Then IT Happens Fraud! Pamela Mantone, CPA, CFE, CFF, CITP, CGMA, FCPA, MAFF Pamela S. Mantone CPA, CFF, CFE, MAFF, CITP, CGMA, FCPA Director April 21, 2016
This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record of the discussion. This presentation is for informational purposes and does not contain or convey specific advice. It should not be used or relied upon in regard to any particular situation or circumstances without first consulting the appropriate advisor. No part of the presentation may be circulated, quoted, or reproduced for distribution without prior written approval from Elliott Davis Decosimo.
Even the best internal control structure is not guaranteed to prevent fraud. Inherent limitations Judgment Breakdowns Management override Materiality Point-in-time evaluation Cost/benefit considerations Cannot rely on regulatory exams, internal audit or external audits to find fraud. It is a game of chance for those not sufficiently trained to perform forensic accounting.
The greatest internal fraud preventive technique is monitoring allows the perception of detection Authorizations Approvals Reviews Reviews And review some more Opportunity can be controlled by an organization while motive and rationalization cannot be controlled (The Fraud Triangle)
Are banks subject to legal issues when acting as a 3 rd Party in transactions related to fraudulent activity? PATCO vs. Ocean Bank 1 st Circuit of Appeals, July 3, 2012 Facts: PATCO, a small construction company in Maine and a longtime customer of the bank sustained 6 unauthorized ACH transfers from their payroll account ($588,851.26) Court found in favor of PATCO, despite bank s security system was provided through a reputable, well-known vendor Court referred to FFEIC standards as relevant to standard of care
Choice (Choice)Escrow and Title vs BancorpSouth Bank(BSB) 8 th Circuit of Appeals, June 11, 2014 Facts: Choice sued BSB for $440,000 that internet fraudsters stole from their account Court found in favor of BSB since Choice chose to decline BSB s fourth security measure of dual control and signed a waiver acknowledging that dual control was declined and understood the risks associated with using a single-control security system Dual control created a pending payment order for approval by a second party Really a win? Court firmly held that when a customer insists on using a higher-risk procedure because it is more convenient or cheaper, the account holder has voluntarily assumed the risk and cannot shift responsibility to the bank.
South State Bank (formerly The Savannah Bank) Lawsuits involving funds put into bank and held in trust (fiduciary funds) stolen by Probate Court Clerk- on-going with multiple lawsuits from victims in Chatham County State Court Last motion heard March 24, 2016, last proceeding dated April 1, 2016 Over $800,000 taken from various accounts South State Bank improperly monitored the account under the control of Birge, Probate Court Clerk Multiple checks written to cash with no endorsement on back Many of these checks were $2,900 or less Many of these transactions occurred two at a time on the same day within minutes of each other Notations from bank clerks stamps well-known customer Generally used the same tellers at the different branches SARS??
Fraud risks associated with financial institutions Technology threats Embezzlement Loan Fraud Real estate fraud Mortgage fraud New Accounts Money transfer (wire) fraud ATM Fraud Money Laundering and the list goes on
Loan Fraud Loans to non-existent borrowers Sham loans with kickbacks and diversion Double-pledging collateral Daisy chains Linked financing False applications with false credit information and/or credit data blocking Single-family housing loan fraud Construction loans lots of opportunities Loan collateral sold out of trust
Red Flags for Loan Fraud Non performing loans Fraudulent appraisals False statements Equity skimming Construction over budget items Land flips Disguised transactions High turnover in developer s personnel (construction lending) High turnover in tenant mix Abnormal change orders (construction lending) Missing documentation in the loan file Loan increases or extensions, replacement loans, evergreen loans Change in ownership makeup Cash flow deficiencies (commercial lending) Disguised transactions
An unusual twist for loan fraud allowing embezzlement of funds Over $176,000 taken in about 18 months New accounts set up using fictitious names and addresses, with name changes on the accounts occurring at various times. 19 accounts used to funnel money from institution. Hint: Geo-coding is an excellent way to check out addresses, also Google Maps Paying off loans of actual customers accounts and issuing new loans with a cash withdrawal generally occurring at the same time Cash tickets destroyed Missing support documentation for loans Multiple file maintenance changes performed to various members documentation, including extensions of next payment due and last payment date to prevent loan being shown as past due Access to user ids and ability to change passwords
An unusual twist for loan fraud allowing embezzlement of funds - continued Security access set up by 3 rd party vendor and not reviewed Background checks not performed for future employees. Credit reports do not provide sufficient information for the hiring process Lack of proper safe-keeping of documents Lack of adequate review from the loan committee Passive performance from the audit committee Slow process in hiring new CEO, there was no CEO during the time the embezzlement occurred Lack of proper reviews and monitoring at all levels Case presented to district attorney and state regulatory agency
Loan fraud found accidently by regulatory agency requiring examination by a forensic investigation Over $500,000 taken from institution through the use of fictitious loans and ACH transactions Loan officer had a degree in information technology and very capable of manipulating computerized records Set up fictitious loan accounts combining information from existing customers Loans set up under lending limits CD s and other property used as collateral were CD s from customers UCC filings contained falsified VIN numbers and other information Part of loan proceeds were used to set up separate checking accounts Credit cards set up for these accounts Statements sent to two different P. O. box numbers
Loan fraud found accidently by regulatory agency requiring examination by a forensic investigation - continued Over $500,000 taken from institution through the use of fictitious loans and ACH transactions Loan payments made from other fictitious accounts and other new fictitious loans Loan payments washed through multiple times and then applied to fictitious accounts Personal favorite was check made to a T. Swindle Deleted transactions from computerized records Worked after hours without authorization Changed 65 transactions night before start of regulatory exam Part of loan proceeds were used to set up separate checking accounts Personal property taxes paid out of loan proceeds Personal items purchased on credit cards
The chain for one check issued!
A lot of work for $1,000 in cash but remember, fraudulent loans must be paid as well!
Loan fraud found accidently by regulatory agency requiring examination by a forensic investigation Excellent example of an internal control breakdown Employee did not follow policies and procedures Maintained information in such a manner that it appeared that loans were valid loans and payments made monthly Followed lending limits to prevent detection Pled guilty in federal court, sentenced on December, 2014 Ordered to pay restitution and sentenced to 27 months in a minimum security federal prison and four years of supervised release
Wire Fraud Contact within the target company and aggressive in carrying out theft Dishonest bank employees Misrepresentation of identity System password security compromised Forged authorizations Unauthorized entry and interception
A wire fraud case where the insurance company required a forensic investigation before paying for the loss Shareholder s computer compromised and identity information stolen, including social security number, bank information and account numbers and retirement accounts Shareholder email to bank requesting funds wired to another bank Bank email requested phone call but shareholder was in a meeting and could not call then, but gave a phone number to call later More shareholder emails gently persuading transfer of funds Additional requests for wire transfers Funds wired to various banks, all under $25,000 until balance in account was very minimal
A wire fraud case where the insurance company required a forensic investigation before paying for the loss - continued Funds bounced from various accounts at various branches of a nationally large bank and funds were off-shore within 24 hours - Recipients Russian mafia - Use of mules - Persuasive passive aggressive techniques used to promote compliance Shareholder notified financial institution that identity was stolen too late for the transfers though Over $250,000 transferred within a three-day period No employees from the financial institution were found to be involved with the wire transfer fraud and losses were paid by insurer
Ways to Prevent and Detect Wire Fraud Review all wire transfer transactions at the end of each day Provide fraud awareness training including social engineering techniques, especially passive aggressive techniques and phishing Don t execute wire transfers solely from faxed or email instructions Require all personnel who handle wire transfers to go on vacation (minimum of one week) Provide customers with unique codes that are required to authorize or order wire transfers Re-assign wire transfer employees who have given notice to another department for the time left
Fraud risks associated with financial institutions Embezzlement False accounting entries Suspense accounts False or unauthorized transfers Unauthorized withdrawals Unauthorized disbursements of funds to outsiders Paying personal expenses from bank funds Theft of physical property Dormant or inactive accounts Unauthorized cash payments Unauthorized use of collateral Skimming
Red Flags for embezzlement Missing source documents Unusual amount of out-of-sequence check numbers Payees on checks do not match entries in general ledger Receipts or invoices lack professional quality Duplicate payment documents Payee identification information matches an employee s information or that of his relatives Apparent signs of alteration to source documents Lack of original source documents (photo copies only) Excessive voids or credits Abnormal increase in reconciling items Cashier s checks made payable to Cash
Dimensional testing for Employee Networks as Vendors - Employee Emergency contact and other dependents - Address - Business address - Company phone number - Company or personal fax number
Conflicts of Interest Board Member Interrelationships
An embezzlement cover-up with an unusual twist CEO embezzled more than $1.5M from financial institution through loans concerning his farming operations Used second individual at another financial institution to kite checks and float deposits for sale of cattle to hide the embezzled funds Kiting the process of recording the deposit of an interbank transfer before recording the disbursement Floating Current holder of funds has been given credit for the funds before the check clears the financial institution upon which it is drawn Floating makes check kiting possible Both more difficult with shorter floating period Kite continued over one year before the house of cards fell
An embezzlement cover-up with an unusual twist SARS?? Nothing good comes from fraudulent activity well sometimes Financial institution failed Shareholders of the financial institution lost their investments CEO destroyed all records and committed suicide But the second party of the kite received over $600,000 in funds from the last float and, under oath, stated that there was no overage of funds in his personal account. So these funds were used for personal expenses. Ultimately, these funds became part of the recovery costs for the shareholders of the financial institution
The expected never happens; it is the unexpected always. John Maynard Keynes Corruption, embezzlement, fraud, these are all characteristics which exist everywhere. It is regrettably the way human nature functions, whether we like it or not. What successful economies do is keep it to a minimum. No one has ever eliminated any of that stuff. - Alan Greenspan
Providing Additional Resources to Meet Your Needs
Pam Mantone Email: Pam.Mantone@elliottdavis.com Phone: 423-266-4021 Website: www.elliottdavis.com Elliott Davis Decosimo ranks among the top 30 CPA firms in the U.S. With sixteen offices across six states, the firm provides clients across a wide range of industries with smart, customized solutions. Elliott Davis Decosimo is an independent firm associated with Moore Stephens International Limited, one of the world's largest CPA firm associations with resources in every major market around the globe. For more information, please visit elliottdavis.com.
Analytical Tools and Techniques