Home Tags Fraud


When Do You Call in the Fraud Team?

Every company needs a fraud response plan, says Kelly Todd, managing member and the member in charge of forensic investigations at Forensic Strategic Solutions LLC, of Birmingham.

“Occupation fraud” — committed against a company by its own officers, directors or employees — “is likely the largest and most prevalent threat,” according to a 2018 report compiled by the Association of Certified Fraud Examiners.

The ACFE also reports these statistics for U.S. fraud cases:

• Average loss — $100,000
• Median duration before detection — 16 months
• Corruption — 30 percent of total cases
• Means of detection — a tip, 37 percent of the time

Nonetheless, the percentage of cases referred for prosecution has dropped 16 percent in 10 years, most commonly because the victim organization feared bad publicity.

Accounting shenanigans that prop up securities was the biggest fraud category, reaching historic highs in 2018.

Kelly Todd (right), who leads the investigation team at Forensic Strategic Solutions, reviews files with forensic analyst and investigative accountant Erica Hale. Photo by Art Meripol

According to corpgov.law.harvard.edu, in 2018, “Securities class action filings involving accounting allegations remained at uncharacteristically high levels as the trend of core filings against larger defendant firms continued.

“There were 143 securities class actions involving accounting allegations (accounting case filings) during 2018, nearly 86 percent more than the historical average.”

The report also stated, “The number of accounting cases containing an allegation and announcement of internal control weaknesses exceeded the historical average for the sixth consecutive year.”

Given all of this, the accounting industry, specifically the auditing sector, is looking for ways to reform the auditing process, where independence from the company being audited and ethical conduct is paramount.

Clive Viegas Bennett, CEO of MGI Worldwide, writes in Accountancy Age, “The huge independence edifice is built on quicksand because the auditors are paid directly by the companies they audit.”

A prime example of the issues facing the auditing world is the case involving accounting firm PricewaterhouseCoopers, the Federal Insurance Deposit Corp. and what used to be Alabama’s third largest bank, Colonial.

Earlier this year, PricewaterhouseCoopers announced that it has settled with the FDIC for $335 million over its audits of Colonial Bank, which failed during a financial crisis. The suit was related to professional negligence claims brought by the FDIC against PwC coming out of the firm’s audit of Colonial. The FDIC sought to hold PwC liable for not detecting fraud during audits of Colonial Bank, and a federal judge said the accounting giant had not designed its audits to detect fraud. An Alabama federal district court had earlier awarded damages of $625 million to the FDIC.

“I consider auditor independence to be a misnomer,” says Todd DeZoort, professor of accounting in the Culverhouse College of Commerce and the University of Alabama’s Durr-Fillauer Chair in Business Ethics. “While some auditors should be careful to manage their financial and relational dependencies on a client, I believe auditor independence is impossible in our current system. My research indicates that stakeholders are interested in auditor reliability, which flows from auditor integrity, expertise, independence and pursuit of objectivity.”

DeZoort says a quality audit “should help a client clean up financial reporting and internal control problems that, if unaddressed, can be catastrophic to a company. The audit function is there to serve the public interest and protect very vulnerable stakeholders in a very complicated and high risk reporting environment.”

DeZoort teaches a seven-step fraud risk management model that includes fraud risk governance, fraud risk assessment, prevention, investigation, reporting, mediation and, last but not least, detection, which is where Todd and her troops come in.

Todd DeZoort, accounting professor at the University of Alabama, says “The audit function is there to serve the public interest and protect very vulnerable stakeholders in a very complicated and high risk reporting environment.”

Forensic accounting, according to DeZoort, is more focused on risk assessment and investigation, while fraud prevention is the responsibility of management and internal auditing.

In her work as a forensic accountant and fraud examiner, Todd works closely with defense and plaintiff attorneys, audit committees, corporate boards and government inspector generals. Her experience in litigation consulting includes services in civil proceedings, including the calculation of economic damages in a broad range of personal and corporate disputes. Todd has testified as an expert witness in federal and state courts.

“I think one of the things that is important to keep in mind,” Todd says, “is while, yes, every company should have a fraud response plan, there really is a dividing line between companies based on their size and what they are capable of from a resource standpoint. You are going to tend to see response plans and protective detection and that sort of thing in a much larger company, because they have the resources to do it.”

Todd points out that fraud is not something that happens every day. “It is not a normal occurrence in a business.”

And while much of today’s corporate fraud may be linked to technology, technology is “having a huge and growing impact on auditing and fraud examination,” says DeZoort. “For example, we are seeing a surge in the use of artificial intelligence in both auditing and fraud examination, allowing advanced data analytics involving 100 percent of transactions rather than just traditional random samples.

“We see anti-fraud professionals conducting more advanced quantitative and qualitative data analytics with technology, including data mining, digital analysis and linguistic text analysis.”

“When we go in, or a business suspects that there is a problem, one of the first things we want to do generally is ask for mirror images of the computers,” Todd says. “So if the business doesn’t realize, or hasn’t thought through how they are going to respond to the event, how they handle the evidence, or potentially the event, they may not even recognize what could potentially be evidence, that if handled improperly, by the wrong people or just handled improperly in general, could render that potential evidence useless in a court of law.”

She says handling electronic information, handling employees and suspects can be tricky for a company if there is no plan. “And a lot of times when there is no one suspected, they may have no idea who may be involved. And so it is just thinking through those initial steps in how to deal with something that a business is not accustomed to dealing with on a daily basis,” Todd says.

Todd says her firm has been using data analytics or data mining for 20 years. “Now, artificial intelligence is really changing the landscape as far as the ability to proactively look for fraud, or just patterns of wrongdoing. I think it is going to change the accounting profession. What it is not going to do, though, is once the patterns are identified, it is not going to be able to go and investigate the fraud, and it is not going to be able to develop the evidence and interviews. While it may change the initial detection, it is not going to change the investigative part of it.”

Todd says it is important to separate prevention and detection from investigation. “Detection could happen internally in a company. But from our standpoint, because we are outside, we are typically called in when a company believes it has a problem, or they may have detected something, but they don’t have the resources to actually investigate and develop the evidence to take it to law enforcement.

“Fraud, for us, is really about looking for the footprint of the beast. Fraud leaves a pattern, leaves trends in the data, or in the financial statements or in any various financial reports. And so what we are doing, we are going in and, based on what the company may believe has happened, we work under what is known as the fraud theory approach. We form a hypothesis based on what we believe may have happened, and then we test that hypothesis through document review, collection of electronic evidence, accounting transactions, that sort of thing, and then interviewing. And we generally go from the general to the specific. As we are making our way through our investigation, we start with the big picture, and follow that trail to more specific information and eventually work our way into some kind of solution, depending on what the client is looking for. If it is looking for a confession from the suspect, then the specific is going into seeking a confession through an interview.”

Todd says there is often an “aha” moment in the investigation — when  investigators are following one path “and all of a sudden something unleashes, and we are ‘Oh my gosh, you are not going to believe this. It is this person as opposed to that person.’”

Todd says a high percentage of fraud cases settle out of court or in guilty pleas. Forensic accountants are sometimes called the “detectives of the accounting world,” and Todd says there are some key things to look for when questioning people involved in suspected company fraud.

“Forever, people thought it was about body language,” Todd says, “and while body language is important, it is only one of many ways to tell if someone is being deceptive with you. The more things that are happening across various channels if you will, speech, a tone of voice and the jittery body language, the more of those that are happening at one time, the more likely it is that the person is being deceptive. The key is to be able to identify their baseline, what is normal for that person.”

Todd says, “If you think fraud is not going to happen, you are wrong because it is, but when it does, do not take matters into your own hands, and be certain to put together a team of experts that know what they are doing.”

Bill Gerdes and Art Meripol are freelance contributors to Business Alabama. Gerdes is based in Hoover and Meripol in Birmingham.

Fraud in Your Workplace

Photo by Jefferson Santos on Unsplash

Ominous music. Dark lighting. A menacing aura. These are just a few of the cues that help us determine when a film character may be up to criminal activity. However, when trying to identify a wrongdoer in our day-to-day lives, the task becomes much more difficult. Could you point out a criminal on the street? What about in your workplace?

Unfortunately, many company leaders haven’t learned this crucial skill. According to the Association of Certified Fraud Examiners (ACFE), an estimated five percent of annual revenues from companies just like yours are lost to financial crime, including fraud. In 85 percent of cases, fraudsters display at least one behavioral red flag — and in 50 percent of cases, they display multiple. And yet, fraud continues to have a devastating impact on businesses across the country. In order to get ahead of this disturbing trend, management must understand the red flags that fraudsters display, and be empowered with knowledge on how to combat the potential threat.

But first, leadership must understand why employees are driven to commit fraud.

Why Good Employees Become Fraudsters

Often, an individual’s temptation to commit fraud begins while working in an environment with lax internal controls. These employees are often left in a position to check their own work, have broad access to money going in and out of the business and have unfettered access to company cards.

While being in this position does not a fraudster make, when combined with external stressors — such as bad economic times, a divorce, an illness, a gambling habit or the failure of a business — lenient internal controls provide the opportunity for employees to commit fraud, then rationalize their actions by saying, “I’ll only take a small amount, then return it later when I’m in a better situation.”

As evidenced here, fraud is often committed in desperate times, and even trusted, longtime employees can fall victim to temptation. This means they often won’t seem like criminals from the movies. In order to discover these fraudsters, management must be vigilant about watching for potential warning signals.

Habits of Typical Perpetrators

Remember the book series Where’s Waldo? Each page would ask readers to find the striped-shirted hero among highly detailed scenes. Finding workplace criminals is very similar to playing a game of Where’s Waldo. You must use attention to detail and be able to pick out anomalies within the actions of your employees.

Behavioral anomalies often manifest in the same patterns, and can include showing consistent unhappiness with their job, habitually finding ways around established procedures to “beat the system” or showcasing an extreme reluctance to relinquish control or share information with colleagues or management. These actions all serve as red flags of potential involvement in fraud.

It is important to note that the existence of one or two of these indicators does not always correlate with guilt. However, if these signals are present, it is a good idea to take a closer look to ensure that a larger threat is not occurring. If it is, you must be prepared with an action plan to stop the plot before it causes irreparable damage to the company.

Appropriate Responses to Fraud in the Workplace

If you suspect fraud in your workplace, immediately secure any evidence that could be helpful to your investigation team. This includes computers, flash drives, cell phones and digital accounts. “Secure” is the operative word — don’t tamper with the evidence. An act as simple as attaching an external device to a computer can render the evidence useless. Instead, assemble a team of forensic experts to investigate as soon as possible.

Of course, the natural response when a situation like this is discovered is to fire the employee. However, you should not do so at the initial discovery point. Employees have a duty to cooperate with employers during a lawful investigation. Consider keeping them on payroll until the evidence has been sufficiently developed by the investigation team. Once the employee is aware they are the subject of an internal investigation, restrict their access to their office and company information systems. This will prevent them from covering their tracks, encrypting programs, stealing confidential information and deleting incriminating evidence.

Finally, you should contact your insurer as early as possible. Many policies have a 30- or 60-day notification provision, beginning from the first day that you discover a loss may have occurred. Failing to notify insurance may void your coverage, making an already difficult loss even greater.

Preventative Measures to Take Now

Even if you do not currently suspect wrongdoing in your workplace, take precautionary measures to deter future fraudsters from committing financial crimes.

Preventative measures include segregating duties, placing daily and monthly limits on company cards, and monitoring electronic audit trails. Also, be sure to maintain strong employee recruiting controls to check the background of all potential new hires, helping to avoid hiring those with a questionable past. Finally, if possible, try to rotate staff within critical financial areas such as cash management, accounts receivable or purchasing. This ensures that no one employee can gain too much power or become secretive about a segment of your business.

While the extra workload of putting these preventative measures in place can be time-consuming, it pays off to protect yourself from the threat of fraud within your office.

Discovering fraud in the workplace isn’t easy. Unlike the movies, criminals don’t wear suspicious clothing and aren’t accompanied by a sinister theme song. However, with the right tools, you can identify real-life criminals in your office, one red flag at a time.

Kelly Todd is a managing member and the member in charge of forensic investigations at Forensic Strategic Solutions. Todd has a broad range of forensic experience, including financial and whitecollar investigations, fraudulent financial reporting, accounting malpractice, and the calculation of economic damages. For more information on how fraud can affect your company, email her at kelly@forensicstrategic.com or visit www.forensicstrategic.com.

Get the latest

Alabama business

news delivered to

your inbox

What's New