Employee fraud – the problem may be bigger than you think…

Before you can tackle employee fraud within your organization, you need to know how big a problem you have. An article that I wrote for Memento – a leader in enterprise fraud management – discusses a common mistake that banks make when tackling employee fraud. The principles that I share in the post are applicable to more than just banks.

Click here to read the post.

Please feel free to leave comments here, or on Memento’s blog letting me know what you think.

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com

Advertisements

Don’t forget about fraud perpetrated by customers…

Source: Brittany G

Many fraud blogs – including this one – tend to focus almost exclusively on employee fraud. However, fraud perpetrated by customers can be just as damaging.

Not surprisingly, many companies are loathed to think that customer fraud happens. Senior executives in marketing, sales and operations often appear determined to explain why customer fraud is not a big issue. To underscore their flawed logic, and in defiance of their fiduciary duties to the company, the executives continue to dream up new products and services that are riddled with holes that allow, and sometimes encourage customer fraud to take place.

Inevitably, when the fraud losses start to mount, rarely will the department that created the product/service acknowledge that it was flawed. Instead, they ask why the fraud department seemed unable to stop the fraud from taking place. The company’s CFO or COO normally gets dragged in to the discussion and so begins the “Mexican Standoff”.

Before anyone becomes overly agitated that I believe executives sometimes violate their duties of loyalty and/or care, think about the bigger picture. Typically, fraud losses are not recorded in the same profit and loss statement (P&L) where the revenue is booked. Most executives that are in charge of a product or service receive bonuses based on the revenue generated instead of net profit earned. Surely, that creates the potential to drive up revenue at the expense of sound fraud risk management practices that minimize costs?

Some enlightened organizations allocate fraud losses back to the individual product or services’ P&L. Doing so allows the company to judge the sales and marketing executive’s performance based on revenue growth and the “bottom line” which reflects revenue less associated costs, including fraud.

This approach to fraud loss accounting is not “fool-proof” and requires time and effort to ensure that both the fraud department, and the department receiving the fraud loss allocation support the process. However, it is well worth the effort as the moral hazard associated with marketing and sales “owning” the revenue and not the fraud loss should give organizations – both large and small – cause for concern.

Does your organization allocate fraud losses to product P&Ls? If so, has it helped minimize losses?

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com

9 million reasons to fight internal fraud

UPDATE: Patricia K. Smith sentenced to six and a half years. Read more here.

Patricia Smith will be sentenced today, May 8 for embezzling $10.2 million from Baierl Acura. The US Attorney recommends that she serves five to six years. I wouldn’t be surprised if she receives less time than that.

“The $10 million stolen is not an insignificant amount to Baierl, as it might be for a Fortune 500 corporation,”

– U.S. Attorney Steve Kaufman

The majority of Fortune 500 corporations can absorb seven-figure losses and continue operations. Employees may be fired for failing to detect the fraud, processes may be revised and additional technology purchased to prevent a similar loss in the future, but for the most part, the company will shrug off the loss within weeks, sometimes just days.

Does that mean that small companies will automatically close their doors if they experience a $10 million loss? Not necessarily… As we’ll see below, it is actually a little more complicated than that.

Here is another quote from U.S. Attorney Steve Kaufman.

“The defendant’s pattern of theft negatively impacted the finances of Baierl Acura each and every year from 2005 through much of 2011. Fortunately, her activity did not affect Baierl’s timely payment of its payroll, tax and business obligation and liabilities.”

“No harm, no foul?” Patricia committed a crime, but the dealership didn’t suffer that much damage, right?

In my first blog post, I discussed the untold story of small business fraud. I noted that opportunities for the business to expand disappear while the fraudster lines their pockets with ill-gotten gains. In some respects, that is one of the saddest outcomes of fraud within a small business. It robs these businesses of their future.

As this case shows, some businesses can continue operations while a fraud scheme is running. However, the lack of cash puts the business on a different course – they just don’t know it…

With less cash in the bank, hiring decisions are delayed, bonuses canceled, and expansion plans shelved. What would Baierl Acura have done with the $10.2 “extra” dollars? We’ll never know. What we do know is that the business had earned that money. Here is a novel thought… the dealership could have kept the money in the bank and earned interest! They had the right to invest it as they saw fit. Patricia Smith did not have the right to use the money as she saw fit.

So what did Patricia do with the money?

We know that she bought real estate, cars and took luxury vacations, including a VIP trip to the Vatican.  AUSA Kaufman can help answer the question.

“A large portion of the money also was wasted on gambling activity, both by herself and by at least one family member,”

Given that Smith had assets, how much of the $10.2 million does the government expect to recover?

$1 million… 10% of what she embezzled.

At the end of the day, the dealership waves bye-bye to $9 million ($9.2 to be exact) and well as the future that might have been. And we’re left with yet another sad ending involving internal fraud at a small business.

UPDATE: Patricia K. Smith sentenced to six and a half years. Read more here.

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com

Payroll and inventory fraud – are you next?

Apparently, there is quite a bit of money to be made from gourmet mushrooms (no, not that kind). So much so that Gino Silva and Steven Perei, both employees with D’Artagnan, a mushroom distributor set up their own company in direction competition with the employer.

Starting in December 2007, Silva and Perei made sales on behalf of their own company, Mediterra, then stole D’Artagnan’s inventory to complete the sale. To conceal the theft, Silva enlisted the help of D’Artagnan’s inventory control specialist to manipulate purchase order records and alter inventory records. This scheme was simple, yet quite brilliant – by using their employer’s inventory for their new company, top line sales essentially equaled bottom line profit. Why pay for inventory when someone else can foot the bill? The mushroom scheme lasted just over 12 months.

The mushroom scheme was not Gino Silva’s “first rodeo”. From 2005 to 2008, Silva was vice president of operations for Philips Accessories and Computer Peripherals. While working there he conspired with others to add “ghost” employees to the company’s payroll that ended up being paid approximately $1.2 million for nonexistent services (Ghost employees may be real people or fictitious but they do not work for the company).

Silva pleaded guilty to the payroll scheme in December 2008. In June 2009, he received a 27 month sentence and a restitution order for $843,414. In April 2011, Silva pleaded guilty to the mushroom scheme, and in March 2012 received a 28 month sentence, a year of supervised release and $71,179 in restitution for the mushroom scheme.

Silva committed two very different frauds and was eventually caught and sentenced twice. Is he a criminal mastermind? Certainly not, but he still managed to defraud two companies with relative ease. Will he commit a third fraud once he is released from prison? Who knows? But, the temptation may be too great… and this time, he probably knows how not to get caught!

I can tell you that there a literally thousands of companies that he could join and commit exactly the same frauds without being caught for at least a year. Is your company next?

Read more here

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com

Oh what a tangled web we weave… what happens when you can’t trust anyone?

Of all the government agencies to steal from, the National Security Agency would probably be the last one on my list. If just half of what the media says they can do is true, surely, they have the capability to uncover a fraud perpetrated by a vendor.

Yet, Bechdon which made metal and plastic parts for the NSA, successfully defraud the agency over a ten year period. The father son team of William and Donald Turley overbilled the agency for hours that their company never worked. As an aside, I am curious as to why the NSA would pay for parts produced by the hour and not on a fixed price basis, but I suppose we’ll never know the reasoning behind that decision.

The father son duo both confessed to the fraud during clearance interviews as part of the process for bidding on sensitive NSA contracts. Surprisingly, they confessions came over a year apart. William Turley confessed in March 2006, and Donald the following year in April (Why it took the NSA more than a year to complete the second interview is anyone’s guess).

Now for the twist that all good stories involving the NSA should have… Enter Christina Turley Knott, William Turley’s daughter and Donald Turley’s sister…

Christina is by far the more accomplished fraudster. She managed to embezzle $4.5 million from Bechdon without the knowledge of her father or brother! Presumably, while the father and son were busy bilking the NSA, they didn’t pay attention to the fraud happening beneath their noses. Christina will be sentenced shortly for her fraud, but initially the family declined to turn her in as they feared she would disclose the NSA overbilling scheme.

The moral of the story? Don’t expect your employees to act in an ethical manner if they see your company’s leadership defrauding others. The “tone at the top” is often thrown around as important to preventing fraud. In this case we can see what happens when owners or senior executives abandon their ethics at the front door. There is no honor among thieves, especially when there are millions up for grabs. Just ask the Turleys…

Read more here

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com

Post-mortem of a fraud – what small and large companies do differently

I believe that each instance of fraud provides companies with an opportunity to reassess their entire fraud defense. Some would call this continuous improvement; others would view it as a best practice. Whatever you call it, fraud defenses must be reviewed, tested and re engineered on a regular basis. Waiting for fraud to happen then scrambling to implement controls after the fact makes very little sense. In the airline industry it is called “Tombstone legislation” – someone has to die for changes to be made – only in this case it is small companies that are “dying”. Large companies live to fight another day. At least most of the time – even when the losses are in the millions…

Things to do on first day with new employer:

  • Turn up on time – check
  • Find desk and log in to computer – check
  • Figure out way to embezzle $1 million…

If the reports are to be believed, when Brenda L. Jones started working with Sirius XM Radio she almost immediately embarked on a fraud scheme that resulted in a seven figure loss.  A co-conspirator with the mysterious initials “VP” was not indicted (any guesses why they were not indicted?)

What makes this fraud particularly interesting is the size of the victim company. Sirius XM Radio is not a “Mom & Pop” company with limited resources to deploy in the fight against fraud. Yet, they suffered a huge loss. Had this fraud happened at a small company, it is highly likely that they would have been forced in to bankruptcy.

I am often asked to detail the size of company that I help fight fraud. My answer is small, medium and large – they all need help! Fraud happens at companies of all sizes and many of the best practices are applicable regardless of size.

  • Over the course of a year, fraud losses at a large company will typically exceed losses for a small company. But on a per incident basis, there is very little difference. To illustrate the point, take a look at the graph below from the Association of Certified Fraud Examiners 2010 Report to the Nations. There really isn’t that much of a difference between the median loss at a small company (less than 100 employees) and losses at companies with more than 100 employees. With that said, a $155,000 fraud at a small company can close the doors. A $164,000 fraud at a Fortune 500 company is a blip on the radar.

The biggest difference between how fraud is handled at small and large companies can be found in the post-mortem process:

  • Not surprisingly, the post-mortem at a large company is focused on preventing the fraud from happening again. Often, employees that failed to uncover the fraud are disciplined or terminated. If the company has an internal audit function, they are often asked to prepare a report that details the control failures and provide recommendations to avoid a similar fraud in the future. Management of the operation where the fraud took place is expected to implement, and subsequently own the changes to the internal control environment. Invariably, the fraud will receive a nickname and over time, the mere mention of the fraud will either silence a room or result in embarrassed chuckles. No one wants to see that fraud happen again.
  • The post-mortem at a small company is an entirely different matter. Instead of internal audit reviewing the situation and recommending improvements, the owner or senior executives normally dive in and do their best to understand what really happened. The entire company – not just the department where the fraud took place – is on tender hooks. They literally don’t know whether they will have a job next week. A law firm is normally involved in some shape or fashion and their mere presence sends concerned employees scurrying up and down the corridor looking for someone to tell them what is happening.

Quite simply, the stakes are not the same for large and small companies.

I believe that the post-mortem process at most companies is in need of an overhaul. Very rarely do small or large companies do anything more than deploy controls to stop exactly the same fraud that they just experienced from happening again. That’s understandable. “Scope creep”, “trying to boil the ocean’, “not trying to solve world hunger” are all euphemisms for don’t over engineer the solution.

I agree that it is important to solve the problem at hand. With that said, it is almost guaranteed that a company will experience more than one fraud in its lifetime. Subsequent frauds may duplicate a previous fraud, be a variation on a theme, or something entirely brand new. Will your company be ready?

As for Sirius XM Communications, I am sure the post-mortem process is over by now. I wonder what they did to stop a similar fraud from happening in the future? Anyone want to bet that they expanded the post-mortem process to include an assessment of fraud risk within the entire accounts payable department.

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com

“She’s just a wolf in sheep’s clothing”

Looks like another bookkeeper may have forced their employer to declare bankruptcy. Karen Tripp allegedly embezzled $1.5 million from Seiler-Nabors Construction Company, based in Collierville, Tennessee. The indictment states that Tripp wrote checks to her personal bank account as well as the antiques store that she owned. She also allegedly used the money to buy her children cars, build a mansion and take exotic vacations.

Collierville’s population is just under 45,000. I am sure the Seiler-Nabors bankruptcy will create a sizable ripple effect across the community. The company has already fired 20 employees which will obviously have a direct impact on a number of families.

Christy Klink worked alongside Tripp. She shared her thoughts with Memphis reporters regarding the indictment.

“It’s not going to change anything that happened or change the financial problems it has caused us. It does give us some satisfaction to know she is going to spend a lot of time in jail.”

Klink may be in for a rude awakening if Tripp is found guilty or “cops” a plea. In reality “a lot of time in jail” may not amount to much. It is probably Tripp’s first offense, and I would guess that she’ll serve 2 to 4 years. She’ll probably be ordered to pay the money back and it sounds like there may be some assets that can be liquidated. But, when the IRS comes knocking for the taxes on the $1.5 million (I doubt that Karen declared all of her income), they’ll likely jump to the head of the line demanding payment.

This case is just another example of how fraud can destroy a business. Ultimately, there are very few “winners”. In addition to closing the business and putting 20 people out of work, trust was lost. Trust that their employee was honest. Trust that their mother’s gifts and new house were earned and not stolen, and trust that if you work hard and do the “right thing” for your employees and the community that you’ll be rewarded.

Christy Clink’s father is a part owner of Seiler-Nabors Construction. Clink told reporters that her father had hoped that the company would pay for his retirement.

“He lost my mom about three years ago. He’s not really gotten over that and this comes and destroys him. She’s taken everything. He’s going to lose it all.”

This story involves a small company, but the “lessons learned” can apply to companies of all sizes. If you learn only one thing from this post, please monitor employees that issue payments. This case involved checks, but fraud can just as easily happen with wires, debit cards, credit cards, ACHs and of course cash. When was the last time that you reviewed your bookkeeper’s work? Do you reconcile your company’s bank statements on a daily basis? Who has access to blank checks?

Remember: You can trust but always verify.

 

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

 

paul@mccormackwrites.com

 

Dishonor among thieves

If you believe Diana L. Farmer-Forston, since her early childhood life has been a struggle. But in many respects, her struggles are just beginning. Diana was recently sentenced to two years in prison for embezzling $567,000 from her employer, Bennett and Zydron, a Virginia Beach law firm. In an interesting twist, Diana ended up being scammed out of $300,000 of the fraud proceeds when she agreed to lend a co-worker money to cover expenses associated with their cancer treatment. Allegedly, Diana made her coworker sign a promissory note with a monthly interest rate of 4.5%. Thankfully, the coworker is cancer free. In fact, they never had cancer in the first place.

Hired by the law firm in 2005, Diana didn’t launch her fraud career until 2007. What happened between 2005 and 2007? Did Diana’s struggles from her childhood come back to haunt her? We do know from court filings that her husband of 25 years announced in 1999 that he had decided to undergo a sex change operation. Their marriage ended shortly thereafter. That revelation surely had an impact on Diana, but did it force her to commit fraud seven years later?

Here’s a hint: In many cases, you’ll never figured our exactly what drove an employee to commit fraud.

In Diana’s case, it would likely require extensive therapy to truly undercover the root cause. Diana’s attorney claims that she has struggled with depression and other undisclosed mental health issues since her childhood. He also states that Diana was also around physical, sexual and emotional abuse while growing up. She has apparently had a very difficult journey to date, but her struggles started long before she joined the law firm.

As an employer, you have to focus on what you can control. Certainly, before hiring a new employee, perform background checks, conduct a rigorous interview process and call references. Whether the employee experienced abuse as Diana apparently did it is legally, ethically and morally out of scope during the interview process. Remember, you can’t control what has already happened…

You can control what happens once the employee sets foot in the office. Once they join the organization, make sure that you don’t send messages that help the new employee rationalize that committing fraud is “ok”. Fraud prevention essentially begins during the interview process and continues throughout the employee’s tenure. Assuming that you have not hired an employee that is already an accomplished fraudster, your company has ample opportunity to prevent from fraud happening. I’ll detail many of the tactics you can use to build a culture that prevents fraud in my next post. This post hopefully lays the groundwork.

Bottom line: You can prevent fraud if you focus on what you can directly control. The employee already has ‘baggage’ that they bring to the table. You can’t control how much, or what it contains. You can control how your organization is positioned to prevent and detect fraud. There are no “fool-proof” approaches, but you have far more power than you realize

Learn more about Diana’s case here

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter or white paper you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com


“I’m as mad as hell, and I’m not going to take this anymore!”

Regular readers of this blog will know that many of the fraud losses I discuss here are largely avoidable. Well, my business partner and I have decided to do something about it. Today, we launched Consult-OnLine, an online platform that provides fraud and intellectual property theft prevention services for small- & medium-sized companies.

Why now, and why online?

Quite simply, the number of fraud cases involving small-and medium-sized companies is staggering. SMEs need help, and they need it fast. They are often overlooked by traditional consulting firms as too small to purchase services – or worse, the companies suffer in silence and do their best to muddle through without the assistance of a fraud expert. The most common reason for not engaging a fraud consultant is cost. Small companies can’t afford to pay the hourly rates and expenses that traditional firms charge. They are also genuinely concerned that once a fraud consultant enters their office, they will have a hard time convincing them to leave.

Believe it or not, other firms have offered professional services online before. One in particular was phenomenally successful, but for a number of reasons they shut the site down. We strongly believe that professional services can be delivered online. In fact, we built an innovative platform to do exactly that.

In addition, over the last three months, we have developed a proprietary database that contains analysis of fraud cases from the news. There are so many lessons to be learned from fraud at other companies. We thought it made sense to build a database that companies could access and use to learn how to avoid a similar fraud at their company. I have over 16 years of fraud experience, yet even I am amazed at the number of six- and seven-figure fraud cases that we have gathered from around the world. We are absolutely convinced that the database will “open eyes” and help companies dramatically reduce their fraud risk.

So, I am mad that small- and medium-sized companies coffers are being raided by fraudsters with impunity. AND my firm is prepared to do something about it.

Need a writer that understands fraud? When you hire me to write an article, blog post, newsletter, or white paper, you get an accomplished writer that is also an expert in fraud.

paul@mccormackwrites.com