News and analysis on the global fight against fraud
Before beginning his career in bank examination, and later internal audit, Jacob Flournoy wishes he would have done more of one thing: listening. “I was probably told everything I needed to succeed by my trusted advisors. I just wish I had listened more to their advice,” said Flournoy, a CFE, and the Chief Audit Executive at the University of Arkansas System.
Read More
Nicole Galloway, CFE
Missouri State Auditor
Few things are as important as ‘the follow through.’ In many respects, following through is as important as beginning the task itself. This practice is what essentially led Missouri State Auditor Nicole Galloway, CFE, to obtain her credential. “I didn’t want to just start the case,” says Galloway. “I wanted to put the pieces together and see it through to the end.” Galloway believes that the state auditing process provides an opportunity for review, investigation and recommendations in pursuance of making government better for its people. “I believe strongly that the work we do is critical,” says Galloway. “I want others to understand how we can bring government closer to citizens.”
How did you become passionate about fighting fraud?
When I worked as an actuary at Allstate Insurance I would review internal case studies that provided real-world examples of recently discovered fraud attempts. In one case, an individual filed a claim for his home, which he claimed was destroyed in a tornado. But when the adjustor went to investigate, she found the home was just fine. I would check these listings every day – I found it so incredible that there were people out there that would try to perpetrate these frauds and actually thought they could get away with it. Shortly after, I started taking accounting classes and I realized that it was more than just people who tried to get away with something. Of course, there were bad actors, but there were also circumstances — the opportunities for fraud — that allowed these activities to occur. I found this interesting, and it sparked my interest in fraud and fraud investigations.
Why did you decide to become a CFE?
As an internal auditor at an insurance company, I saw the impact that the company's CFEs had. They seemed to be doing the most interesting things! I remember when I first started using Audit Command Language (ACL) I found a number of insurance policies in our records that had the same P.O. Box listed as the address. It was an interesting discovery, but then I had to hand the information off to a CFE in the company to lead the investigation. I didn't want to just start the case, I wanted to be able to put the pieces together and see it through to the end.
What is your current role and what does it entail?
As the 38th Auditor of the State of Missouri, I am responsible for the operations of an office that provides oversight and independent review to hold government accountable. My office works to ensure the proper use of public funds and to improve the effectiveness and accountability of Missouri government. Audits examine financial practices to identify potential waste, opportunities for fraud, cybersecurity weaknesses and whether government organizations and programs are operating efficiently and transparently.
What is a memorable case or project that you have worked on; one that made you feel especially proud?
My team completed an audit in December of Hope Academy, a charter school in Kansas City that's no longer operating. It actually closed during the course of our audit work, which demonstrates the extent of the issues we found there. What we saw at Hope Academy — manipulated attendance records to get more state funding, students getting credit for non-academic work like dog walking and babysitting — was frustrating. The school was designed to serve as a second chance for students who were working to make positive changes in their lives, instead taxpayers were defrauded out of millions of dollars and, most importantly, the school failed these kids. Since our audit, a lawsuit has been filed against Hope Academy seeking the $3.7 million owed to the state. We can't get back the opportunities that these students lost, but it's good to see that steps are being taken to hold officials accountable, and I'm proud of the work we did there.
What do you hope to personally pass on to the next generation of fraud fighters?
I hope to pass on a real interest in public sector auditing. I believe strongly that the work we do is critical, and I want others to understand how we can bring government closer to citizens. I know that there can be a general distrust of government, but the auditing process provides for review, investigation and recommendations designed to make the system better. By shedding light on how government operates at every level, we can get away from distrust and move to a place of healthy skepticism. Questioning how government works is a good thing; it's healthy. But we need citizens to be engaged in the process and make suggestions to ensure government operates more efficiently.
What activities or hobbies do you like to do outside of work?
My husband and I have two sons: 4-year-old William, and 2-year-old Benjamin. They make sure many of my hobbies are now family events. We spend time cooking together most evenings. I'm pretty sure that if they start early enough, one of them is bound to surpass my skills and become the family chef. At least I can dream, can't I?
This week we will be highlighting female fraud fighters from all over the world in celebration of International Women's Day, March 8. Read Galloway's full member profile in the Career Center on ACFE.com.
Mary Breslin, CFE, CIA
President, Empower Audit
Sometimes stopping a fraud and terminating an employee are all you can do. Even though those are two accomplishments in themselves, they can leave you wondering, “What do I do when the authorities are not interested in criminally prosecuting an internal fraud?”
One of the easiest fraud cases I ever worked was also one of the most frustrating. My team and I did solid work and had iron-clad evidence, but we couldn’t convince the local authorities to do anything with the information. Unfortunately, it was one of those scenarios where the executives really wanted to prosecute and make a clear example of the situation.
As the chief audit executive, I reported to the general counsel for my organization. It was a great arrangement in my opinion, and I enjoyed working for him. We were a large international organization with operations in many developing nations. My team was routinely involved in fraud investigations, often on multiple continents simultaneously. But this fraud — this fraud was close to home. Literally in the office next door. The general counsel’s paralegal had been committing expense reimbursement fraud for two years, and the general counsel took it personally. Wouldn’t you?
A perceptive accounts payable clerk noticed some issues with the paralegal’s expenses and informed us of the inconsistencies. After a little research and some data analytics, we quickly found tens of thousands of dollars in purchase card (pcard) and expense reimbursement fraud. She had two major schemes. First, she paid for things with her pcard and then listed the items for cash reimbursement on her personal expenses. She always had a receipt! The opportunity had presented itself to her when she realized the general counsel did not closely review her expenses. Second, she charged a considerable amount of personal items to her company pcard. I won’t get into details, but I do believe she had everything ever made by Victoria's Secret.
Understandably, the general counsel felt a lot of things —anger, frustration, betrayal and a little foolishness for trusting her and not reviewing her expenses in detail. As a result, he wanted her charged criminally. She was not getting special treatment — we wanted to follow our normal process to prosecute for internal fraud. However, while there was approximately $30,000 in fraud, the local authorities were not interested in prosecuting. Why? Like most things in life, it was mostly about timing. At that particular moment in time, the local authorities had bigger cases they were concerned with and did not believe they could spare the resources to deal with our fraudster.
The final outcomes of even successfully executed investigations can be very frustrating and less than satisfactory. So how can this be prevented? It is always a potential problem, but if you do the following you are less likely to run into this issue:
Remember: Catching the fraudster and ending the fraud is a deterrent to other fraudsters, so do not allow yourself to get too frustrated. Stop fraud and carry on!
Mary Breslin, CFE, CIA
President, Empower Audit
I recently returned from Jordan where I conducted a data analytics training for an internal audit banking group. As is often the case when learning to use data analytics within internal audit, people wanted to skip right to finding fraud. I wish it were that easy. While I sometimes feel like I could never conduct a fraud investigation without my data analytics tools, I've learned that I can never rely solely on analytics. We must continue to be students of the business and hone traditional methods while enhancing them with analytics.
Many of my cases have been discovered and initiated by simply walking around and talking to people. One example is a recently settled federal case. Several years ago I was in Belgium at a factory location of an American company I worked for. I asked for a tour of the facility even though I knew most of my time would be spent with accounting records and documents. I wanted to understand the business. During my tour I spotted a large crate ready to be shipped. The core product was made in the U.S. and finished in Belgium before delivery to the customer. The crate was stamped “Made in the USA” in six-inch letters. Directly beneath that stamp was another that read “Ship to the Islamic Republic of Iran.” I did a double take. Iran was (and is) an embargoed nation — it was illegal to sell goods of any kind to Iran.
I assumed this was a lack of training, and the Belgian team wasn’t aware of the restrictions, and I proceeded as such. My team requested all sales to that customer, as well as to any other countries that were embargoed at the time for the prior 18 months. Much to my dismay, it was a long list of sales.
In conversations with the general manager I reviewed the Code of Conduct and Handbook, where it explicitly forbade sales to those countries. I then reported the issue to the executive team and went about preparing the information that would be needed for counsel to self-report the issues to the necessary regulatory agencies. The situation was under control, right? But of course before my team and I went home, I added the location to our follow-up action plan for internal audit.
Three months later I returned to Belgium for an unannounced visit to the factory. Who stops by to see me? The general manager. She hands me a manila folder stuffed with evidence of the many sales to embargoed countries that had occurred since my departure just 90 days earlier, when it had seemed the executive team was clear on the problem and ready to make things right. As I flipped through the folder's contents I saw document after document that contained the written approval via email of every one of those sales by the COO himself. I was shocked. I immediately reported back to the executive team and was surprisingly met with the response, “We need those sales.” In their quest for revenue, executive management chose to break the law and go against legal counsel and internal audit’s recommendations.
In the following week, our inability to agree on the handling of the issue resulted in my termination — as well as the termination of my entire team. The issue was then reported to the Securities and Exchange Commission (SEC) and appropriate regulatory agencies and a federal investigation ensued. In October of this year the case finally settled in court. The company pleaded guilty and paid a large fine. The executive management team has since been replaced.
If I had not walked the facility that day, the issue may have never been identified. The likelihood of finding those illegal sales buried in all the sales for the year was minimal using normal audit techniques unless I knew to look specifically for that issue. While analytical tools can be invaluable, they should not replace understanding the business and the traditional methods — especially simply talking to people and touring a facility.
Robert Tie, CFE, CFP
Part 1 of 2: HealthSouth Corp.
In the economic crime jungle, is one predator more rapacious than all others? If so, who is king of the fraud beasts?
Consider this. A staggering $1 million was the median loss for the 133 financial statement fraud cases tallied in the ACFE's 2014 Report to the Nations on Occupational Fraud and Abuse. A far smaller amount — $145,000 — was the median loss for all 1,483 fraud cases the Report covered.
Clearly, the executive who falsifies financial statements is king of the fraud beasts. Alton Sizemore, CFE, CPA, knows the species well and has hunted down several of its members. Sizemore, a former FBI special agent, is owner of Alton Sizemore and Associates and a consultant with Forensic Strategic Solutions — a national financial investigation firm with offices in Alabama and North Carolina. Over a career spanning more than 30 years — 25 of them with the FBI — he has investigated numerous financial statement frauds.
By interviewing the executives who committed those crimes he learned to recognize and understand their fraud motives, opportunities and rationalizations. Sizemore also became proficient in trend and ratio analysis of financial statements to detect potential signs of falsification. And by observing those entries most frequently falsified, he developed a strong sense of those supporting documents to scrutinize. This article, in two parts, discusses these investigative principles and techniques in relation to two major financial statement frauds.
Sizemore managed the 2003 FBI investigation of a $2.9 billion financial statement fraud at HealthSouth Corporation in Birmingham, Alabama. That probe led to the first prosecution of a CEO and a CFO under the Sarbanes-Oxley Act (SOX) of 2002 for fraudulently misstating information on financial statements they had certified were accurate. The second case is currently in federal criminal court in Manhattan and concerns the alleged $250 million financial statement fraud at the now-defunct law firm Dewey & LeBoeuf LLP. It will be discussed in part 2.
HEALTHSOUTH CORPORATION
In an earlier Fraud Magazine Special to the Web Sizemore described the case, the culprits and the investigative techniques the FBI used to uncover documentary evidence of this fraud.
HealthSouth's book-cooking scheme persisted for 17 years before its discovery led to the prosecution and conviction of the 21 senior managers who conspired to perpetrate and hide it. How could the auditors not detect such a massive fraud? Through their repeated failure to look behind the financial statements to see whether they were accurate.
"For example," Sizemore says, "the company's balance sheet showed $300 million was in clearing between one bank and another. But the money didn't exist. The auditors never found out, though. They neglected to check again later to see if that money actually had cleared."
At HealthSouth, the fraudsters' motivation for misstating the financials was to keep stockholders from learning about slumping profits. Their opportunity was the external auditors' ongoing failure to stand up to the HealthSouth CFO who intimidated them. And their rationalization was that eventually the company would generate enough actual profit to make up for the phony revenue planted in the current financials. That fantasy never materialized, though, and the whole scheme unraveled when persistent shareholder pressure led to an investigation.
Both the U.S. Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) went after the fraudsters at HealthSouth. Its then-CFO William Owens pleaded guilty and agreed to cooperate with investigators in exchange for a lighter sentence. He wore a tiny recording device in his necktie when he met with CEO Richard Scrushy, whom he had told the FBI was the leader of the fraud.
Read more about the HealthSouth investigation in the full Special to the Web article on Fraud-Magazine.com.
News and analysis on the global fight against fraud.
Interested in contributing to ACFE Insights? Find out how you can become a featured guest blogger.
©2024 Association of Certified Fraud Examiners, Inc. All rights reserved.
Association of Certified Fraud Examiners, ACFE, Certified Fraud Examiner, CFE and the ACFE logo are trademarks of the Association of Certified Fraud Examiners, Inc.
Powered by Squarespace
