Fraud

 

 

Stealing From Authorshttps://iaonline.theiia.org/2018/Pages/Stealing-From-Authors.aspxStealing From Authors<p>​Perhaps the first rule of fight club should be "make sure you get paid," after a bookkeeper at the literary agency that represents <em>Fight Club</em> novelist Chuck Palahniuk and other famous authors was arrested for allegedly stealing authors' royalties. <a href="https://www.theguardian.com/books/2018/may/30/chuck-palahniuk-agent-accountant-faces-charges-fight-club" target="_blank"> <em>The Guardian</em> reports</a> that Darin Webb, an accountant at Donadio and Olson in New York, allegedly took more than $3.4 million from the firm's clients over a two-year period. </p><p>According to the charges, Webb made false and fraudulent representations in monthly financial reports and emails to clients. The alleged fraud came to light after another client of the firm complained about not receiving an expected $200,000 payment and Webb responded to the author with false explanations. Instead, the charges claim Webb converted the funds to his own use. Webb allegedly confessed to the charges during a video interview.</p><h2>Lessons Learned</h2><p>Many people aspire to or have become authors and artists. These individuals need to protect themselves from the particular fraudulent activity represented in this story and other publishing-related frauds. Additionally, literary agents and publishers need to implement controls to prevent and detect fraud to better safeguard their authors' interests.</p><p>The accused fraudster in this story is an example of a classic deadbeat thief<strong> </strong>— a person or company that hires an author and never pays that individual for his or her work or pays the author erratically. In some cases, the firm grudgingly pays a far lower amount than was originally promised. Demanding full payment up front is an arrangement to which few publishers or agents will ever agree. Making matters worse in this case, Webb was using his position at a well-known agency to steal from its clients, illustrating that this type of fraud happens at reputable firms.  </p><p>Here are two areas of concern for agents, publishers, and the authors they represent:</p><ul><li> <strong>Legitimacy of the business.</strong> Literary agents and publishers are represented by organizations such as the <a href="http://aaronline.org/" target="_blank">Association of Authors' Representatives</a> (AAR) in the U.S. or similar associations operating in other countries. Membership in these organizations is one indication of reputability, because agents must meet competency requirements to join and must abide by a code of practice that excludes some common abuses such as referral kickback schemes. <br> <br>Organizations such as AAR and the <a href="https://asja.org/" target="_blank">American Society of Journalists and Authors</a> (ASJA) also report on complaints against association members. ASJA offers advice on dealing with unfair provisions in book, periodical, and online publishing agreements, as well as strategies for dealing with late payers and nonpayers. <br> <br>However, membership in one of these associations is not an infallible guarantee against fraud. Like any company, literary agents and publishers may have employees who commit fraud. As such, authors and artists cannot focus only on their content. Instead, they should take control as much as possible. Many authors and artists manage the business aspects of their careers and intellectual property, including copyright, publishing, distribution, and royalty/fee management. <br> <br></li><li> <strong>Business operations.</strong> Authors typically inquire about how publishers or literary agencies will distribute and publicize their work, rather than how they will be protected. These firms should have financial controls in place. For example, the firm should regularly scrutinize its accountants' management of client and accounts activities — including requiring dual authorizations of checks and payments. Who provides this oversight and how, including audits? <br> <br>One way to protect authors from fraud is to establish a clear contract that specifies the financial arrangements of the author's agreement in writing. This contract should include measures such as regular or interim installment payments and schedules, and consequences when deadlines are not met.</li></ul><p><br></p><p>Going beyond this story, here are other publishing fraud schemes:</p><ul><li> <strong>Pay-to-publish companies.</strong> Such companies charge excessive fees to print a book, produce a shoddy product or no product at all, or make misleading claims about their capabilities to market the book, distribute it to bookstores, and have it reviewed. Few authors make decent money by publishing their own books, and most never come close to earning back their investment in such arrangements. Most authors are well-advised to focus their efforts on honing their craft and finding a reputable agent.<br> </li><li> <strong>Agents who charge up-front fees. </strong>Some disreputable literary agents charge fees for "reading," "representation," "evaluation," "retainers," or "marketing." Whatever they are called, agents should make their money by selling an author's work, not by charging him or her to do other things.<br><strong> </strong></li><li> <strong>Pay-to-play writing and anthology </strong> <strong>contests. </strong>There are many writing contests where the sponsor is trying to make a profit on entry fees. Some of these contests require authors to assign to the contest operator any publishing rights in their work — sometimes exclusive rights — even if the work is not the winner. <br> <br>Anthology contests pose similar problems. Authors submit a poem or short story, then they are notified that their work has been selected for inclusion. At that point, contest organizers pressure them to buy several copies of the (expensive) book in which their piece is presumably going to appear.  </li></ul>Art Stewart0
The Priest's New Househttps://iaonline.theiia.org/2018/Pages/The-Priest's-New-House.aspxThe Priest's New House<p>​An audit alleges that an Okemos, Mich. priest embezzled $5.4 million from his church over 26 years, <a href="https://www.detroitnews.com/story/news/local/michigan/2018/04/30/audit-okemo-priest-embezzlement-grows/34424783/" target="_blank">the <em>Detroit News</em> reports</a>. Rev. Jon Wehrle will go on trial next week to face six embezzlement charges. Prosecutors accuse him of stealing from St. Martha's Church to pay for the construction of a $3 million mansion in 2007. The audit further alleges that Wehrle spent church funds on a previous house, tuition and medical bills for his adopted children, and to pay bills, taxes, and insurance expenses. </p><h2>Lessons Learned</h2><p>The case against the clergyman in this story is only now going to trial, but one can discern that so much money going missing is primarily attributable to a toxic combination of a highly manipulative fraudster and ineffective oversight. Few controls existed over the way in which Wehrle handled church money. He was able to write checks to himself without receipts and regularly take entire Sunday collections, while the Catholic Diocese of Lansing, Mich. failed to ask any serious questions for many years. </p><p>So, how can churches reduce fraud risk? Fundamentally, operating a church needs to be thought of as running a business. Churches need effective oversight and financial controls, qualified accounting and financial personnel, and regular reviews to ensure things are working as intended. More specifically, here are four areas for attention:</p><ol><li> <strong>Ensure that </strong> <strong>appropriate </strong> <strong>oversight and supervision is in place. </strong>Church leaders are responsible for managing operations and practices. Whether that oversight is of employees or volunteers, it is critical to have good supervision of those who deal with church funds. The natural leadership tendency is to empower people with the freedom to work independently, but there always should be some form of accountability, or check and balance, for that freedom. <br> <br>A finance committee also should review financial documents and transactions regularly, as well as ask questions of all clergy, employees, and volunteers. If it is difficult to get a financial summary from a person who handles money, it is likely a red flag. Allowing a church official to use significant amounts of money for personal purposes is another warning sign. <br> </li><li> <strong>Actively manage the church governance and workforce to protect the institution from fraud risks</strong><strong>.</strong> It is sensible to perform background checks periodically on all church staff and employees. Such checks should not be limited to just when individuals are first hired, because circumstances can change.<br> <br>In addition, people who have access to church funds should be subjected to particular scrutiny, including lifestyle changes. While this practice may seem invasive, it can provide information that ultimately protects the church. Wehrle had a construction industry background, which reasonably would make him an attractive person to help the diocese with its building projects. However, that should not have prevented scrutiny of his activities. <br> <br>The diocese should regularly rotate church officials and employees in their roles — particularly those who approve transactions and handle money. No one should stay in the role indefinitely, and the use of multiple, unrelated people will make it more difficult to steal. <br> <br>Given the apparent absence of effective oversight by the diocese, both the diocese and St. Martha's Church should renew the leaders who are responsible for that oversight. Even in a church environment of faith and trust, it would be wise to encourage everyone to pay attention to fraud red flags and report suspected behavior. For example, the one church secretary employee who appears to have known about Wehrle's allegedly inappropriate use of church checks for personal use should have shared her concerns.<br> </li><li> <strong>Establish and monitor basic accounting, payroll, and finance functions, including controls over delegations of authority for financial transactions</strong><strong>.</strong> Of particular importance is a requirement that there be dual signatures on checks for larger dollar amounts. For example, the diocese could require that any check for more than $500 be signed by two people, and that the two authorized signors of large checks should be the individual in charge of finance and accounting and a diocese or board member. Furthermore, the member chosen to co-sign large checks should not be the same board member selected to review bank statements. The diocese should never have allowed Wehrle such latitude in handling church funds.<br> <br>Moreover, the broader church hierarchy failed to follow up on several unusual financial arrangements, including Wehrle's claim that the diocese had agreed to allow him to live in private homes, rather than a rectory. Also, the diocese did not independently verify the church's financial statements, which may have revealed the fraud at an earlier stage. Regular audits — more often than just when there is a change in parish leadership — are needed. <br> </li> <li> <strong>Control access to bank statements and other financial information. </strong>Wehrle had direct and sole access to bank accounts — such as access to blank check stock, check-signing authorization, and reconciling the bank statement — to initially receive and open the monthly bank statements, and he successfully prevented anyone else from having access. This is one of the easiest ways for fraud to go undiscovered. The diocese should change the mailing address on all bank statements to the address of a trusted individual such as a senior financial officer or member of the oversight body. </li></ol>Art Stewart0
The Lottery Loserhttps://iaonline.theiia.org/2018/Pages/The-Lottery-Loser.aspxThe Lottery Loser<p>​U.S. federal prosecutors have charged the CEO of New York state's oldest credit union with swindling the institution out of $6 million since 2013, <a href="https://www.cnbc.com/2018/05/08/kam-wong-credit-union-ceo-charged-with-fraud-spent-cash-on-lottery.html" target="_blank">CNBC reports</a>. According to the U.S. Attorney for the Southern District of New York, Municipal Credit Union CEO Kam Wong deposited hand-written checks from the credit union into his personal account. He also allegedly obtained reimbursements for fake dental work and a long-term disability insurance policy. Prosecutors say Wong spent most of the money on lottery tickets by writing checks to local convenience stores. Moreover, he sought money from other sources to feed his lottery habit, prosecutors claim.</p><h2>Lessons Learned</h2><p>Previous articles have discussed the specific risks, types of employee fraud, and ways to detect and prevent fraud in the not-for-profit sector (see box at right). Given the significant amounts of money involved in this story, it is a good opportunity to review some of the most relevant lessons for internal auditors.</p><p>Laws and regulations for credit unions vary from state to state. Generally, they are required to have appropriate internal financial controls in place and regularly audit their financial statements and reporting. It appears that was not enough in the case of Municipal Credit Union.</p><table class="ms-rteTable-default" width="100%" cellspacing="0"><tbody><tr><td class="ms-rteTable-default" style="width:100%;"> <p> <strong>Sidebar: Not-for-Profit Fraud</strong></p><p>Here are additional stories about preventing and detecting fraud in not-for-profit organizations.</p><ul><li> <a href="/_layouts/15/FIXUPREDIRECT.ASPX?WebId=85b83afb-e83f-45b9-8ef5-505e3b5d1501&TermSetId=2a58f91d-9a68-446d-bcc3-92c79740a123&TermId=89a3c70c-d0eb-498c-a994-0d1b66ab020a"><span class="ms-rteForeColor-8">"Governing Nonprofit Fraud"</span></a></li><li> <a href="/_layouts/15/FIXUPREDIRECT.ASPX?WebId=85b83afb-e83f-45b9-8ef5-505e3b5d1501&TermSetId=2a58f91d-9a68-446d-bcc3-92c79740a123&TermId=f7d71715-7be9-474c-af5d-95df5b66e2f6"><span class="ms-rteForeColor-8">"Pinching the PTA for Thousands of Dollars"</span></a></li><li> <a href="/_layouts/15/FIXUPREDIRECT.ASPX?WebId=85b83afb-e83f-45b9-8ef5-505e3b5d1501&TermSetId=2a58f91d-9a68-446d-bcc3-92c79740a123&TermId=b6f823f3-5a9f-45d3-8e18-3daf045c8750"><span class="ms-rteForeColor-8">"Embezzlement in the Tribe"</span></a></li><li> <a href="/_layouts/15/FIXUPREDIRECT.ASPX?WebId=85b83afb-e83f-45b9-8ef5-505e3b5d1501&TermSetId=2a58f91d-9a68-446d-bcc3-92c79740a123&TermId=153e93a3-7bd1-46ee-9a9a-a0a6d686a4df"><span class="ms-rteForeColor-8">"The Gambling Priest"</span></a></li><li> <a href="/2017/Pages/Powered-Down-by-Fraud.aspx"><span class="ms-rteForeColor-8">"Powered Down by Fraud"</span></a></li></ul></td></tr></tbody></table><p>In the many cases and research about fraud in the not-for-profit sector, the most often cited critical control measures to help prevent fraud are regular and active board oversight and clear roles and responsibilities regarding financial controls. These include:</p><ul><li> <strong>Oversight. </strong>In this story, it does not appear that the credit union's board exercised sufficient oversight. Boards should monitor financial assets, budgets, and expenditures, and question any large amounts, patterns, and irregularities in financial accounting activities. In particular, boards of not-for-profit and similar organizations should demand that the structure of financial controls and reporting be appropriate for the organization's mandate and business focus.<br> <br>The scope of these controls should include the financial activities of the organization's executives. Boards should require fraud risk assessments, or similar external assessments of the organization's financial situation and risk, to identify irregularities and unclear policies, procedures, or practices. Then, the organization should conduct regular audits that go well beyond the standard assessment of the reliability of information used in financial statements and reporting. <br> </li><li> <strong>F</strong><strong>inancial controls</strong><strong>.</strong> It seems that few controls existed or were followed governing the way in which money was handled by the credit union's CEO, nor did the organization have sufficient controls over invoices and receipts submitted. In addition to allegedly receiving and depositing $6 million in hand-written checks over five years, Wong was able to write checks to himself without sufficient documentation or receipts.<br><br> Organizations should establish rigorous controls to govern access to bank accounts and to scrutinize withdrawals, including by executives. Measures should be in place such as requiring dual signatures for checks involving large dollar amounts. Such controls could have enabled the credit union to flag the $6 million involved in this case for further scrutiny, even if it was stolen over many years.<br> </li></ul><ul><li> <strong>HR </strong> <strong>management </strong> <strong>policies and whistleblower mechanisms. </strong>It's nice to think that all long-term and senior employees doing the same job can always be trusted. However, for critical jobs where material assets are under their control, safeguards are needed such as regular background checks and updates to determine lifestyle changes that could have been driven by employee theft. <br> <br>In this story, Wong allegedly wrote close to 300 checks amounting to more than $3.5 million — an average of over $12,000 per check — to cover his lottery ticket purchases. This should have raised a red flag. <br> <br>Where fraudulent activity is discovered, circumstances might warrant a negotiated settlement, but it is better to act decisively to discipline, terminate, and prosecute the employees found responsible. This sends a message of deterrence and zero fraud tolerance to employees, clients, and stakeholders. </li></ul>Art Stewart0
Health-care Fraud Is No Accidenthttps://iaonline.theiia.org/2018/Pages/Health-care-Fraud-Is-No-Accident.aspxHealth-care Fraud Is No Accident<p>​A South Florida man has pleaded guilty to racketeering charges stemming from a $23 million personal injury claim scheme, <a href="http://www.sun-sentinel.com/news/crime/fl-reg-insurance-fraud-chiropractors-felix-filenger-20180419-story.html" target="_blank">the <em>Sun Sentinel</em> reports</a>. U.S. federal prosecutors say between 2010 and 2018 Felix Filenger paid kickbacks to body shop workers and tow truck drivers who referred accident victims to chiropractic clinics he secretly owned. The clinics then billed auto insurance companies for 15 or more required visits. Additionally, clinic staff exaggerated pain levels to obtain the maximum benefit for emergency treatment allowed under Florida law. After raiding Filenger's offices in 2015, the Federal Bureau of Investigation used a wiretap to record him issuing orders to his co-conspirators. Filenger received a 6-and-a-half-year sentence in federal prison.</p><h2>Lessons Learned</h2><p>Health-care fraud and abuse cases cost the industry and taxpayers billions of dollars annually. More specifically, the U.S. Department of Health and Human Services' (HHS') Office of Inspector General (OIG) <a href="https://oig.hhs.gov/oas/reports/region9/91602042.pdf" target="_blank">reported in February</a> (PDF) that the chiropractic services sector showed significantly high levels of problems. The report is based on a review of program vulnerabilities identified in previous OIG audits, evaluations, investigations, and legal actions related to chiropractic services in the Medicare program. The report notes that the Centers for Medicare & Medicaid Services' (CMS') Comprehensive Error Rate Testing program, which measures inappropriate Medicare fee-for-service payments annually, identified chiropractic services as having the highest improper payment rates among Medicare Part B services from 2010 to 2015. Improper payment rates ranged from 43.9 percent to 54.1 percent, and the estimated overpayments per year ranged from $257 million to $304 million. </p><p>Providers face multiple challenges in preventing and detecting health-care fraud and abuse laws at the local, state, and federal levels. Complying with the myriad regulations can be difficult for providers who already focus on a range of priorities, including care delivery, payer compliance, medical billing, and revenue cycle management. So what more can be done?</p><p>First and foremost, the OIG report recommends: </p><blockquote><p>"... that CMS implement our prior recommendations that remain unimplemented or have been implemented ineffectively. In addition, to further strengthen program integrity and facilitate the full implementation of our prior recommendations, CMS should:</p><ul><li>Work with its contractors to educate chiropractors on the training materials that are available to them;</li><li>Educate beneficiaries on the types of chiropractic services that are covered by Medicare, inform them that massage and acupuncture services are not covered by Medicare, and encourage them to report to CMS chiropractors who are providing non-Medicare-covered services; </li><li>Identify chiropractors with aberrant billing patterns or high service-denial rates, select a statistically valid random sample of services provided by each chiropractor identified, review the medical records for the sampled services, estimate the amount overpaid to each chiropractor, and request that the chiropractors refund the amounts overpaid by Medicare; and</li><li>Establish a threshold for the number of chiropractic services beyond which medical review would be required for additional services."</li> <br> </ul></blockquote><p>This entire report is worth reading. To the measures it suggests, here are a few more targeted to Filenger's activities in this case: </p><ul><li> <strong>Measures related to the education of chiropractors and </strong><strong>beneficiaries</strong><strong>also should include the legislative requirements that must be followed. </strong>The U.S. False Claims Act provides incentives and protection for witnesses who report fraudulent activity. These measures should be better publicized.<br> </li><li> <strong>Be aware of potentially increased fraud risks from "value-based" purchasing of health services.</strong> HHS has repeatedly reiterated its commitment to preventing health-care fraud and abuse. In 2017, the department stated that CMS implemented a proactive approach to fraud protection, eliminating its previous "pay-and-chase" method, which Filenger was able to exploit in this case. However, as value-based purchasing takes hold of the health-care industry, providers also are seeing claims reimbursement rates drop in favor of incentive payments. Efforts to maximize revenue may push some providers to engage in health-care fraud and abuse activities without necessarily intending to do so. Examples include failing to correct a billing clerk who assumes a provider performed specific services, billing for medications that the patient never picked up, and coordinating with other provider organizations under value-based agreements.<br> </li><li> <strong>Work to prevent false medical bills.</strong> HHS, the CMS, and providers should use targeted risk assessments and predictive analytics to prevent false medical bills before providers receive payments. Also, they should continue increased efforts to screen providers for enrollment in federal health-care programs.<br> </li><li> <strong>Target kickbacks and conflicts of interest.</strong> The U.S. Anti-Kickback Statute and Stark Law expose care providers who invest in other practices to increased risk of scrutiny. Authorities also should probe and question provider business relationships, such as the chiropractic clinics' relationships with the tow truck and body shop companies in this story. Settlements with pharmaceutical companies under the U.S. Affordable Care Act regulations have resulted in physician-industry transparency requirements, where medical drug, equipment, and biological companies must disclose all gifts to care providers. The Pharmaceutical Research and Manufacturers Association and the Advanced Medical Technology Association have created codes to guide care provider and manufacturer ethics. Still, more pressure and scrutiny of disclosure of conflicts of interest is needed. </li></ul>Art Stewart0
The Holiday Bonushttps://iaonline.theiia.org/2018/Pages/The-Holiday-Bonus.aspxThe Holiday Bonus<p>​Grant Gabriel was hired by a small regional gift store chain to start an internal audit function for the growing company. His first task was to perform a risk assessment. As part of the assessment, Gabriel looked a​t store-by-store comparative financials. In doing so, he noticed that monthly sales and margins for each store seemed consistent, except in one case. The Springfield store had lower margins and sales growth during the holiday season for the previous three years. Gabriel decided to visit the Springfield store and meet with the manager, Mark Adams. </p><p>Adams had been the Springfield store manager for seven years. He was a valued employee who led by example with his work ethic and dependability. Often operating without an assistant manager, Adams was known for handling the store on his own. </p><p>Upon arrival, Gabriel asked Adams about the lower seasonal margins and revenues. Adams indicated that it was tough to find good help during the holiday season and new, seasonal people make mistakes. He also noted that margins might be a little lower during the holidays because Springfield has many frugal shoppers and the redemption rate of seasonal coupons is high. Adams boasted, "Our redemption rate has been the highest in the company for the last four years." </p><p>Adams then explained, "We have a group of five retired women who work the holiday season for us each year. They are great because they are trained, dependable, can handle the customers, and do not need supervision every second." The women had become friends over the years and referred to this job as their "holiday bonus." So, each year before the holidays, Adams would call and ask them if they wanted their holiday bonus. He also said he paid them 75 cents more an hour than other seasonal employees because they were so good. </p><p>Adams went on to explain that since the women started working for him, their shrinkage in gum and candy always dropped during the holidays. Oddly enough, they even had a small overage this year. He attributed it to the seasonal employees deterring kids from stealing gum and candy. "The ladies are shrewd and probably do a good job of keeping watch."</p><p>Gabriel asked Adams if he noticed any unusual transactions in the point-of-sale (POS) system. Adams indicated that he was too busy to dig deep into the reports, but didn't notice any major trends in his monthly scan. He mostly checked for a high number of "no rings" — when the cash register is opened but a transaction is not entered — to see if cash was being pocketed instead of deposited in the cash register. He did notice more no rings during the holiday season, but that was likely due to higher volume and the inexperienced seasonal employees. </p><p>After his interview with Adams, Gabriel performed his own detailed analysis. He looked at three years of data and found two irregularities worthy of follow-up:</p><ul><li>No rings occurred, but were consistently two to three times per day with the seasonal help and less than one per day with full-time employees. <br></li><li>Store coupon redemption was 5 percent higher, but 20 percent higher on cash transactions and normal for credit card transactions, when compared to other stores. <br>​</li></ul><table class="ms-rteTable-default" width="100%" cellspacing="0"><tbody><tr><td class="ms-rteTable-default" style="width:100%;">​ <p> <strong>Lessons Learned</strong></p><ul><li>Using detailed analysis within the risk assessment process can help quickly direct internal audit toward fraud risk areas. <br></li><li>Data analytics cannot solve all problems by itself. Analytics and fieldwork are a powerful combination. Consistent irregularities can always be explained. Whether the answer is fraud or something else, internal audit should never be satisfied without an explanation. <br></li><li>Never underestimate the value of objectivity. Many frauds go undetected because management would never believe a certain person would steal. Being open to the possibility and following the data to its conclusion is the job of internal audit. <br></li><li>Detecting fraud early prevents significant future losses as they often continue over time and grow in scale. In addition, it is often difficult to identify the extent of the fraud. Assuming what has been identified is the minimum amount of the fraud keeps the value of fraud detection in perspective. <br></li><li>It is always useful to an organization to detect frauds of any size as it allows management to adapt the internal control environment based on the discovered weaknesses.<br></li></ul></td></tr></tbody></table> <p>Gabriel returned to the store to observe and ask questions of the employees. Unfortunately, the holiday season was over and the seasonal employees left, so Gabriel didn't expect to uncover much during his observations and discussions with full-time employees. Luckily, one of the seasonal employees, Michele Webster, accepted a part-time position and was working during Gabriel's observation. </p><p>​"Is this about the cash register scanning problem?" she asked. Gabriel requested an explanation of what she meant. Webster said she saw Caren, one of the holiday employees, scanning gum one day while she was ringing up Tina, another woman from the group of five, and asked her about it. Caren told her the scanner acts up sometimes and could be reset by scanning something, like gum or candy. She also told Webster she could prevent the scanning problem by pressing the no ring button a few times during her shift. </p><p>Remembering the inventory variances in gum and candy, Gabriel began to realize why the holiday bonus comment was funny. After interviewing Adams, the loss prevention director, and numerous employees, a significant and coordinated fraud effort was uncovered. The group of "holiday bonus" employees was running a series of small and difficult-to-detect fraud sche​mes. </p><p>The women would help each other with holiday shopping by ringing up gum or candy for other higher dollar items. The false sales of gum and candy did not create a flag until there was an inventory overage. Holiday shrinkage, or theft, explained the other items. </p><p>To avoid detection, they would hit the no ring button on cash transactions and then pocket the cash, but no more than twice a day. If the customer asked for the receipt, they would apologize and claim it was a system error. The transactions were masked by telling other seasonal employees — who they called "kids" — to hit the no ring button twice a day to prevent scanner problems.</p><p>Items were then returned at higher values than paid. Appare​​​ntly, the women would identify an unsuspecting new employee who did not know how to process a return. One would step in to help the new employee by handling the return for him or her on the register. The item was purchased at a significant discount, sometimes fraudulently, and then returned at full price. </p><p>Given how carefully the scams were concealed, it was difficult to quantify the total amount. Based on some estimates, though, it appeared that $18,000 was stolen each year during the holiday season. </p>Bryant Richards1
Internal Audit's Role in Fighting Bribery and Corruptionhttps://iaonline.theiia.org/blogs/chambers/2018/Pages/Internal-Audits-Role-in-Fighting-Bribery-and-Corruption.aspxInternal Audit's Role in Fighting Bribery and Corruption<p>​I recently spent two days in Paris participating and speaking at the Organisation for Economic Co-operation and Development's (OECD's) annual Global Anti-Corruption and Integrity Forum. Surrounded by world leaders, anti-corruption experts, and transparency activists, one couldn't help but become invigorated by the participants' passion and drive for battling corruption. I was especially proud of the recognition and respect shown for internal audit's role in this worthy battle.</p><p>There is little argument that dedicating resources to fighting corruption is necessary to sound risk management, but it's still shocking to consider how much is lost to it annually. The World Economic Forum estimates corruption adds 10 percent to the cost of doing business. The World Bank estimates that 20 percent to 40 percent of official development assistance is stolen through high-level corruption.</p><p>The cost of corruption isn't just about money. Corruption correlates to higher child and infant mortality rates, the latter being doubled in nations that rate highest on corruption indices, according to the study, <a href="https://www.imf.org/external/pubs/ft/wp/2000/wp00116.pdf"><em>Corruption and the Provision of Health Care and Education Services</em></a>.</p><p>Battling dishonesty in business and government is a constant struggle, but in today's hyper-competitive atmosphere, having anti-corruption and anti-bribery programs in place is no longer optional. When well-designed and well-run, such programs benefit organizations no matter the organization's size, sector, industry, or location. Internal audit can play a vital role in providing assurance, not just on the effectiveness of such programs, but also in helping organizations understand the potential for serious financial and reputational harm from failing to address corruption.</p><div>However, fighting corruption effectively is more than simply creating programs and hoping for the best. Indeed, success is rooted in organizational behaviors and practices that support sound governance. This is where internal audit can play a vital role. First, internal audit should assess the effectiveness of anti-bribery and anti-corruption programs to help, 1) anticipate the risk, and 2) identify the existence of potential and actual incidents. The IIA recommends that internal auditors take two different but complementary approaches:</div><div><br></div><div><ul><li><span style="font-size:12px;">    Incorporate an assessment of anti-bribery and anti-corruption measures in all audits, as appropriate.</span><br></li><li><span style="font-size:12px;">    Audit each component of the anti-bribery and anti-corruption program.</span><br></li></ul></div><div><br></div><div>In undertaking the second approach, it is vital for internal auditors to recognize the foundational elements of effective anti-bribery and anti-corruption programs. Hallmark components of such programs begin​ with tone at the top, thriving when organizations set high ethical standards and are consistent in their application. Other components internal auditors should assess include:</div><div><br></div><ul><li>Governance structure.</li><li>Risk assessment</li><li>Policies and procedures.</li><li>Training and communications.</li><li>Enforcement and sanctions.</li><li>Reviews and updates.</li></ul><div><br></div><p>The IIA recognizes the extraordinary challenges public sector auditors and internal auditors in companies around the world face when rooting out bribery and corruption. It continuously seeks ways to provide encouragement and tools for those facing this daunting task. The IIA's Practice Guide, <a href="https://na.theiia.org/standards-guidance/recommended-guidance/practice-guides/Pages/Auditing-Anti-bribery-and-Anti-corruption-Programs-Practice-Guide.aspx">Auditing Anti-Bribery and Anti-Corruption Programs,​</a> provides a thorough analysis on the subject and includes sample audit procedures.​</p><p>I'll close by mentioning that the recent OECD event included the launch of a new group, the Auditors Alliance. This is a forum for public-sector internal and external auditors whose aim is to facilitate the sharing of insights and expertise in audit practices. I was honored to be included among a number of accomplished professionals invited to speak at the launch.</p><div><p>Collaboration and cooperation fostered by the OECD Integrity Forum and the new Auditors Alliance will go a long way in waging war on corruption.</p></div><p>As always, I look forward to your comments. </p>Richard Chambers0
Corrupt Negotiationshttps://iaonline.theiia.org/2018/Pages/Corrupt-Negotiations.aspxCorrupt Negotiations<p>​U.S. federal prosecutors have indicted a United Auto Workers (UAW) executive for allegedly accepting payments and gifts from Fiat Chrysler Automobiles NV to influence labor contract negotiations, the <a href="http://detne.ws/2FQ6yit" target="_blank"> <em>Detroit News</em> reports</a>. Nancy Adams Johnson, the union's No. 2 official representing Fiat Chrysler workers is the sixth UAW and Fiat Chrysler official to be charged with conspiring to corrupt labor negotiations between the two parties. The indictment alleges Adams Johnson received tens of thousands in benefits from former Fiat Chrysler executive Alphons Iacobelli through the UAW–Chrysler National Training Center, on which she was a board member. An earlier <em>Detroit News</em> story noted that Adams Johnson also had charged more than $75,000 in personal expenses to union credit cards between 2014 and 2016. Iacobelli has pleaded guilty to federal corruption charges, along with another Fiat Chrysler executive, and awaits sentencing.</p><h2> Lessons Learned</h2><p>According to the <a href="http://www.unionfacts.com/" target="_blank">Center for Union Facts</a>, a not-for-profit organization that promotes transparency and accountability in labor unions, U.S. unions collect more than $10 billion from workers annually in mandatory dues. They control another $400 billion in financial assets that include strike funds, pension plans, and health-care benefits. But frauds such as embezzlement, bribery, and corruption also are significant. Other findings by the center related to this story include:</p><ul><li>The Department of Labor's (DOL) Office of Labor-Management Standards (OLMS) has investigated and prosecuted union leaders for embezzling more than $100 million in union dues since 2001.</li><li>Investigations by the DOL's Office of Inspector General, which investigates labor racketeering and organized crime's influence within the labor movement, has resulted in more than $1 billion in fines, restitutions, and forfeitures.</li><li>Fewer than 5 percent of unions audited by the DOL received unqualified passes.<br> </li></ul><p>Here are some measures Fiat Chrysler, the UAW, and government regulators should consider to improve this situation and prevent further incidents:</p><ul><li> <strong>Both Fiat Chrysler and the UAW need to carefully review and strengthen their internal controls.</strong> In light of this story, those controls should include addressing weaknesses in internal financial systems dealing with matters such as hospitality and conducting fraud risk assessments. Unions and companies also should establish strict separation of labor versus management roles and activities. For example, they should take measures to prevent joint training centers from funneling cash and benefits between the two sides. Moreover, they should review human resources measures such as background checks on those involved in collective bargaining, scrutinize significant lifestyle changes, tighten rules and review of hospitality and travel, and rotate staff members in and out of bargaining roles more frequently to prevent too-close relationships. <br> </li><li> <strong>Management and labor should strengthen ethics and conflict-of-interest measures.</strong> These measures include imposing tougher sanctions where noncompliance is found and updating mandatory ethics/conflict-of-interest training to reflect the kinds of risks revealed in this story. If Starbucks can close 8,000 stores to provide unconscious bias training to employees, it should be relatively straightforward for Fiat Chrysler and the UAW — as well as other automakers and related unions — to do the same for ethics training.<br> </li><li> <strong>Labor regulators should step up requirements, enforcement, and education related to reporting and disclosures.</strong> U.S. regulators should improve the quality of reporting and auditing required by the Labor Management Reporting and Disclosure Act (LMRDA) to help detect and deter potential fraud. The LMRDA requires unions to file annual financial reports detailing their financial condition and operations. The law directs unions to provide detailed information on their dues and other income sources, assets, line-item expenditures, and union leaders' salaries and fringe benefits, depending on a union's yearly income. Moreover, it requires union leaders to report potential conflicts of interests. <br><br>Needed improvements include more timely and complete reporting — and stronger penalties for failures to do so. Also, specific reporting on the results of audits, such as those related to embezzlement, would help. Better training of staff members involved in preparing reports also could be useful. And, regulators should consider stiffer penalties for repeat offenders.</li> <br> <li> <strong>Regulators should audit unions' compliance and assess penalties consistently.</strong> The OLMS has broad powers to audit U.S. unions' financial reports and ensure compliance with reporting requirements. However, unlike Internal Revenue Service audits, which can result in significant fines, few OLMS compliance audits result in specific punitive damages being assessed in court. Stronger penalties could deter significant violations of the LMRDA such as filing false reports, keeping false records, and destroying records. </li></ul>Art Stewart0
Programmed for Fraudhttps://iaonline.theiia.org/2018/Pages/Programmed-for-Fraud.aspxProgrammed for Fraud<p>The U.S. Federal Bureau of Investigation (FBI) alleges that an acclaimed robotics professor defrauded Michigan State University and the Institute of Electrical and Electronics Engineers of more than $400,000, <a href="http://www.mlive.com/news/grand-rapids/index.ssf/2018/02/ex-msu_professor_renowned_robo.html" target="_blank">Mlive.com</a> reports. According to the criminal complaint, Ning Xi submitted false claims for travel and other expenses to the two organizations over a five-year period. The FBI alleges that Xi altered and fabricated receipts and used the money to pay off credit card debt. Investigators first started looking into Xi to determine whether he had fraudulently obtained National Science Foundation research grants by not disclosing foreign funding and affiliations. Xi had previously been in a dispute with Michigan State when he took a position with a Hong Kong university while he was on a sabbatical. He resigned from Michigan State in 2015 after the university learned he had accepted a second position with the University of Hong Kong.</p><h2> Lessons Learned</h2><p>Previous articles about expense reimbursement fraud have outlined red flags and what can be done about them (see <a href="/_layouts/15/FIXUPREDIRECT.ASPX?WebId=85b83afb-e83f-45b9-8ef5-505e3b5d1501&TermSetId=2a58f91d-9a68-446d-bcc3-92c79740a123&TermId=68ab66bc-fb2d-4543-b5d0-6453a087a684">"The Perils of Grant Fraud"</a> and <a href="/_layouts/15/FIXUPREDIRECT.ASPX?WebId=85b83afb-e83f-45b9-8ef5-505e3b5d1501&TermSetId=2a58f91d-9a68-446d-bcc3-92c79740a123&TermId=13404480-235f-4daa-9846-f819ac9aa6fe">"Traveling First Class"</a>). Management often overlooks this kind of fraud because it considers its employees to be trustworthy and the relatively small loss involved may not be worth the time and effort to track, detect, or deter. In reality, according to the Association of Certified Fraud Examiners' <a href="https://www.acfe.com/rttn2016/docs/2016-report-to-the-nations.pdf" target="_blank">2016 Report to the Nations on Occupational Fraud and Abuse</a> (PDF), expense reimbursement schemes account for nearly 14 percent of occupational frauds and result in a median loss of $30,000 per year. The report analyzed 2,410 occupational fraud cases from 114 countries.</p><p>This fraud story is even more complex, involving an alleged attempt to hide a serious conflict of interest with Chinese affiliations, research, and funding in U.S. federal grant applications. It also includes allegations that Xi exploited past connections and relationships to collude for a financial advantage. </p><p>Keeping the organization safe from thieving employees and their multifaceted fraud activities demands strong controls, tough actions against perpetrators, and management leading by example. This is particularly important for multinational corporations with employees throughout the world or institutions such as Michigan State with international ties and staff members who move among other institutions. Xi allegedly perpetrated three main fraud schemes: reimbursement fraud, conflict of interest, and collusion. Here is what internal auditors can do to help detect and prevent them:</p><p> <strong>Forensic accounting experts can help companies implement preventive measures against fictitious expenses, multiple reimbursements, and mischaracterized expenses</strong><strong>.</strong> Written expense reimbursement policies and procedures should require detailed expense reports that set forth amounts, times, places, people in attendance, and specific business purposes. The organization also should ask employees to use company credit cards; submit original, detailed receipts (no photocopies); and provide boarding passes for air travel. Periodic audits of travel and entertainment expense accounts also can be a powerful deterrent.</p><p> <strong>Forensic accountants also can help detect employee reimbursement fraud through a variety of audit and review </strong> <strong>techniques</strong><strong>.</strong> These techniques include examining reimbursement documentation for photocopies, duplicates, or fakes; comparing employees' expense reports and supporting documentation to check for multiple claims for the same expenses; and comparing the times and dates of claimed expenses to work schedules and calendars to look for inconsistencies. An example of the latter would be looking for expenses claimed that were actually incurred during vacations. </p><p>Other related red flags that may signal fraudulent activity or warrant further investigation include:</p><ul><li>Claims for disproportionately larger reimbursements than other employees in comparable positions.</li><li>Paying large expenses in cash despite access to a company credit card.</li><li>Submission of consecutively numbered receipts over long periods of time.</li><li>Consistently submitting expenses at or just under the company's reimbursement limit for undocumented claims.</li></ul><p><strong><br></strong></p><p><strong>Quantitative analytical and statistical methods also are important tools.</strong> One technique is to look for employees whose expense patterns violate Benford's Law, a statistical analysis tool that can reveal fabricated numbers. This law is an observation about the frequency distribution of leading digits in many real-life sets of numerical data. Specifically, it posits that in many naturally occurring collections of numbers, the leading digit is likely to be small.<sup> </sup>For example, in sets that obey the law, the numeral "1" appears as the most significant digit about 30 percent of the time, while "9" appears as the most significant digit less than 5 percent of the time. By contrast, if the digits were distributed uniformly, they would each occur about 11 percent of the time.</p><p>Benford's Law also makes predictions about the distribution of second or third digits, digit combinations, and so on. As far back as the 1970s, mathematicians suggested that the law could be useful in forensic accounting and auditing to indicate accounting and expenses fraud. Assuming that people who make up figures tend to distribute their digits fairly uniformly, comparing first-digit frequency distribution from the data with Benford Law's expected distribution should reveal any anomalous results.</p><p><strong>Technology can help prevent</strong><strong> the submission of fake expenses as well as spot problems with tracking and disclosure of inappropriate employee conflicts of interest.</strong> An intelligent expense management system will know the approval hierarchy. It will enforce a business rule requiring the expense to be submitted by the most senior attendee and approved by his or her boss, removing the chance for collusion. The system also can have in-line audit capabilities that automatically flag for audit an expense report that fits a set of criteria before approval.</p><p>In this case, Michigan State could tighten up scrutiny of disclosures of foreign relationships and double or conflicting employment through its fraud risk assessments. It also could risk-target particular countries and institutions for audits of employee activity. Computer-based collection of data and analysis of sources such as Xi's various institutional connections and social media presence might have revealed his employment in Hong Kong earlier. University officials also might have taken stronger actions when they first found that Xi was hiding his employment activity in 2014.</p><p><strong>Organizations must address deliberate collusion, whether between colleagues or with a supervisor, to knowingly approve funding, a grant, or a false claim</strong><strong>.</strong> In large, diverse organizations with lengthy histories and widespread operations, it is possible that two or more people with past relationships will occupy positions where decision-making authority might be abused. For example, one person could become a managing director and the other a sales director (or in this case, a professor and former student). Rigorous conflict-of-interest policies, background checks, and scrutiny of unusual patterns of behavior in work relationships are needed to combat fraud. </p>Art Stewart0
Kickbacks in the Newshttps://iaonline.theiia.org/2018/Pages/Kickbacks-in-the-News.aspxKickbacks in the News<p>​Investigators from the New York State Police and Manhattan district attorney allege that executives of media company Bloomberg L.P. and interior construction firm Turner Construction received bribes and kickbacks from subcontractors working on projects at Bloomberg's offices, <a href="https://www.nytimes.com/2018/02/26/nyregion/bloomberg-interior-construction-fraud.html" target="_blank"> <em>The New York Times</em> reports</a>. According to investigators, the "pay-to-play" scheme bypassed the two companies' computer and budget systems. Among those implicated in the scheme was Bloomberg's global head of construction, who has since been fired. Individuals close to the investigation say it is part of an ongoing probe of bribery and bid-rigging in New York's $9.4 billion-a-year industry of designing and building office interiors. Bloomberg is no stranger to such fraud. Its previous interior construction contractor, Structure Tone, pleaded guilty in 2014 to charges of encouraging subcontractors to inflate costs on invoices.</p><h2>Lessons Learned</h2><p>According to Kroll Corp.'s <a href="https://www.kroll.com/en-us/global-fraud-and-risk-report-2018" target="_blank">2017/2018 Global Fraud & Risk Report</a>, fraud continued to climb in 2017. Overall, 84 percent of surveyed executives report their organization fell victim to at least one instance of fraud in the past 12 months, up from 82 percent in 2016. This represents a continuous, year-over-year rise since 2012, when the reported incidence was 61 percent. Furthermore, the construction, engineering, and infrastructure sector had the greatest year-over-year increase in fraud incidents. More than four in five (83 percent) respondents in that sector report some fraud, which is 13 percentage points higher than in 2016. While information theft, loss, or attack is the most reported type of fraud (33 percent), regulatory breaches and vendor/supplier fraud are close behind at 30 percent each.</p><p>Although investigators have not implicated Bloomberg, itself, of fraud in this case, the company's relationship with its general contractors may lack effective oversight and monitoring. In fact, Bloomberg may have overlooked several warning signs indicating potential fraud committed by internal personnel, including: </p><ul><li>Too close relationships with vendors. </li><li>A "wheeler-dealer" attitude among senior managers, who deliberately worked outside of control procedures to pursue their own interests.</li><li>Other broad control issues.</li></ul><p></p><p>What can be done? Here are some steps organizations can take to minimize fraud and its impact in construction contracting:</p><ul><li> <strong>Establish controls.</strong> Active controls that seek out fraud can significantly limit the losses incurred through illegal activity. Controls include a range of activities, from surveillance and monitoring to internal audits and management reviews. When selecting contractors through a noncompetitive bidding process, organizations should use an evaluation committee with objective members. They should segregate duties to ensure that access to sensitive information or the level of approval authority is limited, as appropriate. And, senior management of the parent company should regularly oversee and monitor compliance with contracting policy.<br> <br>Controls also should address appropriate corporate structures to separate different companies, their authorities, accountabilities, and actions. Corporate arrangements while working on multiple projects can cause contractors and owners to develop too close a relationship. These interactions can lead to agreements ― regardless of the intentions of any party involved ― that are executed outside of established controls or that lead to change orders that are not reviewed through a procurement process.<br> </li><li> <strong>Enforce controls.</strong> The most effective way to minimize fraud losses is to prevent them from occurring. An anti-fraud culture means communicating the importance of prevention, enforcing the procedures, and providing the support and training needed to do so. Management should test the company's internal control system regularly for possible holes. In addition to an external audit of controls and financial reporting, if a company suspects or becomes aware of potential fraudulent activity, management should launch an internal investigation or hire an outside firm to handle the task.<br> </li><li> <strong>Define the cost of work to limit the opportunity for abuse.</strong> Often, a fraudulent contractor invoices for costs that are not allowed in the contract. Agreements should include a provision that clearly defines all costs of work that will be compensated for by the owner, including what is allowable and what is not. These definitions should include benchmarking of costs across a comparable cross-section of potential bidders within the industry. <em>The New York Times</em> story notes that Bloomberg and Turner are defendants in a bid-rigging lawsuit filed by a subcontractor, Nastasi & Associates. The suit alleges that Bloomberg and Turner employees altered Nastasi's bid on a work contract — raising it by $100,000 — to prevent the firm from being selected as the low bidder. <br> </li><li> <strong>Audit contractors throughout the project.</strong> External audits may not detect irregularities, so management should make sure all negotiated costs and contracts include a right-to-audit clause to allow the organization to conduct internal audits. Internal audits should be conducted by experienced staff members or outsourced to auditors with backgrounds in construction audits. The scope of these audits should include information-management and record-keeping practices. <br><br>As this story points out, records for jobs were supposed to be kept at Turner's offices, as part of the company's compliance requirements. However, in this case, employees did not use Turner-issued devices and kept job records at Bloomberg work sites. The absence of records such as contracts, budgeting data, and related emails should have been a red flag to overseers at both Bloomberg and Turner that something was going on to avoid in-house rules and bypass the companies' computers and systems. <br><br>As past stories have shown, filtering software can help organizations scan seemingly massive amounts of email and other computer records to detect illegal activity. This software can ferret out irrelevant and duplicate information from much larger databases than the two computer hard drives involved in this story.<br> </li><li> <strong>Set up a hotline and pay close attention to credible complaints about contracting practices.</strong> Tips gathered through a hotline or similar method can have a substantial impact on fraud detection. Bloomberg's global head of real estate warned management about allegedly illegal actions by its head of construction and other executives, but the company apparently did not act on the information.</li> </ul>Art Stewart0
The Loyalty Program Swindlehttps://iaonline.theiia.org/2018/Pages/The-Loyalty-Program-Swindle.aspxThe Loyalty Program Swindle<p>​Solarstar is a solar panel<strong><em> </em></strong>company with annual revenue of $4 billion and a rapidly growing promoter program. Its commissioned sales representatives were encouraged to sign up small businesses and sole practitioners as promoters. Promoters distributed company designed and authorized literature (a one-page description of Solarstar's products and services) to potential customers and clients, who would call a dedicated phone number on the flyer and use a unique code associated with the promoter to obtain a quote. If a purchase was made, the promoter got a referral fee and the sales representative received a commission. </p><p>The promoter program was growing fast, and field management was ecstatic as it was thought to be opening a new sales channel. One afternoon, one of the more successful promotors contacted a Solarstar online moderator with a request to be assigned to a new sales representative. The promoter alleged to be a 17-year-old girl, which caught the moderator's attention. Suspicions were raised and the transcript of the chat was sent to Solarstar's forensic audit manager, Robert Schull. After reviewing the transcript, Schull was determined to find out how a 17-year-old girl could have signed up as a promoter, let alone become one of the more successful promoters. </p><p>Schull first wanted to understand how the promoter program worked. He learned that it was outsourced to King Enterprises (KE), a small business run out of a strip mall in New Jersey. KE maintained a website that advertised the program and recruited potential promoters. The website had an online chat capability (that the alleged 17-year-old engaged) where current and potential promoters could ask questions or get help resolving concerns. Every week, Solarstar bulk paid KE for all closed promoter sales. KE then facilitated payment to the promoters. KE also was responsible for submitting 1099s to the U.S. Internal Revenue Service (IRS) and transferring funds to state agencies in the event a promoter did not cash the referral check timely. </p><p>Initially, Schull focused on the promoter registration process. He went to KE's website and signed up as a promoter by entering his name, address, phone number, and email address. Schull waited a few hours and received notification that he was now a registered promoter. Upon inquiry, he discovered there was no validation process to confirm the identity of the individuals registering as promoters. A review of the promoter database revealed names that were, in fact, companies. For example, multiple promoters alleged to be Comcast, Disney, Dominos, or Time Warner Cable. KE only required a Social Security number if the promoter exceeded $600 in referral commissions, which is the minimum requirement established by the IRS for submitting Form 1099. </p><p>Schull interviewed Mary St. Croix, the sales representative associated with the 17-year-old girl. She admitted that the promoter was her ex-boyfriend and not a 17-year-old girl. Allegedly, the ex-boyfriend was a married undocumented immigrant (purportedly with a criminal background) who used an alias and his son's Social Security number. He cashed his promoter referral checks at the local gas station. St. Croix provided a copy of a police report attesting to his violent nature, as well as the relationship. Her employment was soon terminated and the promoter was removed from the program.</p><table cellspacing="0" width="100%" class="ms-rteTable-default"><tbody><tr><td class="ms-rteTable-default" style="width:100%;">​<p><strong>Lessons Learned</strong></p><ul><li>Promoter program terms and conditions should be reviewed to determine the criteria for becoming a promoter and how the employee and promoter earn a referral fee. Determine how the organization validates the authenticity of the promoter and the sale.<br></li><li>Contracts with vendors should be reviewed to verify that they have a right-to-audit clause. From time to time, the right-to-audit clause should be executed. An effective audit technique is to compare an employee database to the vendor database by name, address, and phone number. Phone numbers are particularly effective in finding duplicates. <br></li><li>Require all employees with the potential to interact with vendors to complete a conflict of interest form. Prompt employees to update their conflict of interest form annually. But remember, conflict of interest forms are useless unless someone reviews the disclosure of conflicts and follows up with the employees.<br></li><li>Pay promoters with gift cards instead of cash. This should help deter individuals from trying to turn your promoter program into a small business. ​<br></li></ul></td></tr></tbody></table><p>As the contract between Solarstar and KE was about to expire, Schull next examined the program, itself. In interviews with employees who worked closely with KE, one employee alleged KE was keeping the funds from uncashed checks for promoters rather than transferring the checks to the appropriate state authorities. Schull's request to audit KE's books was rejected on the grounds that there was no right-to-audit clause in the existing contract, which was confirmed after review. </p><p>Schull next turned his attention to the promoter network. Based on the initial investigation, he believed that if sales representatives could work with a fabricated promoter, then they must be able to sign up a spouse, relative, or co-worker. He used data analytics to compare employee names, addresses, and phone numbers to the promoter database. Much to his surprise, dozens of employee names were in the database. Some employees set up their spouses, fiancés, brothers, and sisters. </p><p>One entrepreneurial employee maximized the program's potential by signing up his not-for-profit company and his church, and then signed up subpromoters (his relatives) under the church. A promoter could sign up a subpromoter and generate a sales commission for the sales representative and a referral fee for the promoter and the subpromoter, who in this case were all the same person. Essentially, the sales representative created a Ponzi scheme generating commissions and referral fees for himself, his company, his church, and his family.</p><p>Joe Smith, Solarstar's finance director, requested a meeting with Schull when he learned that revenue from customers signing up through the promoter program had slowed considerably. At the rate it was going, Smith calculated that the program would lose approximately $7 million each year. Smith's analysis of sales and Schull's field investigations revealed that dozens of sales were being made to customers living in low-income apartment complexes and trailer parks by unscrupulous sales representatives and their promoter friends. In some cases, sales representatives signed up promoters who were unemployed and had them knocking on doors or placing flyers on cars in mall parking lots. </p><p>Schull and Smith took their findings to management. Ted Spicoli, the vice president of sales and in charge of the loyalty program, refused to believe that the fraud in the program was as prevalent or widespread as Schull and Smith stated. He challenged Schull's findings and Smith's analysis. During one contentious meeting, he even challenged Smith's ability to perform basic math. Months passed, and more money was lost until finally the program was shut down. KE's contract was not renewed, and Spicoli was fired. </p><p>The promoter program was redesigned and launched as a friends and family program encouraging existing customers in good standing to refer a sale. Compensation was changed so sales representatives received a commission and the existing and new customer would split the referral fee, which was no longer paid in cash, but in gift cards. After six months, the new program was generating good customer sales without a single incident of fraud detected. </p>Grant Wahlstrom1

  • Gleim-cia-changes-webinar_June 18-30_PRemium 1
  • SCCE 2018 June 19-30_Premium 2
  • IIA CIALS-CIA-Learning_June 2018_Premium 3