THE CONSTRUCTION PROCESS OF FRAUD PREVENTION: The Absolutes of the Company Anti-Fraud Program Presented for the Fort Worth Chapter of the TSCPA Presented by STEVE DAWSON, CPA, CFE Dawson Forensic Group The Not Dead Yet Employee An accountant changed the direct deposit routing number and account number to three of her own bank accounts on six previously terminated employees. No one noticed until $250,000 and 7 months later, a former employee called asking why his W-2 reflected $50,000 more than he was paid! Fort Worth Chapter TSCPA Free CPE Day 2015 1
Principles of Self-Preservation FRAUD RULE #1 Fraud and Stupid Look Just Alike As Long As It s Paid in Full The accountant used the company Mastercard for personal purchases as well as for business purposes. She paid the business purpose portion of the balance with a company check and the personal portion with a personal check. Is this fraud? Fort Worth Chapter TSCPA Free CPE Day 2015 2
Principles of Self-Preservation Q: What are the ramifications of following up on suspicions of fraud (investigation) and no fraud is found? A: It Depends Principles of Self-Preservation It depends d on what policies i are in place, the content of those policies and, h th li i f ll d i how those policies are followed in practice Fort Worth Chapter TSCPA Free CPE Day 2015 3
I Swear I Didn t Take It! The Company bills and collects amounts for various entities. The accountant properly paid collected amounts to the entities every week. However, refunds were paid from the Company account, not the entities accounts. After a period of 10 years of paying these refunds from the wrong account, the Company account balance was not adequate to fund current collections. I Swear I Didn t Take It! When the shortfall was noticed, the accountant was accused of fraud and an investigation ensued. Is this fraud? Fort Worth Chapter TSCPA Free CPE Day 2015 4
The Anti-Fraud Program THE FRAMEWORK The Anti-Fraud Environment Fraud Risk Assessment Control Activities Information: Program Documentation Communication: The Company Fraud Training Program Monitoring and Routine Maintenance The Architect s Blueprint Establishing the Framework The Anti-Fraud Environment: Laying the Foundation Fraud Risk Assessment: Installing the Ground Floor Control Activities: Raising the Walls Information: Program Documentation Constructing the Ceiling Communication: The Company Fraud Training Program Constructing the Ceiling Monitoring and Routine Maintenance Putting on the Roof Fort Worth Chapter TSCPA Free CPE Day 2015 5
The Architect s Blueprint Establishing the Framework Monitoring / Routine Maintenance Information and Communication Control Activities Control Activities Fraud Risk Assessment Anti-Fraud Environment As Long As It s Paid in Full The accountant used the company Mastercard for personal purchases as well as for business purposes. She paid the business purpose portion of the balance with a company check and the personal portion with a personal check for the most part she may have misclassified $30k, $40k, $50k of personal charges as business charges. Fort Worth Chapter TSCPA Free CPE Day 2015 6
Foundational Absolutes: The Development of Control Activities Guiding Principles of Control Activities Design Design the internal control around the POSITION, never around the PERSON in that position The perception of detection is the strongest internal control that can be implemented Foundational Absolutes: Anti-Fraud Environment Fraud Policy Fraud Reporting Policy (Anonymous Reporting Mechanism) Expense Reimbursement Policy Fort Worth Chapter TSCPA Free CPE Day 2015 7
Foundational Absolutes: Anti-Fraud Environment Organizational i Chart Formal Written Employee Job Descriptions Required Annual Employee Evaluations Payroll Advance / Financial Counseling Programs Employee Dishonesty Insurance / Fidelity Bond Foundational Absolutes: Fraud Risk Assessment The Requirement to Perform Fort Worth Chapter TSCPA Free CPE Day 2015 8
Smash n Grab X 2 A financial institution had two vault cash locations in the same building, with different vault custodians (referred to as Custodian A and Custodian B). Custodian A left one evening with $400,000 in her backpack. During the investigation regarding g the missing $400,000,, Custodian B came in and confessed to the cash theft of $850,000. She had no idea the investigation didn t involve her theft that had occurred six months prior. Foundational Absolutes: Control Activities Pre-employment Background and Reference Checks Required Annual Completion of the Conflict of Interest Form Required Use of Vacation Time Required Supporting Documentation and Approval for Non-standard Journal Entries Physical Inventory Count Fort Worth Chapter TSCPA Free CPE Day 2015 9
Foundational Absolutes: Control Activities Proper Approval of Inventory Write-offs Proper Approval of Accounts Receivable / Debit Balance Accounts Payable Write-offs Proper Approval for Billing Adjustments or Other Nonpayment Credits to Accounts Receivable New Vendor Establishment Procedures Separate Cash Drawer for Each Cashier Proper Check Signing Procedures Fort Worth Chapter TSCPA Free CPE Day 2015 10
Foundational Absolutes: Information: Program Documentation Required Written Anti-fraud Program Fort Worth Chapter TSCPA Free CPE Day 2015 11
Foundational Absolutes: Information: Company Fraud Training Program Perform Continuous Fraud Awareness Training Communication: The Company Fraud Training Program Are you aware of any fraud that t is occurring in your organization? The Most Common Answers No, we don t even have a website No, our cyber-security is second to none Our company doesn t allow pets Huh, what? Fort Worth Chapter TSCPA Free CPE Day 2015 12
Communication: The Company Fraud Training Program Is Ongoing Anti-Fraud Training Provided? Do employees know what fraud is? (FRAUD POLICY) Have fraud costs been made clear to employees? Do employees know where to go to seek advice? Communication: The Company Fraud Training Program Annual Must Have Training! Review and Re-acknowledgment of the Fraud Policy Review and Re-acknowledgment of the Fraud Reporting Policy Re-completion of the Conflict of Interest Form Fort Worth Chapter TSCPA Free CPE Day 2015 13
I m Pre-Paying Paying My Fraud A CEO purchased prepaid Western Union cards from a convenience store and had the costs charged to Supplies and some to Travel. The total extra benefit amounted to approximately $72,000 over a two-year period. My Other Company(ies) Will Appreciate It So Much A CEO subsidized costs belonging to her other companies by directly charging a majority of their expenses to her employer s company. No one knew she was the owner of all of these other companies. Fort Worth Chapter TSCPA Free CPE Day 2015 14
Foundational Absolutes: Monitoring and Routine Maintenance The 3 Questions of Monitoring How are things working out? Are processes and controls working as intended? Are there processes or activities that we need to refine, add, or delete? Foundational Absolutes: Monitoring and Routine Maintenance Compliance Auditing Compliance Audits: The Absolutes Authorized check signer approval process Accounts, notes, loans receivable charge-off process Inventory write-off process Journal entry approval and documentation process Master vendor file audit Contract procurement audit Fort Worth Chapter TSCPA Free CPE Day 2015 15
What if? Preserving the Scene of the Crime Consider the crime scene a robbery for example: You arrive home to find that a robbery has occurred. You call family to come be with you and you call the police. Family arrives first and says this place is a mess. Let s clean up so the police will have a clean place to do their investigation. What s wrong with this picture? What if? Preserving the Scene of the Crime If it is determined that an investigation will be necessary, consider the following: Leave the suspect s office exactly as is; don t clean it Sticky notes are an investigator s gold mine Flash drives are a valuable resource Personal bank statements, investment statements, credit card statements t t are often still in the office Cell phones, cameras are often still in the office Fort Worth Chapter TSCPA Free CPE Day 2015 16
What if? Preserving the Scene of the Crime If it is determined that an investigation will be necessary, consider the following: If the computer is off, don t turn it on If the computer is on, don t turn it off If the computer is a desktop, it s on but you NEED to move it; unplug it If the computer is a laptop, it s on but you NEED to move it; remove the battery The Completed Anti-Fraud Program Monitoring / Routine Maintenance Information and Communication Control Activities Control Activities Fraud Risk Assessment Anti-Fraud Environment Fort Worth Chapter TSCPA Free CPE Day 2015 17
The Completed Anti-Fraud Program The information presented today and my full recommendations regarding complete anti-fraud program design can be found in my most recent work published by John Wiley & Sons (New York/New Jersey). THE CONSTRUCTION PROCESS OF FRAUD PREVENTION: The Absolutes of the Company Anti-Fraud Program STEVE DAWSON, CPA, CFE Dawson Forensic Analytics, P.L.L.C. d/b/a DAWSON FORENSIC GROUP P.O. Box 54462 Lubbock, Texas 79453 806-368-5779 E-mail: steve@dawsonforensics.com www.dawsonforensicgroup.com Fort Worth Chapter TSCPA Free CPE Day 2015 18