Category Archives: Purchase Fraud

Just Like Me

During a joint training seminar between our Chapter and the Virginia State Police held a number of years ago, I took the opportunity to ask the attendees (many of whom are practicing CFE’s) to name the most common fraud type they’d individually investigated in the past year. Turned out that one form or another of affinity fraud won hands down, at least here in Central Virginia.

This most common type of fraud targets specific sectors of society such as religious affiliates, the fraudster’s own relatives or acquaintances, retirees, racial groups, or professional organizations of which the fraudster is a member. Our Chapter members indicate that when a scammer ingratiates himself within a group and gains trust, an affinity fraud of some kind can almost always be expected to be the result.

Regulators and other law enforcement personnel typically attempt to identify instances of affinity fraud in order to prosecute the perpetrator and return the fraudulently obtained goods to the victims. However, affinity fraud tends to be an under reported crime since victims may be embarrassed that they so easily fell prey to the fraudster in the first place or they may remain connected to the offender because of emotional bonding and/or cultivated trust. Reluctance to report the crime also frequently stems from a misplaced belief that the fraudster is fundamentally a good guy or gal and will ultimately do the right thing and return any funds taken. In order to stop affinity fraud, regulators and law enforcement must obviously first be able to detect and identify the crime, caution potential investors, and prevent future frauds by taking appropriate legal actions against the perpetrators.

The poster boy for affinity fraud is, of course, Bernard Madoff. The Madoff tragedy is considered an affinity fraud because the vast majority of his clientele shared Madoff’s religion, Judaism. Over the years, Madoff’s list of victims grew to include prominent persons in the finance, retail and entertainment industries. This particular affinity fraud was unprecedented because it was perpetrated by Madoff over several decades, and his customers were defrauded of approximately twenty billion dollars. It can be debated whether the poor economy, lack of investor education, or ready access to diverse persons over the internet has led to an increase in affinity fraud but there can be no doubt that the internet makes it increasingly easy for fraudsters to pose as members of any community they target. And, it’s clear that affinity frauds have dramatically increased in recent years. In fact, affinity fraud has been identified by the ACFE as one of the top five investment schemes each year since 1998.

Affinity frauds assume different forms, e.g. information phishing expeditions, investment scams, or charity cons. However, most affinity frauds have a common element and entail a pyramid-type of Ponzi scheme. In these types of frauds, the offender uses new funds from fresh victims as payment to initial investors. This creates the illusion that the scam is profitable and additional victims would be wise to immediately invest. These types of scams inevitably collapse when it either becomes clear to investors or to law enforcement that the fraudster is not legitimate or that there are no more financial backers for the fraud. Although most fraud examiners may be familiar with the Madoff scandal, there are other large scale affinity frauds perpetrated across the United States almost on a daily basis that continue to shape how regulators and other law enforcement approach these frauds.

Perpetrators of affinity frauds work hard, sometime over whole years, to make their scams appealing to their targeted victims. Once the offenders have targeted a community or group, they seek out respected community leaders to vouch for them to potential investors. By having an esteemed figurehead who appears to be knowledgeable about the investment and endorses it, the offender creates legitimacy for the con. Additionally, others in the community are less likely to ask questions about a venture or investment if a community leader recommends or endorses the fraudster. In the Madoff case, Madoff himself was an esteemed member of the community. As a former chair of the National Association of Securities Dealers (NASD) and owner of a company ranked sixth largest market maker on the National Association of Securities Dealers Automated Quotations (NASDAQ), Madoff’s reputation in the financial services industry was impeccable and people were eager to invest with him.

The ACFE indicates that projection bias is yet another reason why affinity fraudsters are able to continually perpetrate these types of crimes. Psychological projection is a concept introduced by Sigmund Freud to explain the unconscious transference of a person’s own characteristics onto another person. The victims in affinity fraud cases project their own morals onto the fraudsters, presuming that the criminals are honest and trustworthy. However, the similarities are almost certainly the reason why the fraudster targeted the victims in the first place. In some cases when victims are interviewed after the fact, they indicate to law enforcement that they trusted the fraudster as if they were a family member because they believed that they shared the same value system.

Success of affinity fraud stems from the higher degree of trust and reliance associated with many of the groups targeted for such conduct. Because of the victim’s trust in the offender, the targeted persons are less likely to fully investigate the investment scheme presented to them. The underlying rationale of affinity fraud is that victims tend to be more trusting, and, thus, more likely to invest with individuals they have a connection with – family, religious, ethnic, social, or professional. Affinity frauds are often difficult to detect because of the tight-knit nature common to some groups targeted for these schemes. Victims of these frauds are less likely to inform appropriate law enforcement of their problems and the frauds tend to continue until an investor or outsider to the target group finally starts to ask questions.

Because victims in affinity frauds are less likely to question or go outside of the group for assistance, information or tips regarding the fraud may not ever reach regulators or law enforcement. In religious cases, there is often an unwritten rule that what happens in church stays there, with disputes handled by the church elders or the minister. Once the victims place their trust in the fraudster, they are less likely to believe they have been defrauded and also unlikely to investigate the con. Regulators and other law enforcement personnel can also learn from prior failures in identifying or stopping affinity frauds. Because the Madoff fraud is one of the largest frauds in history, many studies have been conducted to determine how this fraud could have been stopped sooner. In hindsight, there were numerous red flags that indicated Madoff’s activity was fraudulent; however, appropriate actions were not taken to halt the scheme. The United States Securities and Exchange Commission (SEC) received several complaints against Madoff as early as 1992, including several official complaints filed by Harry Markopolos, a former securities industry professional and fraud investigator. Every step of the way, Madoff appeared to use his charm and manipulative ways to explain away his dealings to the SEC inspection teams. The complaints were not properly investigated and subsequent to Madoff’s arrest, the SEC was the target of a great deal of criticism. The regulators obviously did not apply appropriate professional skepticism while doing their jobs and relied on Madoff’s reputation and representations rather than evidence to the contrary. In the wake of this scandal, regulatory reforms were deemed a priority by the SEC and other similar agencies.

Education is needed for the investing public and the regulators and law enforcement personnel alike to ensure that they all have the proper knowledge and tools to be able to understand, detect, stop, and prevent these types of frauds. This is where CFEs and forensic accountants are uniquely qualified to offer their communities much needed assistance. Affinity frauds are not easily anticipated by the victims. Madoff whistleblower Markopolos asserted that “nobody thinks one of their own is going to cheat them”. Affinity frauds will not be curtailed unless the public, we, the auditing and fraud examination communities, and regulators and other law enforcement personnel are all involved.

The Unsanctioned Invoice

Of all the frauds classified as occupational, one of the most pernicious encountered by CFEs is the personal purchase with company funds scam. I say pernicious because not only is this type of fraud a cancer, devouring it’s host organization from within, but also because this basic fraud scenario can take on so many different forms.

Instead of undertaking externally involved schemes to generate cash, many employed fraudsters choose to betray their employers by simply purchasing personal items with their company’s money. Company accounts are used by the vampires to buy items for their side businesses and for their families. The list of benefiting recipients goes on and on. In one case a supervisor started a company for his son and directed work to the son’s company. In addition to this ethically challenged behavior, the supervisor saw to it that his employer purchased all the materials and supplies necessary for running the son’s business. As the fraud matured, the supervisor purchased materials through his employer that were used to add a room to his own house. All in all, the perpetrator bought nearly $50,000 worth of supplies and materials for himself and various others using company money.

One might wonder why a purchases fraud is not classified by the ACFE as a theft of inventory or other assets rather than as a billing scheme. After all, in purchases schemes the fraudster buys something with company money, then takes the purchased item for himself or others. In the case cited above, the supervisor took building materials and supplies. How does this differ from those frauds where employees steal supplies and other materials? On first glance, the schemes appear very similar. In fact, the perpetrator of a purchases fraud is stealing inventory just as s/he would in any other-inventory theft scheme. Nevertheless, the heart of the scheme is not the taking of the inventory but the purchasing of the inventory. In other words, when an employee steals merchandise from a warehouse, s/he is stealing an asset that the company needs, an asset that it has on hand for a particular reason. The harm to the victim company is not only the cost of the asset, but the loss of the asset itself. In a purchasing scheme, on the other hand, the asset which is taken is superfluous. The perpetrator causes the victim company to order and pay for an asset which it does not really need in the course of business, so the only damage to the victim company is the money lost in purchasing the particular item. This is why purchasing schemes are categorized as invoice frauds.

Most of the employees identified by the ACFE as undertaking purchase schemes do so by running unsanctioned invoices through the accounts payable system. The fraudster buys an item and submits the bill to his employer as if it represented a purchase on behalf of the company. The goal is to have the company pay the invoice. Obviously, the invoice which the employee submits to his company is not legitimate. The main hurdle for a fraudster to overcome, therefore, is to avoid scrutiny of the invalid invoice and to obtain authorization for the bill to be paid.

As in the many cases of shell company related schemes we’ve written about on this blog, the person who engages in a purchases scheme is often the very person in the company whose duties include authorizing purchases. Obviously, proper controls should preclude anyone from approving her own purchases. Such poorly separated functions leave little other than her conscience to dissuade an employee from fraud. Nevertheless, CFEs see many examples of small to medium sized companies in which this lapse in controls exists. As the ACFE continues to point out, fraud arises in part because of a perceived opportunity. An employee who sees that no one is reviewing his or her actions is more likely to turn to fraud than one who knows that her company applies due diligence in the attempt to detect all employee theft.

An example of how poor controls can lead to fraud was the case where a manager of a remote location of a large, publicly traded company was authorized to both order supplies and approve vendor invoices for payment. For over a year, the manager routinely added personal items and supplies for his own business to orders made on behalf of his employer. The orders often included a strange mix of items; technical supplies and home furnishings might, for instance, be purchased in the same order. Because the manager was in a position to approve his own purchases, he could get away with such blatantly obvious frauds. In addition to ordering personal items, the perpetrator changed the delivery address for certain supplies so that they would be delivered directly to his home or side business. This scheme cost the victim company approximately $300,000 in unnecessary purchases. In a similar case, an employee with complete control of purchasing and storing supplies for his department bought approximately $100,000 worth of unnecessary supplies using company funds. The employee authorized both the orders and the payments. The excess supplies were taken to the perpetrator’s home where he used them to manufacture a product for his own business. It should be obvious that not only do poor controls pave the way for fraud, a lack of oversight regarding the purchasing function can allow an employee to remove huge amounts from the company’s bottom line.

Not all fraudsters are free to approve their own purchases. Those who cannot must rely on other methods to get their personal bills paid by the company. The chief control document in many voucher systems is the purchase order. When an employee wants to buy goods or services, s/he submits a purchase requisition to a superior. If the purchase requisition is approved, a purchase order is sent to a vendor. A copy of this purchase order, retained in the voucher, tells accounts payable that the transaction has been approved. Later, when an invoice and receiving report corresponding to this purchase order are assembled, accounts payable will issue a check.

So in order to make their purchases appear authentic, some fraudsters generate false purchase orders. In one case, an employee forged the signature of a division controller on purchase orders. Thus the purchase orders appeared to be authentic and the employee was able to buy approximately $3,000 worth of goods at his company’s expense. In another instance, a part time employee at an educational institution obtained unused purchase order numbers and used them to order computer equipment under a fictitious name. The employee then intercepted the equipment as it arrived at the school and loaded the items into his car. Eventually, the employee began using fictitious purchase order numbers instead of real ones. The scheme came to light when the perpetrator inadvertently selected the name of a real vendor. After scrutinizing the documents, the school knew that it had been victimized. In the meantime, the employee had bought nearly $8,000 worth of unnecessary equipment.

Purchase orders can also be altered by employees who seek to obtain merchandise at their employer’s expense. In one instance, several individuals conspired to purchase over $2 million worth of materials for their personal use. The ringleader of the scheme was a low-level supervisor who had access to the computer system which controlled the requisition and receipt of materials. This supervisor entered the system and either initiated orders of materials that exceeded the needs of a particular project or altered existing orders to increase the amount of materials being requisitioned. Because the victim organization had poor controls, it did not compare completed work orders on projects to the amount of materials ordered for those projects. This allowed the inflated orders to go undetected.

Another way for an employee to get a false purchase approved is to misrepresent the nature of the purchase. In many companies, those with the power to authorize purchases are not always attentive to their duties. If a trusted subordinate vouches for an acquisition, for instance, busy supervisors often give rubber stamp approval to purchase requisitions. Additionally, employees sometimes misrepresent the nature of the items they are purchasing in order to pass a cursory review by their superiors.

Instead of running false invoices through accounts payable, some employees make personal purchases on company credit cards or running accounts with vendors. As with invoicing schemes, the key to getting away with a false credit card purchase is avoiding detection. Unlike invoicing schemes, however, prior approval for purchases is not required. An employee with a company credit card can buy an item merely by signing his or her name (or forging someone else’s) at the time of purchase. Later review of the credit card statement, however, may detect the fraudulent purchase.

As with invoicing schemes, those who committed the frauds were often in a position to approve their own purchases;, the same is often true with credit card schemes. A manager in one case, reviewed and approved his own credit card statements. This allowed him to make fraudulent purchases on the company card for approximately two years.

Finally, there is, the fraudster who buys items and then returns them for cash. A good example of such a scheme is that in which an employee made fraudulent gains from a business travel account. The employee’s scheme began by purchasing tickets for herself and her family through her company’s travel budget. Poor separation of duties allowed the fraudster to order the tickets, receive them, prepare claims for payments, and distribute checks. The only review of her activities was made by a busy and rather uninterested supervisor who approved the employee’s claims without requiring support documentation. Eventually, the employee’s scheme evolved. She began to purchase airline tickets and return them for their cash value. An employee of the travel agency assisted in the scheme by encoding the tickets as though the fraudster had paid for them herself. That caused the airlines to pay refunds directly to the fraudster rather than to her employer. In the course of two years, this employee embezzled over $100,000 through her purchases scheme.