THE FRAUD CASE:
Max Smith, a payroll specialist for a large nonprofit organization, was a sick man. Most employees who steal do so out of greed, but Smith had a different motive—he was HIV-positive and needed expensive drugs to control the disease. Complicating matters, he hid his illness from his employer and health insurer. Over the course of two years, he embezzled $112,000 to cover his medical costs. Although Smith needed the extra cash, there were alternatives to stealing. But he couldn’t bring himself to reveal his sickness and ask for help.
Smith’s duties included posting time and attendance information to the computer system and preparing payroll disbursement summaries. Adding and deleting employee master records were separate tasks, performed by another staff member. As an additional safeguard, a supervisor approved all payroll disbursements, and the company deposited them directly into employees’ personal bank accounts.
It took a bit of doing to circumvent the internal control system and steal cash from the nonprofit, but Smith was up to the task. First, when the co-worker who added and deleted master records logged onto the system, Smith peeked over his shoulder and noted his user ID and password.
This enabled him to add fake master records—for “ghost” employees—to the system. Because tax deductions were programmed to fall within a given range of employee numbers, each time Smith added the name of a phony worker to the system, he assigned to it an employee number higher than the range. Thus, the payroll summary report—which was printed each week in ascending order by employee number—displayed fake workers at the end of the printout where they wouldn’t be selected for deductions.
Next, Smith entered false wage information for the ghost workers. At the same time, he arranged for their paychecks to be direct-deposited into his own bank account. Based on past dealings with his own financial institution, Smith knew the bank did not match the employee name to the one on the depositor’s account.
Finally, to get over the last internal control hurdle—approval of the payroll disbursements by a superior—Smith prepared his own fake payroll summary for the supervisor’s signature. Because Smith was seen as an exemplary employee, the supervisor didn’t check his work carefully and failed to notice the fraudulent documentation was printed in a typeface different from the one used in the real reports.
Smith also had to create phony file copies of the ghosts’ paychecks. The office’s hard copies of legitimate employees’ checks—printed in the accounting department—were yellow, while the ghosts’—printed by Smith—were white.
FRAUD DISCOVERED:
Smith hoped no one would notice about it but someone did notice: An observant accountant got lucky and discovered Smith’s ghost-employee scheme. During routine transaction-testing of the payroll account by the CPA firm, an auditor immediately singled out a white copy of a paycheck. He brought it to a fraud investigator to gather proof and evidences.
ACTIONS TAKEN:
As a fraud investigator, it is suffice to say that this one wasn’t very sophisticated. As it happened, the company’s auditors conducted their transaction testing first but a number of routine auditing procedures would have uncovered it later.”
Besides noting with concern that the payroll system administrator infrequently changed passwords, it would help to look into the following clues.
Each ghost-employee record contained a dead person’s Social Security number, which Smith had lifted from local death records open to the public. He arbitrarily made up their names.
Ghosts’ employee identification numbers were much higher than those of legitimate employees, and a gap in the series separated the two groups.
None of the fake employees had a personnel file or withholdings for taxes and Social Security.
The net payroll expense was lower than the funds actually issued because it didn’t include amounts paid to ghost employees.
The paycheck summaries prepared for management approval—which contained the ghost employees—were not in the same typeface as those the system printed.
Multiple direct deposits were made to the same bank account but under different employee names.
Of course it is important to determine whether Smith was in collusion with another staff member, textbook fraud-examination techniques are recommended to document the defalcation. In which case, the auditors obtained original copies of payroll registers, payroll check summaries, direct-deposit records, personnel files, time sheets and bank documents. In addition, the auditors carefully interviewed accounting department employees and the executives in charge of oversight. Noting that Smith was the only employee who profited from the scheme, it was concluded Smith had acted alone. The report, which detailed his embezzlements, convinced Smith to plead guilty when the nonprofit filed charges. Under a plea bargain agreement, he served no jail time but was sentenced to 15 years’ probation and ordered to make restitution.
PREVENTIVE MEASURES:
With simple but effective measures, you can prevent or detect this kind of fraud schemes.
Ensure the payroll preparation, disbursement and distribution functions are segregated.
Look for paychecks without deductions for taxes or Social Security. Completely fictitious employees frequently don’t have any.
Examine payroll checks that have dual endorsements. Although most of them are legitimate, two signatures could signal the forgery of a departed employee’s endorsement, which the thief also endorses and deposits into his or her own account.
Use direct deposits. This method, although not foolproof, can cut down on payroll chicanery by eliminating paper paychecks and the possibility of alteration, forgery and most theft, although it doesn’t prevent misdirection of deposits into unauthorized accounts.
Check payroll records for the presence of duplicate names, addresses and Social Security numbers.
On occasion, hand-deliver paychecks to employees and require positive identification. If you have leftover paychecks, make sure they belong to actual employees, not ghosts.
Be wary of budget variations in payroll expense. Higher-than-budgeted labor costs can indicate ghost employees
BUILD AN ANTI FRAUD PRACTICE:
Advocate fraud-prevention services – A thorough audit, although not designed specifically to detect fraud, has been shown to be a significant deterrent.
Education – The cornerstone of fraud prevention is education. It is difficult to defraud someone who has enough knowledge to recognize the warning signs.
Internal control reviews – Although most small business clients don’t need or in many instances can’t afford a complete audit, they can greatly benefit from a thorough review of their internal control structure.
Cash account reviews. Because cash is by far the asset most frequently misappropriated, a periodic review of receipts and disbursements is an excellent way for the CPA to increase service to the client
Pro bono work – Another way to gain valuable fraud-detection experience is to volunteer your accounting skills to those who can least afford it: your local police department or prosecutor.