Both types of investigations are important to any organization that takes fraud prevention and control seriously. Companies with good fraud prevention controls actively monitor their systems and follow up on questionable data and unusual relationships between numbers. The investigation that starts this way should not be viewed as any less important than the one that begins with a definitive instance of fraud.
Signs of Fraud
Numerous signs can point to the possibility of fraud. Literally hundreds of different types of fraud schemes exist, so the number of possible red flags of fraud is huge. It would be impossible to cover them all in their entirety here, but some general signs of fraud can apply across all types of businesses and fraud schemes.
It is important to educate management and employees on these warning signs of fraud. Study after study indicates that tips from employees are one of the most common ways that corporate fraud is detected. Therefore, it makes sense to educate employees about symptoms of fraud so they can report red flags when they see them.
Accounting Irregularities
Irregularities that point to the possibility of fraud can range from simple things like unreconciled accounts and unusual account balances to more complex problems like “on-top entries,” which are made after the books are closed in order to manipulate the numbers ultimately reported on the financial statements.
An auto dealership had a controller who had not reconciled the bank accounts for nearly a year, despite management’s insistence that it be done. Management did not insist enough, and the problem persisted; the accounts remained unreconciled month after month. Unreconciled bank accounts usually signal one of two problems: The accounting staff is incompetent or understaffed, or there is a fraud-in-progress that will likely be exposed through a bank reconciliation. Both of these problems need to be corrected quickly.
In this case, it turned out that the controller simply couldn’t handle all of the responsibilities of her job. She was out of her league and was not doing the reconciliations because she did not have time and was likely afraid that the reconciliations would expose her incompetence. The reconciliations would have shown that she didn’t have a good handle on the company’s finances.
The auto dealership was lucky in this case. They simply dismissed the controller and hired someone more experienced and more competent. But there was a period of time during which management was afraid a fraud had occurred. They should have recognized early on that the unreconciled accounts were a sign of a big problem.
Cynthia Cooper, head of internal audit at WorldCom, recounts the on-top entries problem that she and her team discovered was part of a massive fraud scheme at the company. Executives were directing employees to make journal entries on top of the regular general ledger activity to make the financial statements conform to a predetermined template. Lower-level employees did not see these entries, because they occurred outside the regular system of recording accounting details, so the practice went on for a long time before it was discovered.
To further confuse anyone who might look at the on-top entries, executives directed a web of confusing entries to be made. They were not a handful of simple debits and credits. There were hundreds of entries, with figures divided and bounced between many different accounts, apparently in an attempt to confuse and discourage anyone who might try to dig into these entries. The existence of these entries was discovered because of some irregular numbers and account names by the internal audit team. This demonstrates the importance of being on the lookout for unusual accounts, numbers, and descriptions within the accounting system.
It’s not always easy to spot accounting irregularities. After all, an employee or executive who engages in fraud is often aware of what others are expecting their work or their numbers to look like. In many companies, management knows that revenue and expenses are expected to fall within certain parameters. Numbers outside of those expectations might raise suspicions. So a good fraudster will ensure that the numbers do not appear unusual in that regard. It’s only when someone digs deeper that the irregularities start to surface. An examination of a public company’s Securities and Exchange Commission (SEC) filings might reveal some notes or disclosures that do not make sense in light of the numbers reported. Small clues like these will be necessary to point to irregularities.
For example, suppose a company reports in the notes to the year-end financial statements that the raw materials used to make its products have become significantly more expensive. An examination of the company’s gross profit margin, however, shows that the percentage is stable. The only legitimate way for the gross profit percentage to remain unchanged during a period in which raw material prices increase significantly is for the sales price of the goods to rise proportionately. The sales prices at this company did not change, however, so that immediately raises a red flag about that unchanged gross profit margin. The numbers reported don’t make sense in light of the information provided in the notes. This should definitely be examined further.
It is clear that the accounting irregularities giving rise to a fraud investigation may not be easily identifiable. Those committing financial statement fraud are often adept at covering their tracks, so the red flags are not always obvious. The investigator often relies on intuition when examining the numbers and explanations for possible irregularities.
Apparent Control Weaknesses
When readily apparent major deficiencies in a company’s control procedures are identified, they should be considered warning signs that fraud could be occurring. All companies have some things that are not as secure as they should be. However, when the controls over a company’s assets and data are severely deficient, that is cause for alarm.
Some of the most common characteristics that might be considered severe deficiencies include:
- Complete lack of segregation of critical duties, giving one or more persons almost complete control over a financial area of a company and offering many opportunities to commit fraud and easily conceal it. For example, if the same person receives customer payments, records the payments to the customer’s accounts, makes the bank deposits, and reconciles the bank statement, there are many opportunities to commit and conceal fraud. The employee could steal a customer payment, record the payment on the customer’s account so the customer doesn’t know the funds have been stolen, and later adjust the accounting records while doing the bank reconciliation in order to cover the theft. If these duties are segregated among two or three employees, the risk of theft of a customer payment and subsequent acts to cover the theft are much less likely.
- Ability to override controls and limits of authority easily, either with no oversight of the process or with lax enforcement of it. For example, an area supervisor regularly exceeds his authority for vendor payments. His approval limit is capped at $20,000. He commonly requests that vendors issue multiple invoices for work, so that no individual invoice exceeds the $20,000 threshold. Upper management is aware of this situation, but does not enforce the policy or regularly monitor this supervisor’s activities. By failing to enforce the policy, management may be effectively encouraging the employee to continue to break rules, which could create opportunities for fraud.
- Failure to reconcile accounts regularly. Account reconciliation is important for accurate record keeping, even in the absence of fraud. Obviously, without reconciliations, management cannot know whether the books and records are accurate. Failure to reconcile also can encourage theft by employees who are aware that reconciliations are not done, and a theft could go unnoticed for a long time. In the example cited earlier in this chapter, management did not enforce its policy requiring monthly reconciliation of accounts, which led to a significant problem in the accounting function.
- Poor accounting records in general. This problem is often faced by smaller companies, but can also affect large companies, particularly ones that have done many acquisitions and have failed to integrate. Disjointed accounting systems make things difficult to monitor and reconcile, and offer opportunities for duplicate accounting entries to go unnoticed. Poor records also make it difficult for management to get an accurate financial picture of the company, and that could contribute to a fraud going unnoticed for a period of time.
It makes sense that the existence of major deficiencies in preventing fraud might be the precursor to fraud actually occurring at a company. If a company is lucky, it will catch the weaknesses before something happens. But many companies are not so lucky, and the identification of these types of problems should lead to further examination of the company to determine whether, in fact, fraud may have occurred under these serious circumstances.
If a company is not diligent about implementing good control procedures over its accounting function, it’s also likely that management will not be interested in looking for the fraud that might result from the poor controls. Hopefully, internal or external fraud experts can encourage management to identify and examine the weaknesses and their results.
Another problem is that, when serious problems are found, a company often either ignores the problems or fixes them without looking into whether a defalcation is associated with the control weaknesses. As difficult as it may be for management to admit that weaknesses like this may have led to fraud, it is important to find out for sure what the fraud status is.
Lack of Information
When information and documentation is unavailable, it can raise questions about honesty or dishonesty. In the regular course of business, documents are sometimes lost or things cannot be explained. However, there comes a time when too many items are missing or the missing information is too suspicious to ignore.
For example, the bookkeeper of a nonprofit organization frequently had difficulty locating canceled checks that were requested by the auditors as part of their annual financial statement audits. The auditors instead relied on the information on the carbon copies in conjunction with the general ledger detail. Unfortunately, the payees noted on the carbon copies were not accurate, and the checks in question were actually issued to the bookkeeper. She destroyed these canceled checks as soon as the bank statement arrived, and hoped that the auditors wouldn’t request copies of those specific checks.
When an occasional document is missing, it is usually not cause for alarm. But if a pattern of missing documentation emerges, it can be a warning sign of fraud. Look for missing information of a grouped or patterned nature: blocks of time, for a particular customer or vendor, for a certain type of transaction, or relating to a certain employee. A missing document or two is not all that disturbing, but ten missing documents, all related to one vendor—and all being questioned by management—are bothersome.
Apparent Deception
When people seem to be going out of their way to conceal information, alter documentation, or otherwise engage in behavior designed to deceive those looking for facts (auditors, superiors, investigators, etc.), it raises suspicions about fraud.
For example, a disability insurance claimant fills out all paperwork, but does not mention her ownership interest in a business that is closely related to the job that she ...