Corporate Fraud

Case Studies in Detection and Prevention

JOHN D. OGARA

John Wiley & Sons, Inc.

ffirs.qxd 1/6/04 8:54AM Pageiii

Innodata0471656178.jpg

ffirs.qxd 1/6/04 8:54 AM Page vi

Corporate Fraud

ffirs.qxd 1/6/04 8:54 AM Page i

ffirs.qxd 1/6/04 8:54AM Pageii

Corporate Fraud

Case Studies in Detection and Prevention

JOHN D. OGARA

John Wiley & Sons, Inc.

ffirs.qxd 1/6/04 8:54AM Pageiii

This book is printed on acid-free paper.

Copyright 2004 by John Wiley & Sons. All rights reserved.

Published by John Wiley & Sons, Inc., Hoboken, New JerseyPublished simultaneously in Canada

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying,recording, scanning, or otherwise, except as permitted under Section 107 or 108 ofthe 1976 United States Copyright Act, without either the prior written permission ofthe Publisher, or authorization through payment of the appropriate per-copy fee tothe Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923,978-750-8400, fax 978-750-4470, or on the web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department,John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, 201-748-6011, fax 201-748-6008, e-mail: permcoordinator@wiley.com.

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this bookand specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives orwritten sales materials. The advice and strategies contained herein may not be suitablefor your situation. You should consult with a professional where appropriate. Neitherthe publisher nor author shall be liable for any loss of profit or any other commercialdamages, including but not limited to special, incidental, consequential, or otherdamages.

For general information on our other products and services, or technical support,please contact our Customer Care Department within the United States at 800-762-2974, outside the United States at 317-572-3993 or fax 317-572-4002.

Wiley also publishes its books in a variety of electronic formats. Some content thatappears in print may not be available in electronic books.

Printed in the United States of America

ISBN 0-471-49350-3

10 9 8 7 6 5 4 3 2 1

ffirs.qxd 1/14/04 12:30 PM Page iv

http://www.copyright.com

v

About the Author

John D. (Jack) OGara is retired Senior DirectorAudit for a Fortune 250multi-industrial company. OGara has managed internal audit departmentsfor three Fortune 250 companies for multiple decades. Prior to that, hespent six years in Big Eight (at that time) public accounting, including con-sulting and two years international residency in Brussels, Belgium, and inKuwait. He was president of the Central Ohio chapter of the Institute ofInternal Auditors (IIA) in 19992000, and was the conference chairman forthe IIA 2000 Central Regional Conference. He is currently on the IIA Cen-tral Ohio chapter board of governors.

OGara is currently developing an interactive online case-study-basedversion of the types of management fraud and corruption depicted in thisbook and has presented seminars on the topic of management fraud. Hesays that a fraud investigation while he was in public accounting sparked hisinterest in management fraud; it has been his avocation as well as his voca-tion ever since. As such, he has maintained continuing correspondence withmajor fraud practitioners for the last 20 years and has drawn from that cor-respondence in presenting certain cases herein.

ffirs.qxd 1/6/04 8:54 AM Page v

ffirs.qxd 1/6/04 8:54 AM Page vi

vii

About the Institute of Internal Auditors

The Institute of Internal Auditors (IIA) is the primary international profes-sional association, organized on a worldwide basis, dedicated to the promo-tion and development of the practice of internal auditing. The IIA is therecognized authority, chief educator, and acknowledged leader in standards,education, certification, and research for the profession worldwide. The Insti-tute provides professional and executive development training, educationalproducts, research studies, and guidance to more than 80,000 members inmore than 100 countries. For additional information, visit the Web site atwww.theiia.org.

ffirs.qxd 1/6/04 8:54AM Pagevii

ffirs.qxd 1/6/04 8:54AM Pageviii

ix

Preface

Approximately 80 percent of this book had been drafted prior to Enronexploding on the national consciousness. My initial emphasis was exclu-sively on major management fraud against the organization, which wouldexclude financial reporting. After Enron, I held up: I thought the interest inmanagement non-financial-statement fraud would be diminished, if noteclipsed. Moreover, I felt that the developing Enron saga might render thecollected case studies paltry in comparison.

As the Enron story unfolded, however, it became clear that nothing thatI had written needed to change: the Enron case had all of the elements anddynamics discussed herein because it was first an overarching managementfraud and only secondly a financial-reporting fraud. On February 11, 2002,the Business Roundtable commented that Enron . . . appears at this pointto derive fundamentally from a massive breach of trust [emphasis ours]which is what all management fraud ultimately entails.

I had originally intended to omit fraudulent financial reporting, notbecause it was insignificant, but because so much on the topic was alreadyavailable in the professional literature. The day after I presented the dynam-ics of management non-financial-statement fraud to the IIA InternationalConference, however, the WorldCom Accounting 101 fraud hit the newsand brought home the interrelationship of all elements of managementfraud. To consider one element of management fraud more important thanany other is to miss the point: Major management fraud is all about leverag-ing positional power and is an interrelated top-down phenomenonfraud forthe organization leads to fraud against the organization, and vice versa.

Consequently, senior management financial-reporting fraud for andoperating-management fraud and corruption against the organization arenot independent. Moreover, the forensic auditor of the future will identifysymptoms of both by way of continuous monitoring using information

fpref.qxd 1/6/04 8:55 AM Page ix

technology to identify the footprints and early warnings available in the dataof the organization. Although operating-management corruption typicallyoccurs off the books, continuous monitoring symptoms will be recognizablein the data available within the organizations records once a market per-spective is established.

Thus, I have broadened the focus to include corporate governance andtop-level forensic issues, as well as other aspects of fraud for the organization.Although this is not about Enron or WorldCom, you will find much aboutthe Enron and WorldCom dynamics reflected in the concepts illustrated bythese case studies.

The primary fraud role of the internal audit function is recognition ofthe symptoms indicating that fraud may have occurred. Since major man-agement fraud involves leveraging positional power more than it involvestaking advantage of internal control weaknesses, effective recognition re-quires a management as well as an accounting perspective. Recognition ofmajor management fraud is an art rather than a science, and it depends ona principle-based understanding of the dynamics.

In keeping with the principle-based aspect of recognition, I have startedthe sections devoted to the particular fraud classification with a discussion ofthe concept behind that type of fraud. Then, I present a brief discussion ofthe principles, followed by a list of specific symptoms and an illustrative casestudy (or studies).

The case studies are totally fictional. None of them happened as depictedherein, although all could have happened as so portrayed. The cases aredesigned to illustrate the principles and concepts of their respective sections,as well as to entertain. The characters, events, and incidents are drawn fromthe authors imagination and are not to be construed as real. Any resem-blance to actual events or persons, living or dead, is entirely coincidental.

x P R E F A C E

fpref.qxd 1/6/04 8:55 AM Page x

xi

Contents

C H A P T E R 1 Overview 1

Varieties of Fraud/Perspective 1More Than Fraudulent Financial Statements 5Emphasis: Recognition and Detection

Case Studies 6Major Management Fraud Is Different 7

C H A P T E R 2 Perspective (ACFE Studies) 11

1996 and 2002 ACFE Reports to the Nation 11Breakdown of Estimated Total Occupational

Fraud Loss by Major Category 15Classifications 17

C H A P T E R 3 Management Fraud against the Organization (General) 21

Characteristics 21Major Symptoms of Management Fraud 22Opportunities Afforded by the System

for Performance Accountability 24

C H A P T E R 4 Red Flags of Management Fraud 27

Six Major Fraud ProfilesCommon Elements 27Red Flags of Management Fraud 28

ftoc.qxd 1/6/04 8:55 AM Page xi

Contrast with Nonmanagement Fraud 29Bullet-Proof and Invisible Leads to Flaunting 30

C H A P T E R 5 Fraud against the Organization (Corruption) 33

Middlemen 33Real Estate/Related Parties 43BriberyContracting/Subcontracting/Leasing 47Outsourcing 60Manipulation of Performance Bonuses/

Co-opting Others 65

C H A P T E R 6 Fraud against the Organization (Asset Misappropriation) 71

Various General Accounting-Cycle Fraud Symptoms 71

Vendor BillingsFalse Invoices/Phantom Vendor (Shell Company) 72

Other Disbursement Fraud 79Inventory 83Skimming/Cash Receipt Misappropriation Fraud 87

C H A P T E R 7 Fraud for the Organization 95

Financial Reporting 95Money Laundering/Illegal Practices 104International Arena 111Price-Fixing/Bid Rigging 118Commercial Bribery 122

C H A P T E R 8 Methodology: Detection/Investigation 131

DifferencesManagement versus Employee Accounting-Cycle-Type Fraud Detection/Investigation 131

Recognition/Detection 132

xii C O N T E N T S

ftoc.qxd 1/6/04 8:55 AM Page xii

Detection/Investigation 134Investigation 137

C H A P T E R 9 CAAT Scans for Scams 143

Middlemen/Related Parties 144Top-Down Forensic Monitoring 145Telltale Debits of Misappropriation 146Bank Accounts/Addresses 148

C H A P T E R 1 0 Conclusion 149

Low Frequency of Detection/Prosecution versus Effective Prevention 149

Managerial as Well as Accounting Perspective 151History: Good Old Days 153Risk/Reward Dynamic 154Thoughts on Recent Accounting Scandals 158

A P P E N D I X A Practice Advisory 1210.A2-1: Identification of Fraud 165

A P P E N D I X B Practice Advisory 1210.A2-2: Responsibility for Fraud Detection 171

A P P E N D I X C Derivation: Management Non-Financial-Statement Fraud as a Percentage of Total Occupational Fraud Loss 173

A P P E N D I X D Percentage of Total Occupational Fraud Loss Attributable to Management Fraud 175

C O N T E N T S xiii

ftoc.qxd 1/6/04 8:55 AM Page xiii