BLOG OF THE CENTRAL VIRGINIA CHAPTER OF THE ASSOCIATION OF CERTIFIED FRAUD EXAMINERS
May 20, 2013Posted by on
A couple of years ago a well-known metropolitan newspaper reported that an executive at a major insurance company gave his external auditor a false address for a marketable securities confirmation, intercepted the confirmation, then returned it with no exceptions noted. The company verified its possession of $20 million dollars in falsified assets in this manner.
As the accountants and auditors among us will recall from our school days, a confirmation is an audit tool that provides written communication from a third party, such as a customer, supplier or (as in the case above) asset custodian of the audit client in response to an auditor’s request for information. Using confirmations as audit evidence may be appropriate whenever a third party possesses knowledge regarding an amount or disclosure in the client’s information system. Confirmations are commonly used when testing accounts receivable balances, but other confirmed accounts that can be of interest to fraud examiners conducting examinations include cash (i.e., bank confirmations), accounts and notes payable, off site inventory and securities.
When a fraud examiner or forensic accountant is trying to determine the chronological chain of events constituting a fraud scenario, it can be important to know who said what and when they said it with regard to important account balances and transactions deemed critical to the pattern of commission of the fraud. Because a third party sends the completed confirmation directly to the auditor, it’s difficult for the client to tamper with the evidence. In an embezzlement case, for example, it can be critical to building a case for prosecution to know what the bank said the balance in a cash account under the control of the suspected embezzler was on a given date or series of dates. The same can be said for the usefulness of auditor confirmations of any other balances relevant to the financial transactions constituting the fraud.
There are two types of confirmations positive and negative and both can be conveyed to the confirmer by physical letter or electronically by e-mail. A positive confirmation requests a response whether or not the recipient agrees with the amount confirmed. A negative confirmation asks the recipient to respond only if s/he disagrees with the amount in the confirmation. Positive confirmations provide more competent audit evidence than negatives and are, therefore, more useful to fraud examiners in establishing dates and chronologies but recipients may not be as likely to respond to a positive confirmation because it requires more effort to complete.
In using the supplemental evidence that external or internal auditor initiated confirmations can provide about the chronology of account balances and related transactions, it’s important for the fraud examiner or forensic accountant to understand how the auditor designed the confirmation process to ensure that confirmations have an appropriate chain of custody; the example given in the first paragraph of this post is a vivid example of what can happen when the chain of custody of a confirmation is broken. To safeguard that all confirmations reach their intended recipients and are returned directly to the auditor, the auditor should have physically mailed (or e-mailed) the confirmations personally and specified that they be returned only to her personal e-mail account or physical address.
The incorporation of evidence from properly controlled auditor initiated confirmations can constitute an additional, useful tool in the fraud examiners tool kit. However, fraud examiners must be sure that the confirmation process was designed and implemented appropriately and that the auditor in question correctly investigated and interpreted any exceptions to ensure the competency of the resulting evidence.
May 19, 2013Posted by on
Every two weeks the Central Virginia Chapter of the Association of Certified Fraud Examiners (ACFE) presents a webcast on a topic related to the practice of fraud examination and/or forensic accounting. These webcasts are presented primarily for the benefit of Chapter members but are open to all with a general interest in improving the practice of auditing and fraud examination.
Members of the Central Virginia Chapter will have received an e-mail notifying them that the bi-weekly webcast is available at this site; the e-mail contains three questions which must be answered and returned for the award of one hour of continuing education credit.
If you are an audit professional or a student and would like to listen to these lectures as a Richmond Chapter member for continuing education credit, please visit our website at www.cpenet.net and join our Chapter on-line by clicking on the first picture of a set of scales, registering as a site user and paying $15.00 annual dues. We offer at least 20 hours of continuing education credit on fraud related topics for the one time annual fee. You don’t have to be a resident of the Richmond area or even of Virginia to join… we have members all across North America.
This week’s webcast is fifty-five minutes in length, on the topic of The Laws of Fraud & Where to Find Them.
May 16, 2013Posted by on
A fraud examiner contact of mine on LinkedIn is currently working on a case that might end up involving hidden assets; she was wondering about the best way to proceed once the suspicion has developed that an investigative subject might be hiding assets of value.
It’s been my experience that the sooner you start looking for hidden property, money and other assets during your investigation (for inclusion in your eventual recovery plan) the better…but there are several important things to keep in mind. Even though it’s hard to do on the front end, try to determine as best you can if the recovery effort will be cost-effective…will the realized recovery justify the time and expense (often considerable) of pursuing a remedy and enforcing a judgment? If you determine that the payoff just isn’t there in a sufficient amount to make the effort worthwhile, don’t pursue it.
You will also need to decide against whom to pursue the recovery; pick your target carefully from among the potentially liable persons and pick the person(s) who are most likely to have the money or other assets to respond to a judgment. Who wants to go to all the trouble of getting a judgment if it’s worth nothing because the target has insufficient assets?
Once you’ve addressed those two issues the question becomes one of analysis as to whether or not hidden assets or property are actually involved in the case. The two classic analytical methods for detecting whether a potential subject has hidden assets or property are the analysis of lifestyle indicators and financial analysis. Lifestyle indicators suggest that the target is living beyond his or her apparent means, and thus probably has hidden income or sources of income. To perform this analysis properly requires you to learn about the target’s personal characteristics (wears expensive clothes, carries large amounts of cash, maintains club memberships, etc.); has lavish home furnishings, automobiles and engages in expensive leisure activities.
On the financial analysis side, you’re looking for unexplained changes in the target’s income and/or expenses over time. The key words are “over time” since one-shot variations aren’t usually indicators of anything except random chance and life’s vicissitudes. Individual categories of an income statement, balance sheet, or cash flow statement, expressed in percentages of the whole, are compared over a period of time, and changes in percentages between categories (vertical analysis) or over time within a category (horizontal analysis), or in ratios between categories (ratio analysis) may indicate activities intended to conceal income or income producing property.
You can obtain information about the target’s property and assets for input to your financial analysis from friends, family, ex-spouses, neighbors, in short, from anyone in a position to know. You can obtain from witnesses the records or documents which you want or need in order to trace and locate property, proceeds or other assets. Finally, don’t forget accomplices from whom you can learn how the fraud scenario actually worked so you can identify the records or transactions that will enable you to trace or locate the property.
May 8, 2013Posted by on
Before conducting a fraud risk assessment, Fraud Examiners should determine if the client organization has a mature enterprise risk assessment (ERM) business process in place; if it does, it’s to everyone’s advantage to tailor the fraud assessment as an exercise deserving unique treatment within the overall ERM process; this tailoring would address the unique aspects of fraud risk assessment which distinguish it from more routine risk assessments , including the appropriate specialized expertise of personnel involved in the assessment, communicating the final results of the assessment, and developing an action plan to address the identified fraud risks.
As every practitioner who’s ever performed one well knows, conducting a comprehensive fraud risk assessment for a medium to large size client consumes considerable time and resources. I’ve found that many organizations attempt to embed assessing the risk of fraud as just another normal assessment task within their general overall ERM approach. Although certainly practical, this approach does not always yield the best results. A better way is to focus specifically on pre-defined fraud schemes and scenarios; this approach provides the best chance of identifying those schemes that have the highest probability of adversely impacting the client organization.
Another challenge for fraud examiners is to ensure that their fraud assessment results don’t fall on deaf ears. What I mean is by that is, although it’s important to identify fraud risks, it’s equally important to reduce those risks by adequately addressing them. In organizations without a well defined, guiding ERM process, there’s a not-inconsiderable risk that your identified vulnerabilities won’t be addressed at all because there’s no formal process in place to do so. Only when management is made aware and held somehow accountable (two things a good ERM process does well), will the risk of fraud be actually reduced in the client organization.
As an example, if you identify systems security user authentication as a risk in your assessment, you must communicate that risk to the business process owner (the IT Director) overseeing the systems authentication business process. Under traditional ERM, s/he would be held accountable for implementing appropriate controls to reduce the risk. The staff responsible for implementing the controls would be provided with a remediation plan to ensure timely reduction of the risk within a prescribed period. This action plan should be included as a recommendation with the final assessment report and communicated to client management.
Fraud examiners are ultimately qualified to assess and reduce fraud risk. Practitioners can promote their extensive knowledge of fraud scenarios and detection methods on the front end, during the risk assessment process itself, rather having the client rely solely on traditional anti-fraud programs and tools like whistle blower hotlines, codes of conduct, fraud awareness training and after-the- fact forensic accounting /auditing procedures. An ounce of prevention is worth a pound of cure.
So as fraud examiners conducting risk assessments, we should leverage existing client ERM strategies as tools to get the risks we identify addressed by client management according to documented ERM standard process procedures. Only those practitioners who adopt and execute a well-designed approach can ensure identification of the fraud risk that, left unaddressed, can cripple any organization.
May 7, 2013Posted by on
All assurance professionals are pressured by our clients to find new ways to contribute to business performance and fraud examiners and forensic accountants are no exception. One way we can do this in today’s overwhelmingly information rich environment is to help management identify the many categories of emerging enterprise risks.
How often are we confronted during our fraud examinations and audits with mountains of digitized text in the forms of e-mails, policies and procedures and company web-based content, any of which may or may not be relevant to the actual examination at hand? It’s been estimated by the NACFE that in excess of 80% of total company records related to frauds are in the form of text based data; yet, because so much current analytics effort is directed to numeric data, until quite recently, the software tools have just not been available to practicing professionals to allow them to analyze large volumes of digitized text efficiently.
The new software to support text analytics stems from a combination of developments in the fields of litigation support and electronic discovery, counterterrorism and surveillance technology, customer relations management and artificial intelligence. Text mining tools can help fraud examiners and forensic accountants extract, group, tag and analyze patterns associated with a given fraud scenario and identify the digitized documents that contain those patterns. They can create categories, or hierarchical knowledge representations, to auto-classify documents and extracted data. The more sophisticated programs can also apply statistical techniques to cluster documents according to discovered characteristics. For example, as Director of Internal Audit for Virginia Medicaid, I analyzed digitized Departmental, state and Federal policies and procedures running to many thousands of pages as part of a review to determine the probability that the occurrence of fraud signatures associated with two different fraud scenarios would be prevented by existing defined controls; this without personally reading a single word.
When analyzing the behavior of suspected participants in a fraud under investigation, textual analytics of e-mail (link analysis) can be used to determine who is talking to whom, about what (language concept clustering), and over what period of time (for example, as related to an actual fraud related event).
More broadly, during a company’s internal risk assessment, compliance risks can be mapped to divisions or departments using textual analysis. A textual analysis of existing policies and procedures will assist in revealing how, or if, the identified compliance risks are being addressed by divisional management. The objective here is to focus use of the software to screen data for potential issues before they become less manageable rather than just employing the software as an analytical tool after a fraud or significant event has actually occurred. A good way to begin to do this is to adopt a risk based approach to introduce the concept to management, perhaps performing a text based analysis of four or five individuals in a high risk department or newly acquired unit and then sharing the results with the powers that be.
Fraud examiners have yet another tool in text analytics to make their reviews more through and efficient specifically and to generally speed and improve the fraud investigation and prevention process for our clients.
May 4, 2013Posted by on
An interesting issue arose during a presentation I made a few nights ago to a group of fraud examiners regarding the usefulness of digital financial statements (specifically XBRL and XBRLS based statements) as a tool to enhance the fraud investigation process. It turned out that several of the participants, intense users of financial information but not practicing accountants, seemed to expect that every aspect of every client entity’s financial report be comparable to every other client entity’s financial report, especially if the clients were in the same business, say if both were retailers. This is simply not the case. Financial reports are not, and should not, be ‘forms’ simply filled out by an accountant. One strength of US GAAP is its ability to let reporting entities report useful information specific to themselves.
It’s true that financial information reporting by entities in the same industry sector, for example, steel companies, tends to be more comparable than financial information reported by entities in a different industry. It’s also true that a reporting entity’s disclosures from period to period tend to be very comparable. While that disclosure information is considered useful by a given reporting entity for a given event or transaction, accountants creating a financial report structure use disclose rules/requirements, guiding principles and their judgment when weaving together an appropriate financial report. The required application of professional judgment is of equal necessity whether the financial report is ultimately presented on paper, electronically or digitally.
Some financial report disclosures tend to take the shape of very specific and objective quantitative measures. For example, the disclosure of earnings per share is an example of such a specific quantitative measure. These sorts of disclosures are like an “on/off” switch; either the disclosure is required or it is not and if it is required, what must be presented or disclosed is crystal clear. There may be judgment involved in computing or measuring the amount disclosed, but the need for the disclosure itself tends to be objective.
Other disclosures take a more subjective shape and use more qualitative measures. For example in the case of derivative instruments, the meaning of a business acquisition or divestiture to the overall financial position of a reporting entity and/or which information about the acquisition or divestiture is the important information depends on many different criteria and, in each case, it is the role of the accountant(s)s to exercise his or her judgment and determine the appropriate disclosures, all things considered, using known guiding principles.
Understanding which disclosures tend to take which shape and otherwise understanding these moving pieces is critical for digital financial taxonomy creation, financial report creation in general, and analysis of financial information expressed by these taxonomies and financial reports.
Fraud examiners, forensic accountants and all intensive users of financial statement information, digitally or electronically based, need to understand that there are times when a certain specific financial disclosure in the two different financial reports of two clients will be very different, because each report presents different facts. The bottom line is that both financial disclosures are appropriate for the circumstances and both satisfy prescribed disclosure rules/requirements, and both are useful, etc. So, there is no one size that fits all in describing most transactions, but, that said, there are indeed some times when the facts disclosed should be identical for the majority of reporting entities in a given sector.