Director Uses Experience to Challenge Business as Usual

/

MEMBER PROFILE

LaToya Lacey, CFE, CPA,
Global Audit & Risk Director, Diageo
Norwalk, Conn. 

LaToya Lacey, CFE, CPA, Global Audit & Risk Director at Diageo has climbed her way to a position that leverages all of her learned and innate skills: delivering internal audits, communication, leadership and the training and education received from earning and maintaining the Certified Fraud Examiner (CFE) credential. "I was working in finance training at Kraft Foods when I obtained my CFE," Lacey said. "At the time, a position in investigations was not available, so I stayed close to the industry and proudly displayed my CFE plaque at my desk. Over a year later, this very large plaque gained the attention of Kraft's CFO who wanted to know why I was in training instead of investigations. A few months later, I moved into a role within investigations. I believe this experience speaks to the value of this credential and being prepared to take advantage of potential opportunities."

How have you seen your roles and duties change as your career progressed?

Over the years, my responsibilities have increased, and I have developed a broader knowledge of business outside of the U.S. However, there are two very important things I look for in every position: I must be challenged in a way that positively contributes to my personal and professional development, and I must be empowered to challenge "business as usual" to increase efficiency and productivity and strengthen the control environment. Those have been the consistent factors that have ensured my continuous career progression.

How did you become passionate about fighting fraud? 

Years ago, I discovered what appeared to be fraudulent activity during an internal audit that I turned over to our investigations department. The investigation led to two individuals leaving the business. This is what sparked my interest. I became passionate about fighting fraud when I realized how often fraud occurs and how business is impacted. I spent a year working in investigations, and although I'm not currently in a position where I investigate fraud, the knowledge I gained from that experience has changed the way I conduct audits and how I think about controls.

What is a memorable case or project that you have worked on? 

The most memorable case was a kickback scheme we became aware of due to an anonymous call. Initially, we thought this was an isolated incident, but as we dug deeper into electronically stored information and conducted interviews, we determined the issue was more widespread and involved various levels within the company, including management.

What is your personal motto? 

I'm a lifetime member of the National Association of Black Accountants, Inc. (NABA) and currently hold the position of Immediate Past President of the Chicago Chapter. NABA has the motto of: "Lifting As We Climb" and I have adopted this as my personal motto. With this in mind, I have helped many college students obtain academic scholarships through my role in NABA and have served as a mentor to many young professionals. As I have benefited from others sharing their knowledge with me, I will continue to give back by doing the same.

Read LaToya's full profile in the Career Center on ACFE.com.
 

10 Golden Tenets of Fraud Prevention and Deterrence, Part 2

/

SPECIAL TO THE WEB

Vivek Krishnan, CFE

Possibly the toughest task for any fraud examiner is preventing and deterring fraud. Some believe that fraud control and prevention is at its best when the process of detection remains a secret. However, one of the best corollaries to this school of thought is the opposite: Be open about it. Below Krishnan continues his discussion of the remaining five golden tenets of fraud examination. (Read Part 1.)

RULE NO. 6: PRACTICE THE ART OF OBSERVATION AND LISTENING

I remember a conversation in the movie "Jurassic Park." The main characters pass the enclosures containing Velociraptors, which are extremely intelligent. The park's game warden says about one of the deadly dinosaurs, "When she looks at you, you can see she's working things out. That's why we have to feed 'em like this. She had them all attacking the fences when the feeders came." One of the scientists asks, "The fences are electrified, right?" The game warden replies, "That's right, but they never attack the same place twice. They were testing the fences for weaknesses, systematically. They remember." 

This is true in organizations, too. Fraudsters find flaws by constantly testing "the fences" of verification processes. We need to anticipate the weakest parts of the fences by:

  1. Knowing what/where/which controls to place.
  2. Knowing the effectiveness of the controls already placed.

During a visit to one of our offices, I saw an interesting ad in a nearby shop. It offered help in procuring Permanent Account Number (PAN) cards. (PANs are unique registration numbers provided by the Indian government's income tax department.) The shopkeeper assured three services: premium, regular and non-resident Indian (NRI). Premium would be delivered within a week, regular would be up to one month and NRI was for Indians who were settled abroad. This was at a time when the regular process required 45 days minimum to get a PAN card request processed.

One of the documents we were accepting for ID proof was the PAN card, so it was critical to stop locals who were forging these cards. We had to connect with officials and update our teams on identification mechanisms provided by the issuing authority to counter such schemes.

To date, such market visits help us validate the effectiveness of our controls.

RULE NO. 7: BEWARE OF DECOYS

The most important lesson for this rule is derived from rule No. 1: Never underestimate customers, support groups, internal employees, etc. The popular card game "Bluff" comes to mind. The best strategy is to be true in large turns (three to four cards at one go) and turn in single false additions. A good player spots the bluff. That's where fraud examiners come in.

I remember a time when business scaled up, the market was in its boom period and the volumes were high. Cases were bottlenecked at various stages, our teams were struggling with large volumes and the underwriters spent long hours fitting cases correctly into portfolios while also looking at their specifics and authenticity.

To ensure quality, special task forces were asked to do sampling. The sampling pattern adopted by this group was taken in the pattern 1, 4, 9, 11, 14, 19. We investigated a standard 15 percent of the cases.

The sampling was representative. The underwriters were satisfied because the results were the same — 100 percent positive on verifications. Because we knew the past history of patterns identified in that particular city, a bird's-eye view suggested that it needed deeper review.

We changed the sampling pattern slightly, and the results changed. We realized that the teams had been observing the pattern of sampling and somehow were aware of the sampling percentages. They converted these percentages into "targets." What would be the winning situation? They put the cases in the files they knew were accurate in the orders of 1, 4, 9, 11, 14, 19 so that proposals would go through smoothly without reworking them.

Many times our control mechanisms are identified without our knowledge. The executives threw in decoys knowing very well that we would catch them and therefore hoped we'd miss the loans that weren't sound investments for the banks. We checked the decoys and found them in perfect order. A sampled representative case (decoy case) that checks out is rarely checked again for other triggers of fraud. We checked the decoys and uncovered the true fraud.

Read the final golden tenets of fraud prevention on Fraud-Magazine.com.

Fighting Fraud a Collaborative Effort

/

Partner Profile:
MGM Resorts International 

According to Heidi Sealy, CFE, Senior VP of the Fraud Control Group at MGM Resorts International, recognizing that fraud exists in almost any business environment is a crucial first step to actively managing fraud within an organization. "Historically fraud has largely been dealt with on a reactive case by case basis. However, in large organizations it is vital to assess fraud risk across all business operations and proactively put controls in place to prevent fraud from occurring," Sealy said. "It is also important to create review processes to quickly detect fraud when it does happen, so it can be eliminated and prevented in the future." 

Sealy sees fighting fraud in a large organization as a collaborative effort. MGM Resorts International grew through acquisition when MGM purchased Mirage Resorts in 2000 and then Mandalay Bay Group in 2005. With the development and opening of City Center in 2008, the company grew to 16 domestic casinos with 62,000 employees.  "The workplace cultures and policies were very different at each of the individual companies that merged together under one management team," Sealy said. "A significant portion of our operations were siloed by property, making it difficult to support from a central location. MGM restructured in 2010, resulting in a more receptive environment for corporate support functions." This was also about the time that Sealy began to see the need for a way to identify and acknowledge the fraud that had been happening at each of the individual properties and address it for the company as a whole.   

Internal collaboration with other key departments is imperative to MGM's Fraud Control success. There are daily interactions with internal audit, surveillance, security, legal, compliance and human resources. Strong communications between these departments is essential to MGM's successful fraud efforts, so a significant amount of time and resources are devoted to ensuring open, timely lines of communication containing accurate and relevant information. MGM has also established strong communication ties and daily interactions with outside entities such as gaming regulators and enforcement agencies.

"We recently reviewed our Fraud Control program at a high level and identified what we believe is a real opportunity for us to improve our efforts by establishing relationships and information sharing with other large corporations fighting fraud in their own environments," Sealy said. "We turned to the ACFE for advice and direction. Our decision to join the ACFE's Corporate Alliance came from the highest levels of our organization. Management wants to ensure that MGM takes a proactive, visible and vocal role in fighting fraud in the workplace, both within our organization and elsewhere. Joining a program like the Corporate Alliance to open a dialogue with other corporations experiencing similar frauds and sharing non-competitive information is a real win/win situation. We are eager to speak with other organizations on an extended basis about ways to prevent, detect and investigate fraud activities."

Sealy believes that one of the biggest benefits to joining the Corporate Alliance program, on top of savings on training and exclusive resources, is the networking that can happen between corporations publicly taking a stand against fraud. "The biggest bang for our buck is having an open dialogue with companies that face the same challenges we face. We all benefit when we come together in a variety of different manners." Along with joining the Corporate Alliance program, MGM recently launched hospitality industry roundtable conference call meetings to discuss the latest trends and frauds affecting the industry. "Very little of what we do on my team is competitive in nature," Sealy said. "The more we can communicate and share relevant information across companies, the more effective we will all be in our fraud fighting efforts.

Sealy and her team are just one of many large corporations that have signed up to partner with the ACFE Corporate Alliance program and take a visible stand against fraud. For more information about the program and to read the rest of the profile, visit ACFE.com.

LinkedIn. Time to Reset your Settings?

/

GUEST BLOGGER

Glenn Bass, CPA, Director of Recruiting, Security & Investigative Placement Consultants, LLC
Bethesda, Md.

The numbers are staggering. Every second, two new members join LinkedIn. In its official statement LinkedIn reports a total user base of 300 million worldwide. And with that, LinkedIn has become an indispensable tool for Certified Fraud Examiners (CFEs) to connect with other professionals in the fraud and investigative industry to gather advice and recommendations for potential hires and to discover job opportunities and apply for them. It’s a critical platform that allows CFEs to stay in touch with the pulse of the industry through its user groups, blogs, job listings and ability to connect with other CFEs.

As a recruiter specializing in fraud, investigations and security, I advise candidates to embrace LinkedIn to the fullest. In my own personal efforts to embrace it, I read and review many posts across the internet about LinkedIn. I came across a post by Cheryl Conner titled “The LinkedIn Setting Mistakes That Most People Still Make” which I think is important enough to share. You, as a savvy user, must stay on top of the continuing updates to the primary platforms as they evolve.

1. “I don’t want to be bothered with all those group emails.”

You have full control over which groups you receive email notifications from and the frequency with which you receive them. Ask yourself, “If I miss something from this group, would I be mad?” Your best bet is to keep track of a handful of groups, and let the updates from the other ones go.

2. ”This guy is driving me nuts with his silly status updates.”

We all have some people in our networks that are using their LinkedIn status updates like a Twitter account, or they don’t understand LinkedIn users don’t want to be sold to on a regular basis. This setting allows you to say “bye-bye” to their status updates. Here’s how to stop them: When you view one of the offending status updates on your home page, move the cursor to the top right of the update and click “Hide.”

3. “I don’t want to tell my network every time I change my profile this weekend.”

This is a big one. This is especially helpful if you are working on your profile in a condensed period of time and don’t want LinkedIn to report every change immediately. Be sure to turn the feature back on when you have completed your final changes. Having your network see your profile changes is a good thing on the whole. But it’s smart to turn off the activity broadcasts while you’re working on multiple changes, or are updating an item you’d rather not go out in email. To do this, go to Account Settings > Profile > Turn on/off your activity broadcasts.

4. “I don’t want people to see my connections.”

The default is that your first-degree connections can see who your other first-degree connections are. Allowing your contacts to know who your other contacts are has always been a valuable step in the networking process, however not everyone thinks the same on this. 
Many people would like this setting to be person-by-person and not all-or-nothing. Unfortunately, that option is not yet available on LinkedIn. But here’s how to change your current settings: Go to Account Settings > Profile > to select who can see your connections.

5. “How do other people get their picture, name and company name on ‘Who’s Viewed Your Profile’?”

The default is that you won’t see this detail, but most individuals who are interested in growing their brands would actually want this information to show. But if you’d like to change it – or would like to temporarily change it, go to Account Settings > Profile > Select what others see when you’ve viewed their profile.

Lastly, as it drives to the core of ethics and common sense, it is crucial that you don’t exaggerate your efforts on your profile – everyone can see what you’ve written and yes, people will notice.  

These adjustments to your LinkedIn account and profile should make you user experience and networking within the CFE community all the better.

Are You Being Swindled and Don’t Even Know It? 

/

GUEST BLOGGER

Misty Carter, CFE, CIA
ACFE Research Specialist

If you were to ask business owners how many times they thought one of their vendors ”got one over” on them, the majority would probably say something like, “I trust my vendors. They would never steal from me. I have used them for years and never had any problems.” In a perfect world, that might be true, but unfortunately, we live in the real world and that is just not realistic. I mean, let’s face it — even with the best controls in place, you cannot eliminate vendor fraud. Consider the vendor fraud that occurred against one of the nation’s largest consumer electronics companies, Best Buy. This company, duped by several vendors, lost close to $42 million with the help of a company employee. This employee colluded with several vendors to defraud the company by approving fraudulent online bids. The vendors would bid low and then charge high after being awarded the contract. In fact, over the course of three years, one vendor submitted bids for $24 million in parts, but ended up charging the company $66 million. In exchange for his help in this scheme, the company employee was treated to lavish vacations, given envelopes full of money weekly or bi-weekly, and was even extended a $300,000 “loan” to help his father start a business. Sounds like the good life, right? Well, maybe until you are caught. And yes, this scheme finally caught up with them. 

Many might ask how these vendors were able to steal so much money from this large, publicly traded company for so long before getting caught. According to the defendants (the vendors), it was the company’s fault. They blamed company executives for “turning a blind eye” and having weak internal controls. In other words, it was the company’s fault that they were defrauded. What do you think? Could this fraud have been detected earlier or even prevented if anti-fraud measures had been in place? Based on the outcome, it certainly appears that something was lacking. It’s too late to prevent this fraud, but fortunately for other business owners, the ACFE has a new self-study course to help management in its fraud prevention and detection efforts related to vendor fraud.

The new online self-study course, Auditing for Vendor Fraud, is a great “go-to” guide for anyone interested in learning about vendor fraud and how to conduct effective vendor audits. This course walks you through the process of preparing for and conducting vendor audits, both internally and externally. It offers guidance on what to include in right-to-audit clauses for vendor contracts and is designed to help you learn about various types of vendor fraud schemes and red flags to identify these schemes as you perform vendor audits. 

Read more about the new course at ACFE.com.