THE VIRGINIAN-PILOT Copyright (c) 1995, Landmark Communications, Inc. DATE: Monday, October 2, 1995 TAG: 9509300212 SECTION: BUSINESS WEEKLY PAGE: 10 EDITION: FINAL TYPE: Cover Story SOURCE: BY TOM SHEAN, BUSINESS WEEKLY LENGTH: Long : 255 lines
Four times a year, a couple of dozen people gather for dinner at the Harbor Club in downtown Norfolk. Over coffee and dessert, members of the Association of Certified Fraud Examiners's Tidewater chapter listen to a guest speaker describe investigative techniques like tracking down revealing documents.
But for many of those attending, the best part of the evening is the conversation before dinner.
``If you have a problem with a case and need to bounce ideas off someone, this gives you additional opportunities,'' said Tony Markun, a NationsBank vice president and president of the chapter.``The members may tell you if they've dealt something similar.''
Organized in 1992, the chapter has become a network for sharing information about curbing fraudulent activity in the region.
Last year, a group from Northern Virginia began passing bad checks in Hampton Roads. Partly through the chapter's members, ``we got the word out,'' and the check passers eventually were caught, said David Miller, a special agent with the Virginia State Police and a past president of the chapter.
For years, fraud has been accepted as a routine cost of doing business. But sweeping changes in the business world have increased the exposure of some companies to fraud-related losses.
In the drive for greater efficiency, many companies have trimmed their payrolls. However, the downsizing often occurs without an adequate review of the company's internal controls for preventing fraud, said Michael D. Carey, a principal in the litigation and forensic services practices of accounting firm KPMG Peat Marwick.
``Those employees who remain are given many more tasks to handle,'' said Carey, who works in KPMG's Boston office. ``We've seen several cases where they simply cannot get all of the work done. The checks don't get done because there isn't enough time.''
For manufacturers, wholesalers and retailers, the pressures of keeping their inventories lean and speeding up deliveries have created opportunities for new types of fraud.
In the past, a company would match a purchase order with a receiving report and an invoice before paying for any goods it received. Today, some suppliers can tap into the electronic payment systems of large companies and collect their payment immediately.
If a supplier has inflated his request for payment, it could take much longer discover the overpayment, said Douglas E. Ziegenfuss, an associate professor of accounting at Old Dominion University and a founder of the local chapter of fraud examiners.
Partly because of the widespread reliance on computers to handle financial transactions, some spectacular cases of computer-related fraud have involved banks.
Earlier this year, U.S. banking giant Citicorp disclosed that a hacker in St. Petersburg, Russia, had broken into its computer system. Before his scheme was blocked, the hacker had transferred several million dollars belonging to Citicorp customers into accounts he controlled.
Still, the volume of fraud cases relying on computers has been modest, said Carey of KPMG. ``We've been expecting an increase in fraud in this area. So far, it hasn't come through in the statistics.''
In a 1994 survey of fraud at large U.S. companies, KPMG concluded that the most frequent occurrences of fraud involved credit cards, checks, and inventory thefts. The accounting firm drew on responses from 501 companies.
The use of false financial statements, the diversion of sales, kickbacks and phantom suppliers were not as common as other types of fraud, KPMG's survey determined. However, when these types of fraud did occur, ``the economic impact was far more significant,'' KPMG said.
Auditors and investigators acknowledge that individuals have become more creative in their schemes. ``If we know of 100 ways to steal from a company, they know of 102 ways,'' said Andrew M. Casey, a fraud investigator in Newport News who works with manufacturers and retailers in the region.
``The real fraudster is smart enough not to go for the big haul,'' Casey said. ``He will clip you for a little bit.''
To track down fraud, today's auditors and investigators rely as heavily on computers as their predecessors did on shoe leather and interviews. Miller of the Virginia State Police said his desktop computer ``is an absolutely essential tool.''
In addition to using a computer to comb data bases for clues, Miller often uses a spread sheet to organize the material he gathers. This makes it easier to convey the details of a complicated transaction through charts in the courtroom, said Miller, one of three certified public accountants on the Virginia State Police force.
Beginning with the looting of several savings and loan associations during the mid-1980s, reports of business fraud have become a staple of business news.
Last week, a major Japanese bank disclosed that it lost more than $1 billion in its New York office due to an employee's unauthorized bond trading. For more than a decade, the Daiwa Bank employee had concealed his unauthorized trading of government securities by manipulating trading documents.
Meanwhile, a former executive at Archer Daniels Midland Co. stands accused of stealing millions of dollars from the commodities-processing company through the use of phony invoices. The former executive had been an informant in an federal antitrust investigation of Archer Daniels Midland when the company made its allegations of fraud.
Yet many companies have been reluctant to take evidence of fraud to law enforcement agencies. That's partly because of the cost of an investigation and the prospect of unfavorable publicity, said Casey, the Newport News investigator.
When companies do take their evidence to law enforcement officials, they may find prosecutors reluctant to pursue their case.
``The legal system is overworked,'' so fraud cases have to compete with violent crimes for prosecutors' attention, said ODU's Ziegenfuss.
Before earning a doctorate in accounting and embarking on a teaching career, Ziegenfuss had worked as an internal auditor for an electric utility and pursued instances of embezzlement and employee theft.
Partly at the urging of auditors he had worked with, Ziegenfuss brought together a group of accountants and investigators three years ago to form the local chapter of the Association of Certified Fraud Examiners.
The association, based in Austin, Texas, provides continuing-education materials for fraud investigation and awards the Certified Fraud Examiner designation, which requires a combination of work experience and examinations.
From 10 members in 1992, the local chapter has grown to 25. About a third of the members are internal auditors. Another third are investigators, and the remaining third work for law enforcement agencies.
Miller, another of the chapter organizers, brought a background of auditing and criminal investigation experience to the organization.
The Iowa native worked for a large regional accounting firm in the Midwest and for farm equipment manufacturer Deere & Co., before becoming an FBI agent.
For four of his six years in the FBI, Miller worked in New York City investigating the financial activities of a Hells Angels chapter, a Sicilian heroin ring and other drug-related enterprises.
These groups bought small companies that dealt only in cash as a way to mix their funds from criminal activity in with money from legitimate business, Miller said.
``The attraction for me was that money laundering is hard to detect and penetrate,'' he said. ``But that's the pipeline for a criminal enterprise. That's where they have their capital, and interrupting it is like cutting the gas line to an engine.''
In the corporate world, many managers still do not realize the scope of the fraud problem, said KPMG's Carey.
``Fraud is a fact of business life, but it's not something to be brushed under the carpet,'' he said. ``People who commit fraud need to believe that the chances of being caught are high.''
Markun of NationsBank said the Charlotte-based company has been more aggressive at monitoring those operations vulnerable to fraud and looking for patterns of possible fraud.
``We used to wait for losses to happen before we acted,'' he said.
However, strong internal controls won't prevent fraud unless they are applied, said Markun, who has been examining instances of bank fraud for 20 years.
One case of bank fraud in the region - the fabrication of loans by a branch manager - flourished for 10 years before it came to light, he recalled.
The bank had put too much trust in the manager and failed to follow up on several warning signs, including sloppy documentation of the branch manager's loans.
``When somebody gets you to trust them, they can manipulate you,'' Markun said.
To control fraud requires a healthy skepticism, he added. `` Don't always accept things at face value.'' ILLUSTRATION: [Cover]
FRAUD COPS
Illustration by JOHN EARLE/Staff
[Color Photos]
RICHARD L. DUNSTON/Staff
Many companies are reluctant to report fraud to law enforcement
agencies, says Andrew M. Casey, a fraud investigator in Newport
News.
LAWRENCE JACKSON/Staff
If a supplier inflates his request for payment, it could take much
longer to discover the overpayment, says Douglas E. Ziegenfuss,
associate professor of accounting at ODU.
TIPS ON CONTROLLING FRAUD:
Hire reliable employees.
Don't trust one's instinct when interviewing job applicants. A
measure of skepticism is always essential.
Know your employees and be aware of sudden changes in their
behavior.
``When they drive a Ferrari to work or take an expensive
vacation, you want to know why,'' Douglas E. Ziegenfuss, an
associate professor of accounting at Old Dominion University.
GUARD VALUABLE INFORMATION:
Don't give out bank account numbers or telex numbers
indiscriminately, said Robert Warren, a member of the Tidewater
chapter of the Association of Certified Fraud Examiners.
SEGREGATE RESPONSIBILITIES:
A small company with a tiny work force opens itself up to fraud
by having a single worker handle several bookkeeping and financial
tasks.
The thinking is: ``Jane is a very good worker, so let's give her
more duties,'' said Ziegenfuss. ``Why don't we let her make the bank
deposits? Why don't we let her post the accounts and handle bank
reconciliations at the end of the month?''
DEFINE WHAT IS ACCEPTABLE:
Some measures used by financial institutions to prevent fraud
won't work for manufacturers or retailers. But whatever the company,
responsibility starts at the very top.
The senior management has to regard fraud as a constant risk,
said Michael D. Carey, a principal in the litigation and forensic
services practices of accounting firm KPMG Peat Marwick.
The senior management also has to define the company's ethical
tone, Carey said. ``Make sure there is an environment that says:
`This is what is allowed,' and `This is what isn't allowed.' ''
ILL-GOTTEN GAINS
In a report due to be released today, the Association of
Certified Fraud Examiners and accounting professors from two Texas
universities estimated that fraud and fraud-related abuses by
employees cost companies, government agencies and other
organizations in the United States more than $400 billion annually.
``The average organization loses about 6 percent of its total
annual revenue to fraud and abuses committed by its own employees,''
according to the study.
KPMG FRAUD SURVEY
How were the incidents of fraud discovered?
Internal controls: 52 percent
Notification by an employee: 51 percent
Internal auditor review: 47 percent
Specific investigation by management: 42 percent
Notification by a customer: 34 percent
How did the fraud occur?
Poor internal controls: 59 percent
Management override of internal controls: 36 percent
Company in an industry vulnerable to fraud (e.g. insurance,
financial services, retailing): 34 percent
Collusion between employees and third parties: 33 percent
Collusion between employees or management: 23 percent
What steps have been taken to reduce the possibility of fraud?
Reference checks on new employees: 70 percent
Reviewed and improved internal controls: 47 percent
Increased focus of senior management on the problem: 40 percent
Employee contracts: 34 percent
What steps are you planning to take to reduce the possibility of
fraud?
Review and improve internal controls: 34 percent
Training courses in fraud prevention and detection: 21 percent
Fraud audit: 16 percent
Reference checks on new employees: 10 percent
48 percent of the companies said there were red flags pointing to
the possibility of fraud. Red flags either ignored or not acted upon
quickly enough by personnel or management included:
Changes in an employee's lifestyle, spending habits or behavior.
Internal controls were poor or ignored.
Inadequate follow-ups on irregular variances in financial
information.
Inventory shortages.
Results of internal/external audits or reviews were ignored.
Source: 1994 Fraud Survey of 501 U.S. companies by KPMG Peat Marwick
Foresic and Investigative Services
by CNB