity (and signed the bank’s signature card).

2. That person did not set up the secret bank account in the general ledger.

3. The fraudster transferred money from a legitimate bank account to a hidden one. (The thief provided fake invoices to support the payments.)

4. The fraudster withdrew money from the hidden account.

Covering Up the Theft

Here’s the journal entry when step 3 occurred:

Debit - Expense    $200,000

Credit - Cash                               $200,000

The payments from the secret bank account (step 4.) are not recorded (since that bank account is not on the entity’s general ledger). 

Weak Segregation of Duties

Such a scheme is possible when the fraudster can:

1. Sign checks for the real bank account (or by other means, transfer money from the legitimate bank account to the unauthorized bank account)

2. Reconciles the real bank account (and no one else sees the cleared checks)

Another Secret Bank Account Fraud

Another twist on this type of fraud:

1. A hospital CFO set up a secret bank account for State Medicaid payments. (CFO had signature authority for the bank account.)

2. The hospital CFO did not set up the unauthorized bank account in the general ledger.

3. The State made electronic payments to the secret bank account.

4. CFO wrote checks to himself (for over $10 million).

Actions to Take: Ask your banks for a list of all bank accounts; compare that list to the bank accounts on your general ledger. Additionally, you should contact other banks in your area, those with which your company does not do business. Finally, you should contact all payors (e.g., Medicaid) and confirm the bank accounts to which they make payments; see if those bank accounts are on the general ledger

Another Bank Account Fraud

In another fraud, a company made frequent payments to vendor bank accounts.

The company’s CFO set up bank accounts in the name of actual vendors and made payments to those accounts

The CFO withdrew funds from the secret vendor bank accounts

When the CFO was about to be caught, he fled and hid on the Appalachian Trail for over five years. 

Action to Take: Confirm bank account numbers with vendors. 

Thefts of cash
Nov 14

Thefts of Cash From Local Governments

By Charles Hall | Asset Misappropriation , Local Governments

Thefts of cash from local governments is common.

How many times have you seen a local newspaper article like the following?

Johnson County’s longtime court clerk admitted today to stealing $120,000 of court funds from 2019 through 2021. Becky Cook, 62, faces up to 10 years in federal prison after pleading guilty to federal tax evasion and theft.

Thefts of cash

Thefts of Cash from Local Governments

Usually, the causes of such cash thefts are (1) decentralized collection points and (2) a lack of accounting controls.

1. Decentralized Collection Points

First, consider that governments commonly have several collection points.

Examples include:

  • Recreation department
  • Police department
  • Development authority
  • Water and sewer department
  • Airport authority
  • Landfill
  • Building and code enforcement
  • Courts

Many governments have over a dozen receipting locations. With cash flowing in so many places, it’s no wonder that thefts of cash are common. Each cash receipt area may have different accounting procedures – some with physical receipt books, some with computerized receipting, and some with no receipting system at all. 

A more centralized receipting system reduces the possibility of theft, but many governments may not be able to centralize the receipting function. Why? Here are three reasons:

  1. Elected officials, such as tax commissioners, often determine how monies are collected without input from the final receiving government (e.g., county commissioners or school). Consequently, each elected official may decide to use a different receipting system.
  2. Customer convenience (e.g., recreation centers and senior citizen centers) may drive the receipting location decision.
  3. Other locations, such as landfills, are purposely placed on the outer boundary of the government’s geographic area.

What’s the result? Widely differing receipting systems. Since these numerous receipting locations have varying controls, the risk of theft is higher. 

Cash theft

2. Lack of Accounting Controls

Second, consider that many governments lack sufficient accounting controls for cash.

It’s more likely cash will be stolen if cash collections are not receipted. If the transaction is recorded, then the receipt record must be altered, destroyed or hidden to cover up the theft. That’s why it’s critical to capture the transaction as early as possible. Doing so makes theft more difficult.

Additional steps that will enhance your cash controls include the following:

  1. If possible, provide the government’s administrative office (e.g., county commissioners’ finance department) with electronic viewing rights for the decentralized receipting locations (e.g., landfill).
  2. Require the transfer of money on a daily basis; the government’s administrative office (e.g., county commissioners’ finance department) should provide a receipt to each transferring location (e.g., landfill).
  3. Limit the number of bank accounts.
  4. Deposit funds daily.
  5. Periodically perform surprise audits of outlying receipting areas.
  6. Use a centralized receipting location (and eliminate the decentralized cash collection points).
  7. Persons creating deposit slips and handling cash should not key those receipts into the accounting system.
  8. The person reconciling the bank statements should not also handle cash collections.
  9. Don’t allow the person billing customers to handle cash collections.

If segregation of duties is not possible (such as 7., 8. and 9. above), consider having a second person review the activity (either an employee of the government or maybe an outside consultant).

Final Thoughts About Fraud Prevention for Cash

When possible, use an experienced fraud prevention specialist to review your cash collection procedures. Can’t afford to? Think again. The average incidence of governmental fraud results in a loss of approximately $100,000.

Finally, make sure your government has sufficient fidelity bonding. If all else fails, you can recover your losses through insurance.

For more fraud prevention guidance, check out my book on Amazon: The Little Book of Local Government Fraud Prevention. Additionally, here’s a post telling you how to audit cash.

$16 million stolen from bakery
Feb 20

Collin Street Bakery Fraud: $16 Million

By Charles Hall | Asset Misappropriation

Sandy Jenkins, a controller, stole $16 million from the Collin Street Bakery. You read that right. A bakery.

Today I show you how large sums of money can be taken from a small business with one simple fraud scheme.

The Collin Street Bakery Fraud

Sandy Jenkins, the controller of Collin Street Bakery in Corsicana, Texas, made off with more than just fruitcakes. He took over $16 million, so says the FBI. And what did Mr. Jenkins do with the money?

He used the funds in the following ways:

  • $11 million on a Black American Express card
  • $1.2 million at Neiman Marcus in Dallas
  • 532 luxury items, including 41 bracelets, 15 pairs of cufflinks, 21 pairs of earrings, 16 furs, 61 handbags, 45 necklaces, 9 sets of pearls, 55 rings, and 98 watches (having an approximate value of $3.5 million)
  • Wine collection (having an approximate value of $50,000)
  • Steinway electronic piano (having a value of $58,500)
  • 223 trips on private jets (primarily Santa Fe, New Mexico; Aspen, Colorado; and Napa, California, among other places), with a total cost that exceeded $3.3 million
  • 38 vehicles, including many Lexus automobiles, a Mercedes Benz, a Bentley, and a Porsche
  • And more…

How the money was stolen from Collin Street Bakery

You might think that stealing $16 million would require an elaborate scheme. But did it? 

Here’s an example of his method: Jenkins would print a check to his personal credit card company, but he would void the check in the accounting system. (He still had the printed check.) Then, he would generate a second check for the same amount to a legitimate vendor, but the second check was never mailed. Next, Jenkins would send the first check to his credit card company.

The result: Jenkins’ credit card was paid, but the general ledger reflected a payment to an appropriate vendor.

Bakery theft

The Weakness that Led to the Collin Street Bakery Theft

No one was comparing the cleared check payees to the general ledger. (The Collin Street Bakery is not the only business that has suffered from this type of fraud; see my previous article titled Fraudsters Writing Checks to Themselves.)

The Fix that Will Detect the Theft

Someone other than those who create checks should reconcile the bank statements to the general ledger. As they do, they should compare the cleared check payees to the vendor name in the accounting system. Some businesses have hundreds (or even thousands of checks) clearing monthly. Therefore, they may not desire to examine every cleared check. 

Alternatively, the business could periodically sample the cleared checks, comparing the cleared checks to the vendor payments in the general ledger. The persons creating checks should know that this test work will be performed. Doing so creates the camera effect. When people know their actions (in this case, the creation of checks) will be examined, they act differently–they are much less likely to steal.

If you desire a preventive control, require a second-person review of canceled checks.

Additionally, someone should be reviewing the profit margins of the company, comparing the ratios with prior periods.

Lastly, when segregation of duties is not possible, have the bank statements mailed to someone outside the accounting department such as an owner. That person should review the cleared checks before providing them to the accounting department. Alternatively, provide online access to the reviewing person. The reviewer should examine the cleared checks and provide documentation of his or her examination to the accounting department.

What Happened to Sandy Jenkins?

Sandy Jenkins was sentenced by U.S. District Judge Ed Kinkeade to serve a total of 120 months in federal prison. His wife, Kay Jenkins also pleaded guilty to one count of conspiracy to commit money laundering. Ms. Jenkins was sentenced to five years of probation.

In March 2019, Sandy Jenkins passed away in a federal prison.

Fruitcake Movie

You may be familiar with the movie Catch Me If You Can which chronicled the exploits of Frank Abagnale, one of the most brilliant cons of all time. Now, there is a new movie about another: Sandy Jenkins. 

fictitious vendor fraud
Oct 13

Fictitious Vendor Fraud: How to Prevent It

By Charles Hall | Asset Misappropriation , Fraud , Local Governments

Twenty-four percent of governmental frauds are billing schemes such as fictitious vendor theft, so says the Association of Certified Fraud Examiners. Fictitious vendor fraud is usually committed by a person with the ability to establish new vendors in the accounting system (often the accounts payable clerk). If you are going to prevent this fraud, you need to know how it works. 

Fictitious Vendor Fraud

First, the clerk creates the fictitious vendor in the accounts payable system using his own address (or that of an accomplice). Alternatively, he may use a personal P.O. box (which is more common). Second, the clerk creates fictitious vendor invoices to support the payments; often, these invoices are for services rather than for a physical product. Since no shipped asset will be received by the government, it’s easier to conceal the fraud. Finally, the accounts payable clerk issues the vendor checks: since the fictitious vendor check address is that of the accounting clerk, the check is mailed directly to the fraudster (or his accomplice).

Here’s an example of how this fraud might happen.

Accounts Payable Clerk Fraud

John, the accounts payable clerk, sets up the fictitious vendor, Rutland Consulting, and keys his (John’s) address (P.O. Box 798, Atlanta, Georgia, 99890) into the vendor master file. To save time, the city has elected to have all checks signed electronically by the computerized system, so printed checks have signatures on them, and it just so happens that John prints all checks. John records an accounts payable amount of $53,322 to Rutland Consulting. 

To conceal the fraud, John creates a fictitious consulting services invoice from Rutland Consulting (especially designed for the auditors), and he codes the expense to an account which has plenty of remaining budgetary appropriation. Now John prints and mails the checks (including the fictitious vendor check).

Two days later John picks up his check at his P.O. box. John has opened a bank account for—you guessed it—Rutland Consulting; he is the only authorized check signer for the account. After depositing the city-issued check to the Rutland Consulting checking account, he writes checks to himself. Soon John’s friends are impressed with his shiny new bass boat.

Other Fraudulent Disbursement Schemes

While reading about John’s fraud, you may be thinking, “Not a problem in my government. Our checks are physically signed.” Consider, however, that signed checks can be created by:

  • Forging signatures on manual checks
  • Signing checks with signature stamps

The fraudster might also, in another twist to this scheme, just wire the money electronically and record the transaction with a journal entry. If the fraudster can get a fake vendor added to the payables system and create a signed check or wire funds, then the fictitious vendor scheme becomes a possibility.

Banks generally do not visually inspect checks as they clear (how could they, given the volume of daily checks?), so a forged signature will usually suffice. John’s theft described above becomes easier if he also reconciles the related bank statement—no second pair of eyes will inspect the cleared checks.

Department Head Fraud 

City or county department heads can also use a fictitious vendor scheme if they can submit believable new-vendor documentation. Many governments do not verify the existence of new vendors; therefore, a department head can merely send a fake invoice to the payables clerk and receive payment.

Oftentimes when an accounts payable clerk receives an invoice, he will add the new vendor to the accounts payable master file without verifying that the vendor is real. Since department heads often code and approve invoices (by writing the expense account number on the invoice and initialing the same), the payment will be recorded in an account of the department head’s choice.

Again, such invoices are usually for services (e.g., electrical repair)—that way, the accounts payable department is not waiting for receiving documents (e.g., packing slips) before payment is made.

fictitious vendor fraud

Fictitious Vendor Fraud Factors

The fictitious vendor fraud hinges on three factors: 

  1. Getting the fictitious vendor added to the accounts payable vendor list (along with the false address)
  2. Getting the payment made (either by controlling the whole payment process or by having the authority to approve disbursements)
  3. Getting the payment posted to an account where its presence goes unnoticed

Lessen Fictitious Vendor Threat

To mitigate the risk of fictitious vendors, do the following:

  • Require vendors to provide a physical address (even if payments are to be mailed to a P.O. box)
  • Require the accounts payable clerk to verify the existence of the new vendor (by calling the vendor or googling the vendor’s address)
  • Have someone outside of accounts payable (e.g., controller) review new vendors added
  • Segregate duties (namely the ability to add new vendors and the power to authorize payments); have at least two persons involved in processing all payables
  • Have someone other than an accounts payable person reconcile the bank statement and require that that person compare the payee on cleared checks to the general ledger; if this suggestion is not viable, periodically review all cleared checks for a month and review the payees on the checks
  • Periodically review the list of vendors in your accounts payable system

While this is not a comprehensive article about fictitious vendor fraud, hopefully it will prompt you to consider whether your internal controls are sufficient in relation to this threat.

Learn More About Fraud

For more information about fraud prevention, check out my book: The Little Book of Local Government Fraud Prevention.

Local Government Fraud Prevention

Available on Amazon in Kindle and paperback formats

1 2 3 6
>