The smoothest kind of scam – and one of the hardest to detect – is what I call an off-book transaction.
Just a For Instance
An off-book transaction most often happens because something rare occurs at your business. Let’s say, for instance and hopefully not, that there’s an extraordinary event like a fire or a theft, and you go to the insurance company claiming $25,000 in damages and loss.
All goes well (at least in this regard), and the check is sent.
The check could have been sent to any number of people’s desks, but as this is a particularly unusual event that involves insurance, the check is sent to the CFO’s desk. Now, the CFO takes the check and deposits it – not into the company’s normal account – but into an account at a different bank under your company’s name. There’s now $25,000 sitting in a bank account in your company’s name, but only the CFO knows its there to control and spend.
How can he get away with this?
These extraordinary non-recurring items are things that an auditor would never know missed the books. Nobody knows to look for what isn’t missing.
And this doesn’t just happen with insurance checks. Off-book fraud happens with rebates, SPIFs (Sale Performance Incentive Plans), or other money that is rare enough that accountants and auditors don’t know to check the books for it.
The Rebate Way
Consider the idea of a pre-purchased rebate. One large printing company I turned around used to buy a lot of paper. In fact, it bought millions of dollars in paper annually (millions is an understatement). So a new paper manufacturer comes along and says that if this printing company signs a contract with them that begins with a $100,000 paper purchase, the manufacturer will give a one million dollar signing bonus.
The details of this contract are only known by one person who also knows that the million dollars should be looked for in the books later. Since he’s the only one who knows and he accepts the check, he’s able to do exactly what the CFO mentioned above could do: deposit and control it. Auditors don’t know to look for it, so they never find it.
I caught this case because I felt compelled to review a contract that represented such a large percentage of expenditures, and I wanted to know more about the deal, but for every huge case that is inevitably caught there are ten other $10,000 deals that get missed.
If I’m around a company long enough for things happening on an annual cycle to recur then I’m more likely to catch these things, but if I’m not then it’s up to people at the top to alert the auditors (and more than one of them, mind you) to be on the lookout for rare, one time or merely annual occurrences that could be slipping the books.
The way I often catch off-book transactions is by noting what I’m told by staff must absolutely be done or absolutely not be done; I always investigate what must or must not happen to see if something unsavory is going on. A good bit of the time, it is.
A Smooth Insurance Scam
For instance, I had a controller who would intentionally overpay insurance premiums. He was writing, periodically, a check for $10,000 or even $20,000 more than he needed to be. When the auditors came in, they would see regular checks to the insurance company and not think a thing of it. At best, they would spot check that this company was owed money, and the short answer was always yes.
The insurance company would later send a refund check to the company and the controller overpaying those checks would deposit the refunds into a dummy account at a different bank under the business’s name. Guess who was the only person who knew about this account and spent from it. Yep, that very same controller.
People will take advantage of what they know will be out of site out of mind, so I encourage you to watch the unusual with your own eyes and always follow it from start to finish.
What kinds of unusual transactions occur in your business? Did you check up on them?