Approaches to Fraud Prevention Bill Brown: Partner – Forensic & Litigation Services Tel:

Overview Introduction: Padlock vs. Bolt cutter Goal of Fraud Prevention Internal Controls, the “Conventional Wisdom” Fraud’s Impact on Prevention The “People” Solution

Padlock Theory

Basic internal control Controls physical access Safeguards property/assets Will keep the 95% “honest” people honest

Bolt Cutter Theory

The Bolt Cutter Theory Controls will not deter the “other” 5% The dishonest people will find a way to “beat” the controls They have time and energy on their side They know where to find the bolt cutters!

Beaumont ISD $4,041,705 Fraud

Beaumont ISD Collusion between CFO & Controller I8 fraudulent transfers over 16 months Each had “Unilateral” funds transfer authority (no $$ limitation)

Beaumont ISD Cont’ Assumed Name Record (dba) to create bogus bank accounts: fooled the bank Legitimate sounding descriptions documenting transfers: fooled the District and others

Fraud Prevention Goal The Goal of Fraud Prevention

Fraud Prevention Goal Anti-fraud programs should be aimed at reducing the likelihood that if fraud occurs, it will not go undetected for an unreasonable amount of time Cost vs. Benefit – can’t completely prevent fraud

Internal Controls The Conventional Wisdom Re: Controls

General Conception Careful consideration & design Proper implementation Effective compliance/monitoring Appropriate corrective/remedial actions Reliance on routine auditing procedure

So What’s the Problem?

5% “Tool Kit”

Circumventing Internal Controls 5% have intimate knowledge of controls exposes weaknesses Collusion will circumvent most controls Flawed design Ineffective implementation Auditing procedures can be predictable & easily fooled

Fraud’s Impact on Prevention

What is Fraud? A generic term, embracing all multifarious means which human ingenuity can devise and which are resorted to by individual(s) to get advantage over another by false suggestions or suppression of truth, and includes surprise, trick, cunning, and any unfair way by which another is cheated

Fraud Engineering Fraudulent schemes are “engineered” (meticulously designed) to perpetrate and conceal the theft, including an exit strategy complete with “fall guys” and “alibis”

Detection is Difficult Fraud is an “intentional” act, often involving detailed planning and concealment Crooks “anticipate” the routine audit procedures, audit evidence is often fabricated Exploits weaknesses in routine audit procedures or internal controls Breach of trust Test crash dummy – observe & adapt

Initial Detection Tip 43.3% Management Review14.6% Internal Audit14.4% By Accident 7.0% External Audit 3.3% IT Controls 1.1% Source: 2012 ACFE Report to the Nation

Tipsters vs. Controls Why are tipsters, management, and internal auditors the most effective sources for the detection of fraud?

Inside Info Intimately familiar with “detailed” information First-hand knowledge: know the entity, live it daily See and hear what other employees say and do (lifestyle changes) Understand the control systems and how to circumvent

Prevention: The “People” Solution

The “People” Solution R EMEDIATION 95% I NVESTIGATE E DUCATE E MPLOYEES R EPORTING M ECHANISM T ONE at the Top R EDUCE D ETECTION T IME

Tone at the Top Establishes standards for ethical behavior Affixes responsibility for maintaining ethical culture Sets positive example for others to follow

El Paso ISD: Cheating Scandal

El Paso ISD Wide-spread cheating scandal, state & federal accountability standards Superintendent created “culture of corruption” – Top administration – Campus Directors – Cutoff communications between campuses & Central Office

EPISD Cont’ Arrest & Removal of Superintendent created a “void” “Culture” devised new schemes to continue the corrupt environment Internal audit manipulated by Superintendent & top administration I/A reports “draft” form >over 18 months

EPISD Cont’ I/A Failures Internal audit manipulated by Superintendent & top administration I/A reports kept in “draft” form >over 18 months to avoid public disclosure Board of Trustees unaware of internal audit

Informed Employees Informed employees will be more likely to act ethically Raises awareness of potentially fraudulent conduct by other employees or vendors Encourages reporting of fraudulent conduct (early detection)

Reporting Mechanism Commitment to non-retaliation Anonymous reporting extremely important Appropriate response (part of the solution or part of the problem) Reduces detection time Cornerstone to enterprise-wide anti- fraud system

Investigation Objective/probing Identify stakeholders/isolate interested individuals Utilize appropriate investigative personnel (appropriate skills) Timely conclusion/recommendations

Remediation Report to appropriate level within entity Report facts upon which appropriate action can be taken Detailed recommendations for corrective actions Inform affected (especially the tipsters) of investigative results and corrective actions taken

Goal: Reduce Detection Time: “reducing the likelihood that if fraud occurs, it will not go undetected for an unreasonable amount of time”

Engage the 95% to improve the effectiveness of “detection” efforts Fraudulent activity manifests itself in changes in behavior

Common Red Flags Living Beyond Means35.6% Financial Difficulties27.1% Close Association with Vendor19.2% Control Issues18.2% Divorce/Family Issues14.8% Addiction Problems 8.4% Source: 2012 ACFE Report to the Nation

Observe Lifestyle Changes Spending habits: people generally spend what they steal. The more they steal, the more they spend. Fraud almost always starts small and grows. Behavioral changes: look for signs of drug abuse, gambling or other patterns (dress, work habits, or attitude toward others)

City Dixon, Illinois: $53,000,000 Theft

City of Dixon, Ill 12/18/1990 thru 4/17/2012 City Finance Officer indicted 5/1/2012, Transferred funds to bank account in name of City with her as signatory Forged endorsement & deposit in fake City account

City of Dixon, Cont’ Always picked up City’s mail & no one saw fake bank account statements, until the end (accidental) Extravagant life style: – Large horse ranch (150 horses) – Two 18-wheel transport trucks – Expensive real estate – Lavish personal expenses Change in lifestyle went on for over 12 years!

Hotline The most effective crime detection device is the Hotline. Expands your view to all the “eyes” in your organization. Cost effective Provides a vehicle for honest employees to contribute to the well being of the organization

95% Solution Your people are the best control system! – Encourage – Empower – Enlist