Executive Fraud Blog

I recently came up with an idea to change the focus of this site to be an open source fraud software development project and it got me looking around at what is already out there. Risk IDS provides fraud prevention software specifically related to credit card fraud and other banking related transactions.

"Risk IDS is for prevention of fraud within, although not limited to, credit card companies, retail banks and financial service organizations. The system is unique as it binds together all of the duplication that exists within the management of all fraud types. The interaction is via a workflow system, which reduces the need for training of bank staff and increases audit. It can integrate with other systems thus reducing duplication further. Analysts write their own rules and workflows using a GUI. The system is multi language for many sites whilestoring information in a central database for all customer products."

CRM giant SAP is working with the Queensland University of Technology in Australia on software to hunt down fraudulent employee behaviour.

According to SAP, the new software will have the capacity to detect fraud in real time by analysing user behaviour for activities that might indicate fraudulent behaviour — such as creating a fake supplier or employee to divert company funds.

When a potentially fraudulent activity is discovered, the company is alerted and a manual investigation prompted.

The university said that the main source of current fraud detection is retrospective financial auditing, which enables any employees involved to change records of fraudulent transactions and cover their tracks before an audit.

Cash larceny is the theft of cash that has already been accounted for in the books. Since there generally is a paper trail it is considered to be one of the easiest frauds to detect and prevent through the use of internal controls. In this section, I'll discuss the different ways fraudsters can steal incoming cash.

1. Stealing Cash from the Register
Register theft is the most common form of cash larceny for the obvious reason that it is an easily accessible point of contact with cash receipts. At the time the cash is stolen from the register there already is a record of the transaction on the register tape. Register theft creates an imbalance between the cash in the drawer and the transaction totals on the register tape. In order to detect register theft it is necessary to reconcile both cash balances and track individual cashiers to ensure there are not employees that consistently have less cash in the drawer than cash balance on the register tape. Fraud prevention in this case is most effectively accomplished by informing employees of the reconciliation, assigning a password protected register to each cashier, and restricting the amount of cash present in the register with cash pickups.

2. Personal Check IOUs
This method of cash larceny is less effective in that it requires the fraudster to cover the balance with a personal check or transfer ticket that makes the cash balance reconcile. The biggest problem with this is that without removing the check the fraudster is no better off then when they began therefore they must find a way to prevent it from being cashed. Another inherent problem with this scheme is that the personal check can be detected by an observant employee that is reconciling the register. Companies should be create a policy that prevents employees from cashing their own checks therefore when they find one there is no reason it should be there unless there is a cash larceny scheme.

3. Reversing Cash Transactions
Reversing transactions is a way fraudsters can cover their tracks when committing register theft. By creating fraudulent returns or voids on the register they decrease the amount of cash that should be in the register and then they are able to steal the difference. Some schemes have involved the use of white out to change the cash balance on the register tape but if the tapes were properly examined it would be difficult to cover up the fraud. The easiest control to implement to prevent cashiers from having the ability to cover their tracks would be requiring a management override code in order to issue a refund or void.

For more on register theft check out Cash Larceny (Part 2)

Continued from Cash Larceny Part 1

4. Register Tape Removal
Stealing the register tape or destroying it would allow the employee to cover the amount of money that they were able to steal from the register. A big problem with this method is that there needs to be an explanation of what happened to the register tape when it turns up missing and it would be rather obvious if it were to happen repeatedly. In order to prevent this from happening companies could install surveillance cameras that are pointed to all the cash registers therefore creating a record to go back to verify what happened to the register tape.

5. Cash Count Alteration
During the reconciliation process it is important that the cash count is correct or there would not be a means of comparison for the register tape. In order to ensure that there is not the opportunity to manipulate the count it is important to segregate duties where the cashier who was operating the register is not the same person that is counting the cash. It is a red flag if you see someone that is working outside of their authorization with regards to counting cash, these employees should be monitored and reprimanded for handling the cash against corporate policy.

Cash larceny is a common problem in the retail business and it is important to maintain strict internal controls. A concern for top management would be that employees that are stealing from the registers could collude with their shift manager in order to conceal the fraud. As with all hiring it is important to conduct appropriate background checks on all employees that will be handling cash transactions.

Skimming is the removal of cash for a victim company before the transaction is entered into the accounting system. Since skimming is an off the books type of fraud (it is never recorded) there is no direct audit trail therefore making the fraud difficult to detect. The employees with an opportunity to commit skimming schemes are those who deal directly with customers or those that handle their payments. This article will cover the four main categories of skimming schemes and discuss some of the red flags for detection of the fraud.

Unrecorded Sales
The most common form of skimming is not recording the sale of goods but collecting the money from the customer. Despite controls such as register tape, managers, and surveillance equipment, employees may be able to manipulate the system in order to prevent fraud detection. In some examples of unrecorded sales, the fraudster manipulates the register tape so that it does not print on the tape when transactions are keyed into the system. A means of detection would be pre-numbering the system records so that if skimming were perpetrated when the fraudster turn the register tape back on there would be a break in the pre-numbered transactions. Companies should be specifically careful of unrecorded sales schemes with revenue streams that are difficult to monitor and generally unpredictable in value.

Understated Sales and Receivables
In these skimming schemes the customer receives a receipt that is for the total amount of the transaction but when the employee enters it into the system they record either a discount or a sale of lesser value. In order to cover their tracks they can manipulate carbon copies of the receipt by writing in their own amounts or generating false discount documentation. Fraud prevention is possible by requiring approval for sales discounts, checking receipts for alterations and tracking the history of cashiers' sales discounts.

Theft of Checks Through the Mail
In this particular scheme the sale has been recorded into the company's system but the payment on the receivable has not been received. The person in charge of receiving payment in the company physically steals the check and cashes it at the bank. If the employee is able to overcome the issues with cashing the checks such as endorsement and convincing the bank that the transaction is legitimate then they must deal with how to conceal the fraud when the customers balance becomes delinquent. If the employee is not careful the company will send late notices to customers that will likely result in complaints from customers with a copy of the canceled check. Fraudsters have gone around this by intercepting the notices or manipulating the address of the customer in order to reroute the mail. A major red flag for the opportunity to commit this scheme is when the employee that receives the mail is also the same person that has the job of recording the receipt. By properly segregating duties and marking all checks for deposit only, a company can easily reduce the potential of this skimming scheme.

Short-Term Skimming
The final category of short-term skimming is less about stealing the money than borrowing it in order to accumulate earnings from the time value of money. By delaying the receipt of payment the employee is able to use the funds for short term investments generating interest for the perpetrator. The means of obtaining access of the money could be any of the forms above but there is a clear distinction that in this case the money is eventually returned to the company and the only loss is the time value of that receipt. Red flags in this area would include a higher days sales outstanding ratio or unusual payment timing when compared to historical customer payment especially when looking at specific customers.

Fraud Prevention
Regardless of the method of skimming the most important means of prevention is establishing proper internal controls. Segregating duties and employee awareness of the company's policy on theft can eliminate the opportunity and rationalization of committing these frauds. When early detection fails skimming can lead to very costly losses and a corporate culture that ignores the signals of fraud.