Great Internal Controls and Then IT Happens Fraud!

Similar documents
Financial Transactions and Fraud Schemes

Reduce Your Risk: Understanding Internal Controls and Fraud Risks and Prevention

Fraud Examination. Prevention, Detection, and Investigation. Steven M. Bragg

Fraud Prevention for Nonprofits

COVERAGE FRAUD IN EMPLOYEE BENEFIT PLANS 5/15/2014. Where employee benefit fraud is likely. Internal controls that help prevent fraud

Asset Misappropriation. Peter N. Munachewa, CICA, CFIP, CFE

Chapter 2 Skimming. 2. To a fraudster, the principle advantage of skimming is the difficulty with which the scheme is detected. a. True b.

Good From The Inside Out. Saturday, April 8, 2017

Presented by: Michael Moreau, CFE, CIA, CFSA Manager, Credit Union Group Macpage LLC

Grant Fraud. Leslie Les Hollie Assistant Inspector General For Investigations

Describe Fraud in the Context of Financial

Insights Into Accounting Schemes and Scams

FRAUD AWARENESS & PREVENTION

Fraud Detection in Public Schools

The Auditor s Responsibilities. Audit of Financial Statements

11/9/15. Fraud in Non-profit Organizations: What You Need to Know NOW!

What do they investigate

Retirement Plan Compliance and Controls

Types of Fraud, Detection and Mitigation Presentation by: Isaac Mutembei Murugu CIA, CISA 23 rd November Uphold public interest

International Standard on Auditing (Ireland) 240

Looking for Fraud Through Rose-Colored Glasses

Red Flag Rule Procedures Under Princeton University s Identity Theft Prevention Program Effective: December 31, 2010

Recognizing Credit Card Fraud

Employee Dishonesty Lessons Learned: Internal Controls

Auditing and Assurance Standards Council

Securing Your Balance Sheet Fidelity/Crime Insurance. Presenter: Mary da Costa, Manager, Corporate Insurance

Its Not About If, Its About When! Learning how to protect your organization.

FRAUD TRENDS TO WATCH FOR IN Presented by: Daniel J. Mahalak

Managing Reputational Risk for Nonprofit Organizations. Best Practices for Fraud Prevention. July 14, Christopher W. Truman, CPA, Manager

International Standard on Auditing (UK) 240 (Revised June 2016)

The Auditor s Responsibility to Consider Fraud in an Audit of Financial Statements

Bank Secrecy Act OFAC FinCEN

INTERNATIONAL STANDARD ON AUDITING 240 THE AUDITOR S RESPONSIBILITY TO CONSIDER FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

Lecture Notes for How to Steal $500 Million

Stop Fraud in Your Office. Presented by: Margaret A. (Peggy) McGarrity, Esq., CPA

Financial Statement Fraud

To Receive CPE Credit

ORGANIZATIONAL MANUAL

Deposit Account Agreement Privacy Notice How to Contact Us

Employee Benefit Plans DOL Criminal Enforcement Cases April 2009 November 2011

A Review of Actual Fraud Cases in 2017 FRAUD REVIEW

Accounting Records: How They Are Used To Conceal Fraud

Protecting against check fraud perspectives and best practices

Lecture notes for: Corporate Cons

An Expensive Problem. Fraud in Government A Growing Problem

The State of the Art of Fraud. Glenn L. Helms, Ph.D., CPA, CIA, CITP, CISA, CFF

Identity Theft Prevention Program. Approved by the Board of Trustees on February 20, 2009

INTERNAL FRAUD PREVENTION:

MMAAA Annual Meeting. Conducting an Investigative Audit June 13, Presented by: John J. Sullivan, CFE Melanson Heath

FINN BY CHASE SM DEPOSIT ACCOUNT AGREEMENT

Employee Benefit Plan Fraud Examples

Fraud Prevention & Detection. Eric Conforti, CPA, CFE April 17, 2018

PREVENTING FRAUD IN THE HOSPITALITY INDUSTRY

Controls over Bank Accounts

Uniform Guidance. Jeremy Dunn. Senior Manager November 4, Elliott Davis Decosimo, LLC Elliott Davis Decosimo, PLLC

Chapter 2 Skimming 1

1/18/2018. Fraud Prevention and Detection: Special Investigations, Information and Examples. Office of the State Auditor Role and Responsibility

Personal Deposit Account Agreement

SOLUTIONS. Learning Goal 25

UNDERSTANDING FINANCIAL STATEMENTS

Fraud prevention for credit unions

Subject: Identity Theft, G-113 Department: All & Branches References: Part 717, NCUA Rules and Regs, FACT Act, Companion SOP s G-30 (Opening New

EVEREST NATIONAL INSURANCE COMPANY FINANCIAL INSTITUTION APPLICATION

Delivering Financial Oversight: Strengthening Your Policies and Procedures

IN THE SUPREME COURT OF FLORIDA (Before a Referee) REPORT OF REFEREE

FRAUD EXAMINERS MANUAL INTERNATIONAL EDITION

I WOULD NOT DO THAT! Adam Lippe Chief, Economic Crime Unit Baltimore County State s Attorney s Office

Watching the Vault: Employee Dishonesty

Solutions. I. Auditing Cash and Cash Equivalents. A. Learning Question Answers

PRODUCT OVERVIEW DEPOSIT ACCOUNT AGREEMENT PRIVACY NOTICE HOW TO CONTACT US

Defending Against the Latest Fraud Trends

BANKING PROCEDURE AND CONTROL OF CASH

Thursday, November 29, Mortgage Fraud Investigations

POLICY: Identity Theft Red Flag Prevention

IRS Criminal Investigation SPECIAL AGENT FELICIA MCCAIN PUBLIC INFORMATION OFFICER (619)

Fraud Risk Assessment Awareness in Employee Benefit Plans

Fraud Risk Assessment

Membership and Account Agreement Riverside Federal Credit Union

Bank Secrecy Act OFAC FinCEN

Fraud in Government. Mike Nolan, CPA, CFE, CGMA. CCACC & CCA&RMC Conference Monterey, CA September 2014

Delivering Confidence PAGE 1

CUSTOMERS BANK FEE SCHEDULE

LOSS PREVENTION AND INTERNAL CONTROLS SUPPLEMENTAL APPLICATION FOR FINANCIAL INSTITUTIONS

1/3/2013. Months. Other $75,000. Government $81,000. Non-Profit $100,000. Dollars. Public Company $127,000. Private Company $200,000

Registration Disclosure

Fraud & Forensic Accounting Update for CPAs

CAFR Reporting Ryan D. Miller, CPA May 2, 2016

Fraud: How to Get Your District Free Publicity

Shell Companies, Corrupt Practices, and How to Uncover Them. Lisa Duke, CFE, CPA, MAFF Supervisor Forensic Accountant FBI

Forensic Data Mining Finding Needles in the Haystack. Bank Fraud Investigations

Common 403b Audit Deficiencies & What s New This Year

University of Cincinnati FACTA Red Flag Identity Theft Prevention Program

FRAUD: A Web Of Deceit

Cash and Internal Control C AT EDRÁTICO U PR R I O P I EDRAS S EG. S EM

Internal Bank Fraud Schemes & Scams in an Economic Downturn. Fictitious Loans. Bank Fraud Investigations. Tracking spreadsheet Affidavit 1 Affidavit 2

ACFE CFEX. Certified Fraud Examiner (CFEX)

Financial Institution Bond Application

Financial Institution Bond Application

CASH HANDLING POLICIES

Is Your Construction Project a Victim of Fraud?

Transcription:

Then IT Happens Fraud! Pamela Mantone, CPA, CFE, CFF, CITP, CGMA, FCPA, MAFF Pamela S. Mantone CPA, CFF, CFE, MAFF, CITP, CGMA, FCPA Director April 21, 2016

This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record of the discussion. This presentation is for informational purposes and does not contain or convey specific advice. It should not be used or relied upon in regard to any particular situation or circumstances without first consulting the appropriate advisor. No part of the presentation may be circulated, quoted, or reproduced for distribution without prior written approval from Elliott Davis Decosimo.

Even the best internal control structure is not guaranteed to prevent fraud. Inherent limitations Judgment Breakdowns Management override Materiality Point-in-time evaluation Cost/benefit considerations Cannot rely on regulatory exams, internal audit or external audits to find fraud. It is a game of chance for those not sufficiently trained to perform forensic accounting.

The greatest internal fraud preventive technique is monitoring allows the perception of detection Authorizations Approvals Reviews Reviews And review some more Opportunity can be controlled by an organization while motive and rationalization cannot be controlled (The Fraud Triangle)

Are banks subject to legal issues when acting as a 3 rd Party in transactions related to fraudulent activity? PATCO vs. Ocean Bank 1 st Circuit of Appeals, July 3, 2012 Facts: PATCO, a small construction company in Maine and a longtime customer of the bank sustained 6 unauthorized ACH transfers from their payroll account ($588,851.26) Court found in favor of PATCO, despite bank s security system was provided through a reputable, well-known vendor Court referred to FFEIC standards as relevant to standard of care

Choice (Choice)Escrow and Title vs BancorpSouth Bank(BSB) 8 th Circuit of Appeals, June 11, 2014 Facts: Choice sued BSB for $440,000 that internet fraudsters stole from their account Court found in favor of BSB since Choice chose to decline BSB s fourth security measure of dual control and signed a waiver acknowledging that dual control was declined and understood the risks associated with using a single-control security system Dual control created a pending payment order for approval by a second party Really a win? Court firmly held that when a customer insists on using a higher-risk procedure because it is more convenient or cheaper, the account holder has voluntarily assumed the risk and cannot shift responsibility to the bank.

South State Bank (formerly The Savannah Bank) Lawsuits involving funds put into bank and held in trust (fiduciary funds) stolen by Probate Court Clerk- on-going with multiple lawsuits from victims in Chatham County State Court Last motion heard March 24, 2016, last proceeding dated April 1, 2016 Over $800,000 taken from various accounts South State Bank improperly monitored the account under the control of Birge, Probate Court Clerk Multiple checks written to cash with no endorsement on back Many of these checks were $2,900 or less Many of these transactions occurred two at a time on the same day within minutes of each other Notations from bank clerks stamps well-known customer Generally used the same tellers at the different branches SARS??

Fraud risks associated with financial institutions Technology threats Embezzlement Loan Fraud Real estate fraud Mortgage fraud New Accounts Money transfer (wire) fraud ATM Fraud Money Laundering and the list goes on

Loan Fraud Loans to non-existent borrowers Sham loans with kickbacks and diversion Double-pledging collateral Daisy chains Linked financing False applications with false credit information and/or credit data blocking Single-family housing loan fraud Construction loans lots of opportunities Loan collateral sold out of trust

Red Flags for Loan Fraud Non performing loans Fraudulent appraisals False statements Equity skimming Construction over budget items Land flips Disguised transactions High turnover in developer s personnel (construction lending) High turnover in tenant mix Abnormal change orders (construction lending) Missing documentation in the loan file Loan increases or extensions, replacement loans, evergreen loans Change in ownership makeup Cash flow deficiencies (commercial lending) Disguised transactions

An unusual twist for loan fraud allowing embezzlement of funds Over $176,000 taken in about 18 months New accounts set up using fictitious names and addresses, with name changes on the accounts occurring at various times. 19 accounts used to funnel money from institution. Hint: Geo-coding is an excellent way to check out addresses, also Google Maps Paying off loans of actual customers accounts and issuing new loans with a cash withdrawal generally occurring at the same time Cash tickets destroyed Missing support documentation for loans Multiple file maintenance changes performed to various members documentation, including extensions of next payment due and last payment date to prevent loan being shown as past due Access to user ids and ability to change passwords

An unusual twist for loan fraud allowing embezzlement of funds - continued Security access set up by 3 rd party vendor and not reviewed Background checks not performed for future employees. Credit reports do not provide sufficient information for the hiring process Lack of proper safe-keeping of documents Lack of adequate review from the loan committee Passive performance from the audit committee Slow process in hiring new CEO, there was no CEO during the time the embezzlement occurred Lack of proper reviews and monitoring at all levels Case presented to district attorney and state regulatory agency

Loan fraud found accidently by regulatory agency requiring examination by a forensic investigation Over $500,000 taken from institution through the use of fictitious loans and ACH transactions Loan officer had a degree in information technology and very capable of manipulating computerized records Set up fictitious loan accounts combining information from existing customers Loans set up under lending limits CD s and other property used as collateral were CD s from customers UCC filings contained falsified VIN numbers and other information Part of loan proceeds were used to set up separate checking accounts Credit cards set up for these accounts Statements sent to two different P. O. box numbers

Loan fraud found accidently by regulatory agency requiring examination by a forensic investigation - continued Over $500,000 taken from institution through the use of fictitious loans and ACH transactions Loan payments made from other fictitious accounts and other new fictitious loans Loan payments washed through multiple times and then applied to fictitious accounts Personal favorite was check made to a T. Swindle Deleted transactions from computerized records Worked after hours without authorization Changed 65 transactions night before start of regulatory exam Part of loan proceeds were used to set up separate checking accounts Personal property taxes paid out of loan proceeds Personal items purchased on credit cards

The chain for one check issued!

A lot of work for $1,000 in cash but remember, fraudulent loans must be paid as well!

Loan fraud found accidently by regulatory agency requiring examination by a forensic investigation Excellent example of an internal control breakdown Employee did not follow policies and procedures Maintained information in such a manner that it appeared that loans were valid loans and payments made monthly Followed lending limits to prevent detection Pled guilty in federal court, sentenced on December, 2014 Ordered to pay restitution and sentenced to 27 months in a minimum security federal prison and four years of supervised release

Wire Fraud Contact within the target company and aggressive in carrying out theft Dishonest bank employees Misrepresentation of identity System password security compromised Forged authorizations Unauthorized entry and interception

A wire fraud case where the insurance company required a forensic investigation before paying for the loss Shareholder s computer compromised and identity information stolen, including social security number, bank information and account numbers and retirement accounts Shareholder email to bank requesting funds wired to another bank Bank email requested phone call but shareholder was in a meeting and could not call then, but gave a phone number to call later More shareholder emails gently persuading transfer of funds Additional requests for wire transfers Funds wired to various banks, all under $25,000 until balance in account was very minimal

A wire fraud case where the insurance company required a forensic investigation before paying for the loss - continued Funds bounced from various accounts at various branches of a nationally large bank and funds were off-shore within 24 hours - Recipients Russian mafia - Use of mules - Persuasive passive aggressive techniques used to promote compliance Shareholder notified financial institution that identity was stolen too late for the transfers though Over $250,000 transferred within a three-day period No employees from the financial institution were found to be involved with the wire transfer fraud and losses were paid by insurer

Ways to Prevent and Detect Wire Fraud Review all wire transfer transactions at the end of each day Provide fraud awareness training including social engineering techniques, especially passive aggressive techniques and phishing Don t execute wire transfers solely from faxed or email instructions Require all personnel who handle wire transfers to go on vacation (minimum of one week) Provide customers with unique codes that are required to authorize or order wire transfers Re-assign wire transfer employees who have given notice to another department for the time left

Fraud risks associated with financial institutions Embezzlement False accounting entries Suspense accounts False or unauthorized transfers Unauthorized withdrawals Unauthorized disbursements of funds to outsiders Paying personal expenses from bank funds Theft of physical property Dormant or inactive accounts Unauthorized cash payments Unauthorized use of collateral Skimming

Red Flags for embezzlement Missing source documents Unusual amount of out-of-sequence check numbers Payees on checks do not match entries in general ledger Receipts or invoices lack professional quality Duplicate payment documents Payee identification information matches an employee s information or that of his relatives Apparent signs of alteration to source documents Lack of original source documents (photo copies only) Excessive voids or credits Abnormal increase in reconciling items Cashier s checks made payable to Cash

Dimensional testing for Employee Networks as Vendors - Employee Emergency contact and other dependents - Address - Business address - Company phone number - Company or personal fax number

Conflicts of Interest Board Member Interrelationships

An embezzlement cover-up with an unusual twist CEO embezzled more than $1.5M from financial institution through loans concerning his farming operations Used second individual at another financial institution to kite checks and float deposits for sale of cattle to hide the embezzled funds Kiting the process of recording the deposit of an interbank transfer before recording the disbursement Floating Current holder of funds has been given credit for the funds before the check clears the financial institution upon which it is drawn Floating makes check kiting possible Both more difficult with shorter floating period Kite continued over one year before the house of cards fell

An embezzlement cover-up with an unusual twist SARS?? Nothing good comes from fraudulent activity well sometimes Financial institution failed Shareholders of the financial institution lost their investments CEO destroyed all records and committed suicide But the second party of the kite received over $600,000 in funds from the last float and, under oath, stated that there was no overage of funds in his personal account. So these funds were used for personal expenses. Ultimately, these funds became part of the recovery costs for the shareholders of the financial institution

The expected never happens; it is the unexpected always. John Maynard Keynes Corruption, embezzlement, fraud, these are all characteristics which exist everywhere. It is regrettably the way human nature functions, whether we like it or not. What successful economies do is keep it to a minimum. No one has ever eliminated any of that stuff. - Alan Greenspan

Providing Additional Resources to Meet Your Needs

Pam Mantone Email: Pam.Mantone@elliottdavis.com Phone: 423-266-4021 Website: www.elliottdavis.com Elliott Davis Decosimo ranks among the top 30 CPA firms in the U.S. With sixteen offices across six states, the firm provides clients across a wide range of industries with smart, customized solutions. Elliott Davis Decosimo is an independent firm associated with Moore Stephens International Limited, one of the world's largest CPA firm associations with resources in every major market around the globe. For more information, please visit elliottdavis.com.

Analytical Tools and Techniques

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback