corporate fraud: understanding what puts your organization at risk ...
Transcript of corporate fraud: understanding what puts your organization at risk ...
Corporate Fraud: Understanding What Puts Your Organization at
Risk and How to Prevent It Presented to the Western Pennsylvania Association of Corporate Counsel June 3, 2014
About FVL
• Boutique consulting firm focusing on valuations, forensic accounting, fraud, and litigation support
• Formed in 2011 as a joint venture between two area CPA firms: Louis Plung & Company and O’Connor, Pagano, and Grupac
• Combined 100+ years of experience among the 5 core members • Additional expertise: corporate governance, risk management,
international business and consulting • Experience in several sectors, including manufacturing,
professional services, retail, real estate, and high-net-worth individuals/families
About the Speakers
Richard F. Fischer, CPA | Partner • Fraud Prevention, Risk Management, Internal Controls • Audit & Assurance Partner, Louis Plung & Company
• 27+ years of experience in public, private, non-profit, and
governmental sectors • Specialties: Employee Benefit Plan Audits, Insurance Captives,
Collateral Audits • Member of PICPA/AICPA • Actively involved in several PICPA committees, including Technical
Committee on Employee Benefit Plans (Chair); Construction (former Chair); Accounting and Auditing; Employee Benefits; and Peer Review
About the Speakers
Tony Montanaro, CPA, CFE | Manager • Valuations, expert witness reports, internal control and fraud
analysis • Manager, Audit & Consulting at Louis Plung & Company
• 10+ years of experience in auditing and consulting for private and
public corporations and closely-held businesses • As a Certified Fraud Examiner, Mr. Montanaro has the ability to:
– Examine data and records to detect and trace fraudulent transactions; – Identify the underlying factors that motivate individuals to commit
fraud. • Member of PICPA/AICPA and the Association of Certified Fraud
Examiners (ACFE)
Agenda
• Occupational fraud red flags and related behaviors
• Fraud detection and deterrence • Recent court case: Lawson v. FMR LLC • Elements of a successful fraud prevention
department • Case studies and examples
The Fraud Triangle
• Red Flags relate to the “Pressure” component by explaining the factors that lead to occupational fraud.
Opportunities to Commit Fraud
#1: Executive Compensation Agreements • If the majority of an executive’s pay is tied to meeting
certain financial targets, the propensity for fraud increases greatly.
• Case Study: – CFO created $300,000 of fictitious income in order to
receive a performance-based bonus – No process to detect the fraudulent behavior – Company had to borrow money to cover the loss
The 80/10/10 Rule
Studies indicate that: • 10% of people will always commit fraud • The other 10% will never commit fraud • The majority 80% could commit fraud, given the
right circumstances
Red Flags – Definition
• “Red Flags” – behavioral and system-based clues that can be picked up by attentive managers, colleagues, internal auditors, or subordinates.
Occupational Fraud - Red Flags
“The use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the organization’s
resources or assets.” (ACFE)
• At least one red flag is identified in 92% of fraud cases.
• In 64% of cases, the fraudster displayed two or more behavioral red flags.
• Example: Substance
abuse
Excessive work
absences
Financial difficulties Fraud
Occupational Fraud - Red Flags
Red Flags - Indicators
• Living Beyond Means/Financial Difficulties – Indicators: Repeated collection calls, wage
attachments, requests for pay advances, repeated loans from 401(k) plan
• Relationships With Vendors/Customers – Indicators: Reluctance to change suppliers, refusal to
issue invitations to tender, single source decisions, insistence on sole contact with suppliers/customers
Financial Difficulties – Case Study
Baierl Acura Fraud Case • Dealership controller made $53,000 a year –
embezzled $10.2 million by fudging bank and car inventory records
• Used money to buy: – 10 cars – 4 houses – Luncheon for 6 cooked by Food Network’s Ina Garten – VIP Super Bowl tickets – Personal tours of the Vatican
Red Flags - Indicators
• Control Issues/Unwillingness to Share Duties – Indicators: Complaints of bullying behavior from staff
members, never taking vacation, unwilling to train subordinates
• “Wheeler-Dealer” Attitude – Indicators: Opportunistic, places expediency above
principle, willingness to go outside appropriate business channels
• Divorce/Family Problems – Indicators: Emotional instability, decline in work
performance/work product, request for time off for court appearances, garnishments for child support
Relationship Between Fraud and Inappropriate Behavior
• 38% of fraud cases the perpetrator had engaged in at least one of the above misbehaviors.
Relationship Between Fraud and HR
• Study found that in 25% of cases the perpetrator had experienced an HR-related event immediately before or during the commission of fraud
Fraud Prevention and Deterrence
Fraud Prevention and Deterrence
• Anti-fraud controls are being overlooked • Example: proactive data monitoring and analysis is
used by only 35% of victim organizations, but the presence of this control was correlated with frauds that were 60% less costly and 50% shorter in duration.
• Lesson: Consider the observed effectiveness of specific control activities and how those controls will enhance potential fraudsters’ perception of detection.
• Tips are consistently and by far the most common detection method: 40%, twice the rate of any other detection method
Tips/Whistleblower Programs
• Whistleblower policy • Fraud hotline • Fraud prevention education and communication • Regardless of the method, a specific system
should be established and communicated
Methods of Cultivating Tips
Whistleblower Policies: Recent Developments
• Public companies prohibited from retaliating against employees who report fraud.
• Established by Sarbanes-Oxley Act • “No [public] company . . . , or any officer, employee,
contractor, subcontractor, or agent of such company, may discharge, demote, suspend, threaten, harass, or in any other manner discriminate against an employee in the terms and conditions of employment because of [whistleblowing or other protected activity].” §1514A(a) (2006 ed.).
Lawson v. FMR LLC
• March 4, 2014: U.S. Supreme Court expanded the scope of the SOX whistleblower protections to private companies that provide contract services to public companies.
Lawson v. FMR LLC - Background
• FMR (Fidelity Management & Research Co., Fidelity Brokerage Services, LLC, FMR, LLC, etc) – a group of privately held companies that provided contract services to various Fidelity mutual funds.
• The public mutual funds had no employees, only contractors (circumventing the SOX whistleblower protections).
• Plaintiffs in the case were allegedly fired by FMR for reporting
accounting irregularities and inaccuracies in SEC filings. Both brought civil actions against FMR as whistleblowers under the SOX provisions.
• FMR argued that the case should be dismissed as the plaintiffs were employees of privately held companies and the SOX provisions only applied to employees who work for public companies.
Lawson v. FMR LLC - Decision
• In a 6-3 decision, the USSC held that whistleblower protections extend to employees of private contractors of public companies when the employees raise fraud issues about the client.
Lawson v. FMR LLC – Takeaways for Private Organizations
Review internal policies to ensure adequate reporting mechanisms are in place for incidents of fraud. • If an employee discovered an incident of fraud, would they know
the proper reporting procedures? • If a manager or supervisor received a fraud-related tip or
complaint, would they know what to do? • Do your employees know what constitutes retaliation and how to
avoid it? • Are these facts and procedures documented in a whistleblower
policy that is communicated to employees and relevant agents? • Is the culture such that whistleblowers are not afraid to come
forward with potential violations?
Lawson v. FMR LLC – Takeaways for Public Organizations
• The use of all third parties puts the engaging party at greater risk of fines, litigation and damage to reputation.
• All third parties need to be evaluated for the potential risk to the enterprise.
Fraud Prevention Department
Key elements needed to be effective: • A clear charter or mission, • A comprehensive fraud risk management strategy, • Written policies and procedures, • Sufficiently experienced personnel, • Sound internal organizational structure, • Executive sponsorship, • Investigative priorities aligned with fraud risk and the
organization’s business objectives and strategy, • Effective and timely response, • Essential array of technology tools, • Case management system and; • Key performance measurements.
Internal Controls
• The $300,000 fraud case we mentioned could have been prevented if: – The Board understood the CFO’s comp agreement – Financial statements were reviewed throughout the
year – The cash flow being generated by the company was
analyzed – Management had a better understanding of the
industry
Emerging Technologies
Continuous Auditing and Monitoring • Ability to provide relevant information in more of
a real time context • Utilizes data mining, continuous analytics,
regression analysis, and other fraud detection techniques on specified risk areas
Emerging Technologies
• New Technology Examples – Mobile technology – Cloud-computing tools
• Social Media – Potential to allow earlier identification of issues, risks, or control
problems (red flags)
Is It Fraud? Example One
Company car usage • Employee A had a company car, but drove
personal motorcycle to work • Went on family vacation, and drove the company
car • Claimed that the company owed him the miles
because he had been driving his personal vehicle to work
Is it fraud?
Is It Fraud? Example Two
Stockpiling sales • Employee B gets a bonus if he sells 50 widgets by
the end of the year (there is no extra bonus for selling more than 50 widgets)
• He sells 60 widgets by Dec 1, but only records the sale of 50 widgets for that year
• He waits until January of the new year to record the other 10 widget sales
Is it fraud?
Is It Fraud? Example Three
Volume Rebates • Employee C worked with a vendor employee to
purchase products, where they received rebates or cash if they purchased a certain volume of product.
• Employee C would order the amount of product needed to meet the volume requirements to receive the rebate, then after the period end would cancel the purchase order.
Is it fraud?
Case Study: The Tale of 3 Frauds
Quest Oil Company • CEO, CFO, and Director of Purchasing all
committed fraud independently of one another • Kickbacks, wire fraud, check fraud • All three schemes fell apart when a new executive
joined the team and suspected something was amiss
• How could it have been prevented (or stopped sooner)?
Questions?
Richard Fischer, CPA Tony Montanaro, CPA, CFE [email protected] [email protected] 412-201-7532 412-201-7544