Employers lose 6% of
their annual revenues
to employee fraud, waste and abuse – this translates to total losses
of $660 billion when applied to US Gross Domestic Product for
2003.
-
The Association of Certified Fraud Examiners’ (“ACFE”)
2004 Report to the
Nation
How can McGovern & Greene LLP
assist your organization
in mitigating this real and significant risk?
The
Proactive
Procurement Fraud Prevention Model (“Model”) is designed for those
organizations that wish to stem the rising tide of internal fraud. A
product based upon many years of audit and fraud examination of procurement
and accounts payable systems, the Model’s four step process can
significantly reduce the risk of fraud within these functions.
McGovern & Greene can assist your organization in its implementation.
Step
One – Systems Analysis
An analysis
of your Organization’s System of Internal
Controls, Policies and Procedures over the procurement and disbursement
functions is completed, with a focus on opportunities for compromise and
fraud.
The process is then
flowcharted and evaluated using a fraud risk questionnaire specifically
designed to identify fraud opportunities.
Unfortunately, many
processes and systems do not function as portrayed. Therefore, it is
necessary to perform tests of the system to insure compliance with the
understanding obtained during the flowcharting process. Identifying the
controls that exist, determining that controls operate properly and
understanding which controls are periodically overridden are all goals of
system testing. Interviews of key employees can be of significant benefit
in understanding potential areas of compromise. Subsequent to completion of
testing, key control points are identified, including, but not limited to:
- Segregation of Duties
- Supervisory Controls
- Receiving Controls
- Authorization/Approval Controls
- Reconciliation
Controls
- Recording Controls
A written report will
be prepared, identifying significant weaknesses, if any, in the process and
providing recommendations for improvement as identified. The ACFE study
concluded that improvement in an Organization’s System of Internal Controls
is the Number 1 method in reducing fraud.
Step Two – Policies,
Communication and Training
Communication and
training contributes significantly to reducing the potential for fraud
within an Organization. Should an Organization not have an Employee
Standards of Business Conduct or an Ethics Policy in place, one must be
implemented. These policies should be designed to clearly communicate to
employees the specifics of legal and acceptable behavior as they fulfill
their organizational duties. Unfortunately many policies lack specifics and
may not adequately address that which may arise. The Model recommends that
such guidelines be written to conform to a set of Best Practices which have
been developed as part of the Model’s implementation.
Mandatory training for
all employees regarding Conduct and Ethics policies is essential in teaching
them to be alert to the red flags which may signal the potential for
fraudulent activity. Training should be conducted annually, with employees
signing an acknowledgement form with regard to their understanding of, and
commitment to, Conduct and Ethics policies.
The Organization’s
vendor community must be aware of these policies, as well. It is
recommended that an abridged version be sent to each vendor at lease
annually. The vendor mailing should contain a tear-off acknowledgement form
that will be returned to the appropriate department within the
Organization. These forms should be retained in the event there is an
“incident” at some point involving individual vendors.
The ACFE Report found
that over 46% of frauds were discovered through tips. Toward that end, the
Organization must establish an independent, anonymous system that allows for
the reporting of suspicious activity. Employees are often reluctant to
confide in fellow employees or supervisors, yet the ACFE Report found that
60% of fraud tips were offered by employees when a third-party reporting
system was employed.
Step Three – Data
Mining
The Fraudster in the commission of his crime often uses computers. The
Computer is also a very effective weapon in combating fraud within an
Organization. Over time, sophisticated data mining techniques have been
developed to identify indicators of fraud within the procurement system.
Data rich environments are ideal for continuous monitoring. McGovern &
Greene LLP and its strategic partner, Automated Auditors, LLC have developed
proprietary data mining software to identify fraud indicators.
Employee Master and
Earnings Files
The model focuses not
only on procurement systems, such as accounts payable and purchasing
documents, but employee information files as well. The master employee
files generally contain identifier information for the Organization.
Comparisons of addresses, tax identification numbers and telephone numbers
between the Master Employee File and like information found in the Master
Vendor File may lead to discovery of Conflicts of Interest situations and
fictitious vendors.
Many fraudsters in the
commission of their crimes form fictitious businesses to receive the “fruits
of their crimes”. It is not unusual that the fraudster reports these
activities on their income tax returns and have additional taxes withheld
from their paychecks to pay these taxes. An analysis of net earnings as a
percentage of gross earnings will reveal those employees.
Master Vendor File
An Organization’s
Master Vendor File is an often overlooked and extremely important control in
fighting fraud. It contains information used in processing disbursements of
the Organization’s cash and provides the Fraudster with plenty of
opportunities. McGovern & Greene’s Data Mining techniques can be used to
detect various fraud schemes. Many of the tests are designed to locate
fictitious companies such as address comparisons to employees, Postal Box
and Mail Drop addresses. Examinations of existing audit logs for address
changes may reveal other schemes. Another benefit of finding duplicate
addresses is it provides a method for “cleaning up” the file of duplicate
vendor entries.
Vendor
Invoice/Payment History Files
Analyses of these files
search for anomalies in amounts, invoice numbering, unusual period changes
and other red flags of fraud. The data mining techniques also use
Benford’s Law that focuses on the frequency of
numbers in large data sets to find unusual patterns that may be indicative
of fraud. Examinations of large and unusual amounts are also performed.
Organizations often
establish risk levels such as all checks less than $10,000 are “machine
signed”. Fraudsters learn of these levels and construct their schemes to
target amounts just below these levels. Therefore, an effective data mining
method used by McGovern & Greene is to examine those amounts.
Purchase Order File
Data mining of the
Purchase Order file may lead to other indicators of fraud such as increasing
unit prices, unusual amendments and different ship to addresses. Purchase
Order files may also be mined to look for patterns of orders,
requisitioners, non-compliance with policies and
other anomalies.
Step four – The Vendor
Audit
Performing a detailed vendor audit is the most effective means to discover:
•
Fictitious (“Shell”) Companies
•
Corruption Schemes
•
Vendor Frauds
An additional byproduct
of this process is building effective and trusting relations with the
Organization’s Vendors. In the Model the Vendor Audit is used as an
investigative step when fraud is suspected.
Vendor Research
Prior to performing the
vendor audit, intelligence needs to be gathered as to the Vendor’s business,
organization and principals. The Model recommends that searches be
performed of public records, Dun & Bradstreet, the Internet and other
sources to gain an understanding of the Vendor and its principals. McGovern
& Greene’s forensic accountants regularly scour information sources for
these investigative leads. It is not unusual to find circumstantial
evidence from the research that enhances the fraud examination.
Forensic
Examination of Vendor Documents
Prior to the Vendor
Audit, A detailed forensic examination of the Vendor’s documents in the
possession of the Organization is performed. The examination focuses on
errors, anomalies, or other irregularities contained in these documents.
Like the research discussed above, circumstantial evidence may be found
during the examination.
Onsite Examination
The onsite examination
focuses on the credibility of the Vendor. A combination of interviewing and
document examination techniques often leads to a confession if wrongdoing is
involved. Depending on the case, the Model suggests a number of procedures
to be performed.
