The Dishonest "Trusted Bookkeeper"
Signs of Internal Fraud, How to Respond and Investigate
By Michael S. Brown,1 CPA, CFE
In turbulent financial times, the tendency for honest employees to stray into fraudulent activities grows. Although newspaper headlines have historically focused on the large-scale corporate frauds (i.e., Enron, WorldCom, Tyco, HealthSouth, Madoff, and R. Allen Stanford, to name a few), fraud actually occurs in small and medium sized businesses most frequently. One of the most common types of fraud is defalcation, or misappropriation of assets. A defalcation can involve a misappropriation of cash, supplies, inventory or other tangible business property.
The “trusted bookkeeper” in a small to medium sized business generally has a close relationship with the owner/operator and wears many hats within the organization – i.e. accounts payable clerk, payroll clerk, accounts receivable clerk and controller. This lack of segregation of duties, along with other inadequate internal controls, creates many opportunities for fraud.In larger organizations, the “trusted bookkeeper” merely holds a different position such as the Chief Financial Officer, Controller or Accounts Payable/Receivable Manager.
This article will focus on small to medium sized organizations and discuss potential signs of internal fraud, how to avoid the “trusted bookkeeper” syndrome, what you need to consider when responding to a fraud scheme and suggestions on how to investigate potential subjects of a misappropriation.
Potential Signs of Internal Fraud
It is important that small business owners/operators are aware of the signs of a potential defalcation in order to prevent and/or detect fraud before it occurs or gets out of hand.In many cases it is only when the fraudster makes a mistake, becomes lackadaisical, or the business declines that frauds are typically discovered, at which time the monetary loss and potential reputational damage is already done.Thus, proactive vigilance for the following “red-flags” by the owner/operator is critical.
Generally speaking, employees found to be engaged in fraudulent activities shared these characteristics:2
- they are male between age 31 and 45
- they have a college or post graduate degree
- they have control issues and are unwilling to share duties
- they are extremely trusted and perform multiple roles within the business (i.e., the “trusted bookkeeper”);
- they do not take long vacations, or do not take their full year's allotment of vacation time for many years in a row;
- they have financial difficulties and/or are living beyond their means;
- they have a problem with drugs, alcohol or gambling; and
- they are guarded and unwilling to allow their work papers to be reviewed.
These characteristics are not meant to be used as a bright line test to determine if an employee is involved in a fraudulent act, but are merely signals that a problem may exist, or could eventually exist and should be investigated.
Risk factors that relate to financial statement misstatements arising from misappropriation can be classified into three categories:3
- Incentives/Pressures i.e. - personal financial obligations and adverse relationships between the entity and employees
- Opportunities i.e.- large amounts of cash on hand, small inventory items, inadequate internal controls
- Attitudes/Rationalizations i.e.- Disregard for internal control, behavior indicating displeasure or dissatisfaction with the company, and changes in behavior or lifestyle.
Some of these risk factors may also be present when misstatements arising from misappropriation of assets occur.
How to Avoid the "Trusted Bookkeeper" Syndrome
The key for any business owner to avoid the "trusted bookkeeper" syndrome is to have a strong system of internal controls in place. All business owners should understand that the purpose of internal controls is to foster reliable financial reporting, safeguard assets, and promote ethical conduct. As the saying goes, “the devil is in the details” and therefore it is imperative that a business owner project a no-nonsense approach to financial accounting and reporting and internal controls.
While implementing internal controls can be costly for an organization, especially a small business, ensuring the segregation of duties in the cash receipts and cash disbursements area is a critical internal control that no organization should overlook. For example, a small business owner should ensure that the requisition, approval and processing of all cash disbursement transactions are not performed by the same individual.In addition, controls must exist over the maintenance of vendor lists, especially the entry of new vendors, to decrease the likelihood that fictitious vendors are created and subsequently paid. Restricting and monitoring user access to the accounting systems via passwords and user activity logs as well as ensuring that the person responsible for recording vendor transactions cannot also edit or manipulate vendor lists is an important control that should be in place in every organization.
Regarding cash receipts, there are several simple procedures that can be performed to prevent the potential misappropriation of an asset. For example, remittances should be opened by a cashier in the presence of a responsible officer with checks immediately endorsed with a stamp stating “For Deposit Only”. Cash and checks should be kept in a locked and secure area until they can be deposited.Furthermore, the use of budgeting is not only a great planning tool for measuring actual results with forecasts, but unusual variances in business activity also provide a red flag which may require follow up inquiry.
Establishing a “tone at the top” that an effective control environment is a major priority of the company is another effective tool that a small business owner should employ to deter fraudulent activity as the mere presence of a future investigation can reduce the occurrence of fraudulent behavior. While time may not always permit a 100% review of all recorded transactions and related supporting documentation, the owner should always project his active oversight of the bookkeeping process by regularly requesting copies of the cash disbursement journals or of all checks and bank reconciliations. The business owner/operator should also know who his or her vendors are, routinely scanning the list of current vendors and requiring approval of new vendors.These procedures not only serve as useful controls to ferret out potential asset misappropriation schemes, but they also establish management's active participation in the control environment.
What You Need to Consider in Responding to a Potential Fraud Scheme
A business owner needs to determine if an incident or incidents require an internal inquiry or should be handed off directly to law enforcement or a local prosecutor.A lawyer and a forensic accountant should be contacted to assist in this determination since the decision to proceed must be supported by the available evidence.
The Forensic Accountant's Role
Forensic accountants are hired to investigate, analyze, interpret, summarize, and present complex financial information.A forensic accountant and/or damages expert could help – i.e. quantify the extent of the company's loss due to the fraud, gather evidence as to how the fraud was perpetrated and make suggestions as to how it can be prevented in the future.
It is important to note that once law enforcement or a prosecutor becomes involved, the business owner will most likely lose control of the investigation and that these third parties may not have the same priority to investigate the theft as the owner/operator because they have many other cases to address.Thus, business owners must take stock of the salient facts and what their ultimate objectives are regarding potential restitution and punishment for the perpetrator.Keep in mind that this is not a decision to be taken lightly as investigations (whether internal or external) can be time consuming and costly, and the likelihood of recovering the misappropriated funds or property may be remote.
Conducting an Investigation
If an internal investigation is decided upon, it must be conducted in a way that builds credibility with the company's own employees as well as with outside regulators, customers and the media.Counsel and experienced fraud investigators should be retained as soon as possible in order to ensure that any investigative steps exact to the specifications of the law and any documentary evidence is properly preserved.
A decision needs to be made early on identifying those responsible for the investigation – i.e. the business owner or manager, audit committee, internal audit department, board of directors, outside counsel, forensic accountant, or a combination of the above.This decision should be based on several factors such as the size of the potential fraud, the targets of the investigation, the ability to recapture stolen funds and the overall risks to the company.Once the decision is made, the responsible party should outline the scope of the investigation. Depending on the type of fraud, investigative efforts may include interviews with employees, vendors, and/or customers.A review of relevant records must also be undertaken.
The responsible person should also outline how evidence is to be preserved. Given that documentary evidence is the keystone to most civil litigations, it is important to address this issue early on in the investigation.To this end employees should be alerted to preserve relevant documents, including electronic evidence. The investigator may also want to consider hiring a firm qualified in computer forensics and electronic discovery if a significant amount of electronic evidence exists.Computer forensics can help to find hidden, or hard to find data and recreate critical computer related events.A firm experienced in using computer forensics will also ensure the integrity of the evidentiary chain of custody.
Conducting an Interview
The interview process is in many respects an art form. It is a complex moving vehicle that can take many forms depending on the scope of a particular investigation.The process requires highly qualified and experienced investigators to control the questioning and record the witness's answers, as well as visual and sensory cues regarding the witness's body language and vocal inflections.
An overall interview strategy must be established, a list of questions developed, and an effective and efficient plan of action commenced.However, the interviewer also needs to be flexible keeping in mind that no two interviews will be the same.It is difficult to know if someone is involved in the fraud until you begin your investigation. One interviewee may want to tell you what they have done, while another will not tell you anything and is only looking to find out what you know.The interviewer has to have the ability to gain quality information and cause the interviewee to respond, in order to detect deception. The interviewer also needs to keep in mind that once the investigation and interview process has begun, you may have only one chance to interview a person.
For these reasons, it is essential for management to engage an experienced professional who has conducted many fraud-related interviews.Marcum has professionals with years of experience interviewing witnesses regarding employee theft in large and small businesses involving company funds, inventory, and other types of assets and interests.
If an internal control environment does not exist, management is gambling that employees will behave ethically which, unfortunately, is not always the case.Best practices dictate that management should maintain established internal control policies and procedures, such as segregation of duties and regular evaluation of the effectiveness of all preventative measures that are in place. Business owners and operators should also monitor for the early warning signs to aid in the detection of employee fraud detailed in this article.
Experienced professionals, such as those in Marcum LLP's Advisory Services Group, are available for assistance with the vast array of controls and techniques available for preventing and detecting employee fraud. If you can only remember one thing from this article, I suggest that you keep your friends close and your bookkeeper even closer!1 Michael S. Brown is a Director in Marcum LLP’s Advisory Services Group’s New York office.
2 Association of Certified Fraud Examiners 2010 Report to the Nation on Occupational Fraud and Abuse.
3 Statement on Auditing Standards No. 99.