fraude magazine.pdf

Vol. 27, No. 1, January/February 2012

A P U B L I C AT I O N O F T H E A S S O C I AT I O N O F C E R T I F I E D F R A U D E X A M I N E R S

THE

Tell-Tale Signs ofof DeceptionPLUS Fraud in Houses of Worship, PG. 18 Collegiate Athletics Fraud, PG. 24 Overachieving Fraud, PG. 36 Data Breaches, Part 3, PG. 40

If Every Employee and Supplier Displayed Model Behavior…

©ACFE 2010. All Rights Reserved

In a perfect business world, every employee and third-party supplier would display model business behavior, and therewould be little need for anti-fraud programs. But, in the real business world, occupational fraud and abuse are prevalent.So, businesses must implement anti-fraud programs to protect themselves from financial, legal and reputational harm.

Tips are the leading source of fraud detection − and fraud hotlines are a leading source of tips. So, turn to EthicsLine®, the official hotline of the ACFE.

The EthicsLine package includes:

• Hotline (telephone, web, mobile) for report intake• Case Management (web and mobile) for online

investigation management• Analytics for tracking and trending• Communications Campaign Materials to communicate

when and how to report observed business misconduct

EthicsLine is now powered by Global Compliance

888-782-4769 • [email protected] • www.EthicsLine.com

* 2010 ACFE Report to the Nations on Occupational Fraud and Abuse

Where a fraud hotline was inplace, the average duration of a fraud scheme was reduced by7 months, and the median loss was reduced by 59%.*

1

JANUARY/FEBRUARY 2012 | VOLUME 27 | NO. 1

30 The 10 Tell-Tale Signs of DeceptionThe Words RevealBy Paul M. Clikeman, Ph.D., CFESuspects and witnesses often reveal more than they intend through their choices of words. Here are ways to detect possible deception in written and oral statements.

COVER STORY

FEATURED ARTICLES

Fraud in Houses of WorshipWhat Believers Do Not Want to Believe By Robert M. Cornell, Ph.D., CMA, Educator Associate; Carol B. Johnson, Ph.D., Educator Associate; and Janelle Rogers HutchinsonHouses of worship are particularly vulnerable to fraud, but most feel they are impervious. The authors provide reasons why churches feel so bulletproof and seven practical steps fraud examiners can use to help churches stop fraud in its tracks.

Fraud in Collegiate Athletics When Major League Money Meets Little League ControlsBy Herbert W. Snyder, Ph.D., CFE; and David O’Bryan, Ph.D., CFE, CPA, CMAA major, multimillion sports ticket fraud at the University of Kansas highlights how CFEs can help convince administrators and boards to reassert control over their athletics departments. The answer could be independent oversight.

18

24

2 Fraud-Magazine.com

Overachieving Fraud Wolves in Sheep’s ClothingTargeting Top-Performing Employees Gaming the Bonus SystemBy Jeffrey Horner, CFE, CRCMPFollow this CFE consultant as he uncovers top collection reps at a business call center who infl ated their performances for more money and job advancement.

Breaking Breach Secrecy, Part 3Analysis Shows Entities Lack Strong Data Protection ProgramsBy Robert E. Holtfreter, Ph.D., CFE, CICA; and Adrian HarringtonThe authors’ analysis of data-breach statistics shows that organizations poorly protect personal data. Pos-sible solution: U.S. federal rules for guidance in devel-oping comprehensive data protection programs.

36

40

COLUMNS & DEPARTMENTS

4 From the President & CEO Supporting Our International Chapters By James D. Ratley, CFE

6 Digital Fingerprints Anything You Say Can and Will be Used Against You! By Jean-François Legault

8 Fraud’s Finer Points Using an Organization’s Credit to Commit Fraud, Part 1 By Joseph R. Dervaes, CFE, ACFE Fellow, CIA

12 Fraud EDge Get Involved in Higher Education: Opportunities for CFEs in Educating Future Fraud Fighters By Gerhard Barone, Ph.D.; Sara Melendy, Ph.D., CFE, CPA; and Gary Weber, Ph.D. Edited by Richard “Dick” A. Riley, Ph.D., CFE, CPA

16 FraudBasics ‘Check 21’ Can Make Fraud Easier: Be Alert to Changes in Technology By Linda Lee Larson, DBA, CFE, CPA, CISA

52 Case in Point He Milked it For All it Was Worth: A Dairy Farm Bankruptcy Fraud By Roger W. Stone, CFE

56 Taking Back the ID Fraudsters Claiming Victims Via Payday Loan and LinkedIn Scams By Robert E. Holtfreter, Ph.D., CFE, CICA

58 Global Fraud Focus Chinese Stock Investment Fraud? Separating Fact from Fiction By Tim Harvey, CFE, JP; and Richard Hurley, Ph.D., J.D., CFE, CPA

60 Meet the Staff Improving Members’ Lives By Cora Bullock; Photo by Christi Thornton- Hranicky, CFE

62 ACFE News

70 CPE Quiz• Earn CPE Toward Renewing Your CFE Credential.

January/February 2012 3

EDITORIAL ADVISORY COMMITTEEJonathan E. Turner, CFE, CII, chair; Larry Adams, CFE, CPA, CIA, CISA, CQA, CSP, CCP; Emmanuel A. Appiah, MBA, CPA, CFE; Richard Brody, Ph.D., CFE, CPA; Jean-Pierre Bruderer, Ph.D., CFE; Jeimy J. Cano, Ph.D., CFE, CAS; Linda Chase, CPA, CFE; Franklin Davenport, CFE; David J. Clements, CFE; Craig Ehlen, Ph.D., CFE, CPA; Ellen Fischer, CFE, CIA; Peter D. Goldmann; Allan F. Greggo, CFE, CPP; Robert Holtfreter, Ph.D., CFE; Peter Hughes, Ph.D., MBA, CFE, CIA, CPA; Cheryl Hyder, CFE, CPA, CVA; Robert Kardell, CFE, CPA; Thomas Cheney Lawson, CFE, CIA; Philip C. Levi, CFE, CPA, FCA; Larry Marks, CFE, CISA, PMP, CISSP, CSTE; Michael A. Pearson, D.B.A., CFE, CPA, CMA; Marilyn Peterson, CFE, CCA; Laura M. Preston, CFE; Herbert Snyder, Ph.D., CFE; Scott Strain, CFE; Karen Forrest Turner, Ph.D., Educator Associate

2011-2012 BOARD OF REGENTSJohnnie R. Bejarano, DBA, CFE, CPA; Lt. Col. Robert J. Blair, CFE, CGFM; Cynthia Cooper, CFE, CISA; Bruce Dorris, J.D., CFE, CVA, CPA; Joseph L. Ford, CFE; John Warren, J.D., CFE

Fraud Magazine (ISSN 1553-6645) is published bimonthly by the Association of Certifi ed Fraud Examiners, 716 West Avenue, Austin, TX 78701-2727, USA ©2012 All rights reserved. Periodical Postage Paid at Austin, TX 78701 and at additional mailing offi ces.

POSTMASTER: Please send address changes to:

Fraud MagazineACFE World Headquarters • The Gregor Building 716 West Avenue • Austin, TX 78701-2727, USA

(800) 245-3321 • +1 (512) 478-9000Fax: +1 (512) 478-9297

Subscriptions: ACFE members: annual membership dues include $20 for a one-year subscription. Non-members in U.S.: one year, $55. All others: one year, $75. Member-ship information can be obtained by visiting ACFE.com or by calling (800) 245-3321, or +1(512) 478-9000. Change of address notices and subscriptions should be directed to Fraud Magazine. Although Fraud Magazine may be quoted with proper attribution, no portion of this publication may be reproduced unless written per-mission has been obtained from the editor. The views expressed in Fraud Magazine are those of the authors and might not refl ect the offi cial policies of the Associa-tion of Certifi ed Fraud Examiners. The editors assume no responsibility for unsolicited manuscripts but will consider all submissions. Contributors’ guidelines are available at Fraud-Magazine.com. Fraud Magazine is a double-blind, peer-reviewed publication.

To order printed or electronic reprints, visit fraud-magazine.com/reprint-request.aspx or

email [email protected].

ADVERTISING COORDINATORRoss Pry

(800) 245-3321 • [email protected]

Association of Certifi ed Fraud Examiners, ACFE, Certifi ed Fraud Examiner (CFE), the ACFE Seal and Fraud Magazine® are trade-marks owned by the Association of Certifi ed Fraud Examiners Inc.

Dick CarozzaEditor-in-chief

Cora BullockAssistant Editor

Katie FordContributing Editor

Helen PryorArt Director

Aimee JostCirculation Manager

Mark Scott, J.D., CFELegal Editor

Journal of the Association of Certifi ed Fraud ExaminersVolume 27, No. 1, January/February 2012

John D. Gill, J.D., CFEPublisher

23rd Annual Fraud & Exhibition

Advanced Fraud Examination Techniques

Auditing for Internal Fraud

CFE Exam Review Course

Conducting Internal Investigation

Contract and Procurement Fraud

NEW! Data Analytics

Digital Forensics Tools & Techniques

Financial Institution Fraud

Financial Statement Fraud

Fraud Prevention

Fraud Related Compliance

NEW! Fraud Risk Management

Healthcare Fraud

Interviewing Techniques for Auditors

Introduction to Digital Forensics

Investigating Conflicts of Interest

Investigating on the Internet

Legal Elements of a Fraud Examination

Money Laundering: Tracing Illicit Funds

Mortgage Fraud

Principles of Fraud Examination

Professional Interviewing Skills

UPCOMING CONFERENCES

2012 ACFE European Fraud Conference

TRAINING EVENTSRegister at ACFE.com/Training

UPCOMING COURSES

COMBO EVENT SAVE $100 by registering for both events!


t the end of October and beginning of November, I spent a whirlwind two weeks attending our Asia-Pac Conference in Singapore and meeting with our chapters in Singapore, Jakarta, Hong Kong, Shanghai, Beijing and Mexico City. I thor-

oughly enjoyed getting to know many of you and learning about your unique fraud-related issues.

HOPPING CONTINENTSInternational chapter members put Southern hospitality to shame. Everywhere I went I met extremely gracious people who did everything they could for us. My job was to listen carefully to their suggestions for improving our services.

The fi rst stop was to vibrant and beautiful Singapore — my fi rst visit and also the fi rst time the city has hosted our 2011 Asia-Pacifi c Fraud Conference (formerly known as the ACFE Pacifi c-Rim Fraud Conference). Nearly 200 attendees net-worked and attended workshops and panel discussions. (Please see page 68 for more on this exciting conference.)

I enjoyed meeting Gatot Trihargo, CFE, president of the In-donesia Chapter (established in 2002), who provided the same generous hospitality I encountered with other chapters. He was appreciative of the ACFE’s effort to send me there. I presented to nearly 80 members and public- and private-sector guests.

“Chapter activity has become very intense since 2010, by us conducting monthly discussions/workshops for the members and other practitioners,” Trihargo said. “The chapter also suc-cessfully conducted two annual congresses and seminars in 2010 and 2011, which gathered more than 200 participants for each session, with both domestic and international speakers.”

After Jakarta, I jetted off to Hong Kong, with its exotic mix of the old and new., “We’re excited that the ACFE is turning its attention to Asia,” said Hong Kong chapter president Penny Sui-Ping Fung, CFE. “Jim’s visit to Hong Kong no doubt has helped to reinforce this message and reminded people of the role of pro-fessional fraud examiners in a robust and sustainable economy.”

Prof. Yiu Wai Andy Kwok, CFE, vice president of the Shang-hai Chapter and also president of the Beijing Chapter, called my visit a “stunning pleasure.” He had this to say about China’s grow-ing pains: “China’s high growth rates have encouraged foreign investment, which have in turn helped fund China’s incredible

growth,” he said. “However, such large capital infl ows are bound to give way to sector imbalances and fraudulent behavior.”

I told the attendees at the fi rst Corporate Anti-Fraud Semi-nar in China, how fraud can occur in any industry and at any level. I also gave suggestions on how CFEs can advise their cli-ents in their battles against fraud, including setting the proper tone at the top. “Mr. Ratley mentioned that anti-fraud measures do not get proper attention since they cost money while the benefi ts cannot be seen in a short-term period,” Kwok said. “As a consequence, most companies are not willing to make any expenditure regarding this issue. However, establishing effi cient and effective anti-fraud mechanisms will generate huge benefi ts from the long-term perspective.”

The ACFE is striving to do all it can to help our interna-tional chapters grow and thrive. We are excited to announce our plan to open a regional call center in Singapore and host a CFE Exam Review Course there March 26 - 29. Chapters, acting as local ACFE representatives, provide continued support for mem-bers worldwide through networking opportunities, CPE training, leadership development and promoting local fraud awareness.

As always, please let me know how we can help you support our all-important mission. (And please check out Fraud-Magazine.com/LetterFromthePresident for more photos.)

James D. Ratley, CFE, President and CEO of the Association of Certifi ed Fraud Examiners, can be reached at: [email protected].

From the PRESIDENT AND CEO

By James D. Ratley, CFE

Supporting Our International Chapters

A


uring an investigation, we scour the web and social networks for employment backgrounds, contacts, education history, past behavior and so on. However, we should be concerned about information we are posting that the bad

guys can use against us.Arthur Hulnick, a former CIA offi cer, estimates that open-

source intelligence (a form of intelligence collection manage-ment that involves fi nding, selecting and acquiring information from publicly available sources) accounts for “as much as 80 percent” of the entire intelligence database. (See “Sailing the Sea of OSINT in the Information Age,” by Stephen C. Merca-do, http://tinyurl.com/2sj5vy.) This is possible, in part, because organizations and their employees freely publish information online they probably should keep to themselves. And those loose lips can lead to outright fraud. (Also see “NATO Open Source Intelligence Reader,” http://tinyurl.com/7crt7ug.)

JOB POSTINGSBefore you continue reading this, look at your organiza-tion’s job postings and ask, “What are we telling the competition about us?”

Imagine a software company with a strong presence in Asia Pacifi c that posts a public job offer for a sales manager in North America. What are they telling the competition? Think of the recruiting process in your organization and how long it can take to staff a position. Is that enough time for the competition to adjust to the arrival of this new sales manager?

Your competitors fi nd or infer from your job postings the technologies your organization uses, expansion into new areas and territories, market growth, change in structure, structural growth, etc.

What does this mean for fraud examiners? Make sure you run proper background checks on potential hires! Why? Because some job descriptions are so detailed that someone wishing to be hired for fraudulent purposes can customize his or her résumé. I just worked a case in which a candidate

found a company he believed would be a good target and redesigned his résumé to boost his employment chances. The company hired him, and he then proceeded to steal intellec-tual property during his employment.

WEB 2.0 AND SOCIAL NETWORKSEmployees are likely to reveal valuable information to the competition on professional or personal networking sites. Fraudsters can make conclusions about a company’s expan-sion by studying comments about new connections and relationships plus repeated trips to a city or country.

Through investigations, I have found nurses sharing concerns about care in neo-natal intensive care units, law en-forcement personnel sharing sensitive assignments and sales managers claiming their stakes on new territories. Profes-sional social networking sites tell the world about new hires and those who are leaving employers.

Employees posting information online is nothing new. In one case I worked nearly 12 years ago, a call-center employee leaked sensitive information on a web forum. This employee, who was privy to upcoming promotions offered by a telecommunication provider, would repost information online prior to a promotion launch. The company’s call cen-ter then would be fl ooded with requests for promotions and packages that did not exist yet.

Did this employee access highly sensitive documents? Did he gain access to someone’s email account? No. He sim-ply reposted information he learned in training sessions. We had a diffi cult time tracking him down because back then we did not log everything. Even today, we fi nd organizations that do not store online access information, which would allow them to adequately investigate leaks.

MARKETING DOCUMENTATIONDocuments that an organization provides its clients to market its services often end up in competitors’ hands. Find ways to

Anything You Say Can and Will Be Used Against You!

By Jean-François Legault

Digital FingerprintsA Closer Look at Technology and Fraud

D


securely communicate information that you do not want the competition obtaining.

I was involved in a recent case in which a competitor was able to reverse-engineer a product (take it apart and analyze it) by simply using the information in product brochures and documenta-tion. Imagine your competition not only knowing your products but how you are manufacturing them. That is a serious loss of competitive advantage!

I have also been involved in cases in which individuals used marketing infor-mation to create fake companies to try to defraud possible clients. The schemes were simple: reuse information to make the com-panies look legitimate, solicit clients, get paid and then never deliver anything.

AS AN EXPERT WITNESSWhatever you write, post and/or commu-nicate may allow you to build eminence as an expert. However, opposing counsel could also use that public information to try to disqualify you as an expert or to cross-examine you in court.

AS AN INVESTIGATOROpen-source intelligence can help you discover valuable information about play-ers in an investigation. In one case, I found some undocumented aliens involved in a fraud scheme because they gave some prime evidence via their social media pro-fi les, including their geographic locations. In another example, we tracked down vehicles purchased with embezzled funds simply based on suspects’ photos that had been posted online.

When I begin a background investiga-tion into a company, one of the fi rst things I do is seek information through press releases and trade publications. Companies love to tell the world about what they are doing right. However, the competition will always seek out this valuable market intelligence.

If you want to know more about leveraging business intelligence techniques in your fraud examinations, I strongly encourage you to check out anything fellow ACFE faculty member Cynthia Hetherington teaches.

WHAT TO DOSo do you cut yourself off from the world and go off grid? Absolutely not. But make sure your organization’s policies strictly control information that its employees can release through all open-source channels but especially online. When it comes to social media, establish a “think before you post” mentality.

Jean-François Legault is a senior manager with Deloitte’s Forensic & Dispute Services practice in Montreal. Canada. His email address is: [email protected].

Digital FingerprintsA Closer Look at Technology and Fraud

I was involved in a recent case in which a competitor was able to reverse-engineer a product (take it apart and analyze it) by simply using the information in product brochures and documenta-tion. Imagine your competi-tion not only knowing your products but how you are manufacturing them. That is a serious loss of competitive advantage!

Google search directives will add power to your searches.

Searching for a specifi c phrase using quotations:

• “fi nd this specifi c phrase”Searching a specifi c domain or

website:

• site:targetdomain.com or

• site:www.targetdomain.comSearching for specifi c fi le type:

• fi letype:extensionYou can use the minus sign (-) as an

exclusion operator. For example, you can use this search directive to exclude a specifi c website from your search:

• -site:www.excludeddomain.com

Here are some Google searches that you can run against yourself to see what could be available to fraudster.

Finding PowerPoint documents on your site:

• site:www.yoursite.com fi letype:ppt

• site:www.yoursite.com fi letype:pptxFinding Word documents on your

site:

• site:www.yoursite.com fi letype:doc

• site:www.yoursite.com fi letype:docxFinding confi dential documents on

your site:

• site:www.yoursite.com confi dential

• site:www.yoursite.com “not for distribution”

Use These Queries to Examine Your Online Exposure


raud by using an organization’s credit is a type of fi ctitious expense scheme. In the ACFE’s fraud tree, the crime is a subset of fraudulent disbursements, which is a subset of cash schemes.

There are many types of fraud involving an employee’s use of the organization’s credit to purchase assets (i.e., goods and services) for personal benefi t. Unauthorized use of the organization’s general credit cards, purchasing credit cards, travel credit cards or business charge accounts are some of the most common fraud schemes I have encountered during my career. Unscrupulous employees cause victim organizations to order and pay for assets they do not really need. Obviously, the damage to a victim organization is the money lost in purchasing these unnecessary items.

The individuals who commit these crimes are usually responsible for approving and processing transactions for pay-ment. They may rely on the inexperience of their supervisors (or their organizations’ governing bodies) to unknowingly process their fraudulent transactions in the disbursement cycle. Victimized organizations then issue checks for un-authorized business purposes, and the wayward employees receive personal benefi ts.

We begin this three-part series with employee abuses of general organization credit cards.

GENERAL ORGANIZATION CREDIT CARDSCommercial banks issue credit cards to organizations (and individuals) to aid them in conducting offi cial business. Banks and organizations enter into agreements specifying the terms of use for the credit cards. Some banks charge an an-nual fee; others do not. Banks make their money for process-ing your transactions by charging a fee to vendors who accept the cards and by charging you an interest rate on the unpaid

account balance when the full amount due is not paid each month. The primary responsibility for charges on these credit cards rests with the organizations.

THE BUSINESS OF CREDIT CARDSAn organization that authorizes company credit cards for its employees’ use should maintain formal logs of all cards issued and require all employees to sign agreements stating that they have received a copy of the organization’s usage policies and have been trained on the proper procedures for using the cards. These agreements provide the foundation that employees un-derstand that they can use the cards for offi cial business only.

Written company policies should require employee training, prohibit cash advances, restrict purchases of un-authorized items (such as alcohol), require receipts for all charge transactions and specify disciplinary actions for any unauthorized or personal use of the cards. Organizations never should pay for employee charges shown on the bank’s monthly statement without accompanying receipts. It is the descriptions of the items shown on the receipts that deter-mine if the expenses are for offi cial business purposes.

UNAUTHORIZED CARDSEmployees who have stolen company credit cards or who have obtained unauthorized company credit cards through other means (such as ordering them directly from banks without approval) will circumvent organizations’ incoming mail to snag the monthly credit card statements. They usually make personal payments on the credit card account balances to conceal their unauthorized purchases.

However, if employees submit unauthorized expenses for payment by their companies, management and audi-tors will have at least some documents they can review to

Using an Organization’s Credit to Commit FraudPart 1

By Joseph R. Dervaes, CFE, ACFE Fellow, CIA

Fraud’s Finer PointsCase History Applications

F



detect fraud. While the supporting documents for credit card payments should include the statement and all purchase re-ceipts, fraudsters who choose this latter process usually only submit statements for payment purposes. In many cases, their supervisors or the governing bodies of the organizations may unknowingly approve these fraudulent payments.

Employees may periodically use an organization’s credit card for unauthorized purposes or personal benefi t, but man-agers who are assigned to monitor the credit card program can resolve these minor infractions promptly according to policies and procedures.

Companies should publicize employee disciplinary ac-tions in their internal publications to deter future problems. Unfortunately, even this method is not fraud-proof because often the very managers who are charged with monitor-ing the system are the ones who abuse it. These individuals may be able to hide their unauthorized activities from other employees and their supervisors, but most of the time they should not be able to conceal their actions from organi-zations’ governing bodies and their internal or external auditors. However, when their misdeeds are detected, the fraudsters usually attempt to get organizations to pay from monthly credit card statements by indicating that receipts for individual transactions were not available or were inadver-tently misplaced or lost.

Case No. 1 — Personal use of an authorized general organization credit cardIn the November/December 2009 Fraud’s Finer Points, I discussed a credit card case that involved missing support-ing documents. This concept emphasized why organizations should never pay the balance due on monthly credit card statements without seeing the supporting receipts for the purchases fi rst.

Sarah was the clerk-treasurer responsible for processing all of the city’s disbursement transactions, including all pur-chases on its credit card. The city fi rst detected irregularities in accounts receivable and contacted its external auditor to investigate the case.

The subsequent audit detected multiple fraud schemes, which totaled $49,894.88 in losses over 2½ years. These schemes included payroll fraud, accounts receivable fraud, municipal court revenue fraud, unauthorized use of the city’s business charge account and overpayments to a cleaning contractor. The clerk-treasurer performed many tasks in a variety of functions at the city, and no one monitored her work to ensure the city’s expectations were being met.

The clerk-treasurer purchased $5,319.16 in assets for personal benefi t using the city’s credit card. I detected this

scheme by scanning the city’s disbursement fi les to deter-mine other risks. I quickly noted that the city was making its monthly credit card payments using only the statements. There were very few purchase receipts available for review and audit. For example, credit card purchases from a local computer store were almost always missing from the fi les. I contacted the city’s computer consultant who was responsi-ble for all information technology issues. However, he wasn’t aware of any offi cial purchases from the computer store.

A computer store representative faxed documents to me that showed Sarah had signed for a computer, monitor, software and games on many occasions through the period of this loss. City staff members conducted a search of city hall but were unable to locate any of these assets.

Sarah had made all credit card payments on time, but she had destroyed all the supporting documents that listed the details of the purchases from the computer store. She hoped that retaining only the monthly credit card statements on fi le for the city’s governing body and its external auditors would be suffi cient to conceal her irregular activities. She was wrong. The governing body did not notice this irregu-larity, but her fraud did not escape the watchful eye of the external auditors. In my experience dealing with fraud cases in state agencies and local governments in the state of Wash-ington, governing bodies rarely detect fraud in the transac-tions they are reviewing and approving, primarily because no one took the time to properly train them for this task.

The clerk-treasurer demanded a trial to resolve the is-sues in this case. She hired a prominent regional lawyer for her defense and agreed to a bench trial. (There was no jury.) After all the evidence was heard during a week of testimony, the judge rendered a guilty verdict in the case and ordered Sarah to make restitution of the loss amount, plus audit costs. He also sentenced her to three months in a work-release program.

Case No. 2 — Personal use of an unauthorized general organization credit cardA small water district in the state of Washington had three employees, operated on an annual budget of $466,000 and served approximately 1,000 customers. Jackson, the offi ce manager, was responsible for practically all fi nancial opera-tions; his supervisor, the district superintendent, did not monitor his work. These are the two most common internal control weaknesses I have found in small organizations.

While Jackson had no prior criminal history, he appar-ently came to work for the district with ill intentions. He sent a memorandum on offi cial letterhead to the district’s bank shortly after being hired requesting that the bank issue


a credit card in the district’s name and assign it to him. The credit limit on the card was initially set at $5,000, but Jack-son subsequently sent a facsimile to the bank one month later requesting an increase to $20,000. Of course, the district’s governing body did not authorize either of these requests. Later, when the case was under investigation, the district stated that someone had forged the authorizing signatures on the documents.

As the offi ce manager, Jackson was responsible for open-ing the mail and processing invoices for payment. Thus, he was able to remove the monthly bank credit card statements from the incoming mail before anyone else saw them. One of the interesting facts of this case is that Jackson did not submit any of the credit card statements to the district superinten-dent or the governing body for approval or payment. Perhaps Jackson was not quite bold enough. While it would have been prudent to do so, Jackson did not make any personal payments to the bank on the card balance either. Because neither the organization nor Jackson made any payments on the credit card balance, the monthly expenses and interest charges continually increased until the balance became delin-quent and approached the credit limit on the card.

Jackson misappropriated $19,454.84 from the district in 3½ months, with $18,284.03 of this amount representing his unauthorized use of the district’s credit card for personal benefi t. Personal charges included the purchase of a used pickup truck, frequent stays at a motel while traveling to his favorite casino, thousands of dollars in cash advances at the casino, Internet and telephone use and other miscellaneous purchases. Jackson also misappropriated $1,170.81 in utility revenue from the district.

The district fi rst detected irregularities in its checking account and petty cash fund and requested an external audit. Jackson was placed on administrative leave and subsequently terminated for a wide variety of managerial shortcomings. Shortly thereafter, the district received a monthly statement for the unauthorized credit card. In a plea-bargaining agree-ment, the court ordered Jackson to make restitution for the loss amount plus audit costs. It also sentenced him to less than one year in county jail for this crime.

Case No. 3 — More personal use via an unauthorized credit cardJames, the chief of a small fi re district in the state of Wash-ington, obtained an unauthorized credit card in the district’s name. He circumvented the district’s internal controls by

intercepting the mail, removing the monthly credit card statement and making personal payments on the account to conceal his unauthorized purchases. He basically used the district’s credit card as his own by charging $7,797 in personal purchases for more than a year. He used the card to make unauthorized cash advances and also incurred fi nance charges when he did not make monthly payments on time.

When the district fi nally discovered the unauthorized card, there was a $1,599 unpaid balance on the account. The district found out about the card while making a change in signatories on all of its bank accounts after the fi re chief resigned for unrelated personal reasons. The chief reimbursed the district for this amount when questioned about the unauthorized purchases on the credit card. The district paid the balance due on the account and canceled the credit card. The county prosecutor declined to criminally prosecute the case because the district had been made whole.

LESSONS LEARNEDLet us review some of the fi ner points of fraud detection from these general organization credit card fraud schemes. Organizations should:

• Establish written policies and procedures for credit card use and train their employees to ensure they use the cards only for offi cial business purposes.

• Always obtain purchase receipts from employees and never pay bills using only the monthly credit card statements.

• Properly train employees and governing bodies on the authorization and approval procedures for all disbursements.

• Appropriately segregate employee duties and periodically monitor the work of key employees to ensure its expectations are being met.

Once fraud examiners detect fraud, they should assess what else is at risk of loss within an organization.

MORE CREDIT CARD MISUSEIn part two of this series, we will discuss the use of purchasing credit cards and travel credit cards. Stay tuned.

Regent Emeritus Joseph R. Dervaes, CFE, CIA, ACFE Fellow, is retired after more than 42 years of government service. He is the president of the ACFE’s Pacifi c Northwest Chapter. His email address is: [email protected].


2012 CFE Exam Prep Course®

How the course works: The program provides typical exam questions, in-

forms you whether your answer is correct, provides a

detailed explanation of the correct answer and offers

an alternative study reference where you can learn

more about the topic.

The CFE Exam Prep Course focuses on the four

testing areas of the CFE Exam:

Legal Elements

Fraud Prevention and Deterrence

Financial Transactions

Fraud Investigation

Create a personalized study plan tailored to your individual strengths and weaknesses with an optional 100 question Pre-Assessment

Pick the sections and topics most relevant to your exam preparation by creating custom review sessions

Learn more from your Practice Exam sessions by reviewing the ques-tions you missed, anything your results by subsection and tracking your progress over time

Focus on the areas where you need the most work with enhanced review of results and progress by exam section, subsection and topic

Stay on track to earning your CFE credential by measuring your progress towards your target dates for certification and using helpful checklists within the Prep Course software

The CFE Exam Prep Course Allows You To:

The 2012 CFE Exam Prep Toolkit is Also AvailableIncluding the CFE Exam Prep Course, Fraud Examiners Manual (Printed Edition), Corporate Fraud Handbook and the Encyclopedia of Fraud (CD-ROM), the CFE Exam Prep Toolkit includes valuable materials to aid in your CFE Exam preparation.

Visit ACFE.com/Prep to order your copy today

Arm yourself with the most effective tool available to help you pass the CFE Exam.


By Gerhard Barone, Ph.D.; Sara Melendy, Ph.D., CFE, CPA; and Gary Weber, Ph.D. Edited by Richard “Dick” A. Riley, Ph.D., CFE, CPA

tudents at the collegiate level learn best about business through a combination of theory and practice. College professors are well equipped to present the theory side of a particular topic, but they frequently look to business professionals —

who have hands-on, practical experience — to help apply those theories to real-world situations. This teaching method works especially well in anti-fraud education, in which fraud cases, whether real or fi ctitious, can help bring to life the fraud theories and procedures introduced in the classroom.

However, it is not quite so clear exactly how to struc-ture the interactions between CFEs and higher education to encourage this method of learning. Many CFEs, for example, believe that the only way to participate in collegiate fraud education is to lead a class lecture based on their fraud expe-riences, which could not be further from the truth.

In this column, we identify and explain a variety of ways in which CFEs can foster and develop mutually benefi cial rela-tionships with college faculty and students to help educate and prepare future anti-fraud and forensic accounting professionals.

INVITE FACULTY AND STUDENTS TO LOCAL FRAUD CONFERENCESOne of the easiest and least time-consuming ways for CFEs to get involved with higher education is to invite college faculty and students to attend local fraud conferences. Spokane ACFE Chapter member Lenore Romney, CPA, CFE, CVA, has invited both students and faculty to attend the local ACFE conference for the past few years.

“The chapter leaders recognize that more can be accom-plished in the fi ght against fraud if professionals from differ-ent disciplines network with each other. We see the chapter as being an ideal facilitator for such a network,” Romney said.

Conferences typically provide numerous and varied opportunities through which students and faculty can learn

about both actual instances of fraud, as well as the work of CFE professionals. Kris Ryan, a student at Gonzaga Univer-sity who has attended the local ACFE conference for the past two years, can attest to this.

“Both years that I attended the conference, a wide range of topics was offered, including health care fraud, a critique of software that helps businesses protect themselves against fraud, gang activity (which is surprisingly more correlated to the fraud problem than I would have thought), mortgage fraud and different fraud topics covered by local law enforce-ment and the FBI,” Ryan said.

“I found all of the topics interesting and also learned fraud detection and investigation skills that I could put to use immediately,” she said.

Since graduation, Ryan has gone on to earn her CFE credential and has joined the fraud-fi ghter ranks.

BECOME A PROFESSIONAL MENTOR TO STUDENTSProfessors at Gonzaga University frequently refer students who have an interest in forensic accounting to local CFEs for advice on potential career paths, professional certifi cations, in-terviewing and networking. Students benefi t directly from the wisdom and experience these mentors have gained from many years of work in fraud and forensic accounting. Mentors also share their knowledge of the skills and abilities necessary to be successful in the forensic accounting profession. These inter-actions also are great networking opportunities for students.

Many universities also have formal mentoring programs through which students are matched with professional men-tors based on factors such as fi eld of study, geographic prefer-ence and gender. These more formal relationships span the majority of a student’s time in college, which allow mentors to help identify curriculum paths, internship opportunities and employment opportunities when the student nears graduation.

Get Involved in Higher EducationOpportunities for CFEs in Educating Future Fraud Fighters

Fraud EDgeA Forum for Fraud-Fighting Faculty in Higher Ed

S


A more interactive — albeit more time-intensive — method of mentoring students is for CFEs to arrange and coordinate student internships with their employers. Stu-dents participating in these internships benefi t not only from professional workplace mentoring but also from working in actual forensic accounting situations.

ASSIST WITH CASE STUDIES AND RESEARCH PAPERS Higher-education faculty are always searching for case stud-ies with the richness of detail, ambiguity and issues that are similar to those that students will encounter in their profes-sional careers. Faculty and highly experienced CFEs jointly produce the most detailed, complex cases.

Cindy Durtschi, Ph.D., associate professor at DePaul University, invites CFEs to help in the classroom in several ways. She recently had a full-time forensic accountant help her judge student case presentations.

“The students presented their work from the view of the prosecution, and then the CFE showed them how some-one working for the defense would have responded to their cases,” Durtschi says. “It was a wonderfully enriching experi-ence for the students.”

Durtschi also had a local CFE help her with a fraud case she developed. The CFE provided her with encouragement, valuable feedback and suggestions that improved the case.

CFEs also frequently partner with faculty on forensic accounting research papers. Frank Perri, J.D., CFE, CPA, has co-authored several research papers with Rich Brody, Ph.D., CFE, an associate professor at the University of New Mexico. They have written on topics ranging from the relationship between workplace violence and fraud to identifi cation of organizational weaknesses at the Securities and Exchange Commission. These partnerships between academics and professionals foster balanced approaches to research and ensure that publications are valuable not only for academics, but also for practitioners who can use the results in the fi eld.

COORDINATE FORENSIC ACCOUNTING INVESTIGATIONSRomney and Marie Rice, CFE, CIA, CICA, president of the Spokane ACFE Chapter, assist students at Gonzaga Univer-sity as part of their Justice for Fraud Victims Project. (See the July/August 2011 Fraud EDge.) Through a cooperative partnership with law enforcement and local CFEs, Gonzaga students provide free fraud examination services to small businesses or nonprofi t organizations that have been victims of fraud. The students gain experience while simultaneously giving back to their communities.

Last year, Romney worked with students on a case that eventually led to the project’s fi rst conviction.

“Working all semester with my student team was personally rewarding,” she says. “My team of students was incredibly bright and diligent and really took ownership in our investigation. They were like sponges soaking up the practical knowledge I was trying to share with them in only one semester’s time together. I was proud of my team’s effort the day they gave their fi nal class presentation, the day I submitted our report to law enforcement and especially the day I was notifi ed that charges were fi led.

“Obtaining a guilty plea and restitution within a year of submitting our case was the icing on the cake,” she says.

Romney and Rice play a number of critical roles in this class by:

1. Assisting the students in developing theories of how the fraud may have occurred.

2. Helping the students develop a plan for determining how to test those theories.

3. Providing weekly guidance to students as their investigations progress.

4. Reviewing the fi nal report that students complete at the end of the term and that law enforcement may use to prosecute the fraud.

5. Serving as expert witnesses if a case goes to trial. Reaching out to help local organizations with poten-

tially fraudulent situations is a noble idea with obvious benefi ts, but usually the largest obstacle is that college faculty members often lack required specifi c training for competent forensic accounting investigations. Faculty also often lack contacts with those in communities who are most likely to refer cases, such as law enforcement and prosecuting attor-neys. CFEs often have such connections and, thus, can refer cases and supervise the investigations.

SERVE AS AN ADJUNCT INSTRUCTOR OR GUEST SPEAKER CFEs who want a more substantive role in higher education can pursue teaching courses as adjunct instructors. Adjunct instructors typically teach one or two courses during a semes-ter, but they do not have other academic commitments, such as research or service, to the institution. Colleges frequently seek professionals, like CFEs, to teach more specialized courses, such as forensic accounting, because full-time faculty often do not have this expertise.

Not long after she began mentoring, Gonzaga University approached CFE mentor Rice to see if she was interested in teaching a fraud examination class as an adjunct instructor. She jumped at the chance.

“It had been my long-term goal to adjunct, and I was thrilled by the prospect,” Rice said.



She has taught three courses over the past two years and has enjoyed the experience. She sees many benefi ts to having professionals, like CFEs, in the classroom.

“As a student, I always appreciated the professors who had both real-world and research experience. CFEs are for-tunate in that we have so many stories and experiences that can help shape our future anti-fraud professionals.”

CFEs considering this option should be aware that the weekly time commitment is somewhat greater than the time teaching in the classroom. Adjunct instructors also will spend several hours each week planning lectures, grading student work and answering emails from students. In addition, most colleges expect adjunct instructors to be available on cam-pus for an hour or two each week to meet with students and answer questions.

CFEs who cannot commit to teach an entire course can serve as guest speakers. This may involve preparing a short case study or other relevant topical material and leading a class in a discussion of the material. Departments and instructors are generally receptive to such arrangements, provided there is a good match between the course goals and the proposed topic.

Guest speaking opportunities for CFEs are not limited to forensic accounting courses. For example, CFEs could present internal control cases to an accounting information systems class. They also could discuss evidentiary or legal aspects of CFE work in criminal justice or psychology classes. Given the diversity and complexity of fraudulent activities and the motivations of those who commit fraud, there are many other disciplines in which CFEs could provide valuable insights and enrich the classroom experience.

FOSTERING STUDENT INTERESTThe ACFE Handbook and Guidelines for Local Chapters en-courages close relationships with schools and universities to foster student interest in the fraud-fi ghting profession. CFEs’ unique skill sets and training create multiple opportunities across college campuses. We have described a number of ways that CFEs have participated in higher education. Inter-ested CFEs should contact program directors or chairpersons at nearby colleges. Universities, and especially business schools, are always looking for adjunct instructors and guest speakers with practical experience. Students love to hear from professionals who can describe their fi eld experiences and how they can pursue careers in specialty fi elds, such as forensic accounting.

Rice wants to see more CFEs in college classrooms.“As professionals, we need to strive to make the anti-

fraud movement more real for students, who often believe they will never encounter a fraudster or become a victim of fraud,” Rice said.

Matching the expertise and interest of CFEs with the needs of higher education can result in relationships that are enriching and rewarding for all parties involved.

Gerhard Barone, Ph.D., is an assistant professor of accounting at Gonzaga University. He teaches classes in fi nancial accounting and accounting information systems. His email address is: [email protected].

Sara Melendy, Ph.D., CFE, CPA, is an associate professor of accounting at Gonzaga University. She teaches auditing and fraud examination, including a hands-on laboratory called the Justice for Fraud Victims Project. Her email address is: [email protected].

Gary Weber, Ph.D., is an associate professor of accounting and coordinator of accounting programs/director of the master of accountancy program at Gonzaga University. His email address is: [email protected].

Richard “Dick” A. Riley Jr., Ph.D., CFE, CPA, is a Louis F. Tanner distinguished professor of public accounting in the College of Business and Economics at West Virginia University in Morgantown. He is chair of the ACFE Higher Education Advisory Committee and the vice president of operations and research for the Institute for Fraud Prevention. His email address is: [email protected]. Riley served as editor on this column.


Given the diversity and complexity of fraudulent activities and the motivations of those who commit fraud, there are many other disciplines in which CFEs could provide valuable insights and enrich the classroom experience.

REGISTER NOW

Fraudsters are continually creating, perfecting and executing new schemes. Gain the knowledge you need to stay one step ahead.

Join anti-fraud professionals in London for the 2012 ACFE European Fraud Conference to exchange insights and develop cutting-edge skills in the global fight against fraud. In addition to informative sessions offering practical techniques and tips, you’ll network with leaders of Europe’s anti-fraud community and earn up 23 CPE credits.

Register online at ACFE.com/European by 24 February to SAVE GBP 100!

2012 ACFE European Fraud Conference

London 25-27 March 2012The Cumberland Hotel

James D. Ratley, CFEPresident and CEO,Association of Certified Fraud Examiners

Stephen Harrison Chief Executive National Fraud Authority

FEATURED KEYNOTE SPEAKERS


FraudBasics

ob, an internal auditor for ABC Company, is con-ducting a routine cash receipts controls review. The procedure calls for the day’s checks to be deposited remotely in a company bank account daily. Susan, the clerk who processes customer

checks, had gone home sick on Monday. Before she left, she completed the remote deposit procedure, which involves scanning each check and electronically sending those scans to the bank. Then she put the checks she had just scanned in her work-in-process fi le and went home, intending to proper-ly fi le them away the next day. Unfortunately, when Betty — who had done Susan’s job years ago — was assigned to cover Susan’s desk on Tuesday, she came across the previous day’s checks. Without asking anyone, Betty prepared a deposit slip — as she had done in the past — and took the checks to the nearby bank branch and made the deposit. When Susan came in on Wednesday, she noticed that the stack of checks she had processed on Monday were not where she had put them and immediately asked Betty where they were. Oops ... The checks had been deposited twice. They immediately con-tacted the bank. The bank manager explained that the bank’s duplicate check detecting software had caught the error and that all was well. If the bank had not had the duplicate check software working properly or if Susan and Betty had conspired to modify the original paper checks before re-depositing them, the bank could have been liable for some big bucks. This fi cti-tious example could easily have happened.

Banking industry experts report that check processing is moving rapidly away from the traditional paper methods and toward the processing of electronic images of checks. As of August 2011, almost 70 percent of all institutions are now receiving check images, according to CheckImage Central. (See www.checkimagecentral.org.) With the implementation in 2004 of the Check Clearing for the 21st Century Act, or Check 21, auditors and CFEs cannot afford to ignore the new

risks and challenges associated with processing of increasingly larger volumes of electronic check images.

Even with so many more consumers and businesses pay-ing their bills electronically, checks are still the standard for many. The major impetus for banks moving to check images is that electronic processing costs much less than paper check processing. Historically, paper processing had been a cumber-some procedure that required physically moving millions of paper checks through the banking system.

Before Check 21 processing, when a person deposited a paper check in his bank, that person would be credited for the amount of the deposit. Then, at the end of the day, the bank would sort that day’s processed paper checks and forward them to the Federal Reserve — or another check-clearing entity — where the checks would be cleared. The paper checks then would be sorted and sent back to the banks the checks were drawn on (and in some cases returned to the check writer). Grounded planes following the terrorist attacks of 9/11 caused major delays in check processing and brought increased awareness to antiquated paper-check procedures. A number of electronic payment processing technologies are now in wide use, including Check 21 technology.

Under Check 21 processing, paper checks are scanned, and the images are used to process the checks. Alternatively, banks that desire to continue receiving and processing paper checks may print and process copies of the images, called sub-stitute checks. The substitute checks are the legal equivalent of the original checks and can be used to document payments in the same way that cancelled scanned checks would.

Although compliance with Check 21 is not manda-tory, most banks are expected to invest in check imaging technology eventually to take advantage of the projected costs savings. So far, the adoption from paper to digital has been slower than expected as the banking world upgrades its

‘Check 21’ Can Make Fraud EasierBe Alert to Changes in Check-Imaging Technology

By Linda Lee Larson, DBA, CFE, CPA, CISA

B


FraudBasics

technology for image processing. The underlying cause of the delay has been the signifi cant investment in the technol-ogy required to both create and process check images and substitute checks. Sources in the banking world in 2004 estimated a cost of $1.5 billion to $2.5 billion to fully imple-ment Check 21 technology in the U.S. [See “The Domino Effect of Check 21,” by J.D. (Denny) Carreker, http://tinyurl.com/7yuxjrc.] The Federal Reserve expects that the use of substitute checks should decline as more banks have the technological capability to process check images directly.

THE CRUX OF THE PROBLEMCheck truncation — the process of digitally scanning paper checks — greatly increases the chances of a check being processed twice, either accidentally or fraudulently. Dupli-cate check processing occurs when a business uses remote processing to scan incoming checks and also drops the paper checks off at a bank branch. The branch then forwards the paper check to the Federal Reserve to be processed. Thus, as in the opening case, checks can be processed twice.

Before Check 21, duplicate check processing rarely hap-pened. However, American Banker magazine now estimates that duplicate check processing is a $500 million problem, which accounts for about half of the total check fraud in the U.S. (See “Seeing Double,” by Glen Fest in American Banker, Nov. 1, 2010, http://tinyurl.com/7dkt8jx.)

Whether done by accident or fraudulently, duplicate check processing is becoming increasingly more expensive to weed out. Many believe that the new technology creates a unique opportunity for fraudsters. The problem is expected to increase as the remote deposit capture continues, especial-ly as consumers are using smartphones to capture deposits. (That has to be the subject of another column.)

The banking industry, recognizing this problem, has developed software to identify checks that are deposited twice, but it is not foolproof. It tends to create false positives because the software only identifi es checks that are identical in amount and payee. Complicating the situation further is when fraudsters get involved and change the payee and/or the amount of the check. The duplicate identifi cation soft-ware is not designed to identify this type of fraudulent check.

Reformed con man Frank Abagnale has said that banks are generally liable for “ordinary care,” according to U.S. Uniform Commercial Code (UCC) 4-103, and the bank that accepts a fraudulent check — paper or electronic image — is liable for any losses. Therefore, the banking industry has a real stake in doing what it can to reduce these losses. (See UCC provisions at http://tinyurl.com/725p8zv and “Check Fraud: A National Epidemic,” by Frank Abagnale, New Jer-sey CPA, May/June 2010.) This is where CFEs can help.

High-tech fraudsters are always looking for new ways to access and manipulate digitized information. Basically, substitute checks may be altered, counterfeited, duplicated and/or created from scratch. If a payment is in question, only the substitute check image can be accessed. The result is that proving alterations and forgeries becomes even more diffi cult because many of the traditional security features so evident on paper checks are lost when the originals are scanned in the clearing process. In addition, with no actual cancelled paper checks to examine, evidence of counterfeiting, forgery and alterations (such as fi ngerprints) are not available for the auditor or CFE.

Systems controls need to be in place and working prop-erly to prevent unauthorized persons from accessing elec-tronic check processing data and to protect private customer information. CFEs can help implement these controls. Also, CFEs must keep current on changes in check-imaging technol-ogy and auditing electronic payment controls. Multiple lines of defense are needed to prevent problems. CFEs need to monitor controls to prevent/detect duplicate check processing.

VIGILANT WATCHDOGSElectronic check processing technologies may make check fraud crimes harder to prove, especially if a jury is involved. It is important that consumers, businesses and banks are aware of the possible risks and take appropriate steps to protect themselves and their sensitive data. Electronic check processing is here to stay, and auditors and CFEs need to be ready to meet the challenges. Unless the watchdogs are vigilant, the community has to deal with increasingly more sophisticated fraudsters trying to commit electronic check fraud using altered substitute checks or check images.

Linda Lee Larson, DBA, CFE, CPA, CISA, is an associate professor of accounting at Central Washington University – Lynnwood Center in Lynnwood, Wash. Her email address is: [email protected].

Before Check 21, duplicate check processing rarely happened. However, American Banker magazine now estimates that duplicate check pro-cessing is a $500 million problem, which accounts for about half of the total check fraud in the U.S.


Fraud InFraud In Houses Of WorshipHouses Of Worship

What BelieversDO NOTWant to

BELIEVEBy Robert M. Cornell, Ph.D., CMA, Educator Associate; Carol B. Johnson, Ph.D., Educator Associate; and Janelle Rogers Hutchinson

©Cara Bresette-Yates/iStockphoto


n accounting professor who teaches a fraud investigation class re-cently told a story about a student in her class who approached her for help on a personal project. The student’s church had

asked the student to attempt to determine the dollar amount of damages in a recent embezzlement. The perpetrator, a former church secretary, had been defrauding the 200-member church for 18 months by writing herself duplicate paychecks, stealing cash from donation deposits and taking out credit card accounts in the church name, among other schemes.

The church discovered the fraud when the secretary was called away for a family emergency, and the previously inattentive manager received a phone call about an unpaid credit card bill. The manager did not know the credit card existed. Because the church had not segregated employee duties, the secretary had free rein over all aspects of church fi nances: she kept the books, paid all the bills, handled cash receipts, managed the pay-roll, issued paychecks and reconciled the bank account. The sky was the limit for her fraud. A simple search of public records would have revealed that the secretary was in fi nancial trouble — a serious red fl ag for fraud. But the church did not conduct that search until it was too late.

The professor was not surprised by such a common scheme. However, she was taken aback when she opened the student’s work fi le to review the case. She recognized the name of the perpetrator as a secretary in her church and confi rmed this identity by questioning the student investiga-tor. Internal controls in the professor’s church were a bit better — it had segregated some accounting duties — but were still insuffi cient. In fact, internal controls were bad enough that no one could ever know if the secretary stole from the professor’s church.

It was quite common for people to drop cash and checks by the church offi ce during the week and leave them with the secretary for use in special funds, such as one to aid local homeless people. It would have been easy for the secretary to simply pocket some of the funds, and no one would have been the wiser. The secretary eventually resigned; it is unknown if she stole from the professor’s church during her tenure there. She was replaced with another secretary who had her own fi nancial prob-lems — her home was in foreclosure within six months of taking the job.

The professor advised church offi cials that they needed to improve internal controls, but the staff members believed that “no one would ever do such a thing here.” Indeed, fraud examiners who deal with fi nances, fraud and internal controls in houses of worship may be labeled over-reacting conspiracy theorists when they tell church staffs they may have fraudsters in their midst. However, fraud examiners know that houses of

Houses of worship are particularly vulnerable to fraud, but most feel they are impervious. The authors provide reasons why churches feel so bulletproof and seven practical steps fraud examiners can use to help churches stop fraud in its tracks.

AA


FRAUD IN HOUSES OF WORSHIP

worship — churches, synagogues, temples, mosques etc. — are among the most vulnerable entities.

WHY are CHURCHES SO VULNERABLE?WHY are CHURCHES SO VULNERABLE?Churches typically emphasize the importance of good acts and deeds, so we might expect their tone at the top would protect them from fraud. Not so. A variety of factors lead to the op-posite situation. Donald Cressey’s research on the fraud triangle showed that pressure, opportunity and rationalization are pres-ent in almost all frauds. (See pages 10 through 14 of “Occupa-tional Fraud and Abuse,” by Dr. Joseph T. Wells, CFE, CPA.) However, some forms of these three elements are more preva-lent in houses of worship.

PRESSURES AND RATIONALIZATIONPRESSURES AND RATIONALIZATIONIn many cases, ministers, secretaries and other staff members in houses of worship are expected to work long hours on paupers’ wages for the love of a deity, while mingling with the wealthi-est of society. These working conditions can create resentment, desperation and rationalization, such as “they owed it to me.”

Church staff and volunteers can also face fi nancial prob-lems from feeding vices and addictions. A pastor or church mem-ber with a serious vice likely will feel that any resulting fi nancial pressure is highly “non-shareable.” Cressey emphasized that the non-shareable aspect of a pressure made it a particular impetus for fraud.

OPPORTUNITYOPPORTUNITYChurches might be the poster child for fraud opportunity for a variety of reasons. First, they tend to be small organizations. The ACFE’s 2010 “Report to the Nations” found that fraud happens most frequently in entities with less than 100 employees — a category that would include most houses of worship. Because of their small size, churches tend not to be willing or able to hire professionals who have signifi cant fi nancial expertise or are knowledgeable about internal controls. Also, by default, small organizations fi nd it diffi cult to adequately segregate duties or install independent checks.

Secondly, trust among employees and volunteers fuels church engines. Unfortunately, church cultures foster the belief that trust is an adequate control — a fallacy that can create af-fi nity frauds, such as the $78 million fraud that Daren Palmer, a pillar of his church, perpetrated against members. (http://tinyurl.com/4xae883) Because of the tight-knit culture, it is common for churches to hire family members and close friends, which increases opportunities for collusion.

Also, churches often do not create the perception of con-sequences that is necessary to deter fraud. History and human nature show that when a fraud does occur in a church, staff members often hide the crime so they will not upset members and other potential donors. In the opening case of the embez-zling church secretary, the fraud at the fi rst church was never publicized or prosecuted because a close relative of the secretary

was a signifi cant donor to the church and a powerful member of the church board. In addition, U.S. nonprofi ts generally are not tightly regulated. State attorneys general and the Internal Reve-nue Service (IRS) are the only entities in a position to provide regu-latory oversight to churches. Attorneys general are typically preoc-cupied with other issues. And churches are exempt from the rule that nonprofi ts must fi le informational tax returns with the IRS. So only parent denominations, church governing boards and possibly church members are likely to be privy to fi nancial information.

DO THEY REALLY BELIEVE IT CANNOT DO THEY REALLY BELIEVE IT CANNOT HAPPEN IN THEIR CHURCH?HAPPEN IN THEIR CHURCH?To get a feel for churches’ perceived fraud invincibility, we in-terviewed individuals who provided fi nancial oversight in 132 U.S. houses of worship. Our survey included a broad variety of denominations (primarily Christian) of differing member-ships, annual budgets and numbers of employees. Memberships ranged from 25 to 37,500, with an average of 1,168 and a medi-an of 425. Annual budgets ranged from $10,000 to $30 million, with an average budget of $1,089,045 and a median budget of $430,000. Figure 1 illustrates the distribution of church bud-gets. Most of these churches had at least a few paid employees, and some were affi liated with national or international denomi-nations providing some oversight role.

Fraud had indeed reared its ugly head with 13.4 percent of the church leaders acknowledging they had experienced a fraud

in their organizations within the previous fi ve years. The esti-mated sizes of the frauds ranged from a few dollars to $35,000. We suspect that the actual frequency and dollar amount of fraud were seriously underreported for two reasons.

First, our interviews indicated that churches generally lacked proper internal accounting controls, including segrega-tion of duties, and that even if those controls were in place, the churches did not consistently follow them. The reported levels of controls in most of these institutions were so poor that they probably harbored many undetected frauds. For example, most of the churches we surveyed did not separate record keeping from as-

36% $0 – $250,000

17% $250,000 – $500,000

12% $500,000 – $750,000

7% $750,000 – $1 million

28% Over $1 million

Figure 1: Budget Range of Churches Surveyed



set custody, particularly with respect to the payment of expenses. Also, in most cases, the same person who wrote the checks also reconciled the bank statements. Figure 2 illustrates the frequency of various control vio-lations that we found in churches.

The second reason we suspect underreporting is that it is likely that some interviewees were un-willing to admit frauds, or their churches did not tell them about discovered crimes. Ministers and church elders are accustomed to holding the “sins” of their fl ocks close to the chest, and this empha-sis on confi dentiality may prevail even in the case of white-collar sins. The cloak of secrecy may mean that the right hand does not know what the left hand is doing within the church. Also, in the same way that those who have been scammed are often too embarrassed to admit their victimhood, church ministers and oth-er fi nancial leaders may be hesitant to reveal their vulnerability.

We asked interview participants how vulnerable they thought their organizations were to employees’ or members’ il-legal or unethical fi nancial actions. Despite generally poor levels of controls, none of the respondents — even those in organi-zations that had experienced fraud — felt their organizations were extremely vulnerable. Almost a fourth said they were not vulnerable at all to fraud, and nearly two-thirds said they were only slightly vulnerable. Table 1 on page 22 presents the percep-tions of vulnerability to fraud within churches that experienced a fraud within the last fi ve years and those that had no report-ed fraud over the same period. Overall, most believed that “it wasn’t going to happen here.”

WHY DO THEY FEEL SO BULLETPROOF?WHY DO THEY FEEL SO BULLETPROOF?The lack of a realistic perception of vulnerability is driven by several psychological mechanisms including overconfi dence, ig-noring base rates and confi rmation biases.

Overconfi denceOverconfi dence is a particularly diffi cult psychological barrier to overcome, even among those with high levels of education. Psychologists and economists, who have studied the overconfi -dence phenomenon since the 1960s, fi nd that this mindset re-sults from two factors. One might be called the Lake Wobegon effect (from Garrison Keillor’s “A Prairie Home Companion”): we all think we are above average.1 Secondly, we tend to have an illusion of control over circumstances.2 The combination of these two factors leads to unrealistic optimism. Researchers fi nd that people are more overconfi dent when they are faced with

diffi cult or very diffi cult tasks. The “hard-easy effect” suggests that they are more vulnerable to fraud when 1) it is diffi cult to assess the likelihood of fraud, and 2) they lack the skills to ap-propriately safeguard their most valuable assets.

Ignoring Base RatesCognitive researchers fi nd that even when people are provided information on the likelihood of fraud, they tend to ignore “base rates.” (A base rate can be defi ned as the average num-ber of times an event occurs divided by the average number of times on which it might occur.) Consequently, if we were to tell a group of church leaders that 20 percent of all houses of wor-ship (a hypothetical number) are likely to be victims of fraud within the next fi ve years, their over-optimism will lead almost all of them to conclude that they will not be victims of fraud. In other words, people tend to place themselves into the group that is not affected by frauds instead of accurately assessing if their particular situation is more refl ective of the group that will experience a fraud.

Confi rmation BiasAuditors and fraud examiners do not tend to conclude that as-sets are safe unless they have assessed the quality of the controls in place. The “average Joe,” however, suffers from a confi rma-tion bias. In other words, Joe will rely too much on confi rm-ing evidence, such as “we have never had a fraud before.” At the same time, he will dismiss contradictory arguments, such as “we do not have adequate controls in place.” This bias increases with the amount and strength of confi rming evidence. It will decrease with contradictory evidence but at a much slower rate.3

Walt Pavlo, the perpetrator of a multi-million dollar fraud at MCI and WorldCom, expressed confi rmation bias well. At the Oklahoma State University 2008 Financial Reporting Conference, he was asked where the auditors were while he was committing his

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

No checking references

No criminal background checks

Related parties on board of directors

Same person deposits receipts andreconciles bank statements

No financial expert on board

No term limits for financial volunteers

Same person records anddeposits receipts

No credit checks for employees

No required vacations

No surprise audits

Figure 2: Control Problems in Churches

87%

80%

78%

72%

67%

51%

48%

47%

20%

13%

22


crime, which involved overstatement of receivables. His response: “No one wants to question good news.” In the for-profi t world, the evidence has shown that excessively high revenues are a much big-ger red fl ag for fraud than excessively low revenues.

HOW TO HELPHOW TO HELPBased on our survey fi ndings and observations, we offer seven steps fraud examiners can take to help churches avoid fraud:

1. Freely lend your expertise to small nonprofi ts and church boards to help them understand and implement the concept of separation of duties and independent checks.

2. Help them understand that checks are cash — only more vulnerable. You could explain this by saying, “If someone steals a $1 bill from you, the most they have stolen is $1. If they steal a $1 check from you and then add a few zeroes, they have stolen much more.”

3. Combat overconfi dence through education and training. Church boards must understand that trust is never an effec-tive internal control.

4. To achieve adequate perception of detection and conse-quences, encourage church boards to be open and forth-coming about problems and consequences and to prosecute when appropriate. Such prosecutions could have prevented the secretary in our opening story from moving to the next church to possibly do the same thing.

5. While churches may be in the business of “bringing the good news,” it is a good idea to remind them that at least when it comes to fi nancial affairs, they should always question news that is “too good to be true.”

6. Church leaders are becoming aware of the need (and some-times the legal requirement) to conduct background checks to specifi cally fi nd sex-related crimes. Help them understand that they also can use criminal and credit checks to protect the church’s fi nancial assets and help ensure that donors’ wishes are honored by applying donor funds to good deeds, rather than using them to feather the fraudsters’ pockets.

7. While we have a psychological tendency to ignore base rates, we tend to respond to stories. These stories help bring the reality home; so share stories about church frauds. And if you are feeling really brave, leave a few copies of Fraud Magazine in the church library.

Individuals who contribute to religious institutions or other nonprofi ts do so with the intent that their sacrifi ces will help the institution and/or the parties it serves. Fraud examiners can help these institutions ensure good stewardship over these resources and prevent the unintended distribution of resources to the pock-ets of fraudsters. An essential element of providing this help in-volves convincing them that yes, it can happen here.

Robert M. Cornell, Ph.D., CMA, ACFE Educator Associate, is an assistant professor of accounting in the Oklahoma State University Spears School of Business. His email address is: [email protected].

Carol B. Johnson, Ph.D., ACFE Educator Associate, is the Masters of Science coordinator and Wilton T. Anderson Professor of Accounting in the Oklahoma State University Spears School of Business. Her email address is: [email protected].

Janelle Rogers Hutchinson is a Masters in Accounting student at Oklahoma State University. Her email address is: [email protected].

1Alicke, M. D., & Govorun, O. (2005). “The better-than-average effect.” In M. D. Alicke, D. Dunning & J. Krueger (Eds.), “The self in social judgment.” 85-106. New York: Psychology Press.2Gino, F., Sharek, Z., & Moore, D. A. (2011). “Keeping the illusion of control under control: Ceilings, fl oors, and imperfect calibration.” Organizational Behavior & Human Decision Processes, 114, 104-114.3Juslin, P., Winman, A., & Olsson, H. (2000). “Naive empiricism and dogmatism in confi dence research: A critical examination of the hard-easy effect.” Psychological Review, 107, 384-396.

Fraud Occurred in Last 5 Years

Perception of Vulnerability to Fraud

Not Vulnerable Slightly Vulnerable Vulnerable Very Vulnerable Extremely

Vulnerable Grand Total

Yes 24% 53% 17% 6% 0% 100%

No 25% 66% 6% 3% 0% 100%

Total 24% 64% 9% 3% 0% 100%

Table 1

Help them understand that checks are cash — only more vulnerable.

©Sue Colvil/iStockphoto


Example 1

A husband and wife served as treasurer and assistant treasurer

in a small church in North Carolina. When their business began

failing, they stole several thousand dollars from the church by

simply writing checks to themselves over a three-year period. The

fraud was discovered when a contractor complained that he had

not been paid for work on the church property. (http://tinyurl.

com/2e2gm2w)

Example 2

Three unrelated individuals who served as offi ce manager, facilities

manager and a volunteer in a California church colluded to steal

$500,000 from the church coffers to fund extravagant lifestyles.

The threesome carried out their thefts by issuing fraudulent checks

and making inappropriate use of credit cards. The theft was discov-

ered when the church pastor became suspicious and reported the

theft to the fi nance committee. (http://tinyurl.com/66cqchg)

Example 3

The pastor of a large Ohio church commingled funds, laundered

money, tampered with records, forged documents and sold 19

acres of church land to steal more than $1 million from his church

and cover his tracks. The proceeds were used to buy cars, a boat,

a pool and hair treatments in addition to funding private-school

tuition for his children. When a church employee reported that

funds were missing, it took two years to investigate the crime before

charges were fi led. (http://tinyurl.com/6dpnvch)

Example 4

The business manager of an Oklahoma church was accused of

embezzling $140,000 to pay her personal expenses. The alleged

theft was discovered when the bank notifi ed the church of an over-

drawn account. The suspect said she could not have stolen that

much money because the church was audited every year.

(http://tinyurl.com/6bpqblr)

It Can Happen in Your Neighborhood

There’s so much to learn in order to be an effective fraud fighter – where do you start? Right here, with Principles of Fraud Examination. This course is the foundation of the ACFE’s curriculum and is recommended for all anti-fraud professionals. Whatever industry or area of specialization you end up in, you will benefit from a solid understanding of the fundamentals of the four key areas of fraud examination:

Fraud Prevention and DeterrenceLegal Elements of FraudFraudulent Financial TransactionsFraud Investigation

Solid Fundamentals for All Anti-Fraud Professionals

Learn from the experts at

Principles of Fraud ExaminationAustin, TX | April 30 - May 3, 2012

Build your anti-fraud career on a solid foundation – register online at ACFE.com/POFE by March 30 to save an additional $200!

A major, multimillion sports ticket fraud at the University of Kansas highlights how CFEs can help convince administrators and boards to reassert control over their athletics departments. The answer could be independent oversight.

By Herbert W. Snyder, Ph.D., CFE; and David O’Bryan, Ph.D., CFE, CPA, CMA

n June 30, 2009, David Freeman pleaded guilty to conspiracy to commit bank fraud as part of a federal bribery case. Anxious to please the judge prior to his sentencing, he provided investigators with in-

formation about theft and resale of football and basketball tickets at the University of Kansas (KU). Freeman fi ngered two individuals, one of whom was exonerated while the other proved to be central to the case.

Freeman had his sentence reduced from 24 to 18 months, which his attorney said was an inadequate re-ward for the information he had provided, according to “Developer source in KU ticket scandal,” by Steve Fry, in The Topeka Capital-Journal, April 22, 2010. (http://tinyurl.com/24wwss9)

Federal authorities contacted KU offi cials in late 2009. Under increasing pressure, KU announced in March 2010 that it had retained the services of the Wichita offi ce of Foulston Siefkin LLP to conduct an internal investigation. Assisted by a forensic accounting fi rm, Foulston Siefkin found that six employees had conspired to improperly sell or use approximately 20,000 KU athletic tickets — mostly to basketball games, including the Final Four tournament — from 2005 through 2010. The sales amounted to more than $1 million at face value and could range as high as $3 million at market value. Even worse, the investigators were unable to determine how many of the tickets were sold directly to brokers because the employees disguised these distributions into categories with limited account-ability, such as complimentary tickets, according to “Uni-versity of Kansas athletic tickets scam losses may reach $3M,” in the Kansas City Business Journal, May 26, 2010. (http://tinyurl.com/3nvaf76)

The investigation did not examine years prior to 2005 because the athletics department did not retain those re-cords. The investigation of KU’s ticket sales and fundrais-ing operations by federal authorities continued throughout 2010 and 2011.

KU’s internal investigation, which was released May 26, 2010, implicated the associate athletic director for develop-ment, the associate athletic director for the ticket offi ce, the assistant athletic director for development, the assistant ath-letic director for sales and marketing, the assistant athletic director for ticket operations and the husband of the associ-ate athletic director for the ticket offi ce who had been work-ing for KU as a paid consultant.

WHAT ACTUALLY HAPPENED?The accused allegedly abused the complimentary ticket policies of the university in three ways:

First, offi cial policy allowed for certain athletic offi ce employees to receive two complimentary tickets for each athletic event provided they would not resell them. In-stead, the athletic department routinely gave each of these employees more than two tickets for each event and tacitly permitted, if not overtly encouraged, reselling.

Second, the development/fundraising arm of the ath-letic offi ce was permitted to use complimentary tickets to cultivate relationships with prospective donors. However, these offi cials helped themselves to many more complimen-tary tickets than they could have reasonably needed.

Third, athletic department members improperly used or resold complimentary tickets reserved only for chari-table organizations.

The culprits concealed these thefts by simply charg-ing tickets to such fi ctitious accounts as RJDD — “Rod-ney Jones Donor Discretionary” — and not recording the ultimate recipients. (Jones was the assistant athletic di-rector for development and one of the two persons the informant identifi ed.)

By 2009, a cover-up compounded the original schemes. When the 2008-2009 basketball ticket sale re-cords could not be reconciled, Charlotte Blubaugh told Brandon Simmons and Jason Jeffries to move documents from the athletic offi ce to the football stadium where she, Ben Kirtland and Tom Blubaugh would destroy them on a weekend and then attribute their absence to construction at the stadium, according to Foulston Siefkin’s fi nal report to the KU’s general counsel.

In a separate scheme, the husband of the associate athletic director for the ticket offi ce, who was supposedly em-ployed as a consultant to the athletic department, received payments totaling $116,500, all approved by the associate athletic director for development. Apparently, the husband did not provide any services in exchange for these payments.

Importantly, no allegations or evidence suggested that any players, coaches or university administrators out-side athletics were involved in these crimes. The athletic director was not involved in the scheme but accepted re-sponsibility for the lax oversight that contributed to its extent and duration. Athletics offi ce employees solely perpetrated these frauds.

o

©Daniel Padavona and Charles Mann/iStockphoto


So how did the frauds go undetected for at least fi ve years? And what can anti-fraud professionals do to prevent situations like this?

WHY COLLEGE ATHLETIC PROGRAMS ARE VULNERABLE TO FRAUDThe KU ticket scandal is not unique. It is merely the most recent and largest among fi nancial scandals in college athletic depart-ments that have included the University of Louisville, the Uni-versity of Colorado and the University of Miami. What happened at KU is a combination of separate, but related, problems that have become increasingly common in college athletic programs:

• Major athletic programs generate and spend huge sums of money.

• These programs frequently lack transparency in their fi nances.

• Athletic programs often operate independently of university oversight.

As we have seen, the frauds at KU were not particularly so-phisticated. (For example, the associate athletic director for the ticket offi ce used multiple dummy accounts for ticket purchasers with business locations that matched her home address.) The diffi culty anti-fraud professionals face is not designing or imple-menting fi nancial controls; the challenge is convincing senior administrators and oversight boards to reassert control over their athletic departments so that existing controls will be effective.

A higher-education institution often uses a top-down, com-mand-and-control structure on the fi eld or in the gym to build successful sports programs. However, that school might inappro-priately use that same approach to administer the business side of athletic programs. Fraud examiners who deal with intercol-legiate athletics should be aware of the following factors, which may predispose athletic programs to fraud:

College sports are a lucrative target for fraudsPart of the diffi culty in dealing with ticket sale frauds in col-lege athletics is that the sheer volume of money invites theft. According to most recent fi gures available from the National Collegiate Athletic Association (NCAA) and compiled by ESPN (“The money that moves college sports,” March 3, 2010, by Paula Lavigne, http://tinyurl.com/yf5d9vw), the 120 schools that comprise the Division I Football Bowl Subdivision gener-ate more than $1.1 billion from ticket sales each year. Of these, the top fi ve schools raise between $30.6 million and $44.7 mil-lion. (By comparison, KU is large but not exceptional. During the same period, the KU athletic programs spent more than $65 million and generated more than $17 million in ticket sales.)

College sports increasingly value winning over good fi nancial stewardshipThe inherent risk that surrounds such large sums of money is compounded by the intense pressure athletic programs face to win games and increase their television exposure. As the Knight Commission observed in its 2009 report on college athletics:

“The growing emphasis on winning games and increasing television market share feeds the spending escalation because of the unfounded yet persistent belief that devoting more dollars to sports programs leads to greater athletic success and thus to greater revenues.” (“Restoring the Balance: Dollars, Values and the Future of College Sports,” http://tinyurl.com/yjvr9kp)

This situation, albeit in different contexts, is common to many businesses that experience fraud. High revenues combined with a focus on growth at all costs often lead to situations in which organizations outstrip their own control structures and invites unscrupulous employees to siphon funds.

Sports tickets are inherently valuable and easily convertible to cashAthletic departments maintain an inventory of valuable, readily exchangeable assets in the form of tickets. An active secondary market, including ticket brokers, scalpers and casual sales among ticket holders, facilitates the unauthorized, diffi cult-to-trace re-sale of these tickets. This is exacerbated when the market value of the tickets frequently exceeds their considerable face value by a wide margin.

Also, custodians of complimentary tickets can wield great power and infl uence over those who want these coveted assets. Otherwise good people may turn a blind eye to wrongdoing if tempted, for example, by free tickets to the Final Four or a BCS bowl game.

College athletic departments frequently lack transparency in their operationsLack of access to information is a classic condition for facilitat-ing fraud. The fi nancial reporting that university athletic de-partments require varies widely in the amount and quality of information that they make publicly available. The U.S. Equity in Athletics Disclosure Act, for example, requires colleges to

FRAUD IN COLLEGIATE ATHLETICS

Part of the difficulty in dealing with ticket

sale frauds in college athletics is that

the sheer volume of money invites theft.

©Jon Helgason/iStockphoto

— Melinda Wilp, CPA

Make an investment in yourself.

Become a Certified Fraud Examiner.

Great job! Well organized, very engaging and I learned a lot. Very worthwhile class. I did not feel a minute of my time was wasted.” “

See more information about the CFE Exam Review Course at ACFE.com/CFE-Exam

UPCOMING COURSES:

January 30 – February 2, 2012 Dallas, TX

NEW LOCATION!March 26 – 29, 2012 Singapore

April 16 – 19, 2012 Las Vegas, NV

July 23-26, 2012 Boston, MA

August 27 – 30, 2012 Chicago, IL

September 17 – 20, 2012 Washington, DC

October 15 – 18, 2012 New York, NY

November 5 – 8, 2012 Austin, TX

Benefits of Attending the CFE Exam Review Course:

Structured Learning — Learn how to prepare for the CFE Exam

Fast Track — Immerse yourself in an intense, 3½ day preparation period

Instructor-Led — Receive guidance from experienced instructors

Interactive Sessions — Participate in open discussions on a variety of topics in fraud prevention

Team Environment — Meet others preparing for the CFE Exam and practicing CFE instructors to help you organize study sessions to review materials, and provide you with tips and processes designed for the working professional’s busy schedule

When you are able to set some time aside and take away all the distractions, it’s amazing what you can learn. The CFE Exam Review Course offers you four days of guidance from experienced instructors, giving you all the tools you need to prepare for and pass the CFE Exam.

According to the 2010/2011 Compensation Guide for Anti-Fraud Professionals, CFEs earn nearly 22% more than their non-certified colleagues.

Distinguish yourself as an expert in the field by attending our CFE Exam Review Course.


fi le annual reports with the U.S. Department of Education. However, compliance requires only six areas of expense — an overly broad set of categories that allows wide variation among institutions. The situation is a bit ironic when we consider that many Division I schools such — as The University of Texas with yearly athletic revenues of $44 million, or Alabama, with an an-nual athletic budget of $126 million — rival or exceed for-profi t fi rms but without the same reporting requirements imposed by the U.S. Securities and Exchange Commission or IRS, accord-ing to Lavigne’s 2010 ESPN article.

Frequently, a single individual controls the daily fi nancial man-agement of an athletic department and is not subject to fi nancial controls and oversight normally found in profi t-making entities.

This trend to place all the power in one person often be-gins at schools with highly successful coaches. According to the Knight Commission’s 2009 review of college presidents, a ma-jority believes that the infl uence of outside money has eroded their ability to control coaches and their programs. (“Quantita-tive and Qualitative Research with Football Bowl Subdivision University Presidents on the Costs and Financing of Intercol-legiate Athletics,” http://tinyurl.com/yjvr9kp)

The trend has continued from coaches to omni-competent athletic directors. John Gasaway, in his blog, “Basketball Prospec-tus,” has gone so far as to christen this effect, the “Lew Perkins Fallacy.” (He takes the name from the former KU athletic director, who resigned in the wake of the ticket scandal, but the phenome-non is by no means limited to the KU program.) The fallacy is that presiding over an operation that generates an enormous amount of revenue justifi es an enormous salary: $65 million and $4 million for KU and Lew Perkins, respectively. (“Jayhawks see through the Lew Perkins Fallacy. Will others?” http://tinyurl.com/3vrok9d)

Apart from the pressure that large salaries place on univer-sity fi nances, they create two additional but related problems. Winning athletic events does not necessarily translate into managerial or fi nancial competence. Winning may actually con-tribute to fi nancial mismanagement because it promotes an aura of invincibility, which could lead to lax oversight. Who wants to kill the proverbial goose that is laying the golden eggs? KU’s athletic director, according to Gasaway, lost millions of dollars in potential revenue for the university.

A second problem is that private sources often pay the large salaries. A number of college presidents noted in the Knight Commission study that they are losing control over athletics as schools are accepting more outside sources of income, such as television contracts or private fundraising, to pay athletic salaries.

Ticket audits may require specialized testingMost colleges provide free or reduced-price tickets to major or prospective donors. That group changes from game to game. So, athletic departments need to test internal controls and reconcile actual game attendance with revenues to ensure that the ticket offi ce is not overly generous with its donor tickets.

As the KU scandal illustrates, it is absolutely critical that someone independent from the athletic department perform timely reconciliations after each event to ensure adequate seg-regation of duties.

Schools that provide free tickets to employees need addi-tional controls and tests. In most cases, complimentary tickets should be reported as part of employees’ taxable income. Simi-larly, controls need to be in place to make sure that employees do not receive more tickets than they are allowed by their em-ployment contracts. (Regardless, it seems to be more than a lack of specialized training that caused Kansas’ auditors to overlook the scandal during their periodic reviews of the ticket sales as shown by the multiple front organizations using the ticket direc-tor’s home address.)

REASSERTING CONTROL OVER COLLEGE ATHLETICSWhether big-money sports are appropriate for universities is a topic beyond the scope of this article. However, large revenue streams are likely to remain an integral part of intercollegiate


Winning may actually contribute to

financial mismanagement because it

promotes an aura of invincibility,,

which could lead to lax oversight.

©Brandon Laufenberg/iStockphoto


athletics. The obvious course for universities, barring reducing sports, is to become better stewards of their athletic resources. More specifi cally, the same aspects of college sports that spawned the scandal at KU and other universities should be the focus of improvements, including better transparency and oversight.

TransparencyPublic disclosure of an organization’s fi nances is a powerful de-terrent to numerous types of fraud. Although the U. S. Depart-ment of Education requires universities to report some data for athletic programs, it is diffi cult to compare these disclosures among institutions because the law requires reporting only in very broad categories. The NCAA requires reporting with great-er detail. However, the public rarely sees such data. Moreover, the NCAA allows much leeway on the ways universities can categorize such data.

A uniform system of accounts and reporting would promote comparability and consistency among programs. To increase ac-curacy and reliability, information provided to external parties should come from universities’ central fi nancial administrations, not directly from their athletic programs. A university inter-nal audit function should be actively involved to enhance the quality of reported information. The external agencies receiv-ing these reports should post them on the Internet to promote openness and transparency and so independent watchdogs can scrutinize them for evidence of wrongdoing.

OversightAs with any other organization, simply installing better anti-fraud controls is not suffi cient to deter fraud. A standard of fraud prevention is that controls are only as effective as the people who use them. A lesson from the KU case is that athletic depart-ments require independent oversight.

If it is true, as the Knight Report suggests, that university presidents feel they are unable to do this directly, then universi-ties must seek other bodies to provide the oversight. Potential candidates include private university accrediting bodies, state boards of higher education or a university’s board of governors. Together with improved reporting standards, the move to inde-pendent review would remove the process from the more political atmosphere of university presidents and their competing needs to run their schools, raise funds and have winning athletic programs.

KU EPILOGUESince the scandal broke at KU, federal and state authorities have continued their investigation, which as of press time has thus far resulted in seven indictments and seven guilty pleas:

Jason Jeffries, assistant athletic director for ticket opera-tions, pled guilty to one count of misprision and was sentenced to two years of probation and $56,000 restitution.

Brandon Simmons, assistant athletic director for sales and marketing, pled guilty to one count of misprision and was sen-tenced to two years of probation and $157,840 restitution.

Both Jeffries and Simmons cooperated in the investigation from an early stage and received relatively light sentences.

Kassie Liebsch, athletic department systems analyst, pleaded guilty to one count of conspiracy to commit wire fraud and was sentenced to 37 months and $1.2 million restitution. Liebsch was not identifi ed as a co-conspirator in the spring 2010 investiga-tion. She continued to work at KU until the day of her indict-ment, Nov. 18, 2010.

Rodney Jones, assistant athletic director for development, pleaded guilty to one count of conspiracy to commit wire fraud and was sentenced to 46 months and $1.2 million restitution.

Charlette Blubaugh, associate athletic director for the ticket offi ce, pleaded guilty to one count of conspiracy to commit bank fraud and was sentenced to 57 months and $2.2 million restitution.

Tom Blubaugh, paid consultant to KU and husband of Charlette Blubaugh, pled guilty to one count of conspiracy to commit wire fraud and was sentenced to 46 months and nearly $1 million restitution.

Ben Kirtland, associate athletic director for development, pleaded guilty to one count of conspiracy to commit wire fraud. He was sentenced to 57 months and nearly $1.3 million resti-tution, including about $85,000 to the U.S. Internal Revenue Service and the balance to Kansas athletics.

After the story broke, Athletic Director Perkins announced he would retire in September 2011 and then abruptly retired on Sept. 7, 2010. KU has since replaced him with a new athletic director who makes roughly 10 percent of his predecessor.

An Aug. 10, 2011, court fi ling indicates that the U.S. attor-ney’s offi ce had collected only $81,025 from the fi ve individuals convicted of conspiracy.

As Ben Franklin was quoted as saying, “It takes many good deeds to build a good reputation, and only one bad one to lose it.” It may be easier to recover the money than the damaged reputation. Supporters of college athletics have asserted that the KU ticket fraud represents a crime by employees and not a fail-ure of college athletics. However, any enterprise that generates millions and has so little internal control is inviting fraud.

Effective control of intercollegiate athletics will require broader social and cultural changes that include good student outcomes over a win-at-all costs mentality. Until that occurs, anti-fraud professionals can best serve universities by helping them ensure they receive the revenue they are entitled to for all athletic events for advancing the institutions’ goals.

Herbert Snyder, Ph.D., CFE, is a professor of accounting in the Accounting, Finance and Information Systems Department at North Dakota State University in Fargo. His email address is: [email protected].

David O’Bryan, Ph.D., CPA, CFE, CMA, is a professor in the Department of Accounting and Computer Information Systems in the College of Business at Pittsburg (Kansas) State University. His email address is: [email protected].


THE

Tell-Tale Signs ofof Deception

The Words Reveal

Suspects and witnesses often reveal more than they intend through their choices of words. Here are ways to detect possible deception in written and oral statements.

By Paul M. Clikeman, Ph.D., CFE


he manager of a fast food restaurant calls the po-lice late at night to report that an armed robber

had entered the restaurant while the manager was alone in the offi ce fi nishing some paperwork. The manager said the gunman had stolen the entire day’s cash receipts — a little more than $4,000. The manager had reported a similar robbery at the restaurant about six months earlier. No other witnesses were present at either alleged robbery. The restaurant owner learns from police investigators that armed robbery is extremely unusual in the surrounding neighborhood. Also, the owner knows that the manager’s wages have been garnished for the last year for nonpay-ment of child support. The owner hires you, a CFE, to in-vestigate whether the manager is fi ling false police reports to cover his thefts. You begin your investigation by asking the manager to write a description of the evening’s events.

Detecting AnomaliesLinguistic text analysis involves studying the language, grammar and syntax a subject uses to describe an event to detect any anomalies. Experienced investigators are accus-tomed to studying interview subjects’ nonverbal behavior, such as eye contact and hand movement. Text analysis, on the other hand, considers only the subject’s verbal be-havior. Because text analysis evaluates only the subject’s words, investigators can apply it to written as well as oral statements. In fact, many investigators prefer to analyze suspects’ written statements for signs of deception before conducting face-to-face interviews.

Text analysis is based on research originating in the 1970s. Psychologists and linguists studied the language and word choices of subjects in controlled experiments and found predictable differences between truthful and decep-tive statements. Susan Adams, an instructor who taught text analysis (which she called statement analysis) at the FBI Academy for many years, described it as a two-part process (“Statement Analysis: What Do Suspects’ Words Really Reveal?” FBI Law Enforcement Journal, October 1996). First, investigators determine what is typical of a truthful statement. Secondly, they look for deviations from the norm.

The following section describes deviations that sug-gest a subject may be withholding, altering or fabricat-ing information.

Ten Signs of Deception

1. Lack of self-referenceTruthful people make frequent use of the pronoun “I” to describe their actions: “I arrived home at 6:30. The phone was ringing as I unlocked the front door, so I walked

straight to the kitchen to answer it. I talked to my mother for 10 minutes before noticing that my TV and computer were missing from the living room.” This brief statement contains the pronoun “I” four times in three sentences.

Deceptive people often use language that minimizes references to themselves. One way to reduce self-referenc-es is to describe events in the passive voice.

• “The safe was left unlocked” rather than “I left the safe unlocked.”

• “The shipment was authorized” rather than “I autho-rized the shipment.”

Another way to reduce self-references is to substitute the pronoun “you” for “I.”

Question: “Can you tell me about reconciling the bank statement?”

Answer: “You know, you try to identify all the out-standing checks and deposits in transit, but sometimes when you’re really busy you just post the differences to the suspense account.”

In oral statements and informal written statements, deceptive witnesses sometimes simply omit self-referenc-ing pronouns. Consider this statement by a husband who claims his wife was killed accidently: “I picked up the gun to clean it. Moved it to the left hand to get the clean-ing rod. Something bumped the trigger. The gun went off, hitting my wife.” The husband acknowledges in the fi rst sentence that he picked up the gun. But the second sen-tence is grammatically incomplete; “I” has been omitted from the beginning of the sentence. In the third sentence, “something” rather than “I” bumped the trigger. The state-ment also contains few personal possessive pronouns. The witness refers to “the” gun and “the” left hand where we might expect “my” to be used.

2. Verb tense. Truthful people usually describe historical events in the past tense. Deceptive people sometimes refer to past events as if the events were occurring in the present. De-scribing past events using the present tense suggests that people are rehearsing the events in their mind. Investiga-tors should pay particular attention to points in a narra-tive at which the speaker shifts to inappropriate present tense usage. Consider the following statement made by an employee claiming that a pouch containing $6,000 in cash was stolen before she could deposit it at the bank (I have emphasized certain words.):

“After closing the store, I put the cash pouch in my car and drove to the Olympia Bank building on Elm Street. It was raining hard so I had to drive slowly. I entered the parking lot and drove around back to the night depository slot. When I stopped the car and rolled down my window,

T


a guy jumps out of the bushes and yells at me. I can see he has a gun. He grabs the cash pouch and runs away. The last I saw him he was headed south on Elm Street. After he was gone, I called the police on my cell phone and reported the theft.”

The fi rst three sentences describe the employee’s drive to the bank in the past tense. But the next three sentences describe the alleged theft in the present tense. An alert investigator might suspect that the employee stole the day’s cash receipts, then drove to the bank and called the police from the bank parking lot to report a phony theft. (See another example in “Antics with Semantics” on page 35.)

3. Answering questions with questionsEven liars prefer not to lie. Outright lies carry the risk of detection. Before answering a question with a lie, a deceptive person will usually try to avoid answering the question at all. One common method of dodging questions is to respond with a question of one’s own. Investigators should be alert to responses such as:

• “Why would I steal from my own brother?”

• “Do I seem like the kind of person who would do something like that?”

• “Don’t you think somebody would have to be pretty stupid to remove cash from their own register drawer?”

4. EquivocationThe subject avoids an interviewer’s questions by fi lling his or her statements with expressions of uncertainty, weak modifi ers and vague expressions. Investigators should watch for words such as: think, guess, sort of, maybe, might, perhaps, approximately, about, could. Vague statements and expressions of uncertainty al-low a deceptive person leeway to modify his or her assertions at a later date without directly contradicting the original statement.

Noncommittal verbs are: think, believe, guess, suppose, fi g-ure, assume. Equivocating adjectives and adverbs are: sort of, almost, mainly, perhaps, maybe, about. Vague qualifi ers are: you might say, more or less.

5. OathsAlthough deceptive subjects attempt to give interviewers as lit-tle useful information as possible, they try very hard to convince interviewers that what they say is true. Deceptive subjects often use mild oaths to try to make their statements sound more convincing. Deceptive people are more likely than truthful people to sprinkle their statements with expressions such as: “I swear,” “on my honor,” “as God is my witness,” “cross my heart.” Truthful witnesses are more confi dent that the facts will prove the veracity of their statements and feel less need to back their statements with oaths.

6. EuphemismsMany languages offer alternative terms for almost any action or situation. Statements made by guilty parties often include mild or vague words rather than their harsher, more explicit synonyms. Euphemisms portray the subject’s behavior in a more favorable light and minimize any harm the subject’s actions might have caused. Investigators should look for euphemistic terms such as: “missing” instead of “stolen,” “borrowed” instead of “took,” “bumped” instead of “hit,” and “warned” instead of “threatened.”

7. Alluding to actionsPeople sometimes allude to actions without saying they actually performed them. Consider the following statement from an em-ployee who was questioned about the loss of some valuable data: “I try to back up my computer and put away my papers every night before going home. Last Tuesday, I decided to copy my fi les onto the network drive and started putting my papers in my desk drawer. I also needed to lock the customer list in the offi ce safe.” Did the employee back up her computer? Did she copy her fi les onto the network drive? Did she put her papers in the desk draw-er? Did she lock the customer list in the offi ce safe? The employ-ee alluded to all these actions without saying defi nitively that she completed any of them. An attentive investigator should not assume that subjects perform every action they allude to.

8. Lack of DetailTruthful statements usually contain specifi c details, some of which may not even be relevant to the question asked. This happens because truthful subjects are retrieving events from long-term memory, and our memories store dozens of facts about each experience — the new shoes we were wearing, the song that was playing in the background, the woman at the next table who reminded us of our third-grade teacher, the conversation that was interrupted when the fi re alarm rang. At least some of these details will show up in a truthful subject’s statement.

Those who fabricate a story, however, tend to keep their statements simple and brief. Few liars have suffi cient imagination

10 TELL-TALE SIGNS OF DECEPTION

©Stephan Zabel/iStockphoto


to make up detailed descriptions of fi c-titious events. Plus, a deceptive person wants to minimize the risk that an inves-tigator will discover evidence contradict-ing any aspect of his or her statement; the fewer facts that might be proved false, the better. Wendell Rudacille, the author of “Identifying Lies in Disguise” (Kendall/Hunt, 1994), refers to seeming-ly inconsequential details as “tangential verbal data” and considers their presence to be prime indicators that subjects are telling the truth.

9. Narrative balanceA narrative consists of three parts: pro-logue, critical event and aftermath. The prologue contains background informa-tion and describes events that took place before the critical event. The critical event is the most important occurrence in the narrative. The aftermath describes what happened after the critical event. In a complete and truthful narrative, the bal-ance will be approximately 20 percent to 25 percent prologue, 40 percent to 60 per-cent critical event and 25 percent to 35 percent aftermath. If one part of the narra-tive is signifi cantly shorter than expected, important information may have been omitted. If one part of the narrative is signifi cantly longer than expected, it may be padded with false information. The fol-lowing statement, fi led with an insurance claim, is suspiciously out of balance:

“I was driving east on Elm Street at about 4:00 on Tuesday. I was on my way home from the A&P supermarket. The traffi c light at the intersection of Elm and Patterson was red, so I came to a complete stop. After the light turned green, I moved slowly into the intersec-tion. All of a sudden, a car ran into me. The other driver didn’t stop, so I drove home and called my insurance agent.”

The subject’s statement contains four sentences of prologue, only one sen-tence describing the critical event, and only one sentence of aftermath. The prologue contains a credible amount of detail: the day and time of the accident, the driver’s destination, and the location

JUNE 17-22 , 2012

For more information or to register, visit FraudConference.com.

ACFE Fraud Conference

and Exhibition

23rd ANNUAL

ORLANDO, FLGaylord Palms Resort & Convention Center

Don’t Miss 2012’s Largest Anti-fraud Event.

Join forces with thousands of anti-fraud professionals at the 23rd Annual ACFE Fraud Conference and Exhibition in the fight against fraud. You will address the challenges and critical issues faced by anti-fraud professionals during top-level educational sessions and participate in unmatched networking opportunities with the premier practitioners and thought leaders from all over the world.


of the accident. But the description of the critical event (i.e., the alleged accident) is suspiciously brief. The claimant did not describe the other vehicle, which direction it came from, how fast it was going, whether the driver braked to try to avoid the accident or how the two vehicles made contact.

The aftermath is also shorter than one would expect from a complete and truthful account of a two-car accident. The claimant does not say which direction the other vehicle went after leaving the scene of the accident. He does not mention getting out of his vehicle to inspect the damage nor does he say whether he spoke to any people in the area who may have witnessed the accident. A claims adjuster receiving such a statement would be wise to inves-tigate whether the policyholder concocted a phony hit-and-run story to collect for damages caused by the driver’s negligence.

10. Mean Length of UtteranceThe average number of words per sentence is called the “mean length of utterance” (MLU). The MLU equals the total number of words in a statement divided by the number of sentences: Total number of words / Total number of sentences = MLU

Most people tend to speak in sentences of between 10 and 15 words (ACFE Self-Study CPE Course, “Analyzing Written

Statements for Deception and Fraud,” 2009). When people feel anxious about an issue, they tend to speak in sentences that are either signifi cantly longer or signifi cantly shorter than the norm. Investigators should pay particular attention to sentences whose length differs signifi cantly from the subject’s MLU.

The Words RevealComplete and accurate descriptions of actual events are usually stated in the past tense and tend to have a predictable balance of prologue, critical event and aftermath. Truthful statements gener-ally contain numerous self-referencing pronouns and include at least a few seemingly inconsequential details. Truthful statements rarely contain oaths, equivocation or euphemisms. Investigators should apply extra scrutiny to written or oral statements that de-viate from these norms. Suspects and witnesses often reveal more than they intend through their choices of words.

Paul M. Clikeman, Ph.D., CFE, is an associate professor in the Robins School of Business at the University of Richmond. His email address is: [email protected].


NEW COURSE!

Using Data Analytics to Detect Fraud

Using Data Analytics to Detect Fraud will introduce

students to the basics of using data analytics techniques to

uncover fraud. Taking a software-independent approach,

this one-day course provides attendees with numerous

data analytics tests that can be used to detect various

fraud schemes. Attendees will also discover how to

examine and interpret the results of those tests to identify

the red flags of fraud.

March 19, 2012New York, NY

For more information or to register, visit ACFE.com/DataAnalytics.

This event is held in conjunction with Investigating on the Internet, March 20-21, 2012.

CPE Credit: 8Course Level: Basic Prerequisite: None



t may happen that you inherit a case that someone else opened. Besides fi nancial documents, all you have are the

written statements from witnesses and suspects. Can you tell enough from words alone to detect evasion, lack of cooperation and the intent to deceive? Yes, you can.

Semantics is a discipline concerned with the meaning of words and the ways that words combine to form meanings in sen-tences. The noun “rock,” for example, can indicate a stone or a type of music. As a verb, “to rock” indicates the action of causing something to rock (rock the cradle) or to rock oneself in a chair (rocking on the front porch) or a form of party-time behavior (“we were rocking last night”).

Anytime you interpret someone’s words — during a conversa-tion, or as part of your professional duties — you are practicing semantics. Here is one example of semantic analysis:

Use of Present Tense when Describing a Past OccurrenceSometimes deceptive individuals display a reluctance to refer to past events as past, particularly if the past event is the subject of investigation. They refer to past events as if they were occurring in the present. You should pay particular attention to those points in the narrative at which the speaker shifts to this inappropriate pres-ent tense usage, as in the following example.

How many times in this written statement does this person switch to the present tense? What seems signifi cant about the points at which the switch occurs?

“On December 15, 2009, in the late afternoon hours, Don L. Harrington, wife Wanda, and friends Amy Barr, Judy Partin and Myself, Bob Boone, went to Taylor’s to pick up some layaway items. We used two cars because there was some bulky merchan-dise such as bicycles and a battery-operated car. Don had just gotten his paycheck so instead of making a trip to the bank he would pay the balance of the layaway with his check. Wanda usually handles the fi nances, so she had Don’s check in her purse. So Wanda hands Don his check, which in turn he gives it to the layaway clerk. The clerk look at the check and said that she couldn’t accept it but it was obvious that clerk was inexperienced, because in fact it was the other clerk working in layaway that told the clerk that she would have to check with the manager fi rst. So the clerk takes the check over to the manager, and we all see the manager shake her head ‘no.’ By this time Don sees that he can’t use his check, which was a surprise to us because it was a payroll check instead of a personal check. But instead of causing chaos, Don decided to pay for it in cash, which Wanda had in her

purse. So Don asked her for the money, gave it to the clerk, the clerk gave him the receipt, and we went to the back to pick up the merchandise. In all the confusion, Don thought that Wanda had the check, and Wanda thought that Don had it, and by this time we had gotten to Don’s house. So Don called ABC Company and told the payroll dept. that his check was lost.”

Bob Boone uses the present tense in three sentences:“So Wanda hands Don his check which in turn he gives it to

the layaway clerk.”“So the clerk takes the check over to the manager, and we all

see the manager shake her head ‘no.’ ““By this time Don sees that he can’t use his check, which

was a surprise to us because it was a payroll check instead of a personal check.”

It is remarkable that the switch to the present tense occurs at key moments in the exchange: as the check is handed over, as the manager refuses to accept the check and as Don becomes aware he will not be able to use the payroll check. This indicates the person is sensitive about those moments.

Often, people use the present tense for past events when they are rehearsing the events in their mind. It is a device for keeping things straight. Maybe the person is just being careful, or maybe he is being deceptive.

As an investigator, you should note the switches to the present tense, and the point of the narrative at which these occur. From there, you will decide how to explore the issues further.

Excerpted and adapted from the ACFE Self-Study CPE Course, “Analyzing Written Statements for Deception and Fraud,” 2009. This excerpt is by Don Rabon, CFE.

Further Reading• “Analyzing Written Statements for Deception and Fraud,”

ACFE Self-Study CPE Course, 2009 (ACFE.com/products.aspx?id=2809).

• “Investigating Discourse Analysis,” by Don Rabon, CFE (Carolina Academic Press, 2003).

• “Identifying Lies in Disguise,” by Wendell Rudacille (Kendall/Hunt, 1994).

• “I Know You Are Lying,” by Mark McClish (The Marpa Group, 2001).

• “Statement Analysis: What Do Suspects’ Words Really Reveal?” by Susan H. Adams, FBI Law Enforcement Journal (October 1996).

Antics with Semantics

I


SOMETIMES WE FIND FRAUDULENT ACTIVITY OCCURRING IN THE MOST UNSUSPECTING PLACES. What started out as a routine examination into a tip from an anonymous call-center employee who was concerned with the large number of suspicious credit card payments a few fellow employees were processing, turned out to be the discovery of a whole new area of call center fraud operating right under the noses of management, compliance, internal au-dit, quality assurance and even fraud committee members.

A call center environment can foster many credit card processing scams. The most popular is for call cen-ter agents to retain credit card account numbers, expira-tion dates and security codes for themselves or to sell to fraudsters. We also see this scam in restaurants and other retail industries. Fortunately, in this case, the employee who called the hotline supplied the locations and names of the suspicious employees and claimed that the number of payments they processed was far beyond the norm.

As an outside consultant, I fi rst had to become famil-iar with the work of the business unit and the group in which the suspected employees worked. That unit han-dles inbound and outbound phone calls with customers who are past due on delinquent accounts. The collectors, who use defi ned call scripts, process payments through a number of payment options for consumers, including mailing payments, self-performed Internet payments, check by phone, automatic account debit and, naturally, credit card and debit card payments processed over the phone. The company provides exceptional training ser-vices for the employees and monitors their work so they comply with company policies, procedures and applicable federal, state and even some local statutes. An automated account management system documents all work, and the company records all phone calls.

Next, I zeroed in on the accused employees because the tipster had not provided specifi c details of the al-leged fraudulent conduct. I listened to call recordings, reviewed the corresponding accounts associated with calls and sat in on some blind monitoring of the col-lectors’ live calls. Nothing seemed out of the ordinary. The targeted collection representatives were very pro-fessional, positive and helpful to consumers.

I expanded the investigation to several previous months and increased the sampling of calls and ac-counts. I reviewed consumer complaints containing allegations of unauthorized charges to see if these col-lectors had handled them. I still found no question-able conduct. As a fi nal part of the examination, I in-terviewed the entire business unit staff to uncover any other employee suspicions of fraudulent activities. I im-mediately saw that the group members were extremely competitive, but management encouraged this through bonuses and advancement to high achievers.

After six or eight interviews, I believed I discovered the employee who fi led the anonymous report to the ho-tline. She made remarks that those who “know how to work the system” are the ones who make bonuses and ad-vance, while those who “play by the rules” are stuck, live paycheck to paycheck and are passed over for promotions. She struck me as either a disgruntled employee or some-one tired of seeing cheaters prosper. After a few additional probing questions, I had what I needed to develop a theory for what may be the most unsuspecting fraudulent activity I have ever uncovered. I tore into the historical perfor-mance measurements, metrics, reports and employee fi les of the business unit. What I found was shocking.

Overachieving Fraud Wolves in Sheep’s ClothingTargeting Top-Performing Employees Gaming the Bonus System

Follow this CFE consultant as he uncovers top collection reps at a business call center who infl ated their performances for more money and job advancement. Lesson? Do not always follow the money.

By Jeffrey Horner, CFE, CRCMP


My interviews with the business unit’s management and review of historical docu-mentation showed clearly that the top col-lection representatives processed over the phone as much as two to three times the number of credit card and debit card pay-ments as the average collector. Incentives for the number of credit card payments allowed representatives to earn bonuses.

After I traced the payments to the ac-counts, I noticed that some collection rep-resentatives would set up customers on pay-ment plans to charge their credit cards once or even twice a week, instead of the typical payment plan for once every two weeks or monthly. The total amount the customer paid was the same, but it was broken down into smaller amounts and processed regu-larly to increase the number of payments per week. Ironically, these “top-performing” employees appeared to be the most talented, dedicated, hardest-working phone represen-tatives in the business unit.

As I reviewed the employment records and performance reviews of the current and former supervisors and managers of the business unit, I found it crystal clear that they had all worked their way up in similar fashion. They rou-tinely outscored their peers at the performance metrics. I ex-panded my investigative analysis to other call center business units and found the same conduct.

DRIVING EMPLOYEES TO CHEATMuch has been written, preached and practiced in the area of em-ployee motivation, especially for those directly interacting with customers. Management drives them to shatter sales and service records, surpass customer satisfaction standards, hit key perfor-mance indicators, out-hustle the competition and fi nd ways to do more with less. We set goals and budgets, apply performance metrics, and offer various bonuses and creative incentives.

Organizations monitor and evaluate employee performance, and top achievers climb up corporate ladders. If you are passed over too many times you are branded as stale, and you may lose all hope to advance. Those who earn promotions then study the playing fi elds and develop their strategies to move up the next rungs of corporate ladders.

Capitalism through competition. So what is there to worry about? Plenty. Let us take a deeper look into this activity.

Typically, CFEs, internal auditors, external auditors, and risk and compliance managers will search for fraudulent em-ployee activity by focusing on employee theft, embezzlement, expense account fraud, larceny, fraudulent check writing or cashing, vendor contracts and countless other schemes. They follow the money and focus on fi nancial transactions and report-ing as sources for discovery. But signifi cant fraudulent employee activity can be occurring in the open, and we fail to recognize it or the severity of the risks and potential losses.

We are familiar with criminologist Dr. Donald R. Cressey’s fraud triangle that defi nes fraud as the convergence of three factors to set the climate for fraud: pressure, opportunity and rationalization. CFEs are trained to focus their sights on the business resources, processes, procedures, employee activities and personnel to detect the potential for, and existence of, the fraud triangle factors. Nevertheless, many fraud examiners do not recognize the existence of these factors in the out-in-the-open business environment because we are diligently sleuthing for the not-so-obvious, hidden schemes buried deep in the orga-nization. Is it possible that fraudulent activity is fully accepted and expected? If so, where, and how do we identify it?

THE NUMBERS CAN LIEIn this case, the use of data was essential to steer the investi-gation in the proper direction. Looking at the total payment processed by the representatives in the group in Figure 1 (on page 38), we see no signifi cant variance. In fact, the highest pro-ducers of total payments are reps 112 and 117. However, drilling into the number of debit card and credit card payments pro-cessed quickly reveals a statistical anomaly. Reps 114 and 118 clearly processed a disproportionately higher number of these payments than the others in the group. Because the company incents reps with bonuses and awards to obtain these payments, Reps 114 and 118 benefi tted.

This information caused us to review the details of payments and customer accounts. We were alarmed to see that these reps were breaking policy by processing payments as often as two times per week on the same customer account to artifi cially in-fl ate the number of payments and earn bonuses. The consumers agreed to this practice when the reps told them it was necessary

©Juan Darien/iStockphoto


to keep activity occurring on their accounts so no additional collection action was taken.

In another group, we found that manage-ment was looking at a standard call center Key Performance Indicator (KPI) to identify any em-ployee that may not be in line with performance standards. Figure 2 below shows that the average handle time seems consistent across all employ-ees. However, upon closer examination, we no-tice that Reps 223 and 226 have extremely short fi rst contact and inbound call times.

We decided to monitor calls and found that these reps would not thoroughly and adequately address customers’ questions, disputes or requests for documentation, as required by company pol-icy. They were cutting corners to handle more calls. You will not be surprised to learn that the monthly incentives in the group were based on the average number of calls handled per day. By cutting these calls short and telling customers that someone would get back to them on their issues or concerns, they were able to make more calls than other reps.

RISK AND COMPLIANCEAccording to The Committee of Sponsoring Organizations of the Treadway Commission (COSO), “Everyone in an organization has re-sponsibility for internal control.” (http://tinyurl.com/4y24k9n) It starts with the CEO, who should ultimately “assume ‘ownership’ of the system,” COSO states. However, management devises goals, targets, budgets and service stan-dards and drives them to the production level. A close examination of the conduct and behavior at that level may reveal potential fraudulent ac-tivity that standard business processes and pro-cedures have cloaked.

We know that certain areas are ripe for em-ployee fraud, such as expense accounts, com-mission reports and vendor contracts. But does the defi nition of fraud and Cressey’s fraud triangle apply to activity and con-duct related to employee performance metrics? We can build the case that it does.

Employees, supervisors or managers who intentionally in-fl ate performance metrics in daily job duties, or omit negative information or activities, meet the fi rst part of the defi nition for fraud. But what about the requirement for a victim suffering loss by these actions? Again, the victim here is the employer organiza-tion through the receipt of invalid performance metrics, delivery

and data, or the absence of these values from negative data that could be used to improve the organization and its outcomes.

And fi nally, does the perpetrating employee receive gain? This is where we make a critical mistake and overlook the ob-vious. Up to this point, we are dismissing these acts and omis-sions by employees as harmless, just seeking to look good to the boss, avoid the consequences of missteps or failure, earn that bonus or climb the ladder in the organization. Employees who are evaluated by performance measurements, metrics, data, etc. who manipulate these values are in essence causing their performances to appear to be better/higher/more valuable to

OVERACHIEVING FRAUD WOLVES IN SHEEP’S CLOTHING

0

20

40

60

80

100

120

140

160

Total

Debit Card

Credit Card

Rep 118Rep 117Rep 116Rep 115Rep 114Rep 113Rep 112Rep 111

Figure 1: Employee Performance Anomoly

2531

21

46

22 18

32

55

2329

18

3928

2031

44

125135

115129

113125

134129

Num

ber

of P

aym

ents

Pro

cess

edRepresentative

0:00

1:37

2:74

4:12

5:49

6:86

8:24

Average

Inbound

2nd Contact

1st Contact

Rep 229Rep 228Rep 227Rep 226Rep 225Rep 224Rep 223Rep 222

Figure 2: Employee Performance Anomoly

6:26

2:41

7:02

6:32

3:07

6:12 6:21 6:

54

3:35

1:41

3:48

4:04

2:12

3:57 4:

08

3:59

3:58

3:59

3:55

4:11

3:55

4:21

4:11 4:31

3:57

3:12

4:19 4:25

3:26

4:28

4:28 4:38

Cal

l Han

dle

Tim

e (m

in:s

ec)

Representative

Figure 1

Figure 2


the organization than they would actually be otherwise. What is the motivation? Clearly, for those who are compensated by commission and bonuses the answer is obvious: money. But job retention or advancement also constitutes personal gain.

The totality of the defi nition has been met in the descrip-tion of employees who purposefully skew performance metrics. It is not hard for frontline employees to cut corners, force orders, shorten calls, bury complaints, etc., day after day to put up some impressive numbers.

This environment is ripe with employee incentive/pres-sure. The opportunity is present for front-liners to manipulate the input, statistics, calls, paperwork and other job functions. And rationalization is a personal psychological characteristic that has been found to be present in 40 percent of employees, according to “Managing the Business Risk of Fraud: A Practical Guide.” And according to Freud, rationalization is a defensive

mechanism that seeks to offer acceptable reasons to others, or ourselves, for unacceptable behavior. As stated by ACFE found-er and Chairman, Dr. Joseph T. Wells, CFE, CPA, in his “Corpo-rate Fraud Handbook,” “For the purpose of detecting and deter-ring occupational fraud, it does not matter whether employees are actually justifi ed, but whether they perceive that they are.”

Now that we have seen that frontline employee conduct may be an undetected area primed for fraud, we need to assess the risk to the enterprise. According to the International As-sociation of Risk and Compliance Management Professionals, the risk and harm sustained by an organization are not limited to the losses from employees who work the system to advance and earn more money. Risk, cost and liability from damage to cus-tomer goodwill, brand and exposure to regulatory actions may be signifi cant once the missteps are revealed. When company management is unable to obtain valid data from operations, the impact can be devastating.

HELP THE COMPANY HELP THEMSELVESThe environments most susceptible to transparent frontline fraud are those you would not normally suspect: service centers within the enterprise with high-volume, measurable workload functions. These include call center operations, inside order processing, lead generation, online agent help desks, billing and collection, telemarketing, mail processing, customer service centers and back-offi ce operations.

Once you recognize conduct as potentially fraudulent and know where to focus efforts to discover the activity, you must ex-amine what can be done to mitigate that risk. Often, process and

compliance reviews originate inside the same departments that breed the “culture of fudging the numbers.” You must address it, or it will continue. Because pressure from management to hit the numbers will always be a source of temptation for all to look the other way, the answer is to expand our reach to areas of the enterprise that possess the resources and skill sets necessary for independent examination.

In our case, once we showed executives the data for em-ployee performance anomalies, management culture and per-formance-based compensation and advancement history, it was clear that change was required. After we developed and imple-mented training programs to expose and address the conduct as fraudulent behavior, we devised measurements and reporting to display such activity to serve as deterrents. In a short period of time, performance metrics refl ected true and clean data for employee call statistics. With this information, we were able to

accurately identify problem employees and quash the culture of “working the system” for bonuses and advancement. In just three months we gained a 14 percent increase in KPIs and cus-tomer satisfaction ratings! Only employees playing by the rules earn bonuses for the right reasons.

Clearly the solutions are very simple, and if you take one thing away from this article, this is it: The targets, goals, incen-tives and bonuses are not the problem. We must focus investi-gative principles and techniques on performance anomalies be-cause they are ripe for frontline, transparent fraudulent activity. It is critical that we segment employee production by tenure, skill and past achievement variances.

A business environment probably already has all the neces-sary tools, resources and historical data to assess the accuracy, or lack thereof, of job performances at any level. Management will need to develop controls, checks and balances, monitoring, reporting, ethics training, employee hotlines and preventative measures to reduce the risk for fraud.

We may nip and tuck around the edges to modify behavior, and still the crafty employees fi nd ways to “hit their numbers” and get the prizes. If we are not diligent in reviewing, reconcil-ing and building operations-oriented analysis tools to identify performance anomalies — and investigate them — unrecog-nized fraudulent activity will occur before our eyes.

Jeffrey Horner, CFE, CRCMP, is chief development offi cer and senior vice president of the Government Services Division of UCB Inc. His email address is: [email protected].

OVERACHIEVING FRAUD WOLVES IN SHEEP’S CLOTHING

Risk, cost and liability from damage to customer goodwill, brand and exposure to regulatory actions may be signifi cant once the missteps are revealed.

Data Breaches, a 3-Part Series

BREAKING BREACHSECRECY, Part 3

BY ROBERT E. HOLTFRETER, PH.D., CFE, CICA; AND ADRIAN HARRINGTON

©PN_Photo/iStockphoto

41

here are data breaches and then there are data breaches. Hold on as we look at two enormous cases reported by the Privacy Rights Clearinghouse (PRCH) in its “Chronology of Data Breaches.”

Even though the number of records compromised in these two cases is atypical, it does illustrate the problems consumers face when their personal data is not protected by organizations that use it.

On Jan. 20, 2009, Visa and MasterCard alerted Heartland Payment Systems, a credit and debit card processor, of suspicious activity related to card transactions. After the company inves-tigated, it found evidence of malicious software that compromised data on more than 130 million cards. The incident may have been the result of a global cyberfraud operation.

On June 16, 2005, hackers infi ltrated the net-work of CardSystems — a third-party processor of payment card transactions — and exposed names, card numbers and card security codes of more than 40 million card accounts, including 68,000 Mastercard accounts, 100,000 Visa accounts and 30,000 accounts from other card brands. On Feb. 26, 2006, CardSystems agreed to settle charges with the Federal Trade Commission that it failed to have in place the proper security measures to protect sensitive personal information. CardSys-tems notifi ed affected consumers and offered them one year of credit monitoring services.

Data breaches that lead to identity theft have affected the lives of individual consumers, businesses, nonprofi t organizations and govern-ments at all levels throughout the world, espe-cially in the past decade. Security companies are constantly working to develop better products for individuals and organizations to protect personal information. Many organized cybercriminals work

as successful profi t-making businesses, constantly developing new fraudulent schemes to look for system weaknesses and collect personal identifi -able information (PII).

However, as our new report and analysis in this article show, it is not just blatant hacker ef-forts that cause data breaches. Organizations and individuals who do a horrible job protecting per-sonal data, of course, create conditions that lead to the majority of data breaches.

TRACKING THE PESKY BREACHESThough not all organizations report data breaches publicly, at least three independent groups track and analyze breaches and publish them in reports: the Privacy Rights Clearinghouse (PRCH), Veri-zon and the Identity Theft Resource Center®.

Privacy Rights Clearinghouse PRCH describes itself as a “nonprofi t consumer edu-cation and advocacy project whose purpose is to ad-vocate for consumers’ privacy rights in public policy proceedings.” From Jan. 1, 2005, through press time, it has tracked, analyzed and classifi ed 2,752 data breaches and more than 542 million compromised records for inclusion in its “Chronology of Data Breaches,” which is updated daily (www.privacy-rights.org/data-breach) from these sources:

• The Open Security Foundation’s DATALOSSdb. (www.datalossdb.org)

• Databreaches.net, a spinoff from www.PogoWas-Right.org, has compiled a wide range of breach reports since January 2009.

• Personal Health Information Privacy (www.phiprivacy.net/), affi liated with Databreaches.net, is a database that compiles only medical data breaches. Many of these are obtained from

Analysis Shows Entities Lack Strong Data Protection ProgramsThe authors’ analysis of data-breach statistics shows that organizations poorly protect personal data. Possible solution: U.S. federal rules for guidance in developing comprehensive data protection programs.


the U.S. Department of Health and Human Services’ medical data breach list.

• National Association for Information Destruction Inc. (www.naidonline.org) provides monthly newsletters that include a number of data breaches largely resulting from improper docu-ment destruction.

The PRCH classifi es data breaches as:

• Unintended disclosure: sensitive information posted publicly on a website, mishandled or sent to the wrong party via email, fax or mail.

• Hacking or malware: electronic entry by an outside party.

• Payment card fraud: fraud involving debit and credit cards that is not accomplished via hacking. For example, skimming devices at point-of-service terminals.

• Insider: someone with legitimate access such as an employee or contractor intentionally breaches information.

• Physical loss: lost, discarded or stolen non-electronic records, such as paper documents.

• Portable device: lost, discarded or stolen laptops, PDAs, smartphones, portable memory devices, CDs, hard drives, data tapes, etc.

• Stationary device: Lost, discarded or stolen stationary electronic devices such as a computer or server not designed for mobility.

• Unknown.

Verizon BusinessFor the past six years, the Verizon Business Risk Team, in con-junction with the U.S. Secret Service (since 2009) and the Dutch National High Tech Crime Unit (starting in 2010), has prepared the annual Data Breach Investigations Report (http://tinyurl.com/3votjlj) based on its analysis of more than 900 data breaches representing more than 900 million compromised re-cords. The Verizon study classifi es the breach types as from ex-ternal agents, insiders, business partners and multiple parties.

Identity Theft Resource Center®

The Identity Theft Resource Center® (ITRC) (www.idtheft-center.org) describes itself as “a nonprofi t, nationally respected organization dedicated exclusively to the understanding and prevention of identity theft.”

The ITRC list is a compilation of data breaches confi rmed by various media sources and/or notifi cation lists from state governmental agencies. The group updates the list weekly. To qualify for the list, breaches must include PII that could lead to identity theft, especially SSNs. Since Jan. 1, 2005, and up to press time, the ITRC has tracked and analyzed 2,852 data breaches and more than 496 million compromised records.

The ITRC classifi es its types of data breaches as from: data on the move, accidental exposure, insider theft, subcontractors and hacking.

These organizations use differing methodologies to select and classify data breaches, which allow us to view the data from different perspectives. “Data breaches are not all alike,” accord-ing to the ITRC. “Security breaches can be broken down into a number of categories. What they all have in common is that they usually contain personal identifying information in a format eas-ily read by thieves, in other words, not encrypted.” That is true,

but a lot of personal information included in data breaches is encrypted. If organizations use the 56–bit Data Encryption Stan-dard rather than the 128-bit Advanced Encryption Standard, then hackers can normally break key codes and return encrypted data to plain text so they can use it for identity theft.

HOLTFRETER/HARRINGTON DATA BREACH ANALYSIS REPORTWe decided we wanted to compile a data breach report for the public and anti-fraud professionals using a different classifi ca-tion system to provide additional breadth and depth.

MethodologyWe analyzed 2,278 data breaches and 512,289,000 compromised records reported by the PRCH for a six-year period of 2005 through 2010 — Jan. 1, 2005 through Dec. 31, 2010. (Beth Givens, PRCH’s director, granted us permission to use its data.)

We developed our classifi cation system by conducting an analysis of a large sample of 300 data breaches to initially clas-sify each of them into three broad categories: internal, external and non-traceable. We used this initial broad approach because data breaches and related comprehensive data protection legis-lation are typically viewed by the public and identity theft ex-perts from an internal/external perspective. Internal and exter-nal data breaches are defi ned, simply, as those originating from within or outside an organization, respectively.

In the second phase of our analysis we examined all the sampled breaches included in the internal and external catego-ries to look for useful patterns for determining specifi c subtypes.

BREAKING BREACH SECRECY

©Gualtiero Boffi /iStockphoto

The ACFE Career CenterMore than just a Job Board.

The ACFE Career Center has resources and advice for

anti-fraud professionals at every stage of their career, from

entering the workforce to mentoring the next generation.

Even if you’re currently employed, the Career Center can

help you chart your path with:

Career advice from HR experts, hiring managers, self-employed fraud examiners and more.

Profiles of ACFE members who share how they charted their career path, what worked and what didn’t.

Valuable web resources including checklists, articles and career-planning tools.

The ACFE Job Board, where job seekers go to find job postings targeted to their skill set.

Don’t forget to check out job listings and network with colleagues on the ACFE LinkedIn group.

Invest in your career. Visit the ACFE Career Center at ACFE.com/Career.


We then completed the classifi cation process by placing all 2,278 data breaches for the six-year period into the following subtype categories, which we defi ned and used for the analysis:

IIPD: Internal — improper protection or disposal of data: For example, on Sept. 4, 2007, the University of South Caro-lina exposed online a number of fi les containing Social Security numbers, test scores and course grades.

ITF: Internal — theft of data by a current or former em-ployee with absolute or high probability of fraudulent intent: For example, on Feb. 5, 2009, a Mooresville, N.C., dry cleaner skipped town with her clients’ credit card numbers.

ITNF: Internal — theft of data by a current or former employee with low or no probability of fraudulent intent: For example, on April 27, 2007, an employee at the Caterpillar Corporation stole a laptop computer containing personal data of employees, including SSNs, banking information and addresses.

IH: Internal — hacking or unauthorized intrusion of a network by a current/former employee: For example, on March 21, 2010, a 21-year-old former Evergreen Public School employee Vancouver, Wash., pulled off a computerized payroll security breach that put more than 5,000 current and former Vancouver district school employees at risk for identity theft.

IL: Internal — loss of data: For example, on Oct. 15, 2009, the Virginia Department of Education reported that a fl ash drive containing 103,000 student names, SSNs, and employment and demographic data was misplaced.

XP: External — partner/third-party theft or loss of data by improper exposure or disposal: For example, on April 27, 2007, the Long Island Railroad reported that, while in transit, its delivery contractor, Iron Mountain, lost data tapes contain-ing names, addresses, SSNs and salary fi gures of virtually all the employees who worked for the company.

XTF: External — theft of data by a non-employee with ab-solute or high probability of fraudulent intent: For example, on Feb. 2, 2009, a school volunteer at the Irving Independent School District in Texas, stole information including SSNs and birth dates of school employees and tried to buy tires at a local Sears store after opening up a line of credit using the name of one of the school teachers. A suspicious, alert employee called the police.

XTNF: External — theft of data by a non-employee with low or no probability of fraudulent intent: For example, on Aug. 1, 2009, Williams Companies Inc., in Tulsa, Okla., report-ed that a laptop containing personal information of 4,400 cur-rent and former employees was stolen from a worker’s car.

XH: External — hacking or unauthorized intrusion of network by a non-employee: For example, on June 23, 2010, Anthem Blue Cross – WellPoint of California reported that hackers may have compromised customers’ personal informa-tion after gaining access to the company’s web-based tool for tracking pending insurance applications.

NA: Non-traceable — unable to determine as internal or external: For example, on June 22, 2009, numerous folders con-taining medical records and SSNs from Baptist Medical Center were found in a landfi ll.

Results? Entities Have Some Explaining to DoBear with us on the detailed results. Getting through these sta-tistics will pay off. Figure 1, Record Breach Sum (above), shows the percentage of the 581,289,000 compromised records for the six-year period. As shown, approximately 13 percent were traced to the internal category, 86 percent to external and 1 percent to non-traceable. Most individuals believe that the majority of compromised records and related breaches are externally driven — an opinion probably shaped by media outlets, which tend to focus their reporting on data breaches of large organizations.

Figure 2, Record Breach Types (above), shows the percent-ages of the total compromised records traced to each of the fi ve internal (IIPD, ITF, ITNF, IH, IL), four external (XP, XTF, XTNF, XH) and non-traceable (NA) subtype categories.

In the internal subtype categories, IIPD or the “improper protection or disposal of data,” accounted for approximately 3 percent of the total compromised records; ITF or “theft of data by a current or former employee with absolute or high prob-ability of fraudulent intent,” accounted for about 6 percent; IH or “hacking or unauthorized intrusion of network by a current/former employee,” was about 1 percent; IL or “loss of data,” was about 4 percent, and ITNF or “theft of data by an employee with low or no probability of fraudulent intent theft,” was about


1% Non-traceable

86% External Sum

13% Internal Sum

Figure 1: Record Breach Sum

2% External-XTF

0%: Internal-IH 0%: Internal-ITNF 0%: Non-traceable

59% External-XH

18% External-XP

8% External-XTNF

6% Internal-ITF

4% Internal-IL 3%

Internal-IIPD

Figure 2: Record Breach Types


1 percent. There is no dominant internal breach type, but this is somewhat expected because the total compromised records in this area accounted for only 13 percent of the overall total compromised records.

In the external subtype categories, XP or “partner/third party theft or loss of data by improper exposure or disposal,” accounted for approximately 18 percent of the total compromised records; XTF or “theft of data by a non-employee with absolute or high probability of fraudulent intent,” accounted for about 2 percent; XH or “hacking or unauthorized intrusion of network by a non-employee,” was about 59 percent; XTNF or “theft of data by a nonemployee with low or no probability of fraudulent intent,” was 8 percent, and NA or “non-traceable — unable to trace to internal or external,” accounted for approximately 3 percent.

External hackers caused most of the compromised records, which is expected because they get more bang for the buck by gaining access to more data when infi ltrating the networks of larger organizations. But another serious problem exists with some partners and third-party contractors who seem to be ir-responsible when entrusted with the data of other organizations.

Figure 3, Case Breach Sum (above), shows the percent-ages of data breaches for the general internal, external and non-traceable categories. Of the 2,278 data breaches, internal

accounted for 39 percent, external for 56 percent and 5 percent for non-traceable. These results are quite different when com-pared to the number of compromised records for internal, ex-ternal and non-traceable categories, which were noted above at 13 percent, 86 percent and 1 percent, respectively. This strongly indicates that the external hackers are getting access to more records per breach than those stealing internal records.

Figure 4, Case Breach Types (left), shows the percentage of the 2,278 data breaches for the fi ve internal (IIPD, ITF, ITNF, IH, IL), four external (XP, XTF, XTNF, XH) and non-traceable (NA) subtype categories. For internal, XP or the “improper pro-tection or disposal of data,” accounted for approximately 24 per-cent; XTF or “theft of data by a current or former employee with absolute or high probability of fraudulent intent,” accounted for about 8 percent; XH or “hacking i.e. unauthorized intrusion of network by current or former employee,” was about 1 percent; XL or “loss of data” was 7 percent, and XTNF or “theft of data by a current or non-current employee with low or no probability of fraudulent intent,” was about 1 percent.

Improper protection or disposal of data dominates this sub-category, which again shows that some organizations need to tighten up their controls.

In the external subtype categories, IIPD or “partner/third party theft or loss of data by improper exposure or disclosure,” accounted for approximately 7 percent of the total data breaches; XTF or “theft of data by a non-employee with absolute or high probability of fraudulent intent,” accounted for about 6 percent; XH or “hacking or unauthorized intrusion of network by a non-employee,” was about 18 percent; XTNF or “theft of data by a non-employee with low or no probability of fraudulent intent,” was 24 percent, and NA or “non-traceable — unable to determine as internal or external,” accounted for approximately 5 percent.

The pattern that exists among the total compromised re-cords and data breaches for the general internal, external and non-traceable categories seems to be true for the subtypes. For internal types, NC or the “improper protection or disposal of re-cords,” accounted for about 24 percent of the total breaches but 3 percent of the total compromised records. XTF, or the “theft of data by a current or non-employee with absolute or high prob-ability of fraudulent intent,” accounted for about 8 percent of the data breaches and about 6 percent of the compromised re-cords. In addition, the subtype IL, or the internal “loss of data,” accounted for about 5 percent of the total data breaches but only 4 percent of the total compromised records.

The above results are similar for the external subtypes. For example, XP, or the “partner/third party loss of data by improper exposure or disposal,” accounts for about 18 percent of the to-tal compromised records but only 7 percent of the total data breaches. XH, or “hacking or unauthorized intrusion of network by a non-employee,” accounts for 18 percent of the data breach-es but a whopping 59 percent of the total compromised records. XTF, or the “theft of data by a non-employee with absolute or high probability of fraudulent intent,” accounted for nearly 6


5% Non-traceable

56% External Sum

39% Internal Sum

Figure 3: Case Breach Sum

2% Internal-IH

5% Non-traceable

0%: Internal-ITNF

24% External-XTNF

24% Internal-IIPD

18% External-XH

8% Internal-ITF

7% External-XTF

7% External-XP

5% Internal-IL

Figure 4: Case Breach Types

ACFE BOOKS AND MANUALS

Fraud Fighter: My Fables and FoiblesBy Dr. Joseph T. Wells, CFE, CPA

At a period when dishonesty at top U.S. companies is dominating public attention, Fraud Fighter: My Fables and Foibles is a surprisingly frank and gripping mem-oir from an unsurprisingly effective fraud fighter. This autobiography forms a full tapestry of a life, displaying wit, intrigue, trepidation, regret and finally, victory (342 pages). $25 Members / $39 Non-MembersVisit ACFE.com/FraudFighter for more details.

Internet Fraud Casebook (Audio CD Set)This popular ACFE casebook is now available in a con-venient audio CD set. Featuring 13 CDs with more than 10 hours of captivating fraud cases, the Internet Fraud Casebook CD set allows you to listen to the war sto-ries of more than 40 fraud examiners and learn from their real-life investigations. Each case study walks through the investigation step-by-step, presenting les-sons learned and recommendations for preventing fu-ture occurrences of fraud.To download a sample chapter, visit ACFE.com/FraudCD. $59 Members / $79 Non-Members

NEW! Corporate Fraud Handbook: Prevention and Detection, Third EditionBy Dr. Joseph T. Wells, CFE, CPA

Fraud continues to be a serious and costly problem for businesses. Now in its third edition, the Corporate Fraud Handbook, written by the founder and Chairman of the ACFE, is filled with real-world cases and statis-tics on the various types of fraud and their real cost to organizations.

It reveals the incredibly creative fraud schemes used by employees, owners, managers and executives to de-fraud their companies. Auditors, fraud examiners and criminal investigators will discover how to spot the red flags of fraud and prevent it from happening in the first place (456 pages).

$49 Members / $75 Non-Members

Social Engineering: The Art of Human HackingBy Christopher Hadnagy and Paul Wilson

From elicitation and pretexting to influence and manipu-lation, all aspects of social engineering are picked apart, discussed and explained by using real world examples, personal experience and the science behind them to un-ravel the mystery of social engineering. This indispens-able book examines a variety of maneuvers that are aimed at deceiving unsuspecting victims, while it also addresses ways to prevent social engineering threats (408 pages). $24 Members / $35 Non-Members

NEW! A Guide to Forensic Accounting Investigation, Second EditionBy Steven Skalak; Thomas Golden, CFE, CPA; Mona Clayton, CFE, CPA; Jessica Pill

Recent catastrophic business failures have caused some to rethink the value of the audit, with many de-manding that auditors take more responsibility for fraud detection. This book provides new coverage on the latest PCAOB Auditing Standards, the Foreign Corrupt Practices Act and on options fraud, as well as on fraud in China and its implications. This book equips auditors with the necessary practical aids, case examples and skills for identifying situations that call for extended fraud detection procedures (622 pages).

$129 Members / $175 Non-Members

NEW! The Fraud Audit: Responding to the Risk of Fraud in Core Business SystemsCBy Leonard W. Vona, CFE, CPA

The 2010 Report to the Nations found that the typical organization loses 5 percent of its annual revenue to fraud and abuse. Discover fraud within your business before yours becomes another fraud statistic. The Fraud Audit provides a proven fraud methodology that allows auditors to discover fraud versus investigating it (378 pages). $54 Members / $75 Non-Members

ACFE.com/Shop(800) 245-3321 / +1 (512) 478-9000

CFE Exam Prep Course® | Books and Manuals | Self-Study CPE | Software | Merchandise | Toolkits

Ordering is Easy! Course Formats CD DVD OnlineWorkbook

NEW!

NEW!

NEW!

NEW!

NEW!

NEW!

E-Workbook

Interviewing and Interrogation ToolkitUnfortunately, “Interviewing Techniques 101” is not a course most of us took in school. As a fraud examiner, however, you are challenged with the task of interviewing on a regular basis. This toolkit includes four resources to help you improve your interviewing skills and ensure you become a more effective interviewer:

Finding the Truth: Effective Techniques for Interview and Communication (20 CPE Credits)

Fraud-Related Interviewing

Interviewing and Interrogation, Second Edition

Report Writing Manual

Regular Price: $254 Members / $270 Non-MembersBundle Price: $179 Members / $229 Non-Members

NEW! FCPA Investigations: Combating Corruption in International Business (Online Self-Study)Course Level: Intermediate Prerequisite: None

FCPA Investigations: Combating Corruption in International Business provides you with important information to help you, your company and its employees avoid adverse consequences and combat bribery in international business. This course offers an overview of the FCPA, discusses how you should respond to evidence of corruption, presents a roadmap that will help you conduct investigations of suspected cor-ruption and discusses how to conclude an investigation.

NEW! Fraud Risk ManagementCourse Level: Intermediate Prerequisite: None

The field of risk management has attracted in-creased attention in the wake of the economic

meltdown as the public comprehends the negative effects of uncon-tained risk. This course explains why managing fraud risk is important for organizations and the steps to develop an effective fraud risk manage-ment program.

Highlights Include:

The business case for managing fraud risk

Objectives of a fraud risk management program

The components of a fraud risk management program

A discussion of COSO and other risk management frameworks

BEST SELLER! Making Crime Pay: How to Locate Hidden AssetsCourse Level: Basic Prerequisite: None

Every anti-fraud professional needs the tools to pursue an investigation that involves a search for concealed assets. This course gives you insight on how to locate hidden assets and how to iden-tify and trace hidden payments and sources of income. Hear from fraudsters about how to hide assets and from anti-fraud experts on how to find them.

NEW! Ethical Issues for Fraud Examiners (Online Self-Study)CPE Credit: 2

Course Level: Basic Prerequisite: None

Ethical Issues for Fraud Examiners will help you understand what con-stitutes an ethical dilemma and develop an awareness of ethical is-sues faced by fraud examiners. The course also presents six fictional scenarios that illustrate potential ethical situations that pertain to fraud examinations. The purpose of these scenarios is not to provide you with solutions, but rather to familiarize you with some types of ethical dilemmas that might arise in a fraud examination.

NEW! Inside the Fraudster’s Mind (Fulfills 2 hours ethics CPE requirement)CPE Credit: 8 (Fulfills 2 hours of required Ethics CPE)

Course Level: Basic Prerequisite: None

Understanding the thoughts and feelings of a fraudster can provide valuable insight to enhance an organization’s anti-fraud efforts. This course will explore psychological information that is key to the successful development of a fraud preven-tion and detection program. In the accompanying

training video you will hear ten convicted fraudsters explain directly what they were thinking when they decided to commit fraud and how they finally got caught.

Order online at ACFE.com/ShopWhere the Experts Shop.

SELF-STUDY CPE

The ACFE has the highest quality CPE

of any organization that I belong to!”

— Avery Hudson, CFE, CPAInternal Auditor, Liberty Bank

“CPE Credit: 16

$59 M$79 NM

$139 M$159 NM

$159 M$179 NM

CPE Credit: 16

$59 M$79 NM

$109 M$129 NM

$129 M$179 NM

CPE Credit: 4

$119 M$159 NM

CPE Credit: 2

$59 M$79 NM

CPE Credit: 3

$89 M$109 NM


percent of the total data breaches but only 2 percent of the total compromised records. Lastly, XTNF, or the “theft of data by a non-employee with low or no probability of fraudulent intent,” accounted for only 8 percent of the total compromised records but an amazing 24 percent of the total data breaches.

Analysis? Numerous Data Compromises Without ControlsThe results strongly indicate that the organizations experi-encing these data breaches lack strong comprehensive data protection programs. As a result, the personal data that or-ganizations should control and safeguard more easily is being compromised in many ways.

For example, 26 percent of the total breaches result from the internal “improper protection and disposal of data.” Exam-ples include posting data online — including SSNs on mailing labels — giving documents or hard drives to recyclers that in-clude personal information (how about destroying them inter-nally?) and leaving documents containing personal data unat-tended in the workplace.

Do we know if any of the compromised records in this cat-egory of data breaches were used for identity theft purposes? No, but the opportunity exists. As we know, closing the door on op-portunity is one of the best methods for fraud prevention.

The “protection and disposal of data” category is also direct-ly linked to two other internal data breach and three external subtype categories. For example, if companies properly protect-ed and/or disposed data by securing physical facilities, software and hardware, then less data, such as employee SSNs, would be lost or misplaced. And employees or non-employees would be stealing less internal and external data, such as customer debit card numbers and other personal data. Also, as we wrote earlier, organizations could better control internal and external hacking and resulting identity theft if they were required to encrypt all sensitive data with the use of the 128-bit encryption standard.

SELF-REGULATION NOT WORKINGIt is obvious that many organizations need guidance in develop-ing comprehensive data protection programs. Self-regulation has not worked; maybe federal rules might help. Because of recent na-tional exposure on data breaches, the U.S. Congress is considering legislation on this topic. But do not hold your breath because they have been considering legislation on notifi cation of data breaches for the past three sessions and have not passed any law. (The 2007 U.S. “Red Flags Rule” does require many business and organiza-tions to implement a written identity theft prevention program designed to detect the warning signs of identity theft in their daily operations. See http://tinyurl.com/d6de4y.)

The state of Massachusetts, on the other hand, has re-cently passed a comprehensive data protection law (201 CMR 17.00) containing standards and requirements directly related to the types of internal and external data breaches described and analyzed in this article.

The Massachusetts law is considered one of the strictest in the U.S. The standards and precise requirements that are paraphrased and listed below might be a model for other U.S. states, the U.S. Congress and perhaps some foreign countries for developing comparable legislation. They will also provide valuable guidance for organizations and consultants who advise them about specifi c elements that should be addressed in setting up a comprehensive data protection program.

The law states that “every person that owns or licenses per-

sonal information about a resident of the Commonwealth shall develop, implement, and maintain a comprehensive informa-tion security program. …” That includes the following standards and requirements briefl y outlined by InstantSecurityPolicy on its website at: http://tinyurl.com/4xnnoky.

In the section of the Massachusetts law, “17.03: Duty to Protect and Standards for Protecting Personal Information,” ev-ery comprehensive information security program shall include, but not be limited to:

a. Designating one or more employees to maintain a compre-hensive information security program.

b. Identifying risks to the security, confi dentiality, and/or integrity of records containing personal information, and improving cur-rent safeguards where necessary, including 1) ongoing employee/contractor training, 2) employee compliance with policies, and 3) means for detecting and preventing security system failures.

c. Developing policies relating to the storage, access, and trans-portation of personal information outside of business premises.

d. Imposing disciplinary measures for violations of the security policy.

e. Preventing terminated employees from accessing records containing personal information.

f. Oversee service providers by 1) selecting and retaining service providers capable of securing personal information and 2) re-quiring service providers by contract to implement and main-tain appropriate security measures for personal information.


For example, if companies properly protected and/or disposed data by securing physical facilities, software and hardware, then less data, such as employee SSNs, would be lost or misplaced. ©Ivelin Radkov/iStockphoto


g. Placing restrictions on physical access to records containing personal information and securely storing of this information.

h. Regular monitoring to ensure the security program is op-erating in the intended manner and upgrading safeguards where necessary.

i. Reviewing security measures at least annually or whenever it is reasonably necessitated by a change in business practices.

j. Documenting actions taken in response to any incident in-volving a breach of security, and a post-incident review of events and actions taken. 17.04

Computer System Security Requirements(1) Secure user authentication protocols including:a. Control of user IDs and other identifi ers. b. A reasonably secure method of assigning and selecting pass-

words or other unique identifi ers.c. Control passwords to ensure that the location and/or format

does not compromise data security.d. Restricting access to active user accounts only.e. Blocking access after multiple unsuccessful logon attempts.

(2) Secure access control measures that:a. Restrict access to fi les containing personal information to

those who need such access.b. Assign non-vendor-supplied, unique identifi cations and pass-

words to each person with computer access that are designed to maintain the integrity of the security of the access controls.(3) Encryption of all transmitted fi les containing personal

information when traveling across a public network or a wireless connection.

(4) Monitoring of systems for unauthorized use of or access to personal information.

(5) Encryption of all personal information stored on laptops or portable devices.

(6) Use fi rewall protection and reasonably up-to-date patches on Internet-connected systems that contain personal information.

(7) Use anti-virus/anti-malware software with reasonably up-to-date patches and virus defi nitions on Internet-connected systems that contain personal information.

(8) Education and training of employees of the proper use of the computer security system and the importance of information security.

Earn 10 fraud-related credits with Fraud Magazine® CPE Quizzes!

Time running out to earn your CPE?

Is your deadline for CPE fast-approaching? All Certified Fraud Examiners must earn the required 20 Continuing Professional Education (CPE) credits to remain in good standing. If you are a CFE and want to make sure you have your 10 required fraud-related credits, then take advantage of ACFE’s Fraud Magazine CPE quizzes.

Take this issue’s Fraud Magazine CPE Quiz on pg. 70, or download archived quizzes at Fraud-Magazine.com/CPE-Quiz-Archive.aspxFraud Magazine® is a trademark owned by the Association of Certified Fraud Examiners, Inc.


A new federal comprehensive data protection law should also include the requirement that all government agen-cies, nonprofi ts and businesses conduct periodic audits by teams of experts to determine if they are compliant with the requirements set forth in any mandated comprehensive data protection plan. Each organization should include a sec-tion that includes an opinion on the re-sults of the audit in its annual report, if required, or on its website, if not.

Organizations that lack strong com-prehensive data protection plans would be substantially penalized.

RESTORING TRUST Never-ending data breaches have seri-ously jeopardized our national security and trust in organizations to protect per-sonal data. In the same way that the U.S. Sarbanes-Oxley Act has restored the public’s confi dence in our fi nancial mar-kets, the federal government would do well to pass a similar law to restore the public’s confi dence and trust in transact-ing business electronically.

Robert E. Holtfreter, Ph.D., CFE, CICA, is distinguished professor of accounting and research at Central Washington University in Ellensburg, Wash. His email address is: [email protected].

Adrian Harrington graduated from Central Washington University in Ellensburg, Wash., in June 2011 with a Bachelor’s Degree in Economics. His email address is: [email protected].

(Robert E. Holtfreter thanks co-author

Adrian Harrington, a former student in his fraud examination class, who volunteered to work for him as an unpaid research assistant. “He has worked hundreds of hours over the past 18 months providing outstanding intel-lect, leadership and work ethic in helping to conduct research and investigate the data breach area, develop our data breach clas-sifi cation model, analyze the data and write this article and work on others. He has a se-rious interest working in the fraud area and will make a great investigator.” – ed.)


Attention CFEsFulfill Your Annual Ethics CPE Requirement

with this new course from the ACFE Bookstore

NEW! Ethical Issues for Fraud Examiners (Online Self-Study)CPE Credit: 2 Course Level: Basic | Prerequisite: None

In your work to resolve allegations of fraud, you might encounter ethical issues that require you to look beyond the technical require-ments of your job and toward the moral dimensions. But ethical issues can be perplexing. What is the right thing to do?

Ethical Issues for Fraud Examiners will help you to understand what constitutes an ethical dilemma and help you to develop an awareness of ethical issues faced by fraud examiners.

What you will learn: Ethical values that you are expected to honor when carrying out your fraud examination duties.

Understandintg ethical decisions

Considerations to keep in mind as you work toward your own resolutions of ethical dilemmas. Imperative, utilitarian and generalization ethical principles

How to locate resources that might be useful to you in resolving ethical dilemmas.

Order your copy today at ACFE.com/EthicalIssues

“The CFE credential is known and respected around the world.”

Will White, Jr., CFEACFE Member Since 2007

Certified Fraud Examiner

Chief Anti-Fraud Officer Office of Fraud Deterrence and Detection, NAVSEA

The CFE credential has proven to be

a great benefit to my career, as I have

been selected to lead the Anti-Fraud

Program for the Department of

Defense’s largest Systems Command

as the Chief Anti-Fraud Officer. As the

Chief Anti-Fraud Officer, I have the

responsibility of providing oversight

(prevention and detection of fraud,

waste and abuse) for the Naval Sea

Systems Command’s 55K personnel

and $40 billion annual budget.

Invest in your career. Become a CFE.Visit ACFE.com/CFE


By Roger W. Stone, CFE

ankruptcy fraud, which is a form of fi nancial state-ment fraud, is perpetrated by concealing assets through misappropriation and/or a misclassifi ca-tion of accounts. In the following case, we will show how delayed bankruptcy schedule fi lings,

inaccurate bankruptcy schedules and incorrect monthly operation reports can create an opportunity for a dishonest debtor to misappropriate assets of a bankruptcy estate.

The consequences of this particular bankruptcy fraud case resulted in $1.5 million in misappropriated assets, neg-ligence action against the attorney and the convicted debtor receiving a 10-year prison sentence.

THE DAIRY FARMER CASEThe wayward debtor in this case, a dairy farmer (we will call him Stan), was suspected of gambling away the majority of the misappropriated $1,528,502 from the estate at casinos.

Eight months prior to fi ling bankruptcy, Stan submitted a signed personal fi nancial statement showing $5,582,103 of assets and $4,842,505 of liabilities, which set his net worth at $739,598.Three months prior to fi ling bankruptcy, Stan submitted a signed personal fi nancial statement showing $11,607,450 of assets and $4,981,100 of liabilities, which then made his net worth $6,626,350.

When he fi nally fi led, the assets of the farmer’s bank-ruptcy estate consisted of farmland, farm equipment, build-ings, dairy cows, growing crops and crops in storage. The bankruptcy schedules showed real property of $1,116,000 and personal property of $574,370, for total assets of $1,690,370. The farmer’s liabilities consisted of secured creditors and pri-ority creditors holding claims of $4,661,866, and unsecured creditors holding claims of $293,202. This brought the total claims to $4,955,068.

COURSE OF THE BANKRUPTCYThis bankruptcy was extremely adversarial from the begin-ning. The bankruptcy estate attorney imposed several delays

that undermined what little trust existed. The attorney ini-tially fi led for a Chapter 12 bankruptcy proceeding, which is a type of bankruptcy for farmers who have less than $1.5 mil-lion of debt. However, his client’s estate had more than $1.5 million of debt, and the attorney admitted during his deposi-tion that he knew his debtor did not qualify for Chapter 12 at the time he submitted the fi ling. A plausible explanation for the attorney’s action was that a Chapter 12 fi ling would result in future fi lings to correct the initial fi ling. Those fi lings would delay reporting requirements for the debtor.

The attorney continuously requested extensions to fi le bankruptcy schedules, saying that he wanted to ensure their accuracy. However, the amended bankruptcy schedules were also inaccurate. Moreover, Stan’s monthly reports of opera-tions, when they were fi led with the U.S. Trustee offi ce, were fi lled with inaccuracies and misapplications of accounts. The most cursory review could detect these inaccuracies, so it was clear that the attorney had not reviewed these reports prior to their submittal. Lastly, Stan’s plan for reorganization was submitted late and was unrealistic in scope. The creditors’ attorneys objected to virtually every fi ling.

Because of these delays, the creditors did not have accurate information about the estate’s assets and monthly cash fl ow, and Stan was able to maintain control over the estate’s assets for 2½ years, instead of being removed and replaced with a court-appointed Chapter 7 trustee who would administer the estate. Almost two years after the initial fi ling, the bankruptcy court

He Milked it For All it Was WorthA Dairy Farm Bankruptcy Fraud

Case in Point

Almost two years after the initial fi ling, the bankruptcy court established the value of the farmland at $2,926,000, which differed from the initial $1,116,000 valuation on the schedules.

B


established the value of the farmland at $2,926,000, which differed from the initial $1,116,000 valuation on the schedules. The farmland eventually sold for more than $3 million.

The risk to the creditors was not the farmland’s de-creased value on the schedules, because the farmland itself was not a liquid asset. The real risk was Stan’s misappropria-tion of assets (i.e., dairy cows, farm equipment, etc.) when he sold those assets outside the normal course of business without fi rst obtaining the court’s permission. He used the funds from those sales for his personal gain.

The creditors attempted to deter the debtor’s liquidation of assets by taking inventories and by taking court action. However, the court action was slow and the inventory results were disputed. Without cooperation from the estate attorney, the creditors did not accomplish much in trying to thwart the debtor from liquidating his assets.

The debtor misappropriated the following assets for these amounts:

• Dairy cows ..............................................................$638,925

• Grain sales not deposited to estate.........................$308,895

• Withdrawals of cash ...............................................$221,775

• Farm equipment and vehicles ................................$167,500

• Direct payment to debtors ........................................$75,000

• Accounts receivables not disclosed on schedules ....$43,341

• Preference payments.................................................$62,230

• Miscellaneous ...........................................................$10,836

• Total ....................................................................$1,528,502

HOW THE ASSETS WERE LIQUIDATEDDuring a bankruptcy, the law allows inventory held for sale by the business to be purchased and sold in the normal course of business as long as the creditors are protected. For instance, inventory cannot be sold at below-market value, but it can be sold at market value during the normal course of business. Also, estate assets that are used to produce in-come cannot be sold without the court’s permission. To apply these rules to the dairy farm case, the milk produced by the cows could be sold at market price in the normal course of business. However, the cows that produce the milk could not be sold without the court’s permission.

There is a gray area within the defi nition of “normal business operations,” and this is where a dishonest debtor can do harm to creditors, shareholders and the business itself. In the dairy farm case, Stan perverted the dairy farm’s “normal operations” to his benefi t and the harm of the creditors. (The attorney, though not proven to be negligent, caused the delays that allowed Stan to pervert operations.)

To further explain, in most dairy farm operations, dairy cows produce less milk over time; therefore, it is normal for a dairy farm to sell approximately 20 percent to 25 percent of its herd every year for meat and then replace those animals with younger dairy cows. A signifi cant number of calves born every year can be kept or sold, but these animals typically are not on the accounting books because they have no basis.

Following are the specifi c ways the bankruptcy court liquidated the assets:

1. Dairy cows soldDepreciation records showed that Stan bought 957 dairy cows at an average cost of $1,229 per cow in the four years prior to the bankruptcy. The average useful life of a dairy cow is fi ve years, and then it is sold for beef. The bankruptcy schedules showed 252 cows on hand. Two-and-a-half years after the initial bankruptcy fi ling there was a total liquida-tion of dairy cows that resulted in a sale of 102 cows for which the estate received $49,574.The bankruptcy estate did not recover everything else that was sold.

2. Calves soldIt was estimated that there were 957 cows in the herd at the time of the bankruptcy fi ling, which would result in a minimum of 574 calves produced per year. However, there is no evidence that funds from these sales were deposited in the bankruptcy estate.

3. Milk productionThe dairy farm was making about $240,000 monthly in milk sales, which was being deposited in the bankruptcy accounts. Stan made a side deal with his milk buyer, who agreed to pay less for the milk and then make $8,000 monthly payments directly to the debtor. This money never came into the bankruptcy estate.

4. Crop salesCrops were grown using assets of the bankruptcy estate. However, during at least one year, Stan sold the crops and never deposited the receipts and money from the sales in the bankruptcy estate.

5. Farm equipmentIt should be diffi cult to liquidate farm equipment that is in a bankruptcy proceeding because of Uniform Commercial Code fi lings on the equipment. However, Stan was able to liquidate his equipment in two ways:

Case in Point


Case in Point

• The fi rst was leased farm equipment that had a signifi cant residual value — $45,000 more than what he owed on the lease. It appears that Stan returned the equipment to the leasing company with some agreement that he personally received the residual value. The residual value never came back to the estate.

• The second method involved used farm equipment as a part of a blanket security agreement for an operating loan Stan had obtained prior to the bankruptcy. In this instance, the equipment was placed for auction out of the area with the proceeds going to a relative.

6. Withdrawals of cashWithout adequate supervision and con-trols, Stan wrote checks to cash totaling $221,775 out of the bankruptcy estate.

At the pre-fi ling conference, the estate attorney counseled the debtor to hoard cash to prepare for footing the bankruptcy ex-penses. What the attorney probably meant was to not pay creditors, lessors and other accounts payable prior to fi ling for bankrupt-cy and the automatic stay (an injunction that halts the bankruptcy’s courts actions). The goal was to keep as much money as pos-sible in the bankruptcy checking account so the debtor could continue to operate amidst the business disruptions associated with fi ling for bankruptcy. However, the debtor, who had dishonest intentions, interpreted this advice as keeping as much actual cash in the house as possible and to not report it. It is suspected that the debtor had in excess of $100,000 cash on hand at various times during the course of the bankruptcy.

THE INEXPERIENCED ACCOUNTANTApproximately one year after the initial bankruptcy fi ling, the court appointed an accountant to prepare the monthly reports of operation. The inexperienced insolvency

accountant made several errors. When pre-paring the monthly reports of operation, he:

• Did not have copies of checks or deposits.

• Did not have a check register.

• Relied on descriptions of checks and deposits provided by Stan.

• Did not question Stan about the appropriateness of deposits made or checks written.

• Did not consider it his responsibility to question unusual expenses or deposits.

• Did not know that Stan was not allowed to have personal bank accounts other than the debtor in possession accounts.

If the accountant had been more experienced or properly instructed prior to performing his court-appointed duties, it is reasonable to expect that Stan would have been deterred. As it stood, Stan was allowed to liquidate assets and pocket the proceeds.

Two-and-a-half years after the initial fi ling, the court fi nally appointed a Chapter 7 trustee to liquidate the estate. One month later, the original attorney for the bank-ruptcy estate resigned.

WHAT THE CREDITORS COULD HAVE DONE Early on, the creditors realized that Stan was dishonest, and there was a real risk that he would misappropriate the assets. The creditors hired appraisers, took inventories of the assets and fi led court documents to protect their assets during the bankruptcy. However, these actions failed to deter Stan.

The creditors could have engaged a forensic accountant/CFE to inspect the debtor’s monthly reports of operations. This person could have:

• Verifi ed reconciliations of bankruptcy accounts.

• Verifi ed that all payments were for appropriate services.

• Verifi ed that all deposits were being made to the appropriate accounts.

If the accountant had been more experienced or properly instructed prior to performing his court-appointed duties, it is reasonable to expect that Stan would have been deterred. As it stood, Stan was allowed to liquidate assets and pocket the proceeds.


• Reviewed prior years’ purchases and accounts payables to verify the existence of assets that were in the bankruptcy schedules or that should be in the schedules.

• Notifi ed the creditors of anything that appeared unusual or inappropriate.

It is true that these services can be costly, so creditors should only take this route when the expense can be justifi ed by the risk of loss.

The Chapter 7 trustee engaged me to quantify and prove the amount of misappropriated assets. There was virtually nothing left for the creditors, except for a cause of action against the original bankruptcy attorney.

As is frequently the case in misappropriations, the involved parties missed many obvious opportunities to stop or minimize the fraud, prior to and during the bankruptcy. For example, Stan’s attorney could have resigned when he realized his client was dishonest; the U.S. Trustee offi ce could have been more proactive in reporting the level of extreme inadequacy of the monthly operating reports to

the judge; the court could have appointed a more experi-enced accountant, etc.

PROFESSIONALS’ ROLESMost experienced forensic accountants, and many CFEs, can review businesses in bankruptcy and determine fairly quickly if the debtors are following the rules. If a debtor is following the rules, these professionals will only need to periodically review operations reports, greatly reducing the cost of the accoun-tant’s services. Such reviews will give the creditor the informa-tion required to force the court to act quickly, either by remov-ing the debtor in possession or by forcing the individual to report as required. Either way, the creditor is better protected.

Roger W. Stone, CFE, is the owner and operator of Management Accounting Services in Champaign, Ill. His primary business is providing insolvency and forensic accounting services to businesses and attorneys. His email address is: rstone@fi nancialstatements.net.

Case in Point

Here is a summary of the key players in a bankruptcy fi ling and their respective interests:

The bankruptcy estate attorney. In most cases, attorneys in bankruptcy cases will resign when they believe they are representing individuals who are not adhering to the rules of bankruptcy. In my opinion, attorneys on these types of cases are not paid enough to get entangled with dishonest persons; the amount of the attorney’s fees is miniscule compared to the amount that dishonest persons steal. Attorneys want their insur-ance to settle the case before it goes to court.

The malpractice insurer. Working for the estate attorney, the insurer is motivated to settle the case for the minimum if engaged.

The Chapter 7 trustee. The Chapter 7 trustee is torn be-tween recovering the maximum amount for creditors and doing something that might upset the U.S. Trustee offi ce and jeopardize

the trustees being appointed to future cases. Also, the risk of going to trial is that the plaintiff could lose, which means there might not be funds to pay the Chapter 7 trustee.

The U.S. Trustee offi ce. The offi ce may not want a case to go to trial because it could be revealed during the trial that the offi ce was not carefully reviewing the debtor’s monthly operat-ing reports.

The judge. This player might not have a dog in the hunt. However, in my opinion, judges seem reluctant to fi nd lawyers guilty of negligence.

The creditors. They are motivated to go to trial or settle for the maximum amount. However, it is the Chapter 7 trustee’s call as to whether or not to settle — not the creditors. Their primary recourse is to object to what they perceive as an unreasonable settlement between the Chapter 7 trustee and the insurer.

The Motivations of the Players in a Bankruptcy Case


Fraudsters Claiming Victims Via Payday and LinkedIn Scams

usie Duke was a fanatic when it came to technol-ogy. She had all the latest hardware, including a smartphone, a laptop, an iPad and a Blackberry — all of which she used to communicate with friends and business associates. However, she was not

sophisticated about protecting herself from fraud in a tech environment. She ended up falling for a telephone collection scam related to “purported delinquent payday loans.”

Payday loans have become more common over the past few years because of the declining economy. The loans are short-term fi xes, usually for two-week periods, to allow individuals to cover their expenses until the loans become due the next payday. A recipient normally is required to write a check for the cash amount of the loan plus the loan fee, which often is extremely high — ranging from 15 percent to 30 percent of the loan. The lender normally deposits the check in his account when the payday date arrives. If the loan recipi-ent does not repay the loan, the lender usually extends it at the same interest rate. The real cost of these loans can easily reach from 300 percent to 1,000 percent of the loan if the recipient does not cover it in a reasonable time period.

Susie would occasionally get behind in paying her bills, so she would go online and apply for a payday loan to tide her over until she received her next payroll check. She recently had begun receiveing telephone calls purportedly from a FBI representative who said he was collecting debts for a cash advance company. Susie was very upset and confused because she always paid off her payday loans when they became due. This fraudster had already obtained Susie’s personal informa-tion, including her Social Security, driver’s license and bank account numbers, from an unknown source and was attempt-ing to use it to bilk her out of money. In the next two weeks, he harassed her with numerous calls, and he threatened her with legal action if she did not immediately pay off her debt of $2,000 by placing that amount on a prepaid Visa gift card and mail it to him. Susie became confused and overwhelmed and fi nally gave in and paid the fraudster.

THE DELINQUENT PAYDAY LOAN SCAM This identity theft case is fi ctional, but it represents a fraud that has gained enough momentum to be reported by the Internet Crime Complaint Center (IC3) in an Intelligence Note on Dec. 10, 2010 (“Telephone Collection Scam Related to Delinquent Payday Loan”). Like the FBI, the Federal Trade Commission (FTC) and the Federal Insurance Deposit Cor-poration, the IC3 alerts the public when it receives numerous complaints about a new scam.

The IC3 mentioned that fraudsters in this scam typi-cally purport that they are with either the FBI, the “Federal Legislative Department” (whatever that is), other high-level government agencies or a law fi rm. They say that they are calling to collect debts for Internet check-cashing companies, such as U.S. Cash Net, U.S. Cash Advance and United Cash Advance. In most cases, the victims are current or former payday loan recipients.

The fraudsters do their homework before calling their potential victims. They have the targeted individuals’ Social Security numbers, dates of birth, addresses, employer infor-mation, bank account numbers, and names and telephone numbers of relatives and friends. How the personal informa-tion is collected is unknown, but the IC3 said that the “vic-tims often relay that they had completed online applications for other loans or credit cards before the calls began.”

Once a con artist gets a victim on the hook, he will accelerate the scheme by continually calling that person at work, at home, and on his or her mobile phone with threats of physical violence, arrest and legal action. An intended victim will question the con artist about the particulars of the loan, but he will refuse to respond, will be abusive and, in some documented cases, will harass the victim’s family and friends. In many cases, this hard-sell strategy overwhelms the victim, and he or she gives in. Like many telephone and online schemes, the fraudsters have orchestrated scripts, and

By Robert E. Holtfreter, Ph.D., CFE, CICA

Taking Back the IDIdentity Theft Prevention Analysis

S


they are well trained to listen for victims’ cues and respond accordingly to complete sales.

The U.S. Fair Debt Collection Practices Act provides consumer protection from illegal and unethical debt collec-tion practices. According to Lawyers.com, the act does not allow bill collectors to:

• Tell people they will be arrested if they do not pay.

• Repeatedly call the person to harass or annoy him.

• Issue threats of violence or harm.

• Falsely claim to be attorneys.

• Falsely claim that the person committed a crime.The website also advises consumers to do the following

if they receive suspicious phone calls about a debt:

• Ask the caller to send the loan information in writing.

• Refuse to verify any bank account, credit card or personal information over the phone.

• Report any telephone harassment or threats to the FTC, which enforces the Fair Debt Collection Practices Act.

• File a Better Business Bureau complaint to help let others know about the scam.

• Contact the state attorney general’s offi ce to fi nd out about state debt collection and consumer protection laws that might apply.

In addition, the IC3 says to do the following:

• Contact your banking institutions.

• Contact one of the three major credit bureaus and request that an alert be put on your fi le.

• Contact your law enforcement agencies if you feel you are in immediate danger.

• File a complaint at www.IC3.gov.

SCAMS USING LINKEDINRecently, there have been reports of con artists culling personal information from the online business social network LinkedIn to commit fraud. LinkedIn has more than 120

million members worldwide, and as of June 30, its member-ship included executives from all 2011 Fortune 500 com-panies. LinkedIn members share personal information on the site, including their names, titles and places of business, which allows them to create opportunities for themselves and others. LinkedIn can be a great resource for identify-ing and networking with key people at other companies. However, some join LinkedIn to gather information on other members and perpetrate fraud. Many of them will email spear-phishing messages to LinkedIn members.

Spear PhishingIn a typical phishing scheme, a fraudster casts his net wide by sending a fraudulent email message to millions of individuals to try to hook some victims into a scam. However, in a spear-phishing scheme, the fraudster directs an email to an indi-vidual or a select group of individuals within a company or industry. The fraudster wants to convince the recipient that the message is coming from someone who is in a position of authority within the company — for example, a network administrator — who is asking for confi dential information. The message typically includes a request for the person’s username and password, or it will ask the recipient to click on a link that turns out to be corrupt and allows a banking Trojan to download onto the victim’s computer. The bank-ing Trojan contains a key logger that will harvest the email recipient’s business or corporate bank account information. At that point, the fraudster can masquerade as the legitimate user and transfer money out of the account.

ZenuS Malware SchemeFraudsters also have used LinkedIn to install a malware called ZenuS on LinkedIn members’ computers by sending invitations to accept new contacts. A member clicks on a link in the email message, the malware becomes embedded in the member’s browser and is used to steal personal infor-mation, including passwords for personal or corporate bank accounts, depending on whether the message was received at home or work. The end result is the fraudster can transfer funds out of the accounts.

A couple of other versions of this scheme recently hap-pened to me. Over the past four months, I have received fi ve suspect emails. The fi rst four were purportedly from people I knew who wanted to add me to their LinkedIn network. To accept, I would have to click on a link provided in the mes-sage. One of the individuals was a student in one of my sum-mer classes. I immediately became suspicious and declined the offer. I then went to the LinkedIn website and entered

Taking Back the IDIdentity Theft Prevention Analysis

TAKING BACK THE ID cont. on page 69

The only explanation I have is that the hacker stole his Gmail account from the LinkedIn website and used it to capture a contact list, which included my email address.


By Richard Hurley, Ph.D., J.D., CFE, CPA; and Tim Harvey, CFE, JP

ccording to a June 5 article, “China foreign list-ings dogged by scandal,” by Robert Cookson in the Financial Times, a spate of scandals at Chinese companies listed in New York, Hong Kong and Toronto is unsettling investors.

“It seems to have bubbled into a hysteria and creates an unfortunate overhang over all Chinese companies seeking to raise capital in the U.S. markets,” said William McGovern, Hong Kong-based partner at Kobre & Kim and former en-forcer at the U.S. Securities and Exchange Commission. “It has become hard for investors to separate fact from fi ction.” (http://tinyurl.com/5udkgk3)

And a May 26 article in The New York Times, “The Audacity of Chinese Frauds,” by Floyd Norris, explains how Deloitte Touche Tohmatsu exposed fraud at one of its long-time clients, the Chinese fi nancial software company Longtop Financial Technologies. Apparently, the company fooled some smart people into buying devalued stock. (http://tinyurl.com/6axc5ll)

Are these stock scandals “legitimate” frauds aided by backdoor investment listings and outsourced by auditing fi rms? Or are they works of fabrication initiated by short sellers reap-ing profi ts selling on stock price declines either by allegations or innuendo? The reality is that there is probably a mixture of everything from fact and fraud to analysis and anxiety within the perceived red-hot Chinese stock market.

Would-be investors should be aware of the potential for fraud in any investment no matter its national origin. The U.S. Public Company Accounting Oversight Board (PCAOB) released a report on March 14 on the “Activ-ity Summary and Audit Implications for Reverse Mergers Involving Companies from the China Region” (the China region refers to the People’s Republic of China, Hong Kong Special Administrative Region and Taiwan) from Jan. 1, 2007, through March 31, 2010 (Research Note #2011-P1).

The report summarizes the concept of reverse mergers (also known as backdoor mergers) as: “… any acquisition of a private operating company by a public shell company that typically results in the owners and management of the private operating company having actual or effective voting and operating control of the combined company. Through a reverse merger transaction, although the public shell com-pany is the surviving entity, the private operating company’s shareholders control the surviving entity or hold shares that are publicly traded. In a reverse merger transaction, the entity whose equity interests are acquired (the legal acquiree) is the acquirer for accounting purposes.” The end result is that:

1. The private company has access to the U.S. fi nancial markets as a registered SEC reporting company without fi ling a registration statement under the Securities Act of 1933 or the Exchange Act of 1934, but the public shell company must fi le Form 8-K fi ling with the SEC.

2. The private company probably incurs a lower accounting, legal and fi ling fee and gains faster access to capital markets than fi ling an IPO.

3. Investors may perceive added value to the public shell company. (See http://tinyurl.com/3s8tkq9 and http://tinyurl.com/3awrx3g.)

Chinese Stock Investment Fraud?Separating Fact from Fiction

Global Fraud FocusExamining Cross-Border Issues

The recent wave of accounting issues and scandals involving Chinese fi rms has raised regulatory concern levels from a small crack to a chasm. Furthermore, short sellers are not helping to distinguish reality from rumor.

A


The PCAOB’s March 11 report on reverse mergers identifi ed 159 companies, with a market capitalization of $12.8 billion, that have accessed the U.S. capital markets via a reverse-merger transaction from Jan. 1, 2007, to March 31, 2010. During that same time, only 56 Chinese companies, with a market capitalization of $27.2 billion, completed the initial public offering (IPO) process.

Although Chinese auditors completed 24 percent of the audits of Chinese reverse mergers, the PCAOB staff takes is-sue with some U.S. registered accounting fi rms because “they may not be conducting audits of companies with operations outside of the U.S. in accordance with PCAOB standards.” On July 12, 2010, the PCAOB issued Staff Audit Practice Alert No. 6, Auditor Considerations Regarding Using the Work of other Auditors and engaging Assistants from Outside the Firm, which highlighted the PCAOB’s concerns with auditors hiring external auditors and staff to perform audits outside the U.S. including ones in the Chinese region. (http://tinyurl.com/63wrvpg)

The PCAOB inspection staff observed that in “some sit-uations it appeared that U.S. fi rms provided audit services by having most or all of the audit performed by another fi rm or by assistants engaged from outside the fi rm without comply-ing with PCAOB standards applicable to using the work and reports of another auditor or supervising assistants. In one case the U.S. fi rm’s personnel did not travel to China region during the audit, and substantially all of the audit documen-tation was maintained by the Chinese fi rm that did the audit work.” (See footnote 37 of http://tinyurl.com/3knf6db.)

SEC Chairman Mary Schapiro is also working with Chinese regulators to address areas of concern. One key issue is the PCAOB’s inability to inspect the reverse-merger fi rms in China. SEC Commissioner Luis Aguilar was a little more emphatic with his concerns when he addressed attendees of the Council of Institutional Investors Annual Conference on April 4, 2011: “While the vast majority of these companies may be legitimate businesses, a growing number of them have accounting defi ciencies or are outright vessels of fraud.”

The PCAOB also has diffi culties in inspecting Chinese audit fi rms that have registered with the agency. Michael Rapoport reported in the August 8 article, “Progress Cited on Audits in China,” in The Wall Street Journal, that Chinese authorities have not granted permission to the PCAOB to enter their country to evaluate audit fi rms who are registered with the agency. (http://tinyurl.com/63xzwrl)

On April 4, PCAOB Chairman James Doty said in a speech to the Council of Institutional Investors that, “If Chinese companies want to attract U.S. capital for the long term, and if Chinese auditors want to garner the respect of

investors, they need the credibility that comes from being part of a joint inspection process that includes the U.S. and other similarly constituted regulatory regimes. In light of these risks, the PCAOB’s inability to inspect the work of reg-istered fi rms from China is a gaping hole in investor protec-tion.” (http://tinyurl.com/3dns5eo)

The recent wave of accounting issues and scandals involving Chinese fi rms has raised regulatory concern levels from a small crack to a chasm. Furthermore, short sellers are not helping to distinguish reality from rumor. Take, for example, Sino-Forest, a Chinese forestry company listed on the Toronto exchange. Robert Cookson, reporting in the June 6 Financial Times article, “China foreign listings dogged by scandal,” writes that in a few days Sino “lost more than two-thirds of its market value since Thursday after Muddy Waters, a research fi rm founded by short-seller Carson Block, accused the company of overstating its sales and the value of its forest land.” (http://tinyurl.com/3svmcn4)

Sino denied the allegation and claimed Muddy was “muddying the waters” to profi t from short selling. However, another forestry group, China Forestry, had its shares sus-pended in January, 2011 after its chief executive was arrested for the alleged embezzlement of $4.6 million.

Cookson, reporting in his June 6 Financial Times article, writes that in the last six months “more than 25 New York-listed Chinese companies have disclosed accounting discrep-ancies or seen their auditors resign. … Nasdaq and NYSE Euronext have halted trading in the shares of at least 21 small and micro-cap Chinese companies in the past year, and kicked fi ve of them off the exchanges.”

Doty is optimistic that the PCAOB can reach an agree-ment with Chinese regulators on inspections. In the interim, investors should understand that investing in China has its own sets of investment risks. Then again, they should realize that in a post-Enron, Madoff, Paramlat, Satyam, Siemens and Societe Generale world, fraud has no national boundaries. Just remember: No nation has a monopoly on stock fraud. Investors must be diligent and be aware of the risks and act accordingly. Caveat Emptor — Let the buyer beware.

Tim Harvey, CFE, JP, is director of the ACFE’s UK Operations, a member of Transparency International and the British Society of Criminology. His email address is: [email protected].

Richard Hurley, Ph.D., J.D., CFE, CPA, is a professor in the University of Connecticut (Stamford) School of Business. His email address is: [email protected].

Global Fraud FocusExamining Cross-Border Issues


ember Services Representative Ashly Worsham enjoys talking to members and helping them, but the ACFE fulfi lls her in a way she never anticipated when she accepted the position

— her constant quest for self-improvement. She takes as many classes as the ACFE offers, from speech and fi nance to personal safety and business writing. “At the ACFE, they want you as a staff member to further yourself,” she said. “You feel valued.”

COUNTRY LIFEAshly was born in the East Texas town of Groves, but imme-diately moved to La Grange, where she grew up. Her family includes little sister April, with whom she is extremely close, and brother David, who is six years younger. Her mother, Brenda, worked as a seamstress when the kids were young. She then went on to work for the grocery store chain H-E-B, fi rst as a bookkeeper, later as a customer service representative. Her father, David, was a petro-chemical draftsman when Ashly was little, then returned to school to earn a certifi cate in computer technology. He now is a computer technician with the Lower Colorado River Authority.

Ashly grew up in the country. She lived off a dirt road, and they raised Barbado sheep, pigs and cattle. The family had a stock tank for fi shing. But Ashly, who calls herself “pretty girly,” avoided all of that and stayed inside with her mother, who taught her to sew and cook. Ashly still takes scraps of fabric and hand sews dresses. She loved to play dress-up: “I remember read-ing ‘Gone With the Wind’ really young and then pretending I was Scarlett in the backyard,” she said. “I also thought math was

fun when I was a kid. My dad (being a techie) gave me a huge IBM and installed ‘Math Blasters.’ I became obsessed with it for a whole summer until I beat it.”

Her father focused on making her independent. “He wanted me to not be reliant on anyone,” she said. Like him, Ashly is a comedian. On her fi rst day at the ACFE, President and CEO James Ratley, CFE, told her (falsely and with a straight face) that he was the custodian and would take care of trash and small spills. An hour later, she called him to clean up an imaginary soda spill under her desk, knowing full well who he really was. Jim was delighted, of course.

Ashly’s parents divorced when she was 11, but they remained friends and still live near one another. Her mother remarried, and Ashly considers her stepfather, Hunter, like a second father. (She also has two older stepsisters from the union with whom she is close.) He sparked her enthusiasm for science fi ction so much that she even gave a presentation during the ACFE speech course about how much she loves the recent remake of the sci-fi TV series “Battlestar Galactica.”

GIFT OF SINGINGAshly was the good kid and rarely got into trouble, but she did love to sing, which could be a blessing or a curse, she said, because she was constantly singing. “My parents regretted buy-ing me ‘The Little Mermaid,’ ” she said, laughing. She made excellent grades and took a lot of dance classes. During high school, she also sang lead vocals for her church’s praise and worship band. She was a member of the drill team and business club, acted in plays and sang in musicals. As if she was not busy

Improving Members’ LivesBy Cora Bullock

Meet the Staff

ACFE Member Services Representative Ashly Worsham loves to assist members, but she also works to improve her performance with the ACFE’s continuing education offerings

M


enough, she also took classes her last two years of high school to become a licensed cosmetologist, which is how she paid her way through college.

Ashly graduated from high school in 2003 and attended Texas State University in San Marcos, 30 minutes south of Austin. It took her a while to fi gure out her major. She initially decided on accounting, because she is good at math, but then Ashly took a speech class, which she loved so much that she majored in mass communication. She also loves to counsel people, so she minored in psychology.

Working full time as a hairdresser and attending school full time meant she took a little longer to earn her Bachelor of Arts in Mass Communication, which she did in 2009.

SERVING OUR MEMBERSAfter she graduated, she was perusing craig’slist and saw the ACFE’s posting for a member services representative. She started in May 2010 and began managing the Fraud Magazine CPE quiz in January of 2011.

“I love to be able to listen to our members and make them happy and solve their problems, even when they don’t know what their problems are,” said Ashly. She might one day return to school to become a counselor. “Despite being a communica-tions major, I like to listen to people, and over the years, I’ve honed my listening skills.”

LEADING A FULL LIFEWhen she is not assisting members, Ashly stays incredibly busy. She has a passion for karaoke and sings with and writes lyrics for her co-worker Justin Dillon’s electronic band, GOBI. She also writes her own music and loves to cook. Her mother goes through cookbooks from start to fi nish, trying every recipe, and Ashly does the same. Her favorite cuisine is Asian, specifi cally Thai.

Ashly has not had the opportunity to travel much — “The fi rst time I touched or saw the Pacifi c Ocean was at the 22nd Annual ACFE Fraud Conference and Exhibition.” — but she one day plans to do more, though she does not want to leave Austin right now. She fell in love with the city, despite the frus-trating construction — the city’s growing pains — she encoun-ters every day. She tries to see the beauty in everything. “Your mindset really shapes your world, and I try to keep a positive perspective,” she said. Luckily our members, and the ACFE, get to benefi t from this too.

Cora Bullock is assistant editor of Fraud Magazine. Her email address is: [email protected].

EthicsLine .............................................. inside front coverTLO...........................................................................page 5SAS ................................................................... back cover

This index is provided as a reader service. The publisher doesn’t assume any liability for errors or omissions. For information about advertising, call Ross Pry at the ACFE, (800) 245-3321, or email him at [email protected].

Publication of an advertisement in Fraud Magazine® doesn’t constitute an endorsement of the product or service by Fraud Magazine or the Association of Certifi ed Fraud Examiners Inc.

ADVERTISERS’ INDEX

Ashly Worsham

Photo by Christi T

horton-Hranicky, C

FE


MCFADYEN REVEALS TULSA CHAPTER’S ‘SECRETS’ OF RITCHIE-JENNINGS SCHOLARSHIP SUCCESSR. Cameron McFadyen, CFE, longtime Tulsa fraud examiner and accountant and active ACFE member, recently spoke with Fraud Magazine about his participation in the ACFE’s Ritchie-Jennings Memorial Scholarship program, the Oral Roberts University (ORU) scholarship process and his work in the fraud examination fi eld. McFadyen is the founding president of the ACFE’s Tulsa Area Chapter and chairman of the Ritchie-Jennings Memorial Scholarship Committee. (See ACFE.com/scholarship.aspx.)

How long have you been associated with ORU and how have you served in the scholarship process?The Tulsa Area Chapter began participating in the annual Ritchie-Jennings Memorial Scholarship competition in 1996. I began as the chapter’s committee chair and started talking about the scholarship to professors at local universities. A friend of mine, Terry Unruh, an assistant professor of accounting at ORU, expressed real interest. From that point on, we worked closely together, and, over time, we developed a process, which has been very successful. Since being named to serve on the Ritchie-Jennings Memorial Scholarship Committee last year, I have removed myself from the process at the local level to avoid any confl ict-of-interest issues.

ORU has had a number of candidates win the Ritchie-Jennings Memorial Scholarship through the years.

The Tulsa Area Chapter established the R. Cameron Mc-Fadyen, CFE, Scholarship Award beginning in the 1999-2000 competition year. This award provides additional scholarship money to local winners.

How do you attribute ORU’s success?I believe there are four key reasons for the success of this pro-gram. First, the chapter scholarship chair maintains a close rela-tionship with ORU professors and offi cials. Second, the chapter sponsors events throughout the year, such as photo shoots and congratulatory meetings for the winners and presentations to recipients of the Fraud Magazine issue containing the scholarship article. Third, the chapter evaluates students regularly to deter-mine those who would make the best candidates for endorse-ment. And fourth, the selection interviews are always in person and designed to reveal as much as possible about each student: who they are, what they want to do and how they view their fu-tures. Those interviews are major components when the chapter decides who to put forward as Ritchie-Jennings applicants.

What steps can educa-tors take to help students submit a worthy application?Educators can make all the difference. They are on the front lines and know better than anyone those students who would make the best scholarship applicants. They can introduce their students to the scholar-ship program and tell them about its back-ground. Educators can

spur students to work their hardest and, hopefully, steer them to the fraud examination profession and the CFE credential. Dedi-cated educators can mentor students through the application processes and assure that they meet all requirements. Educators also can help students present themselves in the best possible way by highlighting achievements, experiences and honors that differentiate them from the pack.

What motivated you to become a fraud examiner? During my years as director of corporate internal audit, I came across inappropriate actions by individuals in various parts of our global operations. Finding this was a shock because you just don’t start into an audit project expecting to uncover fraud. Over time, in discussions with other audit professionals, there was growing concern about fraud and the risks that came with it. More and more forums about it became part of auditor meetings to allow a sharing of experiences, and these provided some education about how to deal with it. The subject matter really intrigued me, and the interest grew to the point where I just decided that I wanted to learn as much as possible and then help others either through education or by helping them deal directly with these very trying, diffi cult situations. More to the point, I hate to see the bad guys win.

Your ACFE number is 300; you’ve been a member since 1989. Why did you decide to become a member and then a CFE? What do you enjoy the most about the ACFE?Prior to the ACFE, there was no authority to specifi cally address these issues for professionals. When the ACFE began in 1988, I saw some literature about this new organization. So I contacted

ACFE News

R. Cameron McFadyen, CFE


tacted the Austin headquarters to ask some questions and learn what I could. I remember sitting in my offi ce a few days later and receiving a call from [now ACFE President and CEO] Jim Ratley asking if I needed additional information. We had a very nice conversation during which he said he hoped that with my accounting background, combined with the interest I expressed in fraud issues, I would seriously consider membership. And as they say, that was that!

(Thanks to Lupe DeLeon, ACFE membership coordinator, for assistance with this interview. — ed.)

CFE TAKES THE BLOWS AND GETS BACK UP IN ‘WIPEOUT’Wilson Kennedy holds two distinctions as a City of San Diego employee: He is the fi rst to become a CFE and the fi rst to be a contestant on ABC’s summer “Wipeout” obstacle course TV

Wilson Kennedy, CFE, swings with gusto during the trials of a summer “Wipeout” TV show.

Visit ACFE.com/AutoDues to enroll today.

Automatic Dues Renewal Service

Cost effective. Time saving. Convenient.

The key to saving time and money on your ACFE dues…

Receive a 10% discount on your dues each year you are enrolled in the service.

Get $75 off a live ACFE training event.*

Environmentally friendly - paper state-ments and postage are eliminated.

Your dues are automatically paid each year — no need to write a check or pay online.

No interruption of member benefits and services.

*Offer expires December 31, 2012. ACFE webinars, online learning and one-day seminars are excluded.

C fff ii TTii i C iCCCCCCCCCCooooooooosssssssssttttttttt eeeeeeeeeeffffffffffffffffffffeeeeeeeeeeeeccccccccccccctttttttttttttiiiiiiiiivvvvvvvvvveeeeeeeee TTTTTTTTTTTiiiiiiiiiimmmmmmmmmeeeeeeeeee sssssssssssaaaaaaaaaaavvvvvvvvvviiiiiiinnnnnnnnnggggggggggg CCCCCCCCCooooooooonnnnnnnnvvvvvvvvveeeeeeeennnnnnnniiiiiieeeeeeeeennnnnnntttttttttttttt....Cost effective. Time saving. ConvenientCost effective. Time saving. Convenientt.t.


show. The credential has helped his career, and the program has tested his resolve.

“I wanted the opportunity to experience the world’s most entertaining and challenging obstacle course while appearing on prime-time TV,” said Kennedy, the supervising management analyst for the San Diego Public Utilities Department.

You have probably seen this wildly popular show when channel surfi ng: Contestants move through a course of twirl-ing and thrusting padded plastic wheels, giant balls, platforms and mazes as they are shot with water cannons, pummeled with exploding airbags and often ungracefully fl y into pools of water.

“From my couch, being on the show looked like it would be fun, exciting and easy,” Kennedy said. After all he was young, had played college and semi-pro football and was still relatively fi t. “It was one of the most physically exhausting things I have ever done in my life!”

He auditioned in four casting calls over 1½ years, but he was ready when he got the call. More than 75,000 applied for season four, and he fi nally was in the 1 percent that made the cut. Now ironically nicknamed “Sewer Rat” by the show’s pro-ducers — he is a self-described germophobe who helps secure funding for San Diego’s water and wastewater projects — he worked out frenetically for three months before the show’s tap-ing in May of last year. He ran, biked, swam, jumped rope and lifted weights. Still, after completing the qualifying run, “it must have taken almost an hour before my heavy breathing stopped!”

During the taped competition, Kennedy fought his way to the top six of 24 contestants in the semifi nals, but he just missed the fi nal push for the $50,000 prize.

Throughout the ordeal, his family, friends and co-workers cheered him on. Many of them, including members of his church’s youth ministry, gathered at a pizza parlor to watch the show last summer. He had told the church kids during his audi-tions that he would buy a fl at-screen TV, an Xbox and a “Wipeout” video game for each of the three youth classrooms if he won.

“Although I didn’t win, I didn’t have the heart to not get them anything after they had been looking forward to celebrat-ing with me for almost two years,” Kennedy said. So at the end of the viewing party he presented all those fun items for one of the three classrooms. Then daughter Zaria, 11, Kennedy’s big-gest fan, led her Pop Warner cheerleading squad in a cheer.

He is not ready to retire from the punishment. He wants to appear on future all-star shows with other contestants who also did not quite make it to the fi nals. Kennedy defi nitely is not wiped out.

— Dick Carozza

ACFE News

Major Karl J. Flusche, CFE, USAF, Ret., passed away on Nov. 16. He was director and manager of all elec-tronic evidence collection activities for Fios Inc.

ACFE President and CEO James D. Ratley, CFE, said, “Karl was a true profes-sional. He personifi ed what we wanted in a CFE.”

Flusche was a federal agent for the Air Force Of-fi ce of Special Investigations for 25 years, specializing in computer systems analysis, computer crime investiga-

tions and forensic analysis of computer systems and associated storage media. He pioneered innovative ways for conducting forensic analysis of computer-related evidence and was credited in 1984 with fi nding the fi rst-ever use of a computer to hide a

suicide letter. In U.S. vs. Peri (1989), he was able to successfully recover hundreds of electronically stored pages of classifi ed war plans that a defecting U.S. soldier had passed on to the East German Intelligence Service via electronic media — the fi rst computer spy case in U.S. history.

His father, Don Flusche, was a sergeant with the Dallas Po-lice Department when Ratley was a police offi cer with the force. Ratley said Don Flusche had a profound infl uence on him. “Don was the fi nest man I have ever known, and Karl was a chip off the old block,” said Ratley.

Karl Flusche is survived by his wife, Cindy; a son, Karl Jr.; and a daughter, Lorrie. He enjoyed spending time with their three grandchildren, and he loved family genealogy, and stamp and coin collecting.

In Memoriam

“Karl was a true professional. He personifi ed what we wanted in a CFE.”

Karl J. Flusche, CFE


Last summer, the General Forum in the Members Only discus-sion forums on ACFE.com contained a long conversational stream on whether CFEs need private investigator licenses to conduct fraud examinations. The consensus among the discus-sants was a clear “maybe.” This unequivocal consensus was based on the private investigator licensing laws and regulations applicable in the relevant jurisdictions.

Most licensing laws defi ne the activities that constitute private investigative work and state that only licensed persons can engage in those activities. In the U.S., for example, private investigator licensing is controlled by each state, and 42 states and the District of Columbia have licensing requirements for private investigators. (Alabama, Alaska, Colorado, Idaho, Mississippi, South Dakota and Wyoming do not have statewide licensing requirements.)

Basically, in most jurisdictions, the question as to whether an individual must be licensed as a private investigator depends on whether the individual engages in private investigative work. And perhaps the most relevant factors in determining this are how the relevant jurisdictions defi ne “private inves-tigative work” (or some variation of this term, such as private detective business or private investigation service) and if the in-dividual is an employee of an entity or is independent. (Check out the thread “PI Licensure” in the General Forum.)

WHAT CONSTITUTES PRIVATE INVESTIGATIVE WORK?The defi nition of private investigative work can vary from state to state, but generally, private investigative work involves engaging in the business to, or accepting employment to, obtain or furnish information with reference to any number of matters, including:

• Crime, criminals or rleated information.

• The identity, habits, conduct, business, occupation, honesty, integrity, credibility, knowledge, trustworthiness, effi ciency, loyalty, activity, movement, whereabouts, affi liations, associations, transactions, acts, reputation, or character of any person.

• The cause or responsibility for fi res, libels, losses, accidents, or damage or injury to persons or to property.

• Evidence to be used before a court, board, offi cer or investiga-tive committee.

• Detecting the presence of electronic eavesdropping devices.

• The truth or falsity of a statement or representation.1 The above language, which is typical of some state laws,

is quite broad, meaning that it could encompass almost any investigative profession, including the anti-fraud profession. The general frameworks of state private investigation statutes, however, regulate only those who are holding themselves out as private investigators or conducting a business to perform those functions. Indeed, these statutes typically exclude those em-ployed exclusively and regularly by only one employer insofar as their acts relate solely to the business of that employer.

DOES CONDUCTING A FRAUD EXAMINATION CONSTITUTE PRIVATE INVESTIGATIVE WORK?According to the ACFE’s 2010 Fraud Examiners Manual, a “fraud examination is a methodology for resolving fraud allega-tions from inception to disposition. More specifi cally, fraud examination involves obtaining evidence and taking state-ments, writing reports, testifying to fi ndings, and assisting in the detection and prevention of fraud.”

Investigative work is one of many components in a fraud examination, but it does not include the fraud prevention com-ponent. That is, fraud examination involves activities outside the scope of traditional types of investigative work.

While some types of private investigative work may be limited to reviewing data and evidence for signs of wrongdoing, most are much more detailed. They require routine investiga-tive tasks, such as interviewing victims, witnesses and suspects, and taking their statements. Typically, the private investigator collects evidence and maintains a chain of that evidence so that a court of law will not dismiss it. The private investigator writes detailed reports indicating the chain of events and often testifi es in court about that material.

Independent CFEs Need to Check Their Jurisdictions on PI Licensure LawsBy James S. Peet, Ph.D., CFE


If a fraud examiner engages in the typical activities of investigative work, a private investigator’s license might be required. This is because many jurisdictions have laws that defi ne investigative work broadly to include the activities involved in fraud examinations. Thus, if a CFE conducts fraud examinations or investi-gations (separate, but similar activities), then this falls under the purview of “investigative work.” It does not matter if the investigations are of a criminal nature or not; what matters is that the licensing jurisdiction views them as investigative work.

But even if you engage in investigative work, it is not defi nite that you are required to obtain a private investigator license. Again, these statutes generally leave free of regulation those employees acting on behalf of their employers.

You likely will need a private investigator’s license if you are an independent CFE (not a paid employee of a corporation, organization, agency or any other entity).

An example of how an independent CFE could be involved in investigative work is when a prospective cli-ent contacts him or her about a possible case of occupa-tional fraud. If the CFE speaks with the client, obtains some cursory evidence that points to a particular employee, and then decides to interview the employee and his co-workers, this is the beginning of a formal investigation. If the CFE completes the interviews, takes statements and collects further evidence, he or she is now well into an investigation, which may lead to the employee’s termination and possible arrest. And the CFE may then testify in court.

In short, if you are paid as an independent CFE (not employed by an entity) to investigate a crime, you interview people, and you collect evidence, which may be used before a court, you will likely be required to obtain a PI license.

Dr. Joseph T. Wells, CFE, CPA, founder and chairman of the ACFE Board of Directors expresses his own opinion suc-cinctly. “If there is any chance at all that a state licensing board could view you as holding out as an investigator, do yourself a favor and get licensed,” Wells said. “Many of these state boards are self-funding and actively look for anyone that can be construed to be unlicensed because it adds to their coffers. Moreover, if courts or opposing counsel can brand you as an un-licensed investigator, your case will likely suffer severe damage.”

FINER POINTSPublic employees conducting investigations on behalf of their governmental organizations are exempt from state private

investigator licensing laws — as long as the investigations are in the performance of their offi cial duties.

Most CPAs are also exempt, as long as the work they do for their clients does not extend beyond the services traditionally offered by CPAs and into activities within the scope of tradi-tional investigative work. In many jurisdictions, once someone leaves straight accounting and begins forensic accounting, a PI license may be required. This is most often the case when some-one begins interviewing victims, witnesses and suspects. The person is no longer just reviewing data or evidence but is con-ducting a private investigation, as determined by law. Although some CPA activities could fall within the broad defi nitions in state private investigator licensing laws, the AICPA maintains that CPAs should be exempt from state private investiga-tor licensing laws.2 Regardless of what the AICPA maintains, though, jurisditional laws always take precedence.

Lawyers are also usually exempt from PI license require-ments if they are acting in their capacities as attorneys. For example, Nevada provides that “[e]xcept as to polygraphic examiners and interns, this chapter does not apply … [t]o an at-torney at law in performing his duties as such.” Nev. Rev. Stat. section 648.018.

If a lawyer decides to help another lawyer investigate fraud who is not in his or her fi rm, then the exception might

ACFE News

Private Investigator Licensing in Canada and the United States

PI License Required: Yes No

Note: Hawaii, Puerto Rico and the District of Columbia require PI licenses, but Guam and the U.S. Virgin Islands do not.


not apply and that lawyer might need a PI license.

As mentioned, those conducting internal audits/investigations for corpo-rations that employ them are generally exempt from state private investigator licensing laws. (These CFEs are usually internal auditors or internal investiga-tors.) A couple of jurisdictional excep-tions — mostly in Canada — require corporate CFEs to obtain PI licenses, but this is not the norm.

What if you do not conduct actual investigations but work as a consultant to develop fraud prevention programs or review materials for others, such as law enforcement agencies or law fi rms? There is a fi ne line between consult-ing, reviewing and investigating, so you should check with your licensing juris-diction. Most jurisdictions do not require a license if you are only a consultant and do not engage in investigative work. Fur-thermore, if you are a forensic accoun-tant (one who reviews and analyzes data for purposes of litigation but does not collect data or interview individuals) or a computer forensic consultant, you may be exempt from licensing. Most state laws are unclear on this matter. A few states, such as Texas, specifi cally require computer forensic professionals to be licensed as private investigators.

CROSSING JURISDICTIONAL BOUNDARIESTo throw yet another monkey wrench into the gears, what if your work takes you over jurisdiction lines? Some states or countries do not have reciproc-ity agreements with other states or countries. A CFE may be legal in one jurisdiction but not in another. Other places grant reciprocity to PIs up to 30 days to investigate cases originating in their home jurisdictions.

2012 Fraud Examiners Manual

NOW AVAILABLE

The essential resource for anti-fraud professionals has been updated with even more information valuable to fraud fighters worldwide. Stay up-to-date with latest changes in laws, statistics, fraud examination techniques, methodology and procedures with the new 2012 Fraud Examiners Manual. Because no other works provides such a comprehensive guide for the anti-fraud professional, every fraud fighter should keep a copy in their library.

Important updates for 2012 include: New chapter on Fraud Risk Management

New chapter on Corporate Governance

New coverage of the whistle-blower provisions of the Dodd-Frank Act

Updated Computer and Internet Fraud chapter, including expanded material on:

Methods fraudsters use to gain unauthorized access to computer systems

Data manipulation and data destruction, including a discus-sion on some of the common methods used to destroy and manipulate data

Ways organizations can prevent unauthorized access to their computer systems

Log management and analysis as a means to detect unauthorized access to computer systems

Conducting investigations regarding computer crimes, including a new eight-step plan for responding to such issues

U.S. Edition Now Available. International Editions Coming Soon.

Visit ACFE.com/Shop to order your copy today


KEEP IT LEGALIf you are an independent CFE, check with your jurisdiction’s licensing agency and get its response in writing. Better to be on the safe side than to have your credibility destroyed in court because you were not legal.

Useful resources for checking out U.S. private investigator licensing is the CrimeTime.com website linking all the state’s licensing agencies, http://tinyurl.com/kqp6uj, and Michael Kessler’s website on forensic accounting licensing, http://tinyurl.com/86q7z3s.

See the map on page 66 for those states and provinces in North America that require PI licenses.

James S. Peet, Ph.D., CFE, is an instructor at Highline Community College in Des Moines, Wash., and principal manager at Peet & Associates LLC in Enumclaw, Wash. He is also a licensed Washington State private investigator. His email address is: [email protected].

1This defi nition was taken from the Revised Code of (the state of )Washington §18.165.10, the law regulating Private Investigators. Some state statutes contain language that is more vague and open-ended. For example under Nebraksa’s statute (Neb. Rev. Stat. § 71-3201), a private investigator is one who engages in the secret service or private policing business, which “shall mean and include: general investigative work, non-uniformed security services, surveillance services, location of miss-ing persons and background checks.2American Institute of CPAs. (2011). Digest of State Issues: For the CPA Accounting Profession 2011. Retrieved from http://tinyurl.com/89bkarb.

ACFE Asia-Pacifi c Conference a HitThe fi rst-ever ACFE Asia-Pacifi c Conference held Oct. 23-25 in Singapore was a great success, with more than 200 attendees. Speaker highlights included Aedit Bin Abdullah, chief prosecutor of both the Criminal Justice Division and the Attorney-General’s Chambers in Singapore; ACFE President and CEO James D. Ratley, CFE; and Mark Steward, executive director, Enforcement Division, of the Securities and Futures Commission of Hong Kong. Attendees participated in educa-tional workshops and lively panel discussions covering such topics as anti-bribery efforts and corruption enforcement.

“The ACFE Asia Pacifi c Fraud Conference in Singapore was a real eye opener for me,” said Kevin Taparauskas, CFE, ACFE’s director of events and marketing, who also attended. “I knew that the ACFE had loyal members in the region. But I was extremely impressed with the enthusiasm of our attendees and dedication to truly growing the profession that I witnessed. I now understand why this has been our fastest-growing region in the world for the last several years.

“For our part, the ACFE intends to fully support and help facilitate ongoing growth in the Asia Pacifi c,” he continued. “I announced at the conclusion of the conference that the ACFE would be holding our fi rst CFE Exam Review Course in the area March 26-29, 2012. In addition, we are working on a regional call center, based in Singapore, that will greatly improve support all of our members in the Asia-Pacifi c region and beyond.”

ACFE News

Photos by Patrick Ong


the name of the student; up came 25 individuals with the same name, along with their profi les. I contacted the student and asked him for an explana-tion. He said he never contacted me via LinkedIn, but he had used his Gmail account to email me throughout the course. The only explanation I have is that the hacker stole his Gmail account from the LinkedIn website and used it to capture a contact list, which included my email address.

The fi fth suspect email included a message, with an embedded link, that read, “Your LinkedIn account was blocked due to inactivity. Please follow this link to learn more. Thank you for using LinkedIn! – The LinkedIn Team.” I do not have a LinkedIn account, so I can only assume it was another fraudster’s attempt to install the ZenuS malware on my computer. If you receive a similar message, do not click on the embedded link. If you know the indi-vidual, contact that person to see if he or she sent it, and if they did not, alert LinkedIn. I am sure that LinkedIn is doing an excellent job trying to prevent this type of fraud. However, its website is a gold mine of personal information for fraudsters to exploit with their schemes.

MORE FOR THE COMMUNITYTo help prevent identity theft, share these scams with your friends, family and colleagues. Contact me if you have any identity theft issues that I might be able to research and report back. Stay tuned!

Robert E. Holtfreter, Ph.D., CFE, CICA, is distinguished professor of ac-counting and research at Central Washing-ton University in Ellensburg, Wash. His email address is: [email protected].

TAKING BACK THE ID cont. from page 57

Order your course today at ACFE.com/compliance.

CPE Credit: 4Course Level: Intermediate Prerequisite: None

FCPA Compliance: Creating an Effective Anti-Corruption Compliance Program

FCPA Compliance: Creating an Effective Anti-Corruption Compliance Program

NEW! ONLINE SELF-STUDY

Since its enactment, the FCPA has had an enormous impact

on the way organizations around the world conduct business

domestically and abroad. As a result, it is important for you

and your company to understand the intricate and interlocking

network of criminal and civil laws designed to combat

transnational bribery.

FCPA Compliance provides relevant information on the current

legal and regulatory framework of the government’s efforts to

combat bribery in international trade. More specifically, this

course provides an overview of the FCPA and other international

anti-corruption initiatives, advises how companies can establish

compliance programs to detect and minimize violations of law

and examines bribery risk assessments.

What you will learn:

The principal components of the FCPA

14 essential elements of an effective compliance program

Creating an FCPA Risk Assessment

The 7 core risk factors of FCPA

CPE QUIZ No. 100 (Vol. 27, No. 1)

Circle the correct answers and mail to the ACFE with four other completed quizzes published within the last 24 months and the CPE Quiz Payment Form (see next page).

Name

ACFE Member No.

1. According to the opening case in the article, “Fraud in Houses of Worship,” the perpetrator:

a. Was a former youth minister.

b. Had been defrauding the 2,000-member church for 36 months.

c. Was in fi nancial trouble.

d. Admitted everything in a teary confession.

2. According to the opening case in the article, “Fraud in Houses of Worship,” the perpetrator had been defrauding the church by:

a. Writing herself duplicate paychecks.

b. Stealing cash from donation deposits.

c. Taking out credit card accounts in the church name.

d. All of the above.

3. According to the KU ticket scandal case in the article, “Fraud in Collegiate Athletics”:

a. Ticket sales amounted to more than $2.5 million at face value and could range as high as $3.7 million in market value.

b. Athletic department members did not improperly use or resell complimentary tickets reserved only for charitable organizations.

c. Evidence suggested that several coaches were involved in the schemes.

d. The culprits concealed these thefts by simply charging tickets to fi ctitious accounts and not recording the ultimate recipients.

4. According to the article, “Fraud in Collegiate Athletics”:

a. Part of the diffi culty in dealing with ticket sale frauds in college athletics is that the sheer volume of money invites theft.

b. The U.S. Equity in Athletics Disclosure Act requires colleges to fi le annual reports with the U.S. Department of Intercollegiate Sports.

c. Frequently, two individuals control the daily fi nancial management of an athletic department.

d. Winning often contributes to sound fi nancial management.

5. According to the article, “The 10 Tell-Tale Signs of Deception,” linguistic text analysis involves studying the language, grammar and syntax a subject used to describe an event to detect any anomalies.

a. True.

b. False.

6. According to the article, “The 10 Tell-Tale Signs of Deception”:

a. Deceptive people often use language that maximizes references to themselves.

b. In oral statements and informal written statements, deceptive witnesses never omit self-referencing pronouns.

c. Truthful people usually describe historical events in the past tense.

d. Deceptive people never refer to past events as if the events were occurring in the present.

7. According to the article, “Overachieving Fraud Wolves in Sheep’s Clothing,” the author in the case:

a. Was an in-house consultant.

b. Zeroed in on the accused employees because the tipster had provided specifi c details of the alleged fraud conduct.

c. Expanded the investigation to several previous months and increased the sampling of calls and accounts.

d. After reviewing consumer complaints, he found questionable conduct.

8. According to the article, “Overachieving Fraud Wolves in Sheep’s Clothing, ” CFEs are trained to focus their sights on the business resources, processes, procedures, employee activities and personnel to detect the potential for, and existence of, the fraud triangle factors.

a. True.

b. False.

9. According to the article, “Breaking Breach Secrecy, Part 3”:

a. Organizations and individuals who do a horrible job protecting personal data, of course, create conditions that lead to the majority of data breaches.

b. The PRCH describes itself as a “for-profi t consumer education and advocacy project.”

c. The PRCH defi nes unintended disclosure as electronic entry by an outside party.

d. For the past seven years, the Verizon Business Risk Team has prepared the Data Breach Summary Research Report.

10. According to the Holtfreter/Harrington Data Breach Analysis Report, described in the article, “Breaking Breach Secrecy, Part 3”:

a. Few individuals believe that the majority of compromised records and related breaches are externally driven.

b. Internal hackers caused more of the compromised records.

c. The results strongly indicate that the organizations experiencing these data breaches lack strong comprehensive data protection programs.

d. Thirty-eight percent of the total breaches result from the internal “improper protection and disposal of data.”

Fraud Magazine CPE Quiz Payment FormREAD the feature articles and columns in any five issues of Fraud Magazine published within the last 24 months.

CIRCLE the correct answers to the quizzes in the back of the issues.

REGISTER by completing the form below and mailing or faxing in your $69 fee and five quizzes together.

1

2

33EASY

STEPS:

PLEASE NOTE: The Fraud Magazine CPE Service CPE credits apply only to the CFE status and not to any other professional designations. Fraud Magazine CPE Service is not registered with the National Association of State Board of Accountancy (NASBA).

Once you’ve passed all five quizzes (with a score of 70% or better on each quiz), the ACFE will e-mail you a certificate of completion. You will receive 10 of the 20 hours of CPE credit required annually to maintain your CFE credential.

YES! I want to register for the Fraud Magazine CPE Service to earn 10 hours of CPE for only $69. I have enclosed payment along with my five quizzes.

Name, first and last ( Dr. Mr. Mrs. Ms.) Certified Fraud Examiner? Yes (if yes, member #) No Other designations (CPA, etc.)

Company Title

Home Work Address

City State/Province Zip/Postal Code Country

Phone number ( Home Work) Fax number ( Home Work)

Local Chapter E-Mail Address ( Home Work) Send me your FREE FraudInfo e-newsletter

METHOD OF PAYMENT

Charge my (check one). Cards charged in U.S. dollars. Name on Card Card Number

Expiration Date (month/year) V-Code (on back / front of AMEX)

Billing Address

City State Zip/Postal Code Country

Signature

Check or money order enclosed (made payable to the Association of Certified Fraud Examiners).

ASSOCIATION OF CERTIFIED FRAUD EXAMINERS

Download archived quizzes and this payment form at Fraud-Magazine.com/CPE-Quiz-Archive.aspx.

FRAUD MAGAZINE CPE QUIZ PAYMENT FORM

Januarysun mon tues wed thurs fri sat

22 23 24 25 26 27 28

February29 30 31 1 2 3 4

5 6 7 8 9 10 11

12 13 14 15 16 17 18

March26 27 28 29 1 2 3

4 5 6 7 8 9 10

11 12 13 14 15 16 17

18 19 20 21 22 23 24

25 26 27 28 29 30 31

Legal Elements of Fraud Examination: Charlotte, NC

Conducting Internal Investigations: Charlotte, NC

Fraud Related Compliance: Louisville, KY

Healthcare Fraud: Louisville, KY

Data Analytics: New York, NY

Investigating on the Internet: New York, NY

Fraud Prevention: Baltimore, MD

Money Laundering: Tracing Illicit Funds: Baltimore, MD

Interviewing Techniques for Auditors: Ft. Lauderdale, FL

2012 ACFE European Fraud Conference: London

Introduction to Digital Forensics: New Orleans, LA

Investigating Conflicts of Interest: Los Angeles, CA

Fraud Risk Management: Los Angeles, CA

CFE Exam Review: Dallas, TX

Contract & Procurement Fraud: Phoenix, AZ

ACFE Calendar of EventsFor information or to register, visit ACFE.com/Training

April15 16 17 18 19 25 21

22 23 24 25 26 27 28

May29 30 1 2 3 4 5

6 7 8 9 10 11 12

June17 18 19 20 21 22 23

July22 23 24 25 26 27 28

August5 6 7 8 9 10 11

12 13 14 15 16 17 19

26 27 28 29 30 31 1

Mortgage Fraud: San Diego, CA

Early Registration Savings

Find the events that you want to attend. Register and pay before the Early Registration Dead-line listed for the event (generally one month before event start date) and SAVE $95 or more off of the regular price for the event.

Combo Event Savings

Register to attend two events being held consecutively in select cities and receive $100 in savings! Combo events are designated with this icon:

Group Savings

Select the event that best suits the learning needs of your group. Gather a team of at least three or more individuals to register together. Call the ACFE at (800) 245-3321 or +1 (512) 478-9000 to determine your savings.

Three ways to save!

*Location and/or topic are subject to change.

Financial Statement Fraud: Columbia, SC

Principles of Fraud Examination: Austin, TX

CFE Exam Review Course: Las Vegas, NV

Digital Forensics Tools & Techniques: Chicago, IL

Professional Interviewing Skills: Providence, RI

23rd Annual Fraud Conference & Exhibition: Orlando, FL

Interviewing Techniques for Auditors: Denver, CO

CFE Exam Review Course: Chicago, IL

Fraud Related Compliance: New York, NY

Auditing for Internal Fraud: New York, NY

Professional Interviewing Skills:San Francisco, CA

Fraud Risk Management:Philadelphia, PA

CFE Exam Review Course: Boston, MA

Scan the QR code* with your mobile device to view a brief customer video or visit sas.com/bankfraud for the complete success story video.

Stamp out fraud.

With SAS® Analytics, you can score millions of transactions a day in real time – to detect fraud faster, reduce risk, streamline investigations and prevent losses. Decide with confi dence.

SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are trademarks of their respective companies. © 2011 SAS Institute Inc. All rights reserved. S76016US.0711

*Requires reader app to be installed on your mobile device

ANALYTICS