Tag Archives: financial fraud

Concealment Strategies & Fraud Scenarios

I remember Joseph Wells mentioning at an ACFE conference years ago that identifying the specific asset concealment strategy selected by a fraudster was often key to the investigator’s subsequent understanding of the entire fraud scenario the fraudster had chosen to implement. What Joe meant was that a fraud scenario is the unique way the inherent fraud scheme has occurred (or can occur) at an examined entity; therefore, a fraud scenario describes how an inherent fraud risk will occur under specific circumstances. Upon identification, a specific fraud scenario, and its associated concealment strategy, become the basis for fraud risk assessment and for the examiner’s subsequent fraud examination program.

Fraud concealment involves the strategies used by the perpetrator of the fraud scenario to conceal the true intent of his or her transaction(s). Common concealment strategies include false documents, false representations, false approvals, avoiding or circumventing control levels, internal control evasion, blocking access to information, enhancing the effects of geographic distance between documents and controls, and the application of both real and perceived pressure. Wells also pointed out that an important aspect of fraud concealment pertains to the level of sophistication demonstrated by the perpetrator; the connection between concealment strategies and fraud scenarios is essential in any discussion of fraud risk structure.

As an example, consider a rights of return fraud scenario related to ordered merchandise. Most industries allow customers to return products for any number of reasons. Rights of return refers to circumstances, whether as a matter of contract or of existing practice, under which a product may be returned after its sale either in exchange for a cash refund, or for a credit applied to amounts owed or to be owed for other products, or in exchange for other products. GAAP allows companies to recognize revenue in certain cases, even though the customer may have a right of return. When customers are given a right of return, revenue may be recognized at the time of sale if the sales price is substantially fixed or determinable at the date of sale, the buyer has paid or is obligated to pay the seller, the obligation to pay is not contingent on resale of the product, the buyer’s obligation to the seller does not change in the event of theft or physical destruction or damage of the product, the buyer acquiring the product for resale is economically separate from the seller, the seller does not have significant obligations for future performance or to bring about resale of the product by the buyer, and the amount of future returns can be reasonably estimated.

Sales revenue not recognizable at the time of sale is recognized either once the return privilege has substantially expired or if the conditions have been subsequently met. Companies sometimes stray by establishing accounting policies or sales agreements that grant customers vague or liberal rights of returns, refunds, or exchanges; that fail to fix the sales price; or that make payment contingent upon resale of the product, receipt of funding from a lender, or some other future event. Payment terms that extend over a substantial portion of the period in which the customer is expected to use or market the purchased products may also create problems. These terms effectively create consignment arrangements, because, no economic risk has been transferred to the purchaser.

Frauds in connection with rights of return typically involve concealment of the existence of the right, either by contract or arising from accepted practice, and/or departure from GAAP specified conditions. Concealment usually takes one or more of the following forms:

• Use of side letters: created and maintained separate and apart from the sales contract, that provide the buyer with a right of return;

• Obligations by oral promise or some other form of understanding between seller and buyer that is honored as a customary practice but arranged covertly and hidden;

• Misrepresentations designed to mischaracterize the nature of arrangements, particularly in respect of:

–Consignment arrangements made to appear to be final sales;

–Concealment of contingencies, under which the buyer can return the products, including failure to resell the products, trial periods, and product performance conditions;

–Failure to disclose the existence, or extent, of stock rotation rights, price protection concessions, or annual returned-goods limitations;

–Arrangement of transactions, with straw counterparties, agents, related parties, or other special purpose entities in which the true nature of the arrangements is concealed or obscured, but, ultimately, the counterparty does not actually have any significant economic risk in the “sale”.

Sometimes the purchaser is complicit in the act of concealment, for example, by negotiating a side letter, and this makes detection of the fraud even more difficult. Further, such frauds often involve collusion among several individuals within an organization, such as salespersons, their supervisors, and possibly both marketing and financial managers.

It’s easy to see that once a CFE has identified one or more of these concealment strategies as operative in a given entity, the process of developing a descriptive fraud scenario, completing a related risk assessment and constructing a fraud examination program will be a relatively straight forward process. As a working example, of a senario and related concealment strategies …

Over two decades ago the SEC charged a major computer equipment manufacturer with overstating revenue in the amount of $500,000 on transactions for which products had been shipped, but for which, at the time of shipment, the company had no reasonable expectation that the customer would accept and pay for the products. The company eventually accepted back most of the product as sales returns during the following quarter.

The SEC noted that the manufacturer’s written distribution agreements generally allowed the distributor wide latitude to return product to the company for credit whenever the product was, in the distributor’s opinion, damaged, obsolete, or otherwise unable to be sold. According to the SEC, in preparing the manufacturer’s financial statements for the target year, company personnel submitted a proposed allowance for future product returns that was unreasonably low in light of the high level of returns the manufacturer had received in the first several months of the year.

The SEC determined that various officers and employees in the accounting and sales departments knew the exact amount of returns the company had received before the year end, when the company’s independent auditors finished their fieldwork on the annual audit. Had the manufacturer revised the allowance for sales returns to reflect the returns information, the SEC concluded it would have had to reduce the net revenue reported for the fiscal year. Instead, the SEC found that several of the manufacturer’s officers and employees devised schemes to prevent the auditors from discovering the true amount of the returns, including 1), keeping the auditors away from the area at the manufacturer’s headquarters where the returned goods were stored, and 2), accounting personnel altering records in the computer system to reduce the level of returns. After all the facts were assembled, the SEC took disciplinary action against several company executives.

As with side agreements, a broad base of inquiry into company practices may be one of the best assessment techniques the CFE has regarding possible concealment strategies supporting fraud scenarios involving returns and exchanges. In addition to inquiries of this kind, the ACFE recommends that CFE’s may consider using analytics like:

• Compare returns in the current period with prior periods and ask about unusual increases.

• Because companies may slow the return process to avoid reducing sales in the current period, determine whether returns are processed in timely fashion. The facts can also be double-checked by confirming with customers.

• Calculate the sales return percentage (sales returns divided by total sales) and ask about any unusual increase.

• Compare returns after a reporting period with both the return reserve and the monthly returns to determine if they appear reasonable.

• Determine whether sales commissions are paid at the time of sale or at the time of collection. Sales commissions paid at the time of sale provide incentives to inflate sales artificially to meet internal and external market pressures.

• Determine whether product returns are adjusted from sales commissions. Sales returns processed through the so-called house account may provide a hidden mechanism to inflate sales to phony customers, collect undue commissions, and return the product to the vendor without being penalized by having commissions adjusted for the returned goods.

The Initially Immaterial Financial Fraud

At one point during our recent two-day seminar ‘Conducting Internal Investigations’ an attendee asked Gerry Zack, our speaker, why some types of frauds, but specifically financial frauds, can go on so long without detection. A very good question and one that Gerry eloquently answered.

First, consider the audit committee. Under modern systems of internal control and corporate governance, it’s the audit committee that’s supposed to be at the vanguard in the prevention and detection of financial fraud. What kinds of failures do we typically see at the audit committee level when financial fraud is given an opportunity to develop and grow undetected? According to Gerry, there is no single answer, but several audit committee inadequacies are candidates. One inadequacy potentially stems from the fact that the members of the audit committee are not always genuinely independent. To be sure, they’re required by the rules to attain some level of technical independence, but the subtleties of human interaction cannot always be effectively governed by rules. Even where technical independence exists, it may be that one or more members in substance, if not in form, have ties to the CEO or others that make any meaningful degree of independence awkward if not impossible.

Another inadequacy is that audit committee members are not always terribly knowledgeable, particularly in the ways that modern (often on-line, cloud based) financial reporting systems can be corrupted. Sometimes, companies that are most susceptible to the demands of analyst earnings expectations are new, entrepreneurial companies that have recently gone public and that have engaged in an epic struggle to get outside analysts just to notice them in the first place. Such a newly hatched public company may not have exceedingly sophisticated or experienced fiscal management, let alone the luxury of sophisticated and mature outside directors on its audit committee. Rather, the audit committee members may have been added to the board in the first place because of industry expertise, because they were friends or even relatives of management, or simply because they were available.

A third inadequacy is that audit committee members are not always clear on exactly what they’re supposed to do. Although modern audit committees seem to have a general understanding that their focus should be oversight of the financial reporting system, for many committee members that “oversight” can translate into listening to the outside auditor several times a year. A complicating problem is a trend in corporate governance involving the placement of additional responsibilities (enterprise risk management is a timely example) upon the shoulders of the audit committee even though those responsibilities may be only tangentially related, or not at all related, to the process of financial reporting.

Again, according to Gerry, some or all the previously mentioned audit committee inadequacies may be found in companies that have experienced financial fraud. Almost always there will be an additional one. That is that the audit committee, no matter how independent, sophisticated, or active, will have functioned largely in ignorance. It will not have had a clue as to what was happening within the organization. The reason is that a typical audit committee (and the problem here is much broader than newly public startups) will get most of its information from management and from the outside auditor. Rarely is management going to voluntarily reveal financial manipulations. And, relying primarily on the outside auditor for the discovery of fraud is chancy at best. Even the most sophisticated and attentive of audit committee members have had the misfortune of accounting irregularities that have unexpectedly surfaced on their watch. This unfortunate lack of access to candid information on the part of the audit committee directs attention to the second in the triumvirate of fraud preventers, the internal audit department.

It may be that the internal audit department has historically been one of the least understood, and most ineffectively used, of all vehicles to combat financial fraud. Theoretically, internal audit is perfectly positioned to nip in the bud an accounting irregularity problem. The internal auditors are trained in financial reporting and accounting. The internal auditors should have a vivid understanding as to how financial fraud begins and grows. Unlike the outside auditor, internal auditors work at the company full time. And, theoretically, the internal auditors should be able to plug themselves into the financial reporting environment and report directly to the audit committee the problems they have seen and heard. The reason these theoretical vehicles for the detection and prevention of financial fraud have not been effective is that, where massive financial frauds have surfaced, the internal audit department has often been somewhere between nonfunctional and nonexistent.. Whatever the explanation, (lack of independence, unfortunate reporting arrangements, under-staffing or under-funding) in many cases where massive financial fraud has surfaced, a viable internal audit function is often nowhere to be found.

That, of course, leaves the outside auditor, which, for most public companies, means some of the largest accounting firms in the world. Indeed, it is frequently the inclination of those learning of an accounting irregularity problem to point to a failure by the outside auditor as the principal explanation. Criticisms made against the accounting profession have included compromised independence, a transformation in the audit function away from data assurance, the use of immature and inexperienced audit staff for important audit functions, and the perceived use by the large accounting firms of audit as a loss leader rather than a viable professional engagement in itself. Each of these reasons is certainly worthy of consideration and inquiry, but the fundamental explanation for the failure of the outside auditor to detect financial fraud lies in the way that fraudulent financial reporting typically begins and grows. Most important is the fact that the fraud almost inevitably starts out very small, well beneath the radar screen of the materiality thresholds of a normal audit, and almost inevitably begins with issues of quarterly reporting. Quarterly reporting has historically been a subject of less intense audit scrutiny, for the auditor has been mainly concerned with financial performance for the entire year. The combined effect of the small size of an accounting irregularity at its origin and the fact that it begins with an allocation of financial results over quarters almost guarantees that, at least at the outset, the fraud will have a good chance of escaping outside auditor detection.

These two attributes of financial fraud at the outset are compounded by another problem that enables it to escape auditor detection. That problem is that, at root, massive financial fraud stems from a certain type of corporate environment. Thus, detection poses a challenge to the auditor. The typical audit may involve fieldwork at the company once a year. That once-a-year period may last for only a month or two. During the fieldwork, the individual accountants are typically sequestered in a conference room. In dealing with these accountants, moreover, employees are frequently on their guard. There exists, accordingly, limited opportunity for the outside auditor to get plugged into the all-important corporate environment and culture, which is where financial fraud has its origins.

As the fraud inevitably grows, of course, its materiality increases as does the number of individuals involved. Correspondingly, also increasing is the susceptibility of the fraud to outside auditor detection. However, at the point where the fraud approaches the thresholds at which outside auditor detection becomes a realistic possibility, deception of the auditor becomes one of the preoccupations of the perpetrators. False schedules, forged documents, manipulated accounting entries, fabrications and lies at all levels, each of these becomes a vehicle for perpetrating the fraud during the annual interlude of audit testing. Ultimately, the fraud almost inevitably becomes too large to continue to escape discovery, and auditor detection at some point is by no means unusual. The problem is that, by the time the fraud is sufficiently large, it has probably gone on for years. That is not to exonerate the audit profession, and commendable reforms have been put in place over the last decade. These include a greater emphasis on fraud, involvement of the outside auditor in quarterly data, the reduction of materiality thresholds, and a greater effort on the part of the profession to assess the corporate culture and environment. Nonetheless, compared to, say, the potential for early fraud detection possessed by the internal audit department, the outside auditor is at a noticeable disadvantage.

Having been missed for so long by so many, how does the fraud typically surface? There are several ways. Sometimes there’s a change in personnel, from either a corporate acquisition or a change in management, and the new hires stumble onto the problem. Sometimes the fraud, which quarter to quarter is mathematically incapable of staying the same, grows to the point where it can no longer be hidden from the outside auditor. Sometimes detection results when the conscience of one of the accounting department people gets the better of him or her. All along s/he wanted to tell somebody, and it gets to the point where s/he can’t stand it anymore and s/he does. Then you have a whistleblower. There are exceptions to all of this. But in almost any large financial fraud, as Gerry told us, one will see some or all these elements. We need only change the names of the companies and of the industry.

Rigging the Casino

I attended an evening lecture some weeks ago at the Marshall-Wythe law school of the College of William & Mary, my old alma mater, in Williamsburg, Virginia. One of the topics raised during the lecture was a detailed analysis of the LIBOR scandal of 2012, a fascinating tale of systematic manipulation of a benchmark interest rate, supported by a culture of fraud in the world’s biggest banks, and in an environment where little or no regulation prevailed.

After decades of abuse that enriched the big banks, their shareholders, executives and traders, at the expense of others, investigations and lawsuits were finally initiated, and the subsequent fines and penalties were huge. The London Interbank Offered Rate (LIBOR) rate is a rate of interest, first computed in 1985 by the British Banking Association (BBA), the Bank of England and others, to serve as a readily available reference or benchmark rate for many financial contracts and arrangements. Prior to its creation, contracts utilized many privately negotiated rates, which were difficult to verify, and not necessarily related to the market rate for the security in question. The LIBOR rate, which is the average interest rate estimated by leading banks that they would be charged if they were to borrow from other banks, provided a simple alternative that came to be widely used. For example, in the United States in 2008 when the subprime lending crisis began, around 60 percent of prime adjustable-rate mortgages (ARMs) and nearly all subprime mortgages were indexed to the US dollar LIBOR. In 2012, around 45 percent of prime adjustable rate mortgages and over 80 percent of subprime mortgages were indexed to the LIBOR. American municipalities also borrowed around 75 percent of their money through financial products that were linked to the LIBOR.

At the time of the LIBOR scandal, 18 of the largest banks in the world provided their estimates of the costs they would have had to pay for a variety of interbank loans (loans from other banks) just prior to 11:00 a.m. on the submission day. These estimates were submitted to Reuters news agency (who acted for the BBA) for calculation of the average and its publication and dissemination. Reuters set aside the four highest and four lowest estimates, and averaged the remaining ten.

So huge were the investments affected that a small manipulation in the LIBOR rate could have a very significant impact on the profit of the banks and of the traders involved in the manipulation. For example, in 2012 the total of derivatives priced relative to the LIBOR rate has been estimated at from $300-$600 trillion, so a manipulation of 0.1% in the LIBOR rate would generate an error of $300-600 million per annum. Consequently, it is not surprising that, once the manipulations came to light, the settlements and fines assessed were huge. By December 31, 2013, 7 of the 18 submitting banks charged with manipulation, had paid fines and settlements of upwards of $ 2 billion. In addition, the European Commission gave immunity for revealing wrongdoing to several the banks thereby allowing them to avoid fines including: Barclays €690 million, UBS €2.5 billion, and Citigroup €55 million.

Some examples of the types of losses caused by LIBOR manipulations are:

Manipulation of home mortgage rates: Many home owners borrow their mortgage loans on a variable- or adjustable-rate basis, rather than a fixed-rate basis. Consequently, many of these borrowers receive a new rate at the first of every month based on the LIBOR rate. A study prepared for a class action lawsuit has shown that on the first of each month for 2007-2009, the LIBOR rate rose more than 7.5 basis points on average. One observer estimated that each LIBOR submitting bank during this period might have been liable for as much as $2.3 billion in overcharges.

Municipalities lost on interest rate swaps: Municipalities raise funds through the issuance of bonds, and many were encouraged to issue variable-rate, rather than fixed-rate, bonds to take advantage of lower interest payments. For example, the saving could be as much as $1 million on a $100 million bond. After issue, the municipalities were encouraged to buy interest rate swaps from their investment banks to hedge their risk of volatility in the variable rates by converting or swapping into a fixed rate arrangement. The seller of the swap agrees to pay the municipality for any requirement to pay interest at more than the fixed rate agreed if interest rates rise, but if interest rates fall the swap seller buys the bonds at the lower variable interest rate. However, the variable rate was linked to the LIBOR rate, which was artificially depressed, thus costing U.S. municipalities as much as $10 billion. Class action suits were launched to recover these losses which cost municipalities, hospitals, and other non-profits as much as $600 million a year; the remaining liability assisted the municipalities in further settlement negotiations.

Freddie Mac Losses: On March 27, 2013, Freddie Mac sued 15 banks for their losses of up to $3 billion due to LIBOR rate manipulations. Freddie Mac accused the banks of fraud, violations of antitrust law and breach of contract, and sought unspecified damages for financial harm, as well as punitive damages and treble damages for violations of the Sherman Act. To the extent that defendants used false and dishonest USD LIBOR submissions to bolster their respective reputations, they artificially increased their ability to charge higher underwriting fees and obtain higher offering prices for financial products to the detriment of Freddie Mac and other consumers.

Liability Claims/Antitrust cases (Commodities-manipulations claims): Other organizations also sued the LIBOR rate submitting banks for anti-competitive behavior, partly because of the possibility of treble damages, but they had to demonstrate related damages to be successful. Nonetheless, credible plaintiffs included the Regents of the University of California who filed a suit claiming fraud, deceit, and unjust enrichment.

All of this can be of little surprise to fraud examiners. The ACFE lists the following features of moral collapse in an organization or business sector:

  1. Pressure to meet goals, especially financial ones, at any cost;
  2. A culture that does not foster open and candid conversation and discussion;
  3. A CEO who is surrounded with people who will agree and flatter the CEO, as well as a CEO whose reputation is beyond criticism;
  4. Weak boards that do not exercise their fiduciary responsibilities with diligence;
  5. An organization that promotes people based on nepotism and favoritism;
  6. Hubris. The arrogant belief that rules are for other people, but not for us;
  7. A flawed cost/benefit attitude that suggests that poor ethical behavior in one area can be offset by good ethical behavior in another area.

Each of the financial institutions involved in the LIBOR scandal struggled, to a greater or lesser degree with one or more of these crippling characteristics and, a distressing few, manifested all of them.

Overhanging Liabilities

Most experienced CFE’s are familiar with financial fraud cases involving the overhanging liabilities represented by artfully constructed schemes to avoid income taxes since multiple ACFE training courses over the years have focused on the topic in detail.  But for those new to fraud examination and to the Central Virginia Chapter, a little history.  Before 2002, accounting firms would provide multiple services to the same firm. Hired by the shareholders, they would audit the financial statements that were prepared by management, while also providing consulting services to those same managers. Some would also provide tax advice to the managers of audit clients. However, the Sarbanes-Oxley Act of 2002 (SOX) restricted the type and the intensity of consulting services that could be provided to the management of audit clients because the provision of such services might compromise the objectivity of the auditor when auditing the financial statements prepared by client management on behalf of the shareholders. Nevertheless, both before and after the passage of SOX, as subsequently reported in the financial press, both the major accounting firms Ernst & Young (E&Y) and KPMG were offering very aggressive tax shelters to wealthy taxpayers as well as to the senior managers of their audit clients.

In the 1990s, E&Y had created four tax shelters that they were selling to wealthy individuals. One Of them, called E.C.S., for Equity Compensation Strategy, resulted in little or no tax liability for the taxpayer. The complicated tax plan was a means of delaying, for up to thirty years, paying taxes on the profits from exercising employee stock options that would otherwise be payable in the year in which the stock options were exercised. E&Y charged a fee of 3 percent of the amount that the taxpayer invested in the tax shelter, plus $50,000 to a law firm for a legal opinion that said that it was “more likely than not” that the shelter would survive a tax audit. E&Y had long been the auditor for Sprint Corporation. They also took on as clients William Esrey and Ronald LeMay, the top executives at Sprint. In 2000 E&Y received:

  • $2.5 million for the audit of Sprint,
  • $2.6 million for other services related to the audit;
  • $63.8 million for information technology and other consulting services, and
  • $5.8 million from Esrey and LeMay for tax advice.

In 1999 Esrey announced a planned merger of Sprint with WorldCom that potentially would have made the combined organization the largest telecommunications company in the world. The deal was not consummated because it failed to obtain regulatory approval. Nevertheless, Esrey and LeMay were awarded stock options worth about $3ll million. E&Y sold an E.C.S. to each of the two executives. In the three years from 1998 to 2000, the options profits for Esrey were $159 million and the tax that would have been payable had he not bought the tax shelter amounted to about $63 million. The options profits for LeMay were $152.2 million and the tax thereon about $60.3 million.

Subsequently, the Internal Revenue Service rejected the E&Y tax shelter of each man. Sprint then asked the two executives to resign, which they did. Sprint also dismissed E&Y as the company’s auditor. On July 2, 2003, E&Y reached a $15 million settlement with the IRS regarding their aggressive marketing of tax shelters. Then, in 2007, four E&Y partners were charged with tax fraud. These four partners worked for an E&Y unit called VIPER, “value ideas produce extraordinary results,” later renamed SISG, “strategic individual solutions group.” Its purpose was to aggressively market tax shelters, known as Cobra, Pico, CDS, and CDS Add-Ons, to wealthy individuals, many of whom acquired their fortunes in technology-related businesses. These four products were sold to about 400 wealthy taxpayers from 1999 to 2001 and generated fees of approximately $121 million. The government claims that the tax shelters were bogus and taxpayers were reassessed for taxes owed as well as for related penalties and interest.

On August 26, 2005, KPMG in turn agreed pay a fine of $456 million for selling tax shelters from 1996 through 2003 that fraudulently generated $11 billion in fictitious tax losses that cost the government at least $2.5 billion in lost taxes. The four tax shelters went by the acronyms FLIP, OPIS, BLIPS, and SOS.  Under the Bond Linked Premium Issue Structure (BLIPS), for example, the taxpayer would borrow money from an offshore bank and invest in a joint venture that would buy foreign currencies from that same offshore bank. About two months later, the joint venture would then sell the foreign currency back to the bank, creating a tax loss. The taxpayer would then declare. a loss for tax purposes on the BLIPS investment. The way that BLIPS were structured, the taxpayer only had to pay $1.4 million to declare a $20 million loss for tax purposes. BLIPS were targeted at wealthy executives who would normally pay between $10 million and $20 million in taxes.

Buying a BLIPS, however, effectively reduced the investor’s taxable income to zero. They were sold to 186 wealthy individuals and generated at least $5 billion in tax losses. The FLIP and OPIS involved investment swaps through the Cayman Islands, and SOS was a currency swap like the BLIPS. The government contended that these were sham transactions since the loans and investments were risk-free. Their sole purpose was to artificially reduce taxes. Some argued that the KPMG tax shelters were so egregious that the accounting firm should be put out of business. However, Arthur Andersen had collapsed in 2002, and if KPMG failed, then there would be only three large accounting firms remaining: Deloitte, PricewaterhouseCoopers, and Ernst & Young. KPMG Chairman, Timothy Flynn, said “the firm regretted taking part in the deals and sent a message to employees calling the conduct inexcusable. KPMG remained in business, but the firm was fined almost a half billion dollars.

Because of the Ernst & Young and KPMG tax fiascos, the large accounting firms have become wary of marketing very aggressive tax shelters. Now, most shelters are being sold by tax “boutiques” that operate on a much smaller scale and so are less likely to be investigated by the IRS.  The question that remains, however, is to what extent should professional accountants be selling services that directly or indirectly abet even lawful tax avoidance which, as the ACFE tells us,  can so easily shade into what the IRS calls tax evasion?

Assessing the Unknown

Some level of uncertainty and risk must exist in any fraud examination involving financial statement fraud. For example, there may be uncertainty about the competence of management and the accounting staff, about the effectiveness of internal controls, about the quality of evidence, and so on. These uncertainties or risks are commonly classified as inherent risks, control risks, or detection risks.

Assessing the degree of risk present and identifying the areas of highest risk are critical initial steps in detecting financial statement fraud. The auditor specifically evaluates fraud risk factors when assessing the degree of risk and approaches this risk assessment with a high level of professional skepticism, setting aside any prior beliefs about management’s integrity.  Knowledge of the circumstances that can increase the likelihood of fraud, as well as other risk factors, should aid in this assessment.

SAS 99 identifies fraud risk categories that auditors and fraud examiners may evaluate in assessing the risk of fraud. The three main categories of fraud risk factors related to fraudulent financial reporting are management characteristics, industry characteristics and operating characteristics including financial stability.

Management characteristics pertain to management’s abilities, pressures, style, and attitude as they have to do with internal control and the financial reporting process. These characteristics include management’s motivation to engage in fraudulent financial reporting – for instance, compensation contingent on achieving aggressive financial targets; excessive involvement of non-financial management in the selection of accounting principles or estimates; high turnover of senior management, counsel, or board members; strained relationship between management and external auditors; and any known history of securities violations.

Industry characteristics pertain to the economic and regulatory environment in which the entity operates, ranging from stable features of that environment to changing features such as new accounting or regulatory requirements, increased competition, market saturation, or adoption by the company of more aggressive accounting policies to keep pace with the industry.

Operating characteristics and financial stability encompass items such as the nature and complexity of the entity and its transactions, the geographic areas in which it operates, the number of locations where transactions are recorded and disbursements made, the entity’s financial condition, and its profitability. Again, the fraud examiner would look for potential risk factors, such as significant pressure on the company to obtain additional capital, threats of bankruptcy, or hostile take-over.

The two primary categories of fraud risk factors related to asset misappropriation are susceptibility of assets to misappropriation and adequacy of controls.  Susceptibility of assets to misappropriation refers to the nature or type of an entity’s assets and the degree to which they are subject to theft or a fraudulent scheme.  A company with inventories or fixed assets that includes items of small size, high value, or high demand often is more susceptible, as is a company with easily convertible assets such as diamonds, computer chips or large amounts of cash receipts or cash on hand.  Cash misappropriation is also included  in this category through fraudulent schemes such as vendor fraud. Adequacy of controls refers to the ability of controls to prevent or detect misappropriations of assets, owning to the design, implementation and monitoring of such controls.

SAS 99 discusses fraud risk factors in the context of the fraud triangle which we’ve often discussed on this blog.  SAS 99 also suggests that the auditor consider the following attributes of risk:

–Type of risk that may be present – that is fraudulent financial reporting, asset misappropriation and/or corruption.

–Significance of risk – that is whether it could result in a material misstatement.

–Likelihood of the risk

–Pervasiveness of the risk – that is whether it relates to the financial statements as whole or to just particular accounts, transactions or assertions.

Finally, management selection and application of accounting principles are important factors for the examiner to consider.

Team Work is Hard Work

From reading posts and comments posted to LinkedIn, it seems that a number of our Chapter members and guests from time to time find themselves involved in internal fraud investigations either as members of internal or external audit units or as sole practitioners.  As CFE’s we know that we can make significant contributions to a financial crime investigation, if we can work effectively, as team members, with the victim company’s internal and external auditors, as well as with other constituents involved in resolving allegations or suspicions of internal fraud. In addition to a thorough knowledge of accounting and auditing, CFE’s bring to bear a variety of skills, including interviewing, data mining and analysis.  We also know that some auditors assume that simply auditing more transactions, with the use of standard procedures, increases the likelihood that fraud will be found. While this can prove to be true in some cases, when there is suspicion of actual fraud, the introduction of competent forensic accounting investigators may be more likely to resolve the issue and bring it to a successful conclusion.

Within the boundaries of an investigation, we CFE’s typically deal with numerous constituencies, each with a different interest and each viewing the situation from a different perspective. These parties to the investigation may well attempt to influence the investigative process, favor their individual concerns, and react to events and findings in terms of personal biases. CFE’s thus often have the task of conveying to all constituencies that the results of the investigation will be more reliable if all participants and interested parties work together as a team and contribute their specific expertise or insight with objectivity. In the highly-charged environment created by a financial crime investigation, the forensic accounting investigator can make a huge contribution just by displaying and encouraging the balance and level headedness which comes from his or her detailed familiarity with the mechanics of the standard types of financial fraud.

The ACFE recommends that all parties with a stake in the process, management, audit committee, auditors, and legal counsel, should always consider including forensic accounting investigators in the front-end process of decision making about an investigation. One of the key initial decisions is, usually, the degree to which the forensic accounting investigators can work with and rely on the work of others, specifically, the internal and external auditors. Another common front-end decision is whether CFE’s—with their knowledge of accounting systems, controls, and typical fraud schemes, may be added to the team that eventually evaluates the organization’s business processes to strengthen the controls that allowed the fraud to occur. Management may at first be inclined to push for a quick result because it feels the company will be further damaged if it continues to operate under a shadow.

Senior executives may be unable or in some cases unwilling to see the full scope of issues and may attempt to limit the investigation, sometimes as a matter of self-protection, or they may seek to persuade the CFE that the issues at hand are immaterial. Whatever happened, it happened on their watch, and they may understandably be very sensitive to the CFE’s intrusion into their domain. Any defensiveness on the part of management should be defused as quickly and as thoroughly as possible, usually through empathy and consideration on the part of the forensic accounting investigator. The party or entity engaging the forensic accounting investigator, for example, the audit committee, management, or counsel, should be committed to a thorough investigation of all issues and is ultimately responsible for the investigation. The committee may engage CFE’s and forensic accounting investigators directly and look to them for guidance, or it may ask outside counsel to engage the CFE, who usually will work at counsel’s direction in fulfilling counsel’s responsibilities to the audit committee.

Every CFE should strive to bring independence and objectivity to the investigation and strive to assist each of the interested parties to achieve their unique but related objectives. As to the CFE’s  objectives, those are determined by the scope of work and the desire to meet the goals of whoever retained their services. Regardless of the differing interests of the various constituencies, forensic accounting investigators must typically answer the following questions:

  • Who is involved?
  • Could there be coconspirators?
  • Was the perpetrator instructed by a higher supervisor not currently a target of the investigation?
  • How much is at issue or what is the total impact on the financial statements?
  • Over what period did this occur?
  • Have we identified all material schemes?
  • How did this happen?
  • How was it identified, and could it have been detected earlier?
  • What can be done to deter a recurrence?

CFE’s should always keep in mind that they are primarily fact finders and not typically engaged to reach or provide conclusions, or, more formally, opinions. This differs from the financial auditor’s role. The financial auditor is presented with the books and records to be audited and determines the nature, extent, and timing of audit procedures. On one hand, the financial statements are management’s responsibility, and an auditor confirms they have been prepared in accordance with generally accepted accounting principles after completing these procedures and assessing the results. The CFE or forensic accounting investigator, on the other hand, commands a different set of skills and works at the direction of an employer that may be management, the audit committee, counsel, or an auditing firm itself.

Teaming with all concerned parties together with the internal and external auditors, the forensic accounting investigator should strive to bring independence and objectivity to the investigation and strive to assist each of the interested parties to achieve each team member’s unique but related objectives; management understandably may be eager to bring the investigation to a quick conclusion. The chief financial officer may be defensive over the fact that his or her organization allowed this to happen;   the board of directors, through the independent members of its audit committee, is likely to focus on conducting a thorough and complete investigation, but its members may lack the experience needed to assess the effort. In addition, they may be concerned about their personal reputations and liability. The board is likely to look to legal counsel and in some cases, to forensic accounting investigators to define the parameters of the project;  as to counsel, in most investigations in which counsel is involved, they are responsible for the overall conduct of the investigation and will assign and allocate resources accordingly; the internal auditor may have a variety of objectives, including not alienating management, staying on schedule to complete the annual audit plan, and not opening the internal audit team to criticism. The internal audit team may also feel embarrassed, angry, and defensive that it did not detect the wrongdoing; the external auditor may have several concerns, including whether the investigative team will conduct an investigation of adequate scope, whether the situation suggests retaining forensic accountants from the auditors’ firm, whether forensic accountants should be added to the audit team, and even whether the investigation will implicate the quality of past audits.

In summary, team work is complex, hard work.  While fraud is not an everyday occurrence at most companies, boards and auditing firms should anticipate the need to conduct a financial fraud investigation at some time in the future.  CFE’s can be an integral part of the planning for such investigations and can be of great help in designing the pre-planned team work protocols that ensure that, if a fraud exists, there is a high probability that it will be identified completely and dealt with in a timely and appropriate manner.

Public Trust

The current round of congressional hearings involving the secretarial appointments to the Trump administration appear to be raising numerous questions about conflicts of interest and as well as instances involving possible self-interested stock trading on the part of several of the wealthy candidates.  Issues involving self-interest are no less important for assurance professionals like CFE’s, auditors and public accountants than they are for presidential appointees.

The misuse of information for personal interest by an assurance professional can be detrimental to other stakeholders of the client or company involved. For example, the use of information by any professional before others have the right to use such information is unfair and considered unethical. This is the basic problem for anyone who is privy to inside information about a company by virtue of being its auditor or an employee, that is, an insider, to use that information personally or indirectly for any self-interested purpose. To ensure the basic fairness of stock markets so that the public and other non-insiders will wish to enter the market, regulatory bodies like the SEC require management insiders to wait until the information is released to the public before allowing insiders to trade, and then they must disclose these trades so the public will know what’s happened.

The prospect of a rigged game, in which insiders have an unfair advantage, would not be in the public interest or in the interest of the corporations using the market for fund raising in the long run. Insider trading rules also apply to the families of the insider, extending even to those who are not part of the immediate family but for or over whom the insider has an obvious ability to exert influence or extract gain. Some individuals with high-profile jobs in the public service go even further to avoid such conflicts of interest. To be entirely ethical, some politicians have placed their holdings, and those of their dependents, in so-called blind trusts, which are managed by someone else with instructions not to discuss trades or holdings with the politician. The situation for we auditors is somewhat different in that the ownership of shares or financial instruments of a client is forbidden based on the real or potential conflict of interest that would be created. Most auditing firms extend this ban in two ways. First, the ban is applied to the auditor’s family and to persons who would be considered significant dependents or subject to influence. Second, the ban may also apply to any client of the firm, even if that client is serviced through a wholly separate office (for international firms, even in another country) with which the individual professional does not have contact on a normally occurring basis.

Where the ban is relaxed on trading in shares of the firm’s clients for employees not directly involved in the client’s affairs, extreme care is taken through information barriers/firewalls and reporting/scrutiny mechanisms to manage the conflict of interest created. The extent of attention paid to the prevention of insider trading and even to the perception of it is indicative of the alarm with which most firms view its prospect. Confidentiality is the term used to describe keeping confidential information that is proprietary to a client or employer. The release of such information to the public, or to competitors, would have a detrimental effect on the interests of the client, and it would be contrary to the expectations of trust of any fiduciary relationship.

In the case of a fraud examiner, this expectation of trust and privacy is vital to the client’s willingness to discuss difficult issues, which are quite germane to the investigation, to get the opinion of the examiner on how they might be dealt with in court proceedings and even, eventually, in the public eye. In the case of auditors, how frank would the discussion of a contentious contingent liability be if there were a possibility the auditor would reveal the confidence? How could a contentious tax treatment be discussed thoroughly if there was the possibility of a voluntary or involuntary disclosure to the tax collection authorities? It’s therefore argued by the ACFE, the AICPA and others that the maintenance of client confidences is essential to the proper exercise of the audit function, and to the provision of the best advice based on full discussion of possibilities.

There are, however, limits to privacy that some professions have enshrined in their codes of conduct, or where these limits are spelled out in regulatory frameworks. Engineers, for example, must disclose to appropriate public officials when they believe a structure or mechanism is likely to be harmful to the users, as in the potential collapse of a building due to violations of the building code.  In most western countries, money laundering for drugs and terrorism must be reported to financial authorities by banking professionals. For auditors as well there appears to be an increasing focus on their public responsibility and an increasing expectation of action rather than silence. This trade-off between the interests of client, management, public, regulators, the profession, and management promises to be an ever growing conundrum for all professionals in the future. One issue that is not as well understood as is often thought is the consequence of a professional accountant observing strict confidentiality about the malfeasance of his or her employer, and being directed by the professional code to resign if the employer cannot be convinced to change their behavior. This would follow from the codes of conduct that require no disclosure of client/employer confidences except in a court of law or subject to a disciplinary hearing, and at the same time requiring resignation to avoid association with a misrepresentation. In the event of a resignation in silence, the ethical misdeed goes unrecognized by all stakeholders except the perpetrators and the silent professional. How does this protect the interests of the public, the shareholders, or the profession?

It has been suggested, as a topic for discussion, that strict confidentiality codes be modified to allow for the introduction of the possibility of consultation on such matters with officials of the professional’s certifying institute. Perhaps through such confidential dialogue, a means could be found to better judge what needs to be kept confidential, when and how disclosure ought to be made, and how the professional’s and the public’s interests can be protected. For an auditor, the situation is different. When an auditor is discharged, or replaced, the incoming auditor has the right to ask the outgoing auditor (and the client) what the circumstances were that led to the dismissal or resignation. In some jurisdictions, the removed auditor even has the right to address the shareholders at their annual meeting, or by mail, at the expense of the corporation involved.

CFE’s and other assurance professionals of all types are sophisticated enough to know that our professional codes don’t cover every ethical challenge and that investigations and engagements involving potential or suspected insider trading and conflicts of interest are no exception.  We must all, therefore, continue to develop judgement, values and character traits that embrace the public expectations inherent in emerging stakeholder oriented accountability and governance frameworks.

The Equity Strip Tease and Flip

home-equityThe recent troubles at Deutsche Bank and Wells Fargo and the many come-ons on television targeting senior citizens attest to the fact that the traditional scams and schemes among conventional and shadow lenders are as alive and well as ever.   If you thought sub-prime loans and equity stripping were financial ghosts of the past, think again.

It generally takes years for any borrower to build equity in a home. Fraud examiners should help consumers be aware that fraudsters employ several common ways to take that equity away. The most common technique used by fraudsters to steal consumers’ equity is known as equity stripping.  In equity stripping schemes, lenders promote ways consumers, especially the elderly and recent immigrants, can obtain cash by borrowing against the equity established in their home. The fraudulent lender is not concerned about whether the payments can be made once the loan is granted, and may even encourage consumers to fudge on their loan application to obtain the loan. If monthly payments cannot be met on the loan, consumers are subject to foreclosure on, and the subsequent loss of, their home, including all their equity.

Subprime loans have recently become a significant and growing part of the auto financing market and have never completely dried up in the home equity market. Subprime lending refers to the extension of credit to higher risk borrowers or to those with non-existent credit histories at interest rates and fees higher than conventional loans. Some companies make auto and home equity loans to minorities, the elderly, and low-income borrowers at interest rates as high as 20 to 24 percent in states without usury statutes.  As the ACFE tells us, as a rule, loans made to individuals who do not have the income to repay them are intentionally designed to fail; they typically result in the lender acquiring the borrower’s financed property. In the case of a home, the borrower is likely to default on the loan and ultimately lose his home through foreclosure or by the signing over of the house deed to the lender in lieu of such foreclosure.

Another frequent lender scam to separate home owners from their equity is credit churning. Churning, or loan flipping, is directed toward consumers who own a home and have been making mortgage payments for years. A lender calls to talk about refinancing a loan, and using the availability of extra cash as bait, claims it’s time the equity in the consumer’s home started working for him or her. When the consumer agrees to refinance his loan, the borrower’s troubles begin.  After the consumer has made a few payments on the loan, the lender calls to offer a bigger loan for, say, a family vacation to Disney World. If the consumer accepts the offer, the lender refinances the original loan and then lends the consumer additional money. In this practice, often called flipping, the lender charges the homeowner high points and fees each time s/he refinances, and may increase the interest rate as well. If the loan has a prepayment penalty, which is often the case, the consumer must pay that penalty as well each time a new loan is taken out.  The bottom line is that now the consumer has some extra money and a lot more debt, stretched out over a longer payment period. With each refinancing, the consumer has increased her debt and should she get in over her head and not be able to make the mortgage payments, she risks losing her home and all the equity in it.

Who hasn’t seen the kindly-looking, aging celebrity shilling on TV for his employer- lender’s reverse mortgage product?  Reverse mortgages are aggressively pitched to older individuals who are seeking money to finance a home improvement, pay off a current mortgage, supplement their retirement income, or pay for health care expenses. A typical reverse mortgage allows older homeowners to convert part of the equity in their homes into cash without having to sell their homes or take on additional monthly bills. In a regular mortgage, the homeowner makes payments to the lender. But in a reverse mortgage, the homeowner receives money from the lender and generally does not have to pay it back for as long as he lives in his home. Instead, the loan must be repaid when the homeowner dies, sells the home, or no longer lives there as his principal residence.

The amount of such a loan depends upon the consumer’s age (s/he must be at least 62), the equity in the home, and the interest rate the lender is charging. Among the facts for your clients to consider before applying for a reverse mortgage are:

  • Reverse mortgages are rising-debt loans. This means that interest is added to the loan’s principal balance each month because interest is not paid on a current basis. Therefore, as the interest compounds over time, the amount owed increases.
  • Reverse mortgages and their associated expenses use up some or all the equity in the home, leaving fewer assets for the homeowner and his heirs.
  • Lenders are providing the loan as an investment, which they aim to collect on at a profit, not out of goodwill or charity.

Another lender initiated scam against borrowers is credit insurance packing which occurs during the process of obtaining a mortgage or other loan, whereby the lender includes charges for credit insurance or other “benefits” that the borrower did not request or does not desire, and requests that the borrower sign the documents to close the deal. The fraudulent lender hopes that the borrower will not notice the additional charges that are listed or that s/he will believe that they are part of the loan terms that were originally agreed upon. Thus, the lender can imply that this “benefit” is provided at no extra charge. The lender does not explain in detail the additional cost or obligations. If the borrower agrees to the charge, s/he will be paying for additional fees that may not be required or desired. If the borrower questions the charge and does not want the credit insurance, the lender may attempt to intimidate the borrower; the lender may indicate that to obtain the loan, the loan documents must be rewritten, which may take several days, and that the possibility even exists that the loan may not be approved without the insurance.

Consumers who have financial difficulties and are unable to maintain their monthly mortgage or other loan payments may be faced with lenders who begin threatening foreclosure or repossession. Fraudulent lenders may then approach the consumer with offers to assist in refinancing. The new financing, however, never comes to fruition. To “help,” the fraudulent lender may offer the consumer a temporary solution to prevent foreclosure. In an act of desperation, consumers are lured into deeding their property over to the fraudulent lender with claims that it is only temporary. However, the consumer should be aware that, in the case of a mortgage or automobile, once the lender has the deed or title, the lender owns the property, may borrow against it, and may even sell it. The consumer’s monthly payments become rent payments that come with the possibility of eviction by the lender, as the consumer becomes the fraudulent lender’s tenant.

Finally, a word about balloon payments and title loans.  Lenders offer consumers balloon payment loans, which require low, interest-only payments during the life of the loan, and payment of the entire principal in one lump sum at the end of the loan term.  Consumers are enticed by fraudulent lenders to refinance their loans with a balloon payment loan so that their monthly payments will be low, allowing extra funds for other debts. A fraudulent lender may not explain the loan in its entirety or the hidden terms in the agreement. Without a thorough understanding of this type of agreement, consumers face the possibility of foreclosure at the end of the loan term if the lump-sum repayment of the principle proves to be more than they can afford.

A title loan enables a consumer to borrow against the equity in her motor vehicle. A lender determines the amount eligible to be borrowed based on the market value of the motor vehicle. The lender retains tide to the motor vehicle, as well as a set of keys. If monthly loan payments are not made, the motor vehicle can be repossessed. Consumers must understand the contract terms of the loan to avoid any misunderstanding regarding delinquency and repossession.

As practicing CFE’s we have a responsibility to educate our clients and the general public about fraud schemes in general and about emerging threats in particular.  As the ACFE tells us, an educated public is the best defense we have against all lender frauds both old and new.

Of Estimates, Errors & Fraud

fraud-warningThere was a local case of embezzlement in the news last week in which the suspected perpetrator claimed that a number of her seemingly fraudulent transactions, as identified by her company’s external auditors, were in reality ‘mistakes’ (mostly either accounting or estimating errors) or, in other cases, just simple missteps occasioned by ignorance of her company’s accounting policies. Somewhat surprisingly, this all too common defense seemed to cast some doubt, at least from the newspaper’s point of view, on the overall propriety of the entire prosecution. For me, the case brought to mind, on one hand, the differing roles of external auditors and forensic accountants and, on the other, the often critical role played in investigations by the introduction of the foggy elements of accounting estimates, simple errors and ignorance.

Unlike the external auditors in this case, the forensic accounting investigator’s concern is not limited to reaching a general opinion on financial statements taken as a whole, derived from reasonable efforts within a reasonable materiality boundary. Instead, the forensic accounting investigator’s concern is, at a much more granular level, with the detailed development of factual information—derived from both documentary evidence and testimonial evidence—about the who, what, when, where, how, and why of a specific, suspected or known impropriety.  In my opinion, it’s the lack of such investigative granularity in the follow-up to the simple discovery of the individual fraud by the auditors in this recent case that resulted in the ‘ambiguity’ expressed by the newspaper.

The auditors discovered the suspected fraud through their routine sampling procedures, which predication of the existence of an impropriety would have furnished the starting point for the work of a forensic accountant had one been called in. Think of it like the relationship between the accountant and the financial analyst.  The financial analyst’s work typically begins when that of the accountant ends; the audited financial statements are the foundation on which the work of the financial analyst rests.  So too do discoveries of improprieties by auditors often lead to a subsequent investigative hand off to forensic investigators.  The forensic investigator starts by seeking and examining all relevant evidence concerning the particular case made available, not only by the auditors, but by all the concerned parties.  Based on the investigative findings, the forensic accounting investigator then assesses and measures losses or other forms of damage to the organization and recommends and implements corrective actions, often including changes in accounting processes and policies and/or personnel actions. In addition, the forensic accounting investigator assists management in taking preventive actions to eliminate recurrence of the problem. In contrast to the external auditors, the forensic accounting investigator’s more complete findings and recommendations may form the basis of testimony in litigation proceedings or criminal actions against the perpetrators. They may also be used in testimony to government agencies such as the Securities and Exchange Commission in the United States or the Serious Fraud Office in the United Kingdom. Accordingly, the scope of the investigation and the evidence gathered and documented must be capable of withstanding challenges that may be brought by adversely affected parties on both sides of the prosecution or by skeptical regulators.

Clearly, there are many commonalities between auditing and forensic accounting which, at best , can support the formation of a close working partnership. Both rely on:

  • Knowledge of the industry and the company, including its business practices and processes;
  • Knowledge of the generally accepted accounting principles of the jurisdiction in question;
  • Interpretation of business documents and records;
  • Independence and objectivity—perhaps the most important commonality.

The foggy nature of estimates and errors arises in financial transactions and statements due to the continuous nature of business. Unlike a footrace that ends at the finish line or an athletic contest that ends with the final buzzer, a business and its transactions are continually in varying stages of completion. There are many items in a financial statement for which the final outcome is not known with precision. Given the complexity and continuity of business, it’s difficult to capture a clear snapshot of a company’s financial position and performance at a random point in time. As a general matter, estimates are most commonly made concerning the final amounts of cash that will be received or paid once assets or liabilities are finally converted into cash. Such estimates can encompass, for example, allowances for uncollectible customer receivables, estimates of liabilities for claims or lawsuits brought against a company, the amount of profit or loss on a long-term contract, and the salability of inventory that is past its prime. Most estimates are based on three types of information: past performance of the same or similar items, what is currently occurring, and what management perceives as the probable outcome. Further complicating matters, the weight to assign each type of information varies depending on the particular circumstances. But no matter how determined, unlike the score of a sporting contest, an estimate on the books or in financial statements is a prediction of what will happen, not the objective tally of what has already taken place.  For all these and a host of other reasons, the ACFE tells us that accounting estimates are always a fertile ground for every type of financial fraud.

What the forensic investigator brings into this mix is his or her informed, holistic approach (as outline above) to the detailed analysis of any specific, predicated fraud.   Legitimate assertion of managerial confidence in the business’s ability to achieve certain estimated results is one thing. A deceptive misinterpretation that is intended to generate a favorable estimate is another thing altogether and may pose a substantial investigative challenge well beyond the scope of most routine financial audits. Practicing forensic accounting investigators are trained to address the often vexing complexities and alternative rationales that may be offered to explain the difference between an estimate and an actual result. Given that estimates often constitute the cause of material differences in financial statement presentations, the ability to distinguish between the manipulatively self-serving and the merely incorrect is a critical element of many forensic investigations.

To get back to our newspaper case, U.S. auditing standards state that the main difference between fraud and error is intent. Errors are unintentional misstatements or omissions of amounts or disclosures in financial statements. So, errors may involve:

  • Mistakes in gathering or processing data from which financial statements are prepared;
  • Unreasonable accounting estimates arising from oversight or misinterpretation of facts;
  • Mistakes in the application of accounting principles related to amount, classification, manner of presentation, or disclosure.

Fraud, on the other hand, is defined in SAS 99 as an intentional act that results in a material misstatement. The motive or intent of an individual in making accounting entries is not the primary focus of the external auditor’s procedures as it is of the forensic investigators. Auditors direct their efforts toward determining objectively measurable criteria regarding account balances and transactions by asking: Do the assets exist? How much was paid? What is the basis of the estimate? Is it reasonable? How much was collected? Were the goods shipped to the customer? By asking questions such as these and obtaining evidence to support the estimate where appropriate, auditors can be better positioned to ascertain that the amounts in the books are correct. Thus, given the focus of the auditor, intent is not uniformly relevant; evaluation of intent is a subjective as opposed to an objective evaluation, and ascertaining intent is a difficult exercise at which the trained forensic accountant is highly skilled.

For the foreseeable future, corporate fraud will continue to present substantial challenges and opportunities for fruitful partnership between auditors and forensic accounting investigators. However, it must be recognized that the complexities of the business world and the ingenuity of highly educated, white-collar criminals will always manage to produce schemes that unfortunately go undetected until they reach significant proportions. Forensic accounting investigators will investigate, prosecutors will convict, and regulators will react with new and more requirements … and, without question,  the fraudsters will always be with us.

The Auditor and the Fraud Examiner

financial-statementsOur Chapter averages about three new members a month, a majority of whom are drawn from the pool of relatively recent college graduates in accounting or finance, most of whom possessing an interest in fraud examination and having a number of courses in auditing under their belts.  From the comments I get it seems that our new members are often struck by the apparent similarities between fraud examination and auditing imparted by their formal training and yet hazy about the differences between the two in actual practice.

But, unlike the financial statement focus in financial auditing, fraud examination involves resolving fraud allegations from inception to disposition. Fraud examination methodology requires that all fraud allegations be handled in a uniform, legal fashion and be resolved on a timely basis. Assuming there is sufficient reason (predication) to conduct a fraud examination, specific examination steps usually are employed. At each step of the fraud examination process, the evidence obtained and the effectiveness of the fraud theory approach are continually assessed and re-assessed. Further, the fraud examination methodology gathers evidence from the general to the specific. As such, the suspect (subject) of the inquiry typically would be interviewed last, only after the fraud examiner has obtained enough general and specific information to address the allegations adequately.  However, just like a financial statement audit, a fraud investigation consists of a multitude of steps necessary to resolve allegations of fraud: interviewing witnesses, assembling evidence, writing reports, and dealing with prosecutors and the courts. Because of the legal ramifications of the fraud examiners’ actions, the rights of all individuals must be observed throughout. Additionally, fraud examinations must be conducted only with adequate cause or predication.

Predication is the totality of circumstances that would lead a reasonable, professionally trained, and prudent individual to believe a fraud has occurred, is occurring, or will occur. Predication is the basis upon which an examination is commenced. Unlike a financial audit, fraud examinations should never be conducted without proper predication. Each fraud examination begins with the prospect that the case will end in litigation. To solve a fraud without complete and perfect evidence, the examiner must make certain assumptions. This is not unlike the scientist who postulates a theory based on observation and then tests it. In the case of a complex fraud, fraud theory is almost indispensable. Fraud theory begins with a hypothesis, based on the known facts, of what might have occurred. Then that hypothesis or key assumption is tested to determine whether it’s provable.

The fraud theory approach involves the following steps, in the order of their occurrence:

  • Analyze available data.
  • Create a hypothesis.
  • Test the hypothesis.
  • Refine and amend the hypothesis.
  • Accept or reject the hypothesis based on the evidence.

With that said, fraud examinations incorporate many auditing techniques; however, the primary differences between an audit and a fraud investigation are the scope, methodology, and reporting. It’s also true that many of the fraud examiners in our Chapter (as in every ACFE Chapter) have an accounting background. Indeed, some of our members are employed primarily in the audit function of their organizations. Although fraud examination and auditing are related, they are not the same discipline. So how do they differ?  First, there’s the question of timing.  Financial audits are conducted on a regular recurring basis while fraud examinations are non-recurring; they’re conducted only with sufficient predication.

The scope of the examination in a financial audit is general (the scope of the audit is a general examination of financial data) while the fraud examination is conducted to resolve specific allegations.

An audit is generally conducted for the purpose of expressing an opinion on the financial statements or related information.  The fraud examination’s goal is to determine whether fraud has occurred, is occurring, or will occur, and to determine who is responsible.

The external audit process is non-adversarial in nature. Fraud examinations, because they involve efforts to affix blame, are adversarial in nature.

Audits are conducted primarily by examining financial data. Fraud examinations are conducted by (1) document examination; (2) review of outside data, such as public records; and (3) interviews.

Auditors are required to approach audits with professional skepticism. Fraud examiners approach the resolution of a fraud by attempting to establish sufficient proof to support or refute an allegation of fraud.

As a general rule during a financial fraud investigation, documents and data should be examined before interviews are conducted. Documents typically provide circumstantial evidence rather than direct evidence. Circumstantial evidence is all proof, other than direct admission, of wrongdoing by the suspect or a co-conspirator.  In collecting evidence, it’s important to remember that every fraud examination may result in litigation or prosecution. Although documents can either help or harm a case, they generally do not make the case; witnesses do. However, physical evidence can make or break the witnesses. Examiners should ensure that the evidence is credible, relevant, and material when used to support allegations of fraud.

From the moment evidence is received, its chain of custody must be maintained for it to be accepted by the court. This means that a record must be made when the item is received or when it leaves the care, custody, or control of the fraud examiner. This is best handled by a memorandum of interview by the custodian of the records when the evidence is received.

Fraud examiners are not expected to be forensic document experts; however, they should possess adequate knowledge superior to that of a lay person.

In fraud investigations, examiners discover facts and assemble evidence. Confirmation is typically accomplished by interviews. Interviewing witnesses and conspirators is an information-gathering tool critical in the detection of fraud. Interviews in financial statement fraud cases are different than those in most other cases because the suspect being interviewed might also be the boss.

In conclusion, auditing procedures are indeed often used in a financial statement fraud examination. Auditing procedures are the acts or steps performed by an auditor in conducting the review. According to the third standard of fieldwork of generally accepted auditing standards, “The auditor must obtain sufficient appropriate audit evidence by performing audit procedures to afford a reasonable basis for an opinion regarding the financial statements under audit.”  Common auditing procedures routinely used during fraud examination, as during financial statement examination, are confirmations, physical examination, observation, inquiry, scanning, inspection, vouching, tracing, re-performance, re-computation, analytical procedures, and data mining; these are all vital tools in the arsenal of both practitioners as well as of all financial assurance professionals.