revista antifraude
TRANSCRIPT
-
7/27/2019 revista Antifraude
1/76
Vol. 27, No. 1, January/February 2012
A P U B L I C A T I O N O F T H E A S S O C I A T I O N O F C E R T I F I E D F R A U D E X A M I N E R S
THE
Tell-Tale SignsofDeceptionPLUS Fraud in Houses of Worship,PG. 18 Collegiate Athletics Fraud,PG. 24 Overachieving Fraud,PG. 36 Data Breaches, Part 3,PG. 40
-
7/27/2019 revista Antifraude
2/76
If Every Employee and SupplierDisplayed Model Behavior
ACFE 2010. All Rights Res
In a perfect business world, every employee and third-party supplier would display model business behavior, and there
would be little need for anti-fraud programs. But, in the real business world, occupational fraud and abuse are prevalent.
So, businesses must implement anti-fraud programs to protect themselves from financial, legal and reputational harm.
Tips are the leading source of fraud detection and fraud hotlines are a leading source of tips. So, turn to EthicsLine,
the official hotline of the ACFE.
The EthicsLine package includes:
Hotline (telephone, web, mobile) for report intake
Case Management (web and mobile) for online
investigation management
Analytics for tracking and trending Communications Campaign Materialsto communicate
when and how to report observed business misconduct
EthicsLine is now powered by Global Compliance
888-782-4769 [email protected] www.EthicsLine.com
* 2010 ACFE Report to the Nations on Occupational Fraud and Abuse
Where a fraud hotline was in
place, the average duration of
a fraud scheme was reduced by
7 months, and the median loss
was reduced by 59%.*
-
7/27/2019 revista Antifraude
3/76
1
JANUARY/FEBRUARY 2012 | VOLUME 27 | NO. 1
30 The 10 Tell-Tale Signs of DeceptionThe Words Reveal
By Paul M. Clikeman, Ph.D., CFE
Suspects and witnesses often reveal more than they
intend through their choices of words. Here are waysto detect possible deception in written and oralstatements.
COVER STORY
FEATURED ARTICLES
Fraud in Houses of WorshipWhat Believers Do Not Want to Believe
By Robert M. Cornell, Ph.D., CMA, EducatorAssociate; Carol B. Johnson, Ph.D., EducatorAssociate; and Janelle Rogers Hutchinson
Houses of worship are particularly vulnerable to fraud,
but most feel they are impervious. The authors providereasons why churches feel so bulletproof and seven
practical steps fraud examiners can use to help
churches stop fraud in its tracks.
Fraud in Collegiate AthleticsWhen Major League MoneyMeets Little League ControlsBy Herbert W. Snyder, Ph.D., CFE; andDavid OBryan, Ph.D., CFE, CPA, CMA
A major, multimillion sports ticket fraud at the
University of Kansas highlights how CFEs can help
convince administrators and boards to reassert control
over their athletics departments. The answer could beindependent oversight.
18
24
-
7/27/2019 revista Antifraude
4/76
2 Fraud-Magazine.com
Overachieving Fraud Wolvesin Sheeps ClothingTargeting Top-Performing EmployeesGaming the Bonus System
By Jeffrey Horner, CFE, CRCMP
Follow this CFE consultant as he uncovers top collection
reps at a business call center who inflated their
performances for more money and job advancement.
Breaking Breach Secrecy, Part 3Analysis Shows Entities LackStrong Data Protection Programs
By Rober t E. Holt freter, Ph.D., CFE, CICA; andAdrian Harrington
The authors analysis of data-breach statistics shows
that organizations poorly protect personal data. Pos-
sible solution: U.S. federal rules for guidance in devel-
oping comprehensive data protection programs.
36
40
COLUMNS & DEPARTMENTS
4 From the President & CEO Suppor ting Our International Chapters
By James D. Ratley, CFE
6 Digital Fingerprints Anything You Say Can and
Will be Used Against You! By Jean-Franois Legault
8 Frauds Finer Points Using an Organizations Credit
to Commit Fraud, Part 1 By Joseph R. Dervaes, CFE, ACFE Fellow, CIA
12 Fraud EDge Get Involved in Higher Education:
Opportunities for CFEs in Educating
Future Fraud Fighters By Gerhard Barone, Ph.D.; Sara Melendy, Ph.D.,
CFE, CPA; and Gary Weber, Ph.D. Edited by RichardDick A. Riley, Ph.D., CFE, CPA
16 FraudBasics Check 21 Can Make Fraud Easier: Be Alert to Changes in Technology By Linda Lee Larson, DBA, CFE, CPA, CISA
52 Case in Point He Milked it For All it Was Worth: A Dairy Farm Bankruptcy Fraud
By Roger W. Stone, CFE
56 Taking Back the ID
Fraudsters Claiming Victims ViaPayday Loan and LinkedIn ScamsBy Robert E. Holtfreter, Ph.D., CFE, CICA
58 Global Fraud Focus Chinese Stock Investment Fraud? Separating Fact from Fiction By Tim Harvey, CFE, JP; and Richard Hurley, Ph.D.,
J.D., CFE, CPA
60 Meet the Staff
Improving Members LivesBy Cora Bullock; Photo by Christi Thornton-Hranicky, CFE
62 ACFE News
70 CPE Quiz Earn CPE Toward Renewing Your CFE Credential.
-
7/27/2019 revista Antifraude
5/76
January/February 2012 3
EDITORIAL ADVISORY COMMITTEEJonathan E. Turner, CFE, CII, chair; Larry Adams,CFE, CPA, CIA, CISA, CQA, CSP, CCP; EmmanuelA. Appiah, MBA, CPA, CFE; Richard Brody, Ph.D.,CFE, CPA; Jean-Pierre Bruderer, Ph.D., CFE; Je imyJ. Cano, Ph.D., CFE, CAS; Linda Chase, CPA, CFE;Franklin Davenport, CFE; David J. Clements, CFE;Craig Ehlen, Ph.D., CFE, CPA; Ellen Fischer, CFE,
CIA; Peter D. Goldmann; Allan F. Greggo, CFE, CPP;Robert Holtfreter, Ph.D., CFE; Peter Hughes, Ph.D.,MBA, CFE, CIA, CPA; Cheryl Hyder, CFE, CPA,CVA; Robert Kardell, CFE, CPA; Thomas CheneyLawson, CFE, CIA; Philip C. Levi, CFE, CPA, FCA;Larry Marks, CFE, CISA, PMP, CISSP, CSTE; MichaelA. Pearson, D.B.A., CFE, CPA, CMA; MarilynPeterson, CFE, CCA; Laura M. Preston, CFE; HerbertSnyder, Ph.D., CFE; Scott Strain, CFE; Karen ForrestTurner, Ph.D., Educator Associate
2011-2012 BOARD OF REGENTSJohnnie R. Bejarano, DBA, CFE, CPA; Lt. Col. RobertJ. Blair, CFE, CGFM; Cynthia Cooper, CFE, CISA;Bruce Dorris, J.D., CFE, CVA, CPA; Joseph L. Ford,CFE; John Warren, J.D., CFE
Fraud Magazine(ISSN 1553-6645) is published bimonthlyby the Association of Certified Fraud Examiners, 716 WestAvenue, Austin, TX 78701-2727, USA 2012 All rightsreserved. Periodical Postage Paid at Austin, TX 78701and at additional mailing offices.
POSTMASTER:Please send address changes to:
Fraud MagazineACFE World Headquarters The Gregor Building716 West Avenue Austin, TX 78701-2727, USA
(800) 245-3321 +1 (512) 478-9000Fax: +1 (512) 478-9297
Subscriptions:ACFE members: annual membership duesinclude $20 for a one-year subscription. Non-membersinU.S.: one year, $55. All others: one year, $75. Member-ship information can be obtained by visiting ACFE.comor by calling (800) 245-3321, or +1(512) 478-9000.Change of address notices and subscriptions should bedirected to Fraud Magazine. Although Fraud Magazinemay be quoted with proper attribution, no portion ofthis publication may be reproduced unless written per-mission has been obtained from the editor. The viewsexpressed in Fraud Magazine are those of the authorsand might not reflect the official policies of the Associa-tion of Certified Fraud Examiners. The editors assumeno responsibility for unsolicited manuscripts but willconsider all submissions. Contributors guidelines areavailable at Fraud-Magazine.com. Fraud Magazine is adouble-blind, peer-reviewed publication.
To order printed or electronic reprints, visitfraud-magazine.com/reprint-request.aspx or
email [email protected].
ADVERTISING COORDINATORRoss Pry
(800) 245-3321 [email protected]
Association of Certified Fraud Examiners, ACFE, Certified FraudExaminer (CFE), the ACFE Seal and Fraud Magazineare trade-marks owned by the Association of Certified Fraud Examiners Inc.
Dick Carozza
Editor-in-chief
Cora Bullock
Assistant Editor
Katie FordContributing Editor
Helen Pryor
Art Director
Aimee Jost
Circulation Manager
Mark Scott, J.D., CFELegal Editor
Journal of the Association of Certified Fraud Examiners
Volume 27, No. 1, January/February 2012
John D. Gill, J.D., CFE
Publisher
23rd Annual Fraud & Exhibition
Advanced Fraud Examination
Techniques
Auditing for Internal Fraud
CFE Exam Review Course
Conducting Internal Investigation
Contract and Procurement Fraud
NEW! Data Analytics
Digital Forensics Tools &
Techniques
Financial Institution Fraud
Financial Statement Fraud
Fraud Prevention
Fraud Related Compliance
NEW! Fraud Risk Management
Healthcare Fraud
Interviewing Techniques for Auditors
Introduction to Digital Forensics
Investigating Conflicts of Interest
Investigating on the Internet
Legal Elements of a Fraud
Examination
Money Laundering: Tracing Illicit
Funds
Mortgage Fraud
Principles of Fraud Examination
Professional Interviewing Skills
UPCOMING CONFERENCES
2012 ACFE EuropeanFraud Conference
TRAININGEVENTSRegister at ACFE.com/Training
UPCOMING COURSES
COMBO EVENT
SAVE $100by registering for both events!
-
7/27/2019 revista Antifraude
6/76
4 Fraud-Magazine.com
t the end of October and beginning of November, I
spent a whirlwind two weeks attending our Asia-
Pac Conference in Singapore and meeting with
our chapters in Singapore, Jakarta, Hong Kong,Shanghai, Beijing and Mexico City. I thor-
oughly enjoyed getting to know many of you and learning about
your unique fraud-related issues.
HOPPING CONTINENTS
International chapter members put Southern hospitality to
shame. Everywhere I went I met extremely gracious people who
did everything they could for us. My job was to listen carefullyto their suggestions for improving our services.
The first stop was to vibrant and beautiful Singapore my
first visit and also the first time the city has hosted our 2011
Asia-Pacific Fraud Conference (formerly known as the ACFEPacific-Rim Fraud Conference). Nearly 200 attendees net-
worked and attended workshops and panel discussions. (Please
see page 68 for more on this exciting conference.)I enjoyed meeting Gatot Trihargo, CFE, president of the In-
donesia Chapter (established in 2002), who provided the same
generous hospitality I encountered with other chapters. He was
appreciative of the ACFEs effort to send me there. I presented
to nearly 80 members and public- and private-sector guests.Chapter activity has become very intense since 2010, by
us conducting monthly discussions/workshops for the members
and other practitioners, Trihargo said. The chapter also suc-
cessfully conducted two annual congresses and seminars in 2010and 2011, which gathered more than 200 participants for each
session, with both domestic and international speakers.
After Jakarta, I jetted off to Hong Kong, with its exotic mix
of the old and new., Were excited that the ACFE is turning itsattention to Asia, said Hong Kong chapter president Penny Sui-Ping Fung, CFE. Jims visit to Hong Kong no doubt has helped
to reinforce this message and reminded people of the role of pro-
fessional fraud examiners in a robust and sustainable economy.Prof. Yiu Wai Andy Kwok, CFE, vice president of the Shang-
hai Chapter and also president of the Beijing Chapter, called my
visit a stunning pleasure. He had this to say about Chinas grow-
ing pains: Chinas high growth rates have encouraged foreign
investment, which have in turn helped fund Chinas incredible
growth, he said. However, such large capital inflows are bound
to give way to sector imbalances and fraudulent behavior.
I told the attendees at the first Corporate Anti-Fraud Semi-
nar in China, how fraud can occur in any industry and at any
level. I also gave suggestions on how CFEs can advise their cli-ents in their battles against fraud, including setting the proper
tone at the top. Mr. Ratley mentioned that anti-fraud measures
do not get proper attention since they cost money while the
benefits cannot be seen in a short-term period, Kwok said. Asa consequence, most companies are not willing to make any
expenditure regarding this issue. However, establishing efficient
and effective anti-fraud mechanisms will generate huge benefits
from the long-term perspective.The ACFE is striving to do all it can to help our interna-
tional chapters grow and thrive. We are excited to announce our
plan to open a regional call center in Singapore and host a CFE
Exam Review Course there March 26 - 29. Chapters, acting as
local ACFE representatives, provide continued support for mem-bers worldwide through networking opportunities, CPE training,
leadership development and promoting local fraud awareness.
As always, please let me know how we can help you
support our all-important mission. (And please check out
Fraud-Magazine.com/LetterFromthePresident for more photos.)
James D. Ratley, CFE, President and CEO of the Association ofCertified Fraud Examiners, can be reached at: [email protected].
From thePRESIDENT AND CEO By James D. Ratley, CFE
Supporting OurInternational Chapters
A
-
7/27/2019 revista Antifraude
7/76
-
7/27/2019 revista Antifraude
8/76
6 Fraud-Magazine.com
uring an investigation, we scour the web and
social networks for employment backgrounds,contacts, education history, past behaviorand so on. However, we should be concernedabout information we are posting that the bad
guys can use against us.Arthur Hulnick, a former CIA officer, estimates that open-
source intelligence (a form of intelligence collection manage-ment that involves finding, selecting and acquiring informationfrom publicly available sources) accounts for as much as 80percent of the entire intelligence database. (See Sailing theSea of OSINT in the Information Age, by Stephen C. Merca-do, http://tinyurl.com/2sj5vy.) This is possible, in part, becauseorganizations and their employees freely publish information
online they probably should keep to themselves. And thoseloose lips can lead to outright fraud. (Also see NATO OpenSource Intelligence Reader, http://tinyurl.com/7crt7ug.)
JOB POSTINGS
Before you continue reading this, look at your organiza-tions job postings and ask, What are we telling thecompetition about us?
Imagine a software company with a strong presence inAsia Pacific that posts a public job offer for a sales managerin North America. What are they telling the competition?Think of the recruiting process in your organization and howlong it can take to staff a position. Is that enough time for the
competition to adjust to the arrival of this new sales manager?Your competitors find or infer from your job postings
the technologies your organization uses, expansion into newareas and territories, market growth, change in structure,structural growth, etc.
What does this mean for fraud examiners? Make sureyou run proper background checks on potential hires! Why?Because some job descriptions are so detailed that someonewishing to be hired for fraudulent purposes can customizehis or her rsum. I just worked a case in which a candidate
found a company he believed would be a good target and
redesigned his rsum to boost his employment chances. Thecompany hired him, and he then proceeded to steal intellec-tual property during his employment.
WEB 2.0 AND SOCIAL NETWORKS
Employees are likely to reveal valuable information to the
competition on professional or personal networking sites.Fraudsters can make conclusions about a companys expan-sion by studying comments about new connections and
relationships plus repeated trips to a city or country.Through investigations, I have found nurses sharing
concerns about care in neo-natal intensive care units, law en-forcement personnel sharing sensitive assignments and sales
managers claiming their stakes on new territories. Profes-sional social networking sites tell the world about new hiresand those who are leaving employers.
Employees posting information online is nothing new.
In one case I worked nearly 12 years ago, a call-center
employee leaked sensitive information on a web forum. This
employee, who was privy to upcoming promotions offered
by a telecommunication provider, would repost information
online prior to a promotion launch. The companys call cen-
ter then would be flooded with requests for promotions and
packages that did not exist yet.
Did this employee access highly sensitive documents?Did he gain access to someones email account? No. He sim-ply reposted information he learned in training sessions. We
had a difficult time tracking him down because back then wedid not log everything. Even today, we find organizations thatdo not store online access information, which would allow
them to adequately investigate leaks.
MARKETING DOCUMENTATION
Documents that an organization provides its clients to market
its services often end up in competitors hands. Find ways to
Anything You Say Can andWill Be Used Against You!
By Jean-FranoisLegault
Digital FingerprintsA Closer Look at Technology and Fraud
D
-
7/27/2019 revista Antifraude
9/76
January/February 2012 7
securely communicate information that you
do not want the competition obtaining.I was involved in a recent case in
which a competitor was able to reverse-
engineer a product (take it apart and
analyze it) by simply using the informationin product brochures and documenta-
tion. Imagine your competition not only
knowing your products but how you are
manufacturing them. That is a serious lossof competitive advantage!
I have also been involved in cases in
which individuals used marketing infor-mation to create fake companies to try todefraud possible clients. The schemes were
simple: reuse information to make the com-
panies look legitimate, solicit clients, get
paid and then never deliver anything.
AS AN EXPERT WITNESS
Whatever you write, post and/or commu-
nicate may allow you to build eminenceas an expert. However, opposing counsel
could also use that public information to try
to disqualify you as an expert or to cross-
examine you in court.
AS AN INVESTIGATOR
Open-source intelligence can help you
discover valuable information about play-
ers in an investigation. In one case, I found
some undocumented aliens involved in
a fraud scheme because they gave some
prime evidence via their social media pro-
files, including their geographic locations.
In another example, we tracked down
vehicles purchased with embezzled funds
simply based on suspects photos that hadbeen posted online.
When I begin a background investiga-
tion into a company, one of the first things I
do is seek information through press releases
and trade publications. Companies love to
tell the world about what they are doing
right. However, the competition will always
seek out this valuable market intelligence.
If you want to know more aboutleveraging business intelligence techniques
in your fraud examinations, I strongly
encourage you to check out anything
fellow ACFE faculty member CynthiaHetherington teaches.
WHAT TO DO
So do you cut yourself off from the world
and go off grid? Absolutely not. But makesure your organizations policies strictly
control information that its employees can
release through all open-source channelsbut especially online. When it comes tosocial media, establish a think before you
post mentality.
Jean-Franois Legaultis a senior managerwith Deloittes Forensic & Dispute Services
practice in Montreal. Canada. His email
address is: [email protected].
Digital FingerprintsA Closer Look at Technology and Fraud
I was involved in a recent
case in which a competitor
was able to reverse-engineer
a product (take it apart and
analyze it) by simply using
the information in product
brochures and documenta-
tion.Imagine your competi-tion not only knowing your
products but how you are
manufacturing them. That is
a serious loss of competitive
advantage!
Google search directives will add
power to your searches.
Searching for a specific phrase
using quotations:
find this specific phrase
Searching a specific domain or
website:
site:targetdomain.com or
site:www.targetdomain.com
Searching for specific file type: filetype:extension
You can use the minus sign (-) as an
exclusion operator. For example, you
can use this search directive to exclude
a specific website from your search:
-site:www.excludeddomain.com
Here are some Google searches
that you can run against yourself to see
what could be available to fraudster.
Finding PowerPoint documents on
your site:
site:www.yoursite.com filetype:ppt
site:www.yoursite.com filetype:pptx
Finding Word documents on your
site:
site:www.yoursite.com filetype:doc site:www.yoursite.com filetype:docx
Finding confidential documents on
your site:
site:www.yoursite.com confidential
site:www.yoursite.com not fordistribution
Use These Queries to Examine Your Online Exposure
-
7/27/2019 revista Antifraude
10/76
8 Fraud-Magazine.com
raud by using an organizations credit is a type of
fictitious expense scheme. In the ACFEs fraud tree,
the crime is a subset of fraudulent disbursements,which is a subset of cash schemes.
There are many types of fraud involving an employees
use of the organizations credit to purchase assets (i.e., goods
and services) for personal benefit. Unauthorized use of theorganizations general credit cards, purchasing credit cards,
travel credit cards or business charge accounts are some of the
most common fraud schemes I have encountered during my
career. Unscrupulous employees cause victim organizationsto order and pay for assets they do not really need. Obviously,
the damage to a victim organization is the money lost inpurchasing these unnecessary items.
The individuals who commit these crimes are usually
responsible for approving and processing transactions for pay-
ment. They may rely on the inexperience of their supervisors
(or their organizations governing bodies) to unknowinglyprocess their fraudulent transactions in the disbursement
cycle. Victimized organizations then issue checks for un-
authorized business purposes, and the wayward employees
receive personal benefits.We begin this three-part series with employee abuses of
general organization credit cards.
GENERAL ORGANIZATION CREDIT CARDS
Commercial banks issue credit cards to organizations (andindividuals) to aid them in conducting official business.
Banks and organizations enter into agreements specifying the
terms of use for the credit cards. Some banks charge an an-
nual fee; others do not. Banks make their money for process-ing your transactions by charging a fee to vendors who accept
the cards and by charging you an interest rate on the unpaid
account balance when the full amount due is not paid each
month. The primary responsibility for charges on these credit
cards rests with the organizations.
THE BUSINESS OF CREDIT CARDS
An organization that authorizes company credit cards for its
employees use should maintain formal logs of all cards issuedand require all employees to sign agreements stating that they
have received a copy of the organizations usage policies and
have been trained on the proper procedures for using the cards.
These agreements provide the foundation that employees un-derstand that they can use the cards for official business only.
Written company policies should require employeetraining, prohibit cash advances, restrict purchases of un-
authorized items (such as alcohol), require receipts for allcharge transactions and specify disciplinary actions for any
unauthorized or personal use of the cards. Organizations
never should pay for employee charges shown on the banks
monthly statement without accompanying receipts. It is thedescriptions of the items shown on the receipts that deter-
mine if the expenses are for official business purposes.
UNAUTHORIZED CARDS
Employees who have stolen company credit cards or who
have obtained unauthorized company credit cards throughother means (such as ordering them directly from banks
without approval) will circumvent organizations incomingmail to snag the monthly credit card statements. They usually
make personal payments on the credit card account balances
to conceal their unauthorized purchases.
However, if employees submit unauthorized expensesfor payment by their companies, management and audi-
tors will have at least some documents they can review to
Using an OrganizationsCredit to Commit FraudPart 1
By Joseph R. Dervaes,CFE, ACFE Fellow, CIA
Frauds Finer PointsCase History Applications
F
-
7/27/2019 revista Antifraude
11/76
January/February 2012 9
Frauds Finer PointsCase History Applications
detect fraud. While the supporting documents for credit cardpayments should include the statement and all purchase re-
ceipts, fraudsters who choose this latter process usually onlysubmit statements for payment purposes. In many cases, theirsupervisors or the governing bodies of the organizations mayunknowingly approve these fraudulent payments.
Employees may periodically use an organizations creditcard for unauthorized purposes or personal benefit, but man-agers who are assigned to monitor the credit card programcan resolve these minor infractions promptly according topolicies and procedures.
Companies should publicize employee disciplinary ac-tions in their internal publications to deter future problems.Unfortunately, even this method is not fraud-proof becauseoften the very managers who are charged with monitor-
ing the system are the ones who abuse it. These individualsmay be able to hide their unauthorized activities from otheremployees and their supervisors, but most of the time theyshould not be able to conceal their actions from organi-zations governing bodies and their internal or externalauditors. However, when their misdeeds are detected, thefraudsters usually attempt to get organizations to pay frommonthly credit card statements by indicating that receipts forindividual transactions were not available or were inadver-tently misplaced or lost.
Case No. 1 Personal use of an authorizedgeneral organization credit cardIn the November/December 2009 Frauds Finer Points, Idiscussed a credit card case that involved missing support-ing documents. This concept emphasized why organizationsshould never pay the balance due on monthly credit cardstatements without seeing the supporting receipts for thepurchases first.
Sarah was the clerk-treasurer responsible for processingall of the citys disbursement transactions, including all pur-chases on its credit card. The city first detected irregularitiesin accounts receivable and contacted its external auditor toinvestigate the case.
The subsequent audit detected multiple fraud schemes,
which totaled $49,894.88 in losses over 2 years. Theseschemes included payroll fraud, accounts receivable fraud,municipal court revenue fraud, unauthorized use of the citysbusiness charge account and overpayments to a cleaningcontractor. The clerk-treasurer performed many tasks in avariety of functions at the city, and no one monitored herwork to ensure the citys expectations were being met.
The clerk-treasurer purchased $5,319.16 in assets forpersonal benefit using the citys credit card. I detected this
scheme by scanning the citys disbursement files to deter-mine other risks. I quickly noted that the city was making
its monthly credit card payments using only the statements.There were very few purchase receipts available for reviewand audit. For example, credit card purchases from a localcomputer store were almost always missing from the files. Icontacted the citys computer consultant who was responsi-ble for all information technology issues. However, he wasntaware of any official purchases from the computer store.
A computer store representative faxed documents tome that showed Sarah had signed for a computer, monitor,software and games on many occasions through the period ofthis loss. City staff members conducted a search of city hallbut were unable to locate any of these assets.
Sarah had made all credit card payments on time, but
she had destroyed all the supporting documents that listedthe details of the purchases from the computer store. Shehoped that retaining only the monthly credit card statementson file for the citys governing body and its external auditorswould be sufficient to conceal her irregular activities. Shewas wrong. The governing body did not notice this irregu-larity, but her fraud did not escape the watchful eye of theexternal auditors. In my experience dealing with fraud casesin state agencies and local governments in the state of Wash-ington, governing bodies rarely detect fraud in the transac-tions they are reviewing and approving, primarily because noone took the time to properly train them for this task.
The clerk-treasurer demanded a trial to resolve the is-sues in this case. She hired a prominent regional lawyer forher defense and agreed to a bench trial. (There was no jury.)After all the evidence was heard during a week of testimony,the judge rendered a guilty verdict in the case and orderedSarah to make restitution of the loss amount, plus auditcosts. He also sentenced her to three months in a work-release program.
Case No. 2 Personal use of an unauthorizedgeneral organization credit cardA small water district in the state of Washington had threeemployees, operated on an annual budget of $466,000 and
served approximately 1,000 customers. Jackson, the officemanager, was responsible for practically all financial opera-tions; his supervisor, the district superintendent, did notmonitor his work. These are the two most common internalcontrol weaknesses I have found in small organizations.
While Jackson had no prior criminal history, he appar-ently came to work for the district with ill intentions. Hesent a memorandum on official letterhead to the districtsbank shortly after being hired requesting that the bank issue
-
7/27/2019 revista Antifraude
12/76
10 Fraud-Magazine.com
a credit card in the districts name and assign it to him. Thecredit limit on the card was initially set at $5,000, but Jack-son subsequently sent a facsimile to the bank one month laterrequesting an increase to $20,000. Of course, the districtsgoverning body did not authorize either of these requests.Later, when the case was under investigation, the districtstated that someone had forged the authorizing signatures onthe documents.
As the office manager, Jackson was responsible for open-ing the mail and processing invoices for payment. Thus, hewas able to remove the monthly bank credit card statementsfrom the incoming mail before anyone else saw them. One of
the interesting facts of this case is that Jackson did not submitany of the credit card statements to the district superinten-dent or the governing body for approval or payment. Perhaps
Jackson was not quite bold enough. While it would havebeen prudent to do so, Jackson did not make any personalpayments to the bank on the card balance either. Becauseneither the organization nor Jackson made any payments onthe credit card balance, the monthly expenses and interestcharges continually increased until the balance became delin-quent and approached the credit limit on the card.
Jackson misappropriated $19,454.84 from the districtin 3 months, with $18,284.03 of this amount representinghis unauthorized use of the districts credit card for personalbenefit. Personal charges included the purchase of a usedpickup truck, frequent stays at a motel while traveling to hisfavorite casino, thousands of dollars in cash advances at thecasino, Internet and telephone use and other miscellaneouspurchases. Jackson also misappropriated $1,170.81 in utilityrevenue from the district.
The district first detected irregularities in its checkingaccount and petty cash fund and requested an external audit.
Jackson was placed on administrative leave and subsequentlyterminated for a wide variety of managerial shortcomings.Shortly thereafter, the district received a monthly statementfor the unauthorized credit card. In a plea-bargaining agree-
ment, the court ordered Jackson to make restitution for theloss amount plus audit costs. It also sentenced him to lessthan one year in county jail for this crime.
Case No. 3 More personal use via an unauthorizedcredit card
James, the chief of a small fire district in the state of Wash-ington, obtained an unauthorized credit card in the districtsname. He circumvented the districts internal controls by
intercepting the mail, removing the monthly credit cardstatement and making personal payments on the account toconceal his unauthorized purchases. He basically used thedistricts credit card as his own by charging $7,797 in personalpurchases for more than a year. He used the card to makeunauthorized cash advances and also incurred finance chargeswhen he did not make monthly payments on time.
When the district finally discovered the unauthorizedcard, there was a $1,599 unpaid balance on the account.The district found out about the card while making a changein signatories on all of its bank accounts after the fire chiefresigned for unrelated personal reasons. The chief reimbursed
the district for this amount when questioned about theunauthorized purchases on the credit card. The district paidthe balance due on the account and canceled the credit card.The county prosecutor declined to criminally prosecute thecase because the district had been made whole.
LESSONS LEARNEDLet us review some of the finer points of fraud detection fromthese general organization credit card fraud schemes.Organizations should:
Establish written policies and procedures for credit card useand train their employees to ensure they use the cards only
for official business purposes. Always obtain purchase receipts from employees and never
pay bills using only the monthly credit card statements.
Properly train employees and governing bodies on theauthorization and approval procedures for alldisbursements.
Appropriately segregate employee duties and periodicallymonitor the work of key employees to ensure itsexpectations are being met.
Once fraud examiners detect fraud, they should assesswhat else is at risk of loss within an organization.
MORE CREDIT CARD MISUSEIn part two of this series, we will discuss the use of purchasingcredit cards and travel credit cards. Stay tuned.
Regent Emeritus Joseph R. Dervaes, CFE, CIA, ACFE
Fellow, is retired after more than 42 years of government service.
He is the president of the ACFEs Pacific Northwest Chapter. Hisemail address is: [email protected].
Frauds Finer PointsCase History Applications
-
7/27/2019 revista Antifraude
13/76
2012 CFE Exam Prep Course
How the course works:
The program provides typical exam questions, in-
forms you whether your answer is correct, provides a
detailed explanation of the correct answer and offers
an alternative study reference where you can learn
more about the topic.
The CFE Exam Prep Coursefocuses on the four
testing areas of the CFE Exam:
Legal Elements
Fraud Prevention and Deterrence
Financial Transactions
Fraud Investigation
Create a personalized study plan tailored to your individual strengths
and weaknesses with an optional 100 question Pre-Assessment
Pick the sections and topics most relevant to your exam preparation
by creating custom review sessions
Learn more from your Practice Exam sessions by reviewing the ques-
tions you missed, anything your results by subsection and tracking
your progress over time
Focus on the areas where you need the most work with enhanced
review of results and progress by exam section, subsection and topic
Stay on track to earning your CFE credential by measuring your
progress towards your target dates for certification and using helpful
checklists within the Prep Course software
The CFE Exam Prep CourseAllows You To:
The2012 CFE Exam Prep Toolkitis Also AvailableIncluding the CFE Exam Prep Course, Fraud Examiners Manual
(Printed Edition), Corporate Fraud Handbookand theEncyclopedia
of Fraud(CD-ROM), the CFE Exam Prep Toolkitincludes valuable
materials to aid in your CFE Exam preparation.
Visit ACFE.com/Prep to order your copy today
Arm yourself with the most effective tool
available to help you pass the CFE Exam.
-
7/27/2019 revista Antifraude
14/76
12 Fraud-Magazine.com
By Gerhard Barone, Ph.D.; Sara Melendy, Ph.D., CFE, CPA; and GaryWeber, Ph.D. Edited by Richard Dick A. Riley, Ph.D., CFE, CPA
tudents at the collegiate level learn best about
business through a combination of theory andpractice. College professors are well equipped to
present the theory side of a particular topic, but
they frequently look to business professionals
who have hands-on, practical experience to help applythose theories to real-world situations. This teaching method
works especially well in anti-fraud education, in which fraud
cases, whether real or fictitious, can help bring to life the
fraud theories and procedures introduced in the classroom.However, it is not quite so clear exactly how to struc-
ture the interactions between CFEs and higher education to
encourage this method of learning. Many CFEs, for example,believe that the only way to participate in collegiate fraudeducation is to lead a class lecture based on their fraud expe-
riences, which could not be further from the truth.
In this column, we identify and explain a variety of ways
in which CFEs can foster and develop mutually beneficial rela-tionships with college faculty and students to help educate and
prepare future anti-fraud and forensic accounting professionals.
INVITE FACULTY AND STUDENTS TO LOCAL FRAUD CONFERENCES
One of the easiest and least time-consuming ways for CFEs to
get involved with higher education is to invite college faculty
and students to attend local fraud conferences. Spokane
ACFE Chapter member Lenore Romney, CPA, CFE, CVA,has invited both students and faculty to attend the local
ACFE conference for the past few years.
The chapter leaders recognize that more can be accom-
plished in the fight against fraud if professionals from differ-ent disciplines network with each other. We see the chapter
as being an ideal facilitator for such a network, Romney said.
Conferences typically provide numerous and varied
opportunities through which students and faculty can learn
about both actual instances of fraud, as well as the work of
CFE professionals. Kris Ryan, a student at Gonzaga Univer-sity who has attended the local ACFE conference for the past
two years, can attest to this.
Both years that I attended the conference, a wide range
of topics was offered, including health care fraud, a critiqueof software that helps businesses protect themselves against
fraud, gang activity (which is surprisingly more correlated
to the fraud problem than I would have thought), mortgagefraud and different fraud topics covered by local law enforce-
ment and the FBI, Ryan said.
I found all of the topics interesting and also learned
fraud detection and investigation skills that I could put to useimmediately, she said.
Since graduation, Ryan has gone on to earn her CFE
credential and has joined the fraud-fighter ranks.
BECOME A PROFESSIONAL MENTOR TO STUDENTS
Professors at Gonzaga University frequently refer students
who have an interest in forensic accounting to local CFEs for
advice on potential career paths, professional certifications, in-
terviewing and networking. Students benefit directly from thewisdom and experience these mentors have gained from many
years of work in fraud and forensic accounting. Mentors also
share their knowledge of the skills and abilities necessary to be
successful in the forensic accounting profession. These inter-actions also are great networking opportunities for students.
Many universities also have formal mentoring programs
through which students are matched with professional men-tors based on factors such as field of study, geographic prefer-
ence and gender. These more formal relationships span the
majority of a students time in college, which allow mentors to
help identify curriculum paths, internship opportunities andemployment opportunities when the student nears graduation.
Get Involved in Higher EducationOpportunities for CFEs in EducatingFuture Fraud Fighters
Fraud EDgeA Forum for Fraud-Fighting Faculty in Higher Ed
S
-
7/27/2019 revista Antifraude
15/76
January/February 2012 13
A more interactive albeit more time-intensive
method of mentoring students is for CFEs to arrange and
coordinate student internships with their employers. Stu-dents participating in these internships benefit not only from
professional workplace mentoring but also from working in
actual forensic accounting situations.
ASSIST WITH CASE STUDIES AND RESEARCH PAPERS
Higher-education faculty are always searching for case stud-
ies with the richness of detail, ambiguity and issues that are
similar to those that students will encounter in their profes-
sional careers. Faculty and highly experienced CFEs jointly
produce the most detailed, complex cases.
Cindy Durtschi, Ph.D., associate professor at DePaul
University, invites CFEs to help in the classroom in several
ways. She recently had a full-time forensic accountant helpher judge student case presentations.
The students presented their work from the view of the
prosecution, and then the CFE showed them how some-
one working for the defense would have responded to their
cases, Durtschi says. It was a wonderfully enriching experi-
ence for the students.
Durtschi also had a local CFE help her with a fraud case
she developed. The CFE provided her with encouragement,
valuable feedback and suggestions that improved the case.
CFEs also frequently partner with faculty on forensic
accounting research papers. Frank Perri, J.D., CFE, CPA, has
co-authored several research papers with Rich Brody, Ph.D.,CFE, an associate professor at the University of New Mexico.
They have written on topics ranging from the relationship
between workplace violence and fraud to identification of
organizational weaknesses at the Securities and Exchange
Commission. These partnerships between academics and
professionals foster balanced approaches to research and
ensure that publications are valuable not only for academics,
but also for practitioners who can use the results in the field.
COORDINATE FORENSIC ACCOUNTING INVESTIGATIONS
Romney and Marie Rice, CFE, CIA, CICA, president of the
Spokane ACFE Chapter, assist students at Gonzaga Univer-
sity as part of their Justice for Fraud Victims Project. (Seethe July/August 2011 Fraud EDge.) Through a cooperative
partnership with law enforcement and local CFEs, Gonzaga
students provide free fraud examination services to small
businesses or nonprofit organizations that have been victims
of fraud. The students gain experience while simultaneously
giving back to their communities.
Last year, Romney worked with students on a case that
eventually led to the projects first conviction.
Working all semester with my student team waspersonally rewarding, she says. My team of students was
incredibly bright and diligent and really took ownership inour investigation. They were like sponges soaking up the
practical knowledge I was trying to share with them in onlyone semesters time together. I was proud of my teams effort
the day they gave their final class presentation, the day I
submitted our report to law enforcement and especially the
day I was notified that charges were filed.Obtaining a guilty plea and restitution within a year of
submitting our case was the icing on the cake, she says.
Romney and Rice play a number of critical roles in this
class by:
1. Assisting the students in developing theories of how the
fraud may have occurred.
2. Helping the students develop a plan for determining how
to test those theories.
3. Providing weekly guidance to students as their
investigations progress.
4. Reviewing the final report that students complete at the
end of the term and that law enforcement may use toprosecute the fraud.
5. Serving as expert witnesses if a case goes to trial.
Reaching out to help local organizations with poten-
tially fraudulent situations is a noble idea with obvious
benefits, but usually the largest obstacle is that college faculty
members often lack required specific training for competentforensic accounting investigations. Faculty also often lack
contacts with those in communities who are most likely to
refer cases, such as law enforcement and prosecuting attor-
neys. CFEs often have such connections and, thus, can refer
cases and supervise the investigations.
SERVE AS AN ADJUNCT INSTRUCTOR OR GUEST SPEAKER
CFEs who want a more substantive role in higher education
can pursue teaching courses as adjunct instructors. Adjunct
instructors typically teach one or two courses during a semes-
ter, but they do not have other academic commitments, such
as research or service, to the institution. Colleges frequently
seek professionals, like CFEs, to teach more specializedcourses, such as forensic accounting, because full-time faculty
often do not have this expertise.
Not long after she began mentoring, Gonzaga University
approached CFE mentor Rice to see if she was interested in
teaching a fraud examination class as an adjunct instructor.
She jumped at the chance.
It had been my long-term goal to adjunct, and I was
thrilled by the prospect, Rice said.
Fraud EDgeA Forum for Fraud-Fighting Faculty in Higher Ed
-
7/27/2019 revista Antifraude
16/76
14 Fraud-Magazine.com
She has taught three courses over the past two years and
has enjoyed the experience. She sees many benefits to havingprofessionals, like CFEs, in the classroom.
As a student, I always appreciated the professors who
had both real-world and research experience. CFEs are for-
tunate in that we have so many stories and experiences thatcan help shape our future anti-fraud professionals.
CFEs considering this option should be aware that the
weekly time commitment is somewhat greater than the time
teaching in the classroom. Adjunct instructors also will spendseveral hours each week planning lectures, grading student
work and answering emails from students. In addition, most
colleges expect adjunct instructors to be available on cam-pus for an hour or two each week to meet with students andanswer questions.
CFEs who cannot commit to teach an entire course can
serve as guest speakers. This may involve preparing a short
case study or other relevant topical material and leading aclass in a discussion of the material. Departments and
instructors are generally receptive to such arrangements,
provided there is a good match between the course goals
and the proposed topic.Guest speaking opportunities for CFEs are not limited to
forensic accounting courses. For example, CFEs could present
internal control cases to an accounting information systems
class. They also could discuss evidentiary or legal aspects ofCFE work in criminal justice or psychology classes. Given
the diversity and complexity of fraudulent activities and the
motivations of those who commit fraud, there are many other
disciplines in which CFEs could provide valuable insightsand enrich the classroom experience.
FOSTERING STUDENT INTEREST
The ACFE Handbook and Guidelines for Local Chapters en-courages close relationships with schools and universities to
foster student interest in the fraud-fighting profession. CFEs
unique skill sets and training create multiple opportunities
across college campuses. We have described a number ofways that CFEs have participated in higher education. Inter-
ested CFEs should contact program directors or chairpersons
at nearby colleges. Universities, and especially business
schools, are always looking for adjunct instructors and guestspeakers with practical experience. Students love to hear
from professionals who can describe their field experiences
and how they can pursue careers in specialty fields, such as
forensic accounting.
Rice wants to see more CFEs in college classrooms.
As professionals, we need to strive to make the anti-fraud movement more real for students, who often believe
they will never encounter a fraudster or become a victim of
fraud, Rice said.
Matching the expertise and interest of CFEs with the
needs of higher education can result in relationships that are
enriching and rewarding for all parties involved.
Gerhard Barone, Ph.D., is an assistant professor of accounting
at Gonzaga University. He teaches classes in financial
accounting and accounting information systems. His email
address is: [email protected].
Sara Melendy, Ph.D., CFE, CPA, is an associate professor of
accounting at Gonzaga University. She teaches auditing and fraud
examination, including a hands-on laboratory called the Justice
for Fraud Victims Project. Her email address is:
Gary Weber, Ph.D., is an associate professor of accounting and
coordinator of accounting programs/director of the master of
accountancy program at Gonzaga University. His email address
is: [email protected].
Richard Dick A. Riley Jr., Ph.D., CFE, CPA, is aLouis F. Tanner distinguished professor of public accounting in
the College of Business and Economics at West Virginia
University in Morgantown. He is chair of the ACFE Higher
Education Advisory Committee and the vice president of
operations and research for the Institute for Fraud Prevention.
His email address is: [email protected]. Riley
served as editor on this column.
Fraud EDgeA Forum for Fraud-Fighting Faculty in Higher Ed
Given the diversity and complexity of fraudulent
activities and the motivations of those who commit
fraud, there are many other disciplines in which
CFEs could provide valuable insights and enrich
the classroom experience.
-
7/27/2019 revista Antifraude
17/76
REGISTER NOW
Fraudsters are continually creating, perfecting an
executing new schemes. Gain the knowledge you
need to stay one step ahead.
Join anti-fraud professionals in London for the
2012 ACFE European Fraud Conference to
exchange insights and develop cutting-edge skills
in the global fight against fraud. In addition to
informative sessions offering practical techniques
and tips, youll network with leaders of Europes
anti-fraud community and earn up 23 CPE
credits.
Register online at ACFE.com/Europea
by 24 February to SAVE GBP 10
2012 ACFE EuropeanFraud Conference
London 25-27 March 201The Cumberland Hotel
James D. Ratley, CFEPresident and CEO,
Association of Certified
Fraud Examiners
Stephen HarrisonChief Executive
National Fraud Authority
FEATURED KEYNOTE SPEAKERS
-
7/27/2019 revista Antifraude
18/76
16 Fraud-Magazine.com
FraudBasics
ob, an internal auditor for ABC Company, is con-
ducting a routine cash receipts controls review.The procedure calls for the days checks to be
deposited remotely in a company bank account
daily. Susan, the clerk who processes customer
checks, had gone home sick on Monday. Before she left, she
completed the remote deposit procedure, which involves
scanning each check and electronically sending those scans
to the bank. Then she put the checks she had just scanned in
her work-in-process file and went home, intending to proper-
ly file them away the next day. Unfortunately, when Betty
who had done Susans job years ago was assigned to cover
Susans desk on Tuesday, she came across the previous days
checks. Without asking anyone, Betty prepared a depositslip as she had done in the past and took the checks to
the nearby bank branch and made the deposit. When Susan
came in on Wednesday, she noticed that the stack of checks
she had processed on Monday were not where she had put
them and immediately asked Betty where they were. Oops ...
The checks had been deposited twice. They immediately con-
tacted the bank. The bank manager explained that the banks
duplicate check detecting software had caught the error and
that all was well. If the bank had not had the duplicate check
software working properly or if Susan and Betty had conspired
to modify the original paper checks before re-depositing them,
the bank could have been liable for some big bucks. This ficti-
tious example could easily have happened.Banking industry experts report that check processing
is moving rapidly away from the traditional paper methods
and toward the processing of electronic images of checks. Asof August 2011, almost 70 percent of all institutions are now
receiving check images, according to CheckImage Central.
(See www.checkimagecentral.org.) With the implementation
in 2004 of the Check Clearing for the 21st Century Act, orCheck 21, auditors and CFEs cannot afford to ignore the new
risks and challenges associated with processing of increasingly
larger volumes of electronic check images.Even with so many more consumers and businesses pay-
ing their bills electronically, checks are still the standard for
many. The major impetus for banks moving to check images
is that electronic processing costs much less than paper check
processing. Historically, paper processing had been a cumber-
some procedure that required physically moving millions of
paper checks through the banking system.
Before Check 21 processing, when a person deposited
a paper check in his bank, that person would be credited
for the amount of the deposit. Then, at the end of the day,
the bank would sort that days processed paper checks and
forward them to the Federal Reserve or another check-clearing entity where the checks would be cleared. The
paper checks then would be sorted and sent back to the banks
the checks were drawn on (and in some cases returned to the
check writer). Grounded planes following the terrorist attacks
of 9/11 caused major delays in check processing and brought
increased awareness to antiquated paper-check procedures.
A number of electronic payment processing technologies are
now in wide use, including Check 21 technology.
Under Check 21 processing, paper checks are scanned,
and the images are used to process the checks. Alternatively,
banks that desire to continue receiving and processing paper
checks may print and process copies of the images, called sub-stitute checks. The substitute checks are the legal equivalent
of the original checks and can be used to document payments
in the same way that cancelled scanned checks would.
Although compliance with Check 21 is not manda-
tory, most banks are expected to invest in check imaging
technology eventually to take advantage of the projected
costs savings. So far, the adoption from paper to digital has
been slower than expected as the banking world upgrades its
Check 21 Can Make Fraud EasierBe Alert to Changes in Check-Imaging Technology
By Linda Lee Larson,DBA, CFE, CPA,CISA
B
-
7/27/2019 revista Antifraude
19/76
January/February 2012 17
FraudBasics
technology for image processing. The underlying cause ofthe delay has been the significant investment in the technol-
ogy required to both create and process check images andsubstitute checks. Sources in the banking world in 2004estimated a cost of $1.5 billion to $2.5 billion to fully imple-ment Check 21 technology in the U.S. [See The DominoEffect of Check 21, by J.D. (Denny) Carreker, http://tinyurl.com/7yuxjrc.] The Federal Reserve expects that the use ofsubstitute checks should decline as more banks have thetechnological capability to process check images directly.
THE CRUX OF THE PROBLEM
Check truncation the process of digitally scanning paperchecks greatly increases the chances of a check beingprocessed twice, either accidentally or fraudulently. Dupli-
cate check processing occurs when a business uses remoteprocessing to scan incoming checks and also drops the paperchecks off at a bank branch. The branch then forwards thepaper check to the Federal Reserve to be processed. Thus, asin the opening case, checks can be processed twice.
Before Check 21, duplicate check processing rarely hap-pened. However,American Bankermagazine now estimatesthat duplicate check processing is a $500 million problem,which accounts for about half of the total check fraud in theU.S. (See Seeing Double, by Glen Fest inAmerican Banker,
Nov. 1, 2010, http://tinyurl.com/7dkt8jx.)Whether done by accident or fraudulently, duplicate
check processing is becoming increasingly more expensive
to weed out.Many believe that the new technology createsa unique opportunity for fraudsters. The problem is expectedto increase as the remote deposit capture continues, especial-ly as consumers are using smartphones to capture deposits.(That has to be the subject of another column.)
The banking industry, recognizing this problem, hasdeveloped software to identify checks that are depositedtwice, but it is not foolproof. It tends to create false positivesbecause the software only identifies checks that are identicalin amount and payee. Complicating the situation further iswhen fraudsters get involved and change the payee and/orthe amount of the check. The duplicate identification soft-ware is not designed to identify this type of fraudulent check.
Reformed con man Frank Abagnale has said that banksare generally liable for ordinary care, according to U.S.Uniform Commercial Code (UCC) 4-103, and the bank thataccepts a fraudulent check paper or electronic image isliable for any losses. Therefore, the banking industry has areal stake in doing what it can to reduce these losses. (SeeUCC provisions at http://tinyurl.com/725p8zv and CheckFraud: A National Epidemic, by Frank Abagnale,New Jer-sey CPA, May/June 2010.) This is where CFEs can help.
High-tech fraudsters are always looking for new waysto access and manipulate digitized information. Basically,substitute checks may be altered, counterfeited, duplicatedand/or created from scratch. If a payment is in question, only
the substitute check image can be accessed. The result is thatproving alterations and forgeries becomes even more difficultbecause many of the traditional security features so evidenton paper checks are lost when the originals are scanned inthe clearing process. In addition, with no actual cancelledpaper checks to examine, evidence of counterfeiting, forgeryand alterations (such as fingerprints) are not available for theauditor or CFE.
Systems controls need to be in place and working prop-erly to prevent unauthorized persons from accessing elec-tronic check processing data and to protect private customerinformation. CFEs can help implement these controls. Also,CFEs must keep current on changes in check-imaging technol-
ogy and auditing electronic payment controls. Multiple lines ofdefense are needed to prevent problems. CFEs need to monitor
controls to prevent/detect duplicate check processing.
VIGILANT WATCHDOGS
Electronic check processing technologies may make checkfraud crimes harder to prove, especially if a jury is involved.It is important that consumers, businesses and banks areaware of the possible risks and take appropriate steps toprotect themselves and their sensitive data. Electronic checkprocessing is here to stay, and auditors and CFEs need tobe ready to meet the challenges. Unless the watchdogs are
vigilant, the community has to deal with increasingly moresophisticated fraudsters trying to commit electronic checkfraud using altered substitute checks or check images.
Linda Lee Larson, DBA, CFE, CPA, CISA, is
an associate professor of accounting at Central Washington
University Lynnwood Center in Lynnwood, Wash. Her
email address is: [email protected].
Before Check 21, duplicate check processing
rarely happened. However, American Bankermagazine now estimates that duplicate check pro-
cessing is a $500 million problem, which accounts
for about half of the total check fraud in the U.S.
-
7/27/2019 revista Antifraude
20/76
18 Fraud-Magazine.com
raud InFraud InHouses Of WorshipHouses Of Worship
What BelieversDO NOTWant to
BELIEVEBy Robert M. Cornell, Ph.D., CMA, Educator Associate; Carol B. Johnson,Ph.D., Educator Associate; and Janelle Rogers Hutchinson
Cara Bresette-Yates/iStockphoto
-
7/27/2019 revista Antifraude
21/76
January/February 2012 19
n accounting professor who teaches a fraud investigation class re-
cently told a story about a student in her class who approachedher for help on a personal project. The students church had
asked the student to attempt to determine the dollar amount of damages
in a recent embezzlement. The perpetrator, a former church secretary, had
been defrauding the 200-member church for 18 months by writing herselfduplicate paychecks, stealing cash from donation deposits and taking out
credit card accounts in the church name, among other schemes.
The church discovered the fraud when the secretary was called away
for a family emergency, and the previously inattentive manager receiveda phone call about an unpaid credit card bill. The manager did not know
the credit card existed. Because the church had not segregated employee
duties, the secretary had free rein over all aspects of church finances: she
kept the books, paid all the bills, handled cash receipts, managed the pay-roll, issued paychecks and reconciled the bank account. The sky was the
limit for her fraud. A simple search of public records would have revealed
that the secretary was in financial trouble a serious red flag for fraud.
But the church did not conduct that search until it was too late.The professor was not surprised by such a common scheme. However,
she was taken aback when she opened the students work file to reviewthe case. She recognized the name of the perpetrator as a secretary in her
church and confirmed this identity by questioning the student investiga-tor. Internal controls in the professors church were a bit better it had
segregated some accounting duties but were still insufficient. In fact,
internal controls were bad enough that no one could ever know if the
secretary stole from the professors church.It was quite common for people to drop cash and checks by the
church office during the week and leave them with the secretary for use
in special funds, such as one to aid local homeless people. It would have
been easy for the secretary to simply pocket some of the funds, and noone would have been the wiser. The secretary eventually resigned; it is
unknown if she stole from the professors church during her tenure there.
She was replaced with another secretary who had her own financial prob-lems her home was in foreclosure within six months of taking the job.
The professor advised church officials that they needed to improve
internal controls, but the staff members believed that no one would ever
do such a thing here. Indeed, fraud examiners who deal with finances,
fraud and internal controls in houses of worship may be labeled over-reacting conspiracy theorists when they tell church staffs they may have
fraudsters in their midst. However, fraud examiners know that houses of
Houses of worshipare particularly vulnerable tofraud, but most feel they are impervious. The authors
provide reasons why churches feel so bulletproof and
seven practical steps fraud examiners can use to help
churches stop fraud in its tracks.
A
-
7/27/2019 revista Antifraude
22/76
20 Fraud-Magazine.com
FRAUD IN HOUSES OF WORSHIP
worship churches, synagogues, temples, mosques etc. areamong the most vulnerable entities.
WHY are CHURCHES SO VULNERABLEWHY are CHURCHES SO VULNERABLE?Churches typically emphasize the importance of good acts anddeeds, so we might expect their tone at the top would protect
them from fraud. Not so. A variety of factors lead to the op-posite situation. Donald Cresseys research on the fraud triangleshowed that pressure, opportunity and rationalization are pres-ent in almost all frauds. (See pages 10 through 14 of Occupa-tional Fraud and Abuse, by Dr. Joseph T. Wells, CFE, CPA.)However, some forms of these three elements are more preva-lent in houses of worship.
PRESSURES AND RATIONALIZATIONPRESSURES AND RATIONALIZATIONIn many cases, ministers, secretaries and other staff members inhouses of worship are expected to work long hours on pauperswages for the love of a deity, while mingling with the wealthi-
est of society. These working conditions can create resentment,desperation and rationalization, such as they owed it to me.Church staff and volunteers can also face financial prob-
lems from feeding vices and addictions. A pastor or church mem-ber with a serious vice likely will feel that any resulting financialpressure is highly non-shareable. Cressey emphasized that thenon-shareable aspect of a pressure made it a particular impetusfor fraud.
OPPORTUNITYOPPORTUNITYChurches might be the poster child for fraud opportunity for avariety of reasons. First, they tend to be small organizations. TheACFEs 2010 Report to the Nations found that fraud happens
most frequently in entities with less than 100 employees acategory that would include most houses of worship. Becauseof their small size, churches tend not to be willing or able tohire professionals who have significant financial expertise or areknowledgeable about internal controls. Also, by default, smallorganizations find it difficult to adequately segregate duties orinstall independent checks.
Secondly, trust among employees and volunteers fuelschurch engines. Unfortunately, church cultures foster the beliefthat trust is an adequate control a fallacy that can create af-finity frauds, such as the $78 million fraud that Daren Palmer, apillar of his church, perpetrated against members. (http://tinyurl.com/4xae883) Because of the tight-knit culture, it is commonfor churches to hire family members and close friends, whichincreases opportunities for collusion.
Also, churches often do not create the perception of con-sequences that is necessary to deter fraud. History and humannature show that when a fraud does occur in a church, staffmembers often hide the crime so they will not upset membersand other potential donors. In the opening case of the embez-zling church secretary, the fraud at the first church was neverpublicized or prosecuted because a close relative of the secretary
was a significant donor to the church and a powerful member ofthe church board. In addition, U.S. nonprofits generally are nottightly regulated. State attorneys general and the Internal Reve-nue Service (IRS) are the only entities in a position to provide regu-
latory oversight to churches. Attorneys general are typically preoc-
cupied with other issues. And churches are exempt from the rule
that nonprofits must file informational tax returns with the IRS. Soonly parent denominations, church governing boards and possibly
church members are likely to be privy to financial information.
DO THEY REALLY BELIEVE IT CANNOTDO THEY REALLY BELIEVE IT CANNOTHAPPEN IN THEIR CHURCHHAPPEN IN THEIR CHURCH?To get a feel for churches perceived fraud invincibility, we in-terviewed individuals who provided financial oversight in 132U.S. houses of worship. Our survey included a broad varietyof denominations (primarily Christian) of differing member-ships, annual budgets and numbers of employees. Membershipsranged from 25 to 37,500, with an average of 1,168 and a medi-
an of 425. Annual budgets ranged from $10,000 to $30 million,with an average budget of $1,089,045 and a median budget of$430,000. Figure 1 illustrates the distribution of church bud-gets. Most of these churches had at least a few paid employees,and some were affiliated with national or international denomi-nations providing some oversight role.
Fraud had indeed reared its ugly head with 13.4 percent ofthe church leaders acknowledging they had experienced a fraud
in their organizations within the previous five years. The esti-mated sizes of the frauds ranged from a few dollars to $35,000.We suspect that the actual frequency and dollar amount of fraudwere seriously underreported for two reasons.
First, our interviews indicated that churches generallylacked proper internal accounting controls, including segrega-tion of duties, and that even if those controls were in place, thechurches did not consistently follow them. The reported levelsof controls in most of these institutions were so poor that theyprobably harbored many undetected frauds. For example, most ofthe churches we surveyed did not separate record keeping from as-
36%$0 $250,000
17%$250,000 $500,000
12%$500,000 $750,000
7%$750,000 $1 million
28%Over $1 million
Figure 1: Budget Range of Churches Surveyed
-
7/27/2019 revista Antifraude
23/76
January/February 2012 21
FRAUD IN HOUSES OF WORSHIP
set custody, particularly with respect
to the payment of expenses. Also,
in most cases, the same person whowrote the checks also reconciled the
bank statements. Figure 2 illustrates
the frequency of various control vio-
lations that we found in churches.The second reason we suspect
underreporting is that it is likely
that some interviewees were un-
willing to admit frauds, or their
churches did not tell them about
discovered crimes. Ministers and
church elders are accustomed to
holding the sins of their flocks
close to the chest, and this empha-
sis on confidentiality may prevail
even in the case of white-collar
sins. The cloak of secrecy may mean that the right hand doesnot know what the left hand is doing within the church. Also, in
the same way that those who have been scammed are often too
embarrassed to admit their victimhood, church ministers and oth-
er financial leaders may be hesitant to reveal their vulnerability.
We asked interview participants how vulnerable they
thought their organizations were to employees or members il-
legal or unethical financial actions. Despite generally poor levels
of controls, none of the respondents even those in organi-
zations that had experienced fraud felt their organizations
were extremely vulnerable. Almost a fourth said they were not
vulnerable at all to fraud, and nearly two-thirds said they were
only slightly vulnerable. Table 1 on page 22 presents the percep-tions of vulnerability to fraud within churches that experienced
a fraud within the last five years and those that had no report-
ed fraud over the same period. Overall, most believed that it
wasnt going to happen here.
WHY DO THEY FEEL SO BULLETPROOFWHY DO THEY FEEL SO BULLETPROOF?The lack of a realistic perception of vulnerability is driven by
several psychological mechanisms including overconfidence, ig-
noring base rates and confirmation biases.
Overconfidence
Overconfidence is a particularly difficult psychological barrier
to overcome, even among those with high levels of education.
Psychologists and economists, who have studied the overconfi-
dence phenomenon since the 1960s, find that this mindset re-
sults from two factors. One might be called the Lake Wobegon
effect (from Garrison Keillors A Prairie Home Companion):
we all think we are above average.1Secondly, we tend to have
an illusion of control over circumstances.2The combination of
these two factors leads to unrealistic optimism. Researchers findthat people are more overconfident when they are faced with
difficult or very difficult tasks. The hard-easy effect suggeststhat they are more vulnerable to fraud when 1) it is difficult toassess the likelihood of fraud, and 2) they lack the skills to ap-propriately safeguard their most valuable assets.
Ignoring Base Rates
Cognitive researchers find that even when people are provided
information on the likelihood of fraud, they tend to ignore
base rates. (A base rate can be defined as the average num-
ber of times an event occurs divided by the average number of
times on which it mightoccur.) Consequently, if we were to tell
a group of church leaders that 20 percent of all houses of wor-
ship (a hypothetical number) are likely to be victims of fraud
within the next five years, their over-optimism will lead almost
all of them to conclude that they will notbe victims of fraud.
In other words, people tend to place themselves into the group
that is not affected by frauds instead of accurately assessing if
their particular situation is more reflective of the group that
will experience a fraud.
Confirmation Bias
Auditors and fraud examiners do not tend to conclude that as-
sets are safe unless they have assessed the quality of the controls
in place. The average Joe, however, suffers from a confirma-
tion bias. In other words, Joe will rely too much on confirm-
ing evidence, such as we have never had a fraud before. At
the same time, he will dismiss contradictory arguments, such as
we do not have adequate controls in place. This bias increases
with the amount and strength of confirming evidence. It will
decrease with contradictory evidence but at a much slower rate.3
Walt Pavlo, the perpetrator of a multi-million dollar fraud
at MCI and WorldCom, expressed confirmation bias well. At the
Oklahoma State University 2008 Financial Reporting Conference,
he was asked where the auditors were while he was committing his
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
No checking references
No criminal background checks
Related parties on board of directors
Same person deposits receipts andreconciles bank statements
No financial expert on board
No term limits for financial volunteers
Same person records anddeposits receipts
No credit checks for employees
No required vacations
No surprise audits
Figure 2: Control Problems in Churches
87%
80%
78%
72%
67%
51%
48%
47%
20%
13%
-
7/27/2019 revista Antifraude
24/76
22
FRAUD IN HOUSES OF WORSHIP
crime, which involved overstatement of receivables. His response:
No one wants to question good news. In the for-profit world, the
evidence has shown that excessively high revenues are a much big-
ger red flag for fraud than excessively low revenues.
HOW TO H LPHOW TO HELPBased on our survey findings and observations, we offer sevensteps fraud examiners can take to help churches avoid fraud:
1. Freely lend your expertise to small nonprofits and churchboards to help them understand and implement the conceptof separation of duties and independent checks.
2. Help them understand that checks are cash only morevulnerable. You could explain this by saying, If someonesteals a $1 bill from you, the most they have stolen is $1. Ifthey steal a $1 check from you and then add a few zeroes,they have stolen much more.
3. Combat overconfidence through education and training.Church boards must understand that trust is never an effec-tive internal control.
4. To achieve adequate perception of detection and conse-
quences, encourage church boards to be open and forth-coming about problems and consequences and to prosecutewhen appropriate. Such prosecutions could have preventedthe secretary in our opening story from moving to the nextchurch to possibly do the same thing.
5. While churches may be in the business of bringing the goodnews, it is a good idea to remind them that at least when itcomes to financial affairs, they should always question newsthat is too good to be true.
6. Church leaders are becoming aware of the need (and some-times the legal requirement) to conduct background checksto specifically find sex-related crimes. Help them understand
that they also can use criminal and credit checks to protectthe churchs financial assets and help ensure that donorswishes are honored by applying donor funds to good deeds,rather than using them to feather the fraudsters pockets.
7. While we have a psychological tendency to ignore base rates,we tend to respond to stories. These stories help bring the
reality home; so share stories about church frauds. And if youare feeling really brave, leave a few copies of Fraud Magazinein the church library.
Individuals who contribute to religious institutions or othernonprofits do so with the intent that their sacrifices will help theinstitution and/or the parties it serves. Fraud examiners can helpthese institutions ensure good stewardship over these resourcesand prevent the unintended distribution of resources to the pock-ets of fraudsters. An essential element of providing this help in-volves convincing them that yes, it can happen here.
Robert M. Cornell, Ph.D., CMA, ACFE EducatorAssociate, is an assistant professor of accounting in the OklahomaState University Spears School of Business. His email address is:[email protected].
Carol B. Johnson, Ph.D., ACFE Educator Associate, is theMasters of Science coordinator and Wilton T. Anderson Professorof Accounting in the Oklahoma State University Spears School ofBusiness. Her email address is: [email protected].
Janelle Rogers Hutchinsonis a Masters in Accounting studentat Oklahoma State University. Her email address is:
1Alicke, M. D., & Govorun, O. (2005). The better-than-averageeffect. In M. D. Alicke, D. Dunning & J. Krueger (Eds.), The self insocial judgment. 85-106. New York: Psychology Press.2Gino, F., Sharek, Z., & Moore, D. A. (2011). Keeping the illusionof control under control: Ceilings, floors, and imperfect calibration.Organizational Behavior & Human Decision Processes, 114, 104-114.3Juslin, P., Winman, A., & Olsson, H. (2000). Naive empiricism anddogmatism in confidence research: A critical examination of the hard-easy effect. Psychological Review, 107, 384-396.
Fraud Occurredin Last 5 Years
Perception of Vulnerability to Fraud
Not VulnerableSlightly
VulnerableVulnerable Very Vulnerable
ExtremelyVulnerable
Grand Total
Yes 24% 53% 17% 6% 0% 100%
No 25% 66% 6% 3% 0% 100%
Total 24% 64% 9% 3% 0% 100%
Table 1
Help them understand
that checks are cash
only more vulnerable.
Sue Colvil/iStockphoto
-
7/27/2019 revista Antifraude
25/76
January/February 2012 23
Example 1
A husband and wife served as treasurer and assistant treasurer
in a small church in North Carolina. When their business began
failing, they stole several thousand dollars from the church by
simply writing checks to themselves over a three-year period. The
fraud was discovered when a contractor complained that he had
not been paid for work on the church property. (http://tinyurl.
com/2e2gm2w)
Example 2
Three unrelated individuals who served as office manager, facilities
manager and a volunteer in a California church colluded to steal
$500,000 from the church coffers to fund extravagant lifestyles.
The threesome carried out their thefts by issuing fraudulent checks
and making inappropriate use of credit cards. The theft was discov-
ered when the church pastor became suspicious and reported the
theft to the finance committee. (http://tinyurl.com/66cqchg)
Example 3
The pastor of a large Ohio church commingled funds, laundered
money, tampered with records, forged documents and sold 19
acres of church land to steal more than $1 million from his church
and cover his tracks. The proceeds were used to buy cars, a boat,
a pool and hair treatments in addition to funding private-school
tuition for his children. When a church employee reported that
funds were missing, it took two years to investigate the crime before
charges were filed. (http://tinyurl.com/6dpnvch)
Example 4
The business manager of an Oklahoma church was accused of
embezzling $140,000 to pay her personal expenses. The alleged
theft was discovered when the bank notified the church of an over-
drawn account. The suspect said she could not have stolen that
much money because the church was audited every year.
(http://tinyurl.com/6bpqblr)
It Can Happen in Your Neighborhood
Theres so much to learn in order to be an effective fraud fighter where do
you start? Right here, withPrinciples of Fraud Examination. This course is the
foundation of the ACFEs curriculum and is recommended for all anti-fraud
professionals. Whatever industry or area of specialization you end up in, you
will benefit from a solid understanding of the fundamentals of the four key
areas of fraud examination:
Fraud Prevention and Deterrence Legal Elements of Fraud
Fraudulent Financial Transactions
Fraud Investigation
Solid Fundamentals for All Anti-Fraud Professionals
Learn from the experts at
Principles of Fraud ExaminationAustin, TX | April 30 - May 3, 2012
Build your anti-fraud career on a solid foundation
register online at ACFE.com/POFE by March 30 to save an additional $200!
-
7/27/2019 revista Antifraude
26/76
A major, multimillion sports ticket fraud at the University of Kansashighlights how CFEs can help convince administrators and boardsto reassert control over their athletics departments. The answercould be independent oversight.
By Herbert W. Snyder, Ph.D., CFE; and David OBryan, Ph.D., CFE, CPA, CMA
-
7/27/2019 revista Antifraude
27/76
n June 30, 2009, David Freeman pleaded guilty to
conspiracy to commit bank fraud as part of a federal
bribery case. Anxious to please the judge prior to
his sentencing, he provided investigators with in-formation about theft and resale of football and basketball
tickets at the University of Kansas (KU). Freeman fingered
two individuals, one of whom was exonerated while the
other proved to be central to the case.Freeman had his sentence reduced from 24 to 18months, which his attorney said was an inadequate re-ward for the information he had provided, according toDeveloper source in KU ticket scandal, by Steve Fry,in The Topeka Capital-Journal, April 22, 2010. (http://tinyurl.com/24wwss9)
Federal authorities contacted KU officials in late 2009.Under increasing pressure, KU announced in March 2010that it had retained the services of the Wichita office ofFoulston Siefkin LLP to conduct an internal investigation.Assisted by a forensic accounting firm, Foulston Siefkinfound that six employees had conspired to improperly sell
or use approximately 20,000 KU athletic tickets mostlyto basketball games, including the Final Four tournament from 2005 through 2010. The sales amounted to morethan $1 million at face value and could range as high as$3 million at market value. Even worse, the investigatorswere unable to determine how many of the tickets weresold directly to brokers because the employees disguisedthese distributions into categories with limited account-ability, such as complimentary tickets, according to Uni-versity of Kansas athletic tickets scam losses may reach$3M, in the Kansas City Business Journal, May 26, 2010.(http://tinyurl.com/3nvaf76)
The investigation did not examine years prior to 2005
because the athletics department did not retain those re-
cords. The investigation of KUs ticket sales and fundrais-
ing operations by federal authorities continued throughout2010 and 2011.
KUs internal investigation, which was released May 26,
2010, implicated the associate athletic director for develop-
ment, the associate athletic director for the ticket office, theassistant athletic director for development, the assistant ath-
letic director for sales and marketing, the assistant athletic
director for ticket operations and the husband of the associ-
ate athletic director for the ticket office who had been work-ing for KU as a paid consultant.
WHAT ACTUALLY HAPPENED?
The accused allegedly abused the complimentary ticket
policies of the university in three ways:First, official policy allowed for certain athletic office
employees to receive two complimentary tickets for each
athletic event provided they would not resell them. In-
stead, the athletic department routinely gave each of these
employees more than two tickets for each event and tacitlypermitted, if not overtly encouraged, reselling.
Second, the development/fundraising arm of the ath-
letic office was permitted to use complimentary tickets tocultivate relationships with prospective donors. However,
these officials helped themselves to many more complimen-
tary tickets than they could have reasonably ne