Kicking the Cane: Intra-familial financial exploitation of the vulnerable elderly

/

SPECIAL TO THE WEB

Annette Simmons-Brown, CFE

On Jan. 16, Martin Thibodeaux of Arnaudville, Louisiana, was arrested and booked on the charge of "financial exploitation of the elderly." Thibodeaux, according to a Jan. 20 KLFY article by Brittany Altom, had been listed as an authorized user of his 86-year-old grandmother's bank account for the purpose of caring for her. However, within six months, he made ATM withdrawals 12 times, cashed checks and made in-person direct cash withdrawals, and visited her bank 22 times to open her safety deposit box. According to the article, Thibodeaux accessed his grandmother's account 34 times and stole more than $36,000.

Financial crimes that target the elderly are increasing. According to The Wall Street Journal, "People 60 years and older made up 26% of all fraud complaints tracked by the Federal Trade Commission in 2012, the highest of any age group. In 2008, the level was just 10%, the lowest of any adult age group." (See, Financial Scammers Increasingly Target Elderly Americans, by E.S. Browning, Dec. 23, 2013.) Investigators estimate that only 10 percent of such frauds are reported, according to the article.

This underreporting of financial crimes against the elderly makes it difficult to get reliable statistics. It's possible that the aggregated financial impact on elderly victims — and society in general — will get much worse before a comprehensive national research and intervention response is entrenched.

Much of current popular and professional discussion on financial fraud that targets the elderly focuses on perpetrators outside victims' social nexus — shady investment promoters, faux home-improvement crooks, telemarketing scammers, identity thieves — who have built actual businesses and use the elderly as a conveniently vulnerable victim pool.

However, within this matrix there's another growing class of criminals: relatives of the elderly who steal from their own vulnerable family members under the guise of assisting them in their midnight years. And it's highly prevalent. According to a Consumer Report PDF, "Steven Peck, an elder-law attorney in Van Nuys, Calif., estimates that 75 percent of elder abuse is done by someone in the immediate family. …"

This two-part article will look at intra-familial elderly financial fraud, which is highly challenging to combat. In part one, we'll look at the growing incidences of this type of fraud. We'll use The Fraud Triangle to look at the similarities of these fraudsters to traditional occupational fraudsters. In part two, we'll look at actual criminal case summaries that demonstrate this category of fraud.

The two parts will outline these fraudsters' patterns of behavior and the difficulties of identifying, investigating and prosecuting crimes within families.

ELDERLY FINANCIAL FRAUD AND THE FRAUD TRIANGLE

Family members often have to assist their aging grandparents, parents, aunts and uncles as they become less able to take care of themselves. Frequently, these helpmates need access to their assets to assist effectively. They need to pay the elderly's bills, execute decisions on the disposition of real and personal property, manage their assets, and help make or implement medical decisions.

Frequently, helpmates are placed onto the elderly's financial accounts — and real property titles — as joint owners specifically so they can manage the elderly's financial matters both small and large. And very often, a helpmate is appointed as an attorney-in-fact through a power-of-attorney instrument that gives him or her specific responsibilities and capacities regarding the elderly's assets. At this point, a helpmate often is given direct and legal access to an elderly person's property and credit, and the ability to steal is remarkably amplified. The Fraud Triangle now comes into play.

Donald Cressey's Fraud Triangle teaches us that there are three interrelated elements that enable someone to commit fraud:

  • Perceived pressure to commit and conceal the dishonest act.
  • Perceived opportunity to commit the crime without being caught.
  • Some way to rationalize the fraud as not being consistent with one's values

(Excerpted and adapted from the 2014 ACFE Fraud Examiners Manual, 4.240, 4.247, copyright 2014.)

Though Cressey developed The Fraud Triangle within the context of occupational fraud — to represent the embezzler, the cash-register skimmer, the insurance scammer, the bid rigger — it also perfectly captures the framework of the crooked family member who now has access to the cookie jar containing the elderly's assets.

Want more? Read Annette's full article about elder fraud on Fraud-Magazine.com.

It's Better to Have Loved and Lost (Money) Than to Have Never Loved At All

/

GUEST BLOGGER

Courtney Pedersen
ACFE Communications Coordinator

When the poet Alfred, Lord Tennyson wrote his famous line, “‘Tis better to have loved and lost than never to have loved at all,” I’m sure the possibility of romance scams hadn't crossed his mind. Victims of romance scams can lose time, money and confidence. In 2011, the FBI’s Internet Crime Complaint Center (IC3) received 5,600 complaints from victims of so-called “romance scammers.” The victims reported collective losses of $50.4 million.

These scams involve con artists who work their way into your heart and eventually into your pocketbook by infiltrating chat rooms, dating sites and social networking sites. Here are a few examples of how these scammers work:

In 2012, Debbie Best met a handsome man, John, on an online dating site. According to his profile, he owned an antiques store in Florida. After getting closer John claimed that, while travelling to the UK and Nigeria, he had become financially stuck and unable to travel home. He asked her for money and called her daily, eventually telling her that he could not even afford to eat. She wired him two payments of $250, not realizing until after the money was sent that his fake name was known online and being used in other scams. She also received the phone bill for the calls John made to her which totaled $1,000.

Recently in Quebec, Canada, William Reid was a victim of an online Valentine’s Day scam. He was speaking online to a woman who called herself Jane. Jane was from Africa, and Reid wanted to fly her to his location so that they could live happily ever after. As Jane was travelling closer to Reid there were a series of unfortunate events that cost him more and more money. In the end he was stood up and out $10,000.

In another story that was featured on “Dr. Phil,” a widow named Norma fell in love with Richard on the online dating site ChristianMingle.com. After they met she soon began sending him money for cars, computers and even money to loan his friends. Richard, who supposedly lived in North Carolina at the time they began talking, created a story that he moved to Ghana to explain why the money was sent overseas. For two years Norma and Richard planned their future together, which even included adopting an orphan in Ghana. Norma eventually learned that photos of Richard were actually photos of another man named Bill in the U.S. that were stolen from Facebook. Over the course of three years Norma sent Richard a staggering $300,000.

With these examples I can’t help but wonder whether Alfred, Lord Tennyson should have put a disclaimer next to his famous line. If you feel that you or a loved one has been duped in an online dating scam visit IC3’s website and file a claim.

Does Your Organization NEED a Whistleblower Policy?

/

GUEST BLOGGER

Eileen Leslie, CFE, CPA
Forensic Analyst, Forensic Strategic Solutions

I envision a resounding “yes” is crossing your mind, no matter who you are or where you fall in the organizational chain of command.

But seriously, stop and think. You are the organization’s owner, president, human resources manager, executive, employee, etc., and in your opinion, should your organization have a whistleblower policy or does it need one?

The difference I am trying to convey has to do with your organization’s ethical culture.

Of course most, if not all, organizations should have a whistleblower policy in place. It should include all of the standard and essential elements: definition of covered individuals, encouragement to report wrongdoings, non-retaliation and non-discrimination provisions, confidentiality of individuals and a defined process of reporting. The policy should be effectively communicated to pertinent individuals and the implementation and enforcement processes should be functional.

The question of needing a policy depends on the culture or values of the organization.

While working as a financial analyst in the U.S. Attorney’s Office, I investigated many whistleblowers’ allegations of companies violating the False Claims Act. I recall one time sitting across the table from a CEO who clearly did not foster an ethical culture when it came to doing business with the federal government. When asked if he knew or had read the federal regulations governing the company’s business, he responded by chuckling and saying the regulations were “too boring to read.” His sentiment, obviously, trickled down to the company’s management and employees, resulting in whistleblower allegations, a federal investigation and ultimate settlement with the company.   

So, what are the best practices for an organization to not need a whistleblower policy?

  1. Hire ethical people.
  2. Hire competent people who have the knowledge to perform their work in accordance with state and federal laws and regulations.
  3. Create an environment where people are encouraged to report problems or concerns.
  4. Take reported problems seriously, investigate and resolve if needed.
  5. Reward good faith reporting.
  6. Take the negativity out of whistleblowing or filing complaints, and create opportunities to better the organization.

Sounds simple, right? No organization wants to suffer the embarrassment and negative publicity that can occur as a result of whistleblower allegations. Review your organization’s current whistleblower policy if it has one. Ask yourself, “Do you need that policy?”

Eugene Kaspersky: The Hackers Aren't Winning

/

AN INTERVIEW WITH

Eugene Kaspersky
World-renowned cybersecurity expert, CEO, Co-founder of Kaspersky Labs and keynote speaker at the upcoming 2015 ACFE European Fraud Conference in London, March 22-24

Why do you think it is important for anti-fraud professionals to be up to speed on the latest cybercrime and cybersecurity?

Keeping up with (ideally keeping ahead of) cybercrime is essential if we’re serious about providing effective protection against cyberthreats for financial institutions and their clients. The sophistication of malware used by criminals to attack banks is on the rise, and we’re now facing a very dangerous situation: the stealthy, cutting-edge malicious tools that were once only to be found in state-sponsored espionage campaigns are now available to criminals as well. We’re now seeing government-grade advanced persistent threats (APTs) used to attack banks to steal money. This means that investment in IT security — including in the education of security specialists and in forensics — is vital for building effective protection for any organization that could be targeted by cyberfraud.

What advice do you have for those working in fraud detection and prevention who simply feel overwhelmed and outnumbered by cyberthreats?

Don’t panic, and do your job! There are many reasons to be paranoid when you’re in the security business, as you have to understand all possible attack scenarios, and there are admittedly many of them. It’s very important to always learn to be able to address this growing number of threats: knowledge transfer, training and the ability to use the industry’s best practices to confront the attackers are vital. It’s either impossible or very costly to build 100 percent secure cyber-protection, so the goal should be to make that protection as robust and as strong as possible to make a hack more expensive than a physical, real-world robbery. 

What do you most hope attendees will take away from your address?

Despite all the threats, we can be optimistic: I think the hackers aren’t winning, and we in the security business aren’t losing the battle. We can provide very high levels of protection if we continue to learn, develop our defensive technologies, conduct regular security audits and generally take cybersecurity seriously.

Read more about Kaspersky and other keynote speakers at ACFE.com/European. Register by February 20 to save EUR 125.

4 Ways to Increase Your Level of Management Review in 2015

/

GUEST BLOGGER

Jeremy Clopton, CFE, CPA, ACDA
Senior Managing Consultant, Forensic and Valuation Services, BKD, LLP

February is here. We've made it past the excitement of the new year, made (and perhaps broken) a few resolutions and undoubtedly read a few different “new year, new you” articles.  Now it is time to get down to business: the prior year’s books need to be closed, current year operations are kicking into high gear and you may be conducting your first management review of the 2014 financials. In fact, according to the 2014 Report to the Nations, nearly half of the organizations surveyed did not use management review as an anti-fraud control. This is especially true for smaller organizations, where only one-third of organizations used management review as a control. 

Interestingly, of the anti-fraud controls listed, management review is likely one of the easiest and most cost-effective controls to implement in a small business. And, given that small businesses are often owner-managed, there should be a keen interest in conducting such a review. Though, as with any control, figuring out how to get started is sometimes the most difficult. With that, here are four ways to increase your level of management review in 2015:

  • Obtain and review your bank statements. It is important to obtain a copy of your bank statements directly from the bank each month, including the cancelled check images. Some of the most common fraud schemes in the Report to the Nations are disbursement related  meaning money is going out the door. Generally, that activity is captured in the bank statements. Easy-to-spot items, such as unusual electronic payments, credit cards your organization doesn't have, checks payable to employees or manual checks in a batch of electronic payments can make this review both effective and efficient. If small business owners logged onto their bank’s website once a week to look at the transactions, it would keep many frauds from growing into a much bigger problem.
  • Take advantage of your ratios. Ratios were meant to be compared. That might not be the true reason they were created, but it is one of the most effective ways to use them for management review. Comparing your key ratios over time (monthly, quarterly, annually, etc.) to peers in the industry or to other benchmark data provides insights into how your business is performing. While they might not be enough to facilitate operational decision-making, these simple comparisons provide indications of change within the financials.
  •  Obtain electronic data and verify the reports you are provided for review. Management likely receives and reviews reports each day. These reports, however, may be a slight variation on what the data actually says. Therefore, it is important to obtain the underlying data for your standard reports and review the two for consistency. If the reports come directly from accounting, go directly to IT to obtain the data. Getting these items from different sources provides you a means to verify the contents of your regularly reviewed reports. For example, an accounts receivable aging report might not show a significant number of outstanding balances. A review of accounts receivable transaction data, however, shows a large number of write-offs. The review of the underlying data provides a better understanding of the report and may lead to additional questions.
  • Embrace the dashboard. No, I don’t mean go out and give your car a hug. Rather, enlist the help of someone in the IT department or internal audit department to leverage all of that “big data” your organization is generating. Aggregating the detailed data elements into a high-level dashboard can allow you to efficiently perform a management review of key metrics, controls and other items of interest. For example, if vendor management is a concern in your organization (hint: it probably should be), incorporate statistics about new vendors, vendor changes and dormant vendors in your dashboard. You might need dashboards for each business process or operating division. Dashboards allow you to have greater insight into the data without being overwhelmed by millions of data points. 

As you continue your review of the 2014 results, begin to review 2015 results now. Management review is not only an effective anti-fraud control; it is also a way to provide you greater insight into the operations of the organizations you manage.