Tag Archives: occupational fraud

The Unsanctioned Invoice

Of all the frauds classified as occupational, one of the most pernicious encountered by CFEs is the personal purchase with company funds scam. I say pernicious because not only is this type of fraud a cancer, devouring it’s host organization from within, but also because this basic fraud scenario can take on so many different forms.

Instead of undertaking externally involved schemes to generate cash, many employed fraudsters choose to betray their employers by simply purchasing personal items with their company’s money. Company accounts are used by the vampires to buy items for their side businesses and for their families. The list of benefiting recipients goes on and on. In one case a supervisor started a company for his son and directed work to the son’s company. In addition to this ethically challenged behavior, the supervisor saw to it that his employer purchased all the materials and supplies necessary for running the son’s business. As the fraud matured, the supervisor purchased materials through his employer that were used to add a room to his own house. All in all, the perpetrator bought nearly $50,000 worth of supplies and materials for himself and various others using company money.

One might wonder why a purchases fraud is not classified by the ACFE as a theft of inventory or other assets rather than as a billing scheme. After all, in purchases schemes the fraudster buys something with company money, then takes the purchased item for himself or others. In the case cited above, the supervisor took building materials and supplies. How does this differ from those frauds where employees steal supplies and other materials? On first glance, the schemes appear very similar. In fact, the perpetrator of a purchases fraud is stealing inventory just as s/he would in any other-inventory theft scheme. Nevertheless, the heart of the scheme is not the taking of the inventory but the purchasing of the inventory. In other words, when an employee steals merchandise from a warehouse, s/he is stealing an asset that the company needs, an asset that it has on hand for a particular reason. The harm to the victim company is not only the cost of the asset, but the loss of the asset itself. In a purchasing scheme, on the other hand, the asset which is taken is superfluous. The perpetrator causes the victim company to order and pay for an asset which it does not really need in the course of business, so the only damage to the victim company is the money lost in purchasing the particular item. This is why purchasing schemes are categorized as invoice frauds.

Most of the employees identified by the ACFE as undertaking purchase schemes do so by running unsanctioned invoices through the accounts payable system. The fraudster buys an item and submits the bill to his employer as if it represented a purchase on behalf of the company. The goal is to have the company pay the invoice. Obviously, the invoice which the employee submits to his company is not legitimate. The main hurdle for a fraudster to overcome, therefore, is to avoid scrutiny of the invalid invoice and to obtain authorization for the bill to be paid.

As in the many cases of shell company related schemes we’ve written about on this blog, the person who engages in a purchases scheme is often the very person in the company whose duties include authorizing purchases. Obviously, proper controls should preclude anyone from approving her own purchases. Such poorly separated functions leave little other than her conscience to dissuade an employee from fraud. Nevertheless, CFEs see many examples of small to medium sized companies in which this lapse in controls exists. As the ACFE continues to point out, fraud arises in part because of a perceived opportunity. An employee who sees that no one is reviewing his or her actions is more likely to turn to fraud than one who knows that her company applies due diligence in the attempt to detect all employee theft.

An example of how poor controls can lead to fraud was the case where a manager of a remote location of a large, publicly traded company was authorized to both order supplies and approve vendor invoices for payment. For over a year, the manager routinely added personal items and supplies for his own business to orders made on behalf of his employer. The orders often included a strange mix of items; technical supplies and home furnishings might, for instance, be purchased in the same order. Because the manager was in a position to approve his own purchases, he could get away with such blatantly obvious frauds. In addition to ordering personal items, the perpetrator changed the delivery address for certain supplies so that they would be delivered directly to his home or side business. This scheme cost the victim company approximately $300,000 in unnecessary purchases. In a similar case, an employee with complete control of purchasing and storing supplies for his department bought approximately $100,000 worth of unnecessary supplies using company funds. The employee authorized both the orders and the payments. The excess supplies were taken to the perpetrator’s home where he used them to manufacture a product for his own business. It should be obvious that not only do poor controls pave the way for fraud, a lack of oversight regarding the purchasing function can allow an employee to remove huge amounts from the company’s bottom line.

Not all fraudsters are free to approve their own purchases. Those who cannot must rely on other methods to get their personal bills paid by the company. The chief control document in many voucher systems is the purchase order. When an employee wants to buy goods or services, s/he submits a purchase requisition to a superior. If the purchase requisition is approved, a purchase order is sent to a vendor. A copy of this purchase order, retained in the voucher, tells accounts payable that the transaction has been approved. Later, when an invoice and receiving report corresponding to this purchase order are assembled, accounts payable will issue a check.

So in order to make their purchases appear authentic, some fraudsters generate false purchase orders. In one case, an employee forged the signature of a division controller on purchase orders. Thus the purchase orders appeared to be authentic and the employee was able to buy approximately $3,000 worth of goods at his company’s expense. In another instance, a part time employee at an educational institution obtained unused purchase order numbers and used them to order computer equipment under a fictitious name. The employee then intercepted the equipment as it arrived at the school and loaded the items into his car. Eventually, the employee began using fictitious purchase order numbers instead of real ones. The scheme came to light when the perpetrator inadvertently selected the name of a real vendor. After scrutinizing the documents, the school knew that it had been victimized. In the meantime, the employee had bought nearly $8,000 worth of unnecessary equipment.

Purchase orders can also be altered by employees who seek to obtain merchandise at their employer’s expense. In one instance, several individuals conspired to purchase over $2 million worth of materials for their personal use. The ringleader of the scheme was a low-level supervisor who had access to the computer system which controlled the requisition and receipt of materials. This supervisor entered the system and either initiated orders of materials that exceeded the needs of a particular project or altered existing orders to increase the amount of materials being requisitioned. Because the victim organization had poor controls, it did not compare completed work orders on projects to the amount of materials ordered for those projects. This allowed the inflated orders to go undetected.

Another way for an employee to get a false purchase approved is to misrepresent the nature of the purchase. In many companies, those with the power to authorize purchases are not always attentive to their duties. If a trusted subordinate vouches for an acquisition, for instance, busy supervisors often give rubber stamp approval to purchase requisitions. Additionally, employees sometimes misrepresent the nature of the items they are purchasing in order to pass a cursory review by their superiors.

Instead of running false invoices through accounts payable, some employees make personal purchases on company credit cards or running accounts with vendors. As with invoicing schemes, the key to getting away with a false credit card purchase is avoiding detection. Unlike invoicing schemes, however, prior approval for purchases is not required. An employee with a company credit card can buy an item merely by signing his or her name (or forging someone else’s) at the time of purchase. Later review of the credit card statement, however, may detect the fraudulent purchase.

As with invoicing schemes, those who committed the frauds were often in a position to approve their own purchases;, the same is often true with credit card schemes. A manager in one case, reviewed and approved his own credit card statements. This allowed him to make fraudulent purchases on the company card for approximately two years.

Finally, there is, the fraudster who buys items and then returns them for cash. A good example of such a scheme is that in which an employee made fraudulent gains from a business travel account. The employee’s scheme began by purchasing tickets for herself and her family through her company’s travel budget. Poor separation of duties allowed the fraudster to order the tickets, receive them, prepare claims for payments, and distribute checks. The only review of her activities was made by a busy and rather uninterested supervisor who approved the employee’s claims without requiring support documentation. Eventually, the employee’s scheme evolved. She began to purchase airline tickets and return them for their cash value. An employee of the travel agency assisted in the scheme by encoding the tickets as though the fraudster had paid for them herself. That caused the airlines to pay refunds directly to the fraudster rather than to her employer. In the course of two years, this employee embezzled over $100,000 through her purchases scheme.

A Piece of String

stringOne of our local members is a part time adjunct accounting instructor at a community college.  She recently asked if any of her fellow chapter members could supply a teaching example of an occupational fraud that started out simply and then escalated.   Turns out, one of our out of state readers had just such an example and I thought I’d share it with you.

The ACFE tells us that any organization or department is susceptible to occupational fraud. The following example illustrates how important it is for every management to analyze their internal accounting controls continuously as well as those over the general control environments of all their operating departments. Organizations and their management commit a critical error and actually enhance opportunities for fraud by trustingly believing that fraud can’t occur in their organization. Fraud prevention is as much about the awareness of the existence and potential for fraud as it is about the development of key controls to safeguard assets.

Fred Blevins was the manager of the kitchen fittings section of a large, luxury kitchen design and installation company.  The company employed a host of equipment vendors and installation subcontractors.  As the section manager, Blevins was responsible for completion of requisition forms for the purchase of outside resources such as custom fittings, outsourced kitchen installations, parts, supplies, and production consumables. Blevins also developed section cost budgets and approved vendor invoices for payment of items originally requisitioned through the fittings section. Blevins reported to the interior design director, Sally Jefferson, who relied heavily on Blevins’ judgment and honesty in completing the non-design related responsibilities associated with managing her department.

Even though his job at the design company provided a good living, Blevins still found it tough to make ends meet and to sustain the lifestyle to which he had become accustomed. With two sons, both trying to purchase their first homes and a daughter set to enter college, Blevins was beginning to feel the financial burden of the coming higher education and looming mortgage related expenses. Furthering Fred’s financial stress was his fondness for gambling. Fred would regularly tell co-workers of his trips to the casinos in a neighboring state. And while this talk frequently included boasts of gambling winnings, the truth was these trips more often resulted in losses.

In searching for a way to address his various financial pressures, Fred opportunely noticed that the accounting controls over the requisition of outside goods and services at his company were extremely weak or, in some cases, nonexistent.  Blevins soon devised a scheme that would allow him to easily circumvent the weak controls that were in place. When functioning correctly, the company purchasing process was fairly straightforward. All requisitions associated with purchasing consumables had to be approved by the requisitioning department’s manager. Once approved, the requisition was submitted to accounting for the issue of a purchase order. Before issuing the purchase order, the accounting department checked that the purchase was within the budgetary constraints for the coinciding expense category and that the vendor was on the approved vendor list. Although the accounting department required that approved vendors provide a company name, address, telephone number, and principal contact, there was no verification or due diligence process associated with establishing an approved vendor in the accounting system – a weakness that Fred found too tempting to resist.

Fred’s scheme began simply enough with a shakedown of the vendors who supplied goods and services to the kitchen fittings section. He knew that these vendors relied on his satisfaction and approval to continue their business relationship with his company. Fred began to take advantage of his authority by requiring that vendors provide him with monetary gifts to remain on his company’s rotation for sales. Vendors that refused to cooperate with Blevins would risk reduction in orders. To maintain business volume, most vendors “played the game” and acquiesced to Fred’s requirement.  Fred’s scheme quickly evolved, and he soon began requiring that vendors pay him a “commission” on all of their sales to his company. The vendors did not report this activity to the company management because of fear of reprisal and the resulting substantial loss of business revenue.

Blevins’ greed soon increased, and he began to favor one vendor in particular, a company owned by a man named Stan Fields. Fields agreed to a larger commission than the other vendors to knock out the competition and get a larger volume of business. Fields obviously believed that the return in revenue and profits was worth the risk of being discovered.

As Blevins’ and Field’s bank accounts grew, so did Fred’s confidence in his ability to continue successfully defrauding his employer. Eventually, he decided to advance the scheme further by setting up his own fictitious vendor with Fields, FBSF Inc., to bilk his employer out of even more money. When Fred submitted the application for FBSF to be approved as a new vendor, the accounting department didn’t even notice that the president of FBSF was the same Stan Fields who owned a competing vendor company. The department also failed to notice that the address listed on FBSF’s application was a post office box. At a minimum, a routine check of the corporation’s standing with the local secretary of state’s office would have quickly revealed that this vendor was a sham.

In a classic example of a pass-through billing scheme, the two men used FBSF to purchase products from Field’s company and resell them to Fred’s company at a marked-up rate. Thanks to the proceeds of what can clearly be defined as occupational fraud, Blevins and Fields were prospering. Over the course of a year and a half, Fred embezzled nearly $300,000 and Fields shared in the excess profits from every transaction run through FBSF.

Fred’s scheme finally unraveled when he became ill and the company was forced to delegate his duties to another employee during his absence. When Fred’s replacement contacted one vendor regarding the purchase of some fittings, the vendor’s response was “it isn’t my turn yet.”  This unusual response led to further inquiry and the discovery of all the kickbacks required by Blevins in his fraudulent dealings with company vendors. As the investigation continued, Fred’s employer uncovered the fictitious vendor he set up with Fields. When confronted, Fred initially denied any involvement in the scheme, but could not explain why his company, FBSF, received checks from his employer. As a result, Fields company lost all of its considerable business with Fred’s employer and was quickly forced to shut down its operations. Fred’s position was immediately terminated. Criminal charges were filed against Blevins and Fields and restitution was sought.

The bottom line is that occupational frauds, if initially successful, almost always escalate and diversify.  There’s an old auditor’s question (something of an adage, really), “How long is a piece of string?”  When applied to fraud examination, it means that there is usually more than one initial scenario to look for in any instance of fraud.  Fred’s scheme started out as a simple shake down of vulnerable vendors and escalated in a relatively short period of time from kickbacks to a full scale fictitious vendor pass through scheme with several sub-schemes thrown in along the way.

The teachable fraud prevention moment for the accounting class is that organizations should have a policy regarding new vendor approval that requires due diligence on the part of the accounting department. This process should include verification that the business is a legal business in the state represented, that the entity has a legal federal identification number and proof of liability insurance, and that the potential vendor’s owners are checked against other vendors’ owners and employees of the organization. Finally, when vendors provide a post office box as an address, the firm’s physical location must always be verified.