Fraud Prevention Tip: Always Poke Around Your Books

When companies start the CEO or business owner is the one signing all of the checks. That’s just the nature of a start up and a small business.

But after a company grows and other people – CFO, controller, auditor, etc. – are put into the position of check signer, the CEO or a majority shareholder should double-check what’s getting paid.

Just look at a ledger, the checkbook or Quickbooks and see where money is going. Ask questions about that money. How often are we paying for X? What does company Y supply us with? Poke around the books and ask questions.

Silly Expenses

Even if you don’t find fraud, you’ll likely discover unnecessary expenses. I would say the latter is in fact more common in these cases. The reason is that people in Accounts Payable aren’t always informed when a piece of leased equipment is sold or returned or when the paper supplier wasn’t just changed but the first supplier was canceled. That’s because a lot of payables and other bills are just put on autopilot. They’re not checked every month or even every year.

I can’t count the number of times I’ve gone through a company’s expenses line by line, questioning everything with the CEO and the check-signer, and found thousands – if not tens or even hundreds of thousands – worth of expenses being paid that didn’t need to be paid. What a difference that makes to the bottom line of any business, much less one that hasn’t turned a profit in two years.

In one notable case, this routine check uncovered some major fraud.

Un-Silly Fraud

We discovered the fraud while doing a sort in an Excel spreadsheet on all of our vendors’ addresses; we were just trying to figure out freight costs and where we could save money. What we stumbled upon were two vendor companies: one in California and one in Indiana. Each was doing business with a stationary store in Chattanooga, which is where our home office was.

It would have made sense that there were vendors in California and Indiana to attend to our subsidiaries, but what didn’t make sense is that we were sending checks to these companies at a PO Box in Chattanooga – which, I reiterate, is where our headquarters was.

It turns out that the controller had created dummy vendors, theoretically for our subsidiaries in California and Indiana, and he was cutting checks to these dummy vendors for random amounts between $50 and $100 to a PO Box in Chattanooga. He would then go collect all of these checks and cash them in the name of these dummy vendors.

That’s a series of very small transactions that an auditor would never find even if he regularly dipped 20% below his “check everything” number. As a result, over the course of ten years this controller stole over a million dollars.

And again, we only discovered this because the CEO and I were poking around in the books trying to come up with useful ways of extracting unique, money-saving information. What hit us was something suspicious, and that’s why I always encourage you to look into the suspicious.

Slightly Silly Fraud

Another time I was working on a book store that had switched who it was banking with and who held its credit cards. But one of the credit cards wasn’t canceled – a Discover Card – and because it was so routine to pay off this Discover Card, the controllers just kept paying it. No one asked and no one thought about it. As it happens, the guy whose card it was just paid off his entire mortgage on the company (until I got there).

Just do a routine check through all of your transactions and payments. You’re bound to find some juicy things in there.

How often do you poke around your books?

20120325-172804.jpg

Fraud Prevention Tip: Take All Shortages Seriously

In businesses with checkout counters and cash drawers, it can be very easy to just accept a standard over/under on drawer counts. A number of other places that involve balancing books will also allow this to be so. I’m the first to say that if you’re balancing out $100,000 in revenue and find that you’re $86 off, you might just want to let it go as the trouble of uncovering that $86 is not worth the $86.

But what if someone had stolen that $86? Then would you want to know and figure out what had happened? Arguably, that changes the value of the $86, since this is unlikely to be a one time thing, but a recurring and growing “expense.”

So let’s say that you have a drawer that’s off by $14 one day. No big deal – that can happen, especially at a place that does enough business in cash on each drawer.

But let’s say that happens at a big department store like a Macy’s 5 days in a row. That cashier is going to get fired for one of two reasons. Either a. he’s an idiot or b. he’s stealing.

But let’s not forget to consider hidden option c. someone else is stealing from him because he’s an idiot.

Many employees know that a drawer can be off $20 a day without raising a lot of suspicion, and so they use other people’s cash drawers when their friends come in to the store and give them $10 too much change. By rotating whose drawers they’re doing this from, it makes it very hard to catch them. Watch for patterns and consistencies, like who’s regularly working on days that there are higher than usual collective shortages, even if those shortages don’t appear on their drawers.

Don’t jump to conclusions. Just be vigilant and chart the specifics of any inadequate drawer counts.

Many companies grow lax because everything’s been fine with their counts, but don’t make the mistake of ignoring the systems you have in place. You put them there for a reason.

On some level, you’ll have to make a judgment call on this one depending on the percentage under and who has his or her hands in your cash and your books. This tip isn’t as stark-raving obvious as don’t rehire people who steal from you, but I do want you to take all shortages seriously all the same.

What shortages are considered acceptable at your business? How frequently does that happen and what do you do about it?

20120325-171758.jpg

Fraud Prevention Tip: Focus on Checks and Balances that are Rechecked and Rebalanced

I debated making this idea its own tip, as it may be more of a motif that just runs through darn near every one of my fraud tips and posts, but I opted to include it just to make sure that you heard me say it enough times.

Every good organization has checks and balances. The United States government has them via our well crafted Constitution and the division of governmental responsibilities into our legislative, executive and judicial branches. As we’re taught in school, those checks and balances are meant to prevent the abuse of power, which is exactly the same as preventing fraud.

Fraud is an abuse of the power placed in the hands of those you and your company – or the electorate – opt to trust. In most cases, that pertains in some fashion or another to stealing money, but all fraud comes down to an abuse of power.

In fraud cases, it’s rarely some elaborate conspiracy that I detect. It’s generally just one bad egg trying to get away with more than is written into his contract.

The reason I insist on checks and balances in a business and in all things pertaining to money and finances in a business is because checks and balances generally prevent fraud from happening (that is, they’re a psychological deterrent acting as part of an informal fraud policy) – or at least their presence detects fraud early enough to prevent it from being damaging and to fire any perpetrators (and if you’ve been listening to allow you to prosecute them and send them to jail).

Crooks are generally creative, or at least they have a knack for seeing the flaw in a system and subsequently exploiting that flaw. The more checks and balances, the fewer weaknesses and the less potential for fraud.

One of the protests I get to my insistance on additional checks and balances is that they require more personnel or better credentialed employees who are able to juggle these additional responsibilities. That is, checks and balances cost more money and take more time and neither of those, CEOs and managers claim, are available in spades.

But I suppose they have time to figure out where their missing money is going and why – and the money to lose in the first place?

Spend the money preventing fraud rather than on fraud, I say.

It’s like preventative care in medicine. The reason that we’re seeing the rise of PAs, or Physicians’ Assistants, in the medical field is that many of them are being trained to focus on preventative care rather than solely on treating illness and disease. The thinking goes, rather than go to your doctor when you’re already sick and get treated with medications, surgeries and, God forbid, chemotherapy, go to someone regularly and long before you’re sick who can teach you how to take healthful actions that will keep you healthy.

The former is incredibly expensive and pops up in huge and unmanageably complex bursts (hence the need for insurance), and the latter, while a more regular expense – like a utility bill or, say, a paycheck – will drastically reduce the need for any of those huge and expensive encounters or at least catch them so soon that they are not nearly as costly, disruptive or deadly.

So, take the preventative care attitude towards fraud and set in place as many checks and balances as you can think of. It always pays to prevent fraud.

What checks and balances do you have in place?

20120325-171143.jpg

Fraud Prevention Tip: Don’t Rehire People Who Steal From You – Seriously

My lengthy post on the need to always prosecute those who steal from you included an exploration of those reasons that people fail to prosecute and how not doing so is a larger problem for the business world. Now I’m going to provide you with a very concrete story that I hope highlights why you always prosecute and why you never – ever – rehire people who steal from you.

I was once turning around a company at which a sales manager had a scheme with a customer.

The published sale’s price of this company’s primary widget was $8.50. The salesperson in question would place an order for a particular customer of his, ship the merchandise to the customer and then go to accounts receivable and put through a credit memo for that customer which would net the customer a price below the list price of $8.50. The customer would then slip the salesperson 50% of his savings. That is, the customer would pay $4.50 for the widget, thereby saving a total of $4/widget, half of which ($2) he would give back to the salesperson.

Because something like this can easily slip below the radar in a company with enough customers the financial impact might be minimal; thus, it’s very easy to go undetected for a while. The reason I discovered that this was happening was because the guy got greedy and started doing this with multiple customers. In his hastiness he put the credit through for the wrong company. The accounting department at that company was honest and came to us to disclose this erroneously applied credit. When we researched the credit we discovered what was happening, and the whole scheme unraveled.

As a result, this guy was fired (thank goodness) and never prosecuted (rats).

Apparently, this guy was an excellent salesperson, and even though he was ripping off the company for which he was working, he was simultaneously drumming up a remarkable amount of legit business. After he was fired the company’s sales declined by 25% over the next two years. Unsure of what to do and unable to find a suitable sales force to replace this one guy, the CEO rehired the once-thieving salesman (and as I always say, “Once a thieving salesman, always a thieving salesman”).

When asked why, the CEO said that the salesman had found God, repented for all of his sins and begged forgiveness. Though he never made monetary restitution for his misguided ways, he nonetheless apologized sufficiently enough for the CEO, who rehired him to return the company’s sales to a profitable level.

Lo’ and behold, six months later they (finally) put the salesman in jail because he started stealing again. Don’t make me say the following twice – please.

Do not rehire people who steal from you – ever.

This one is not a tip or a simple recommendation – I’m imploring you.

I believe in second chances in life. We all screw up at one point or another, and I dare say, we all deserve to find forgiveness. Despite that, do not rehire people who steal from you. If you think that you might not be able to keep to this because you’re such a forgiving person, then put it in your company’s bylaws to prohibit you from rehiring thieves despite your wishes otherwise.

Do not rehire people who steal from you. Seriously.

20120325-163444.jpg

Fraud Prevention Tip: Change the Standard by Which You Check Your Transactions

My last tip concerned reviewing the payroll, but anybody running a business knows that’s far from the only expense that fraudsters can tamper with.

Many companies have expense reports. Sometimes they come from traveling consultants or a sales force. Other times they’re the domain of local managers who take associates and leads out for meals and entertainment. Whatever it is, expense reports get handed into the appropriate department, reviewed by the person in charge, checked off and paid out.

However, what I’ve seen is that for every salesman and consultant who has his expense reports checked, there is someone whose expense reports are getting glossed over: C-level and other senior employees.

There are rarely checks and balances on these people. Sometimes the CFO is even writing his own checks – and that’s a problem. All systems require checks and balances – a theme you’re about to see resurface again and again over the course of these coming posts – and when it’s assumed that senior managers’ and officers’ expenses don’t require review you’re going to run into problems.

The CFO at a manufacturing company in Suwannee, GA knew that the golden audit number for an automatically reviewed expense was $5,000. Thus, he was writing himself tens of thousands of dollars in expense-related checks, each in the mid $4,000 range.

The mistake the company made was that these checks took two signatures but the senior person who was acting as the co-signor on these checks wasn’t double checking what he was signing. We found $180,000 worth of recent fraud. Lord knows what had been buried for ages.

The reason I suspected this was happening is because the CFO dragged his feet about getting us some of the information we wanted during our review process. That raised my concern about other issues he was and wasn’t sharing with me.

When I go into a company that’s losing money I always look at the expense reports of senior people, and when these two issues crossed I easily discovered what was happening.

Make sure that any check co-signor or anyone whose job it is to sign off on checks and expense reports understands the seriousness of what he or she is doing and doesn’t make the action a perfunctory one. You want people in those positions who ask questions, are naturally suspicious and who are willing to bring larger issues straight to the CEO.

Change the standard by which you check your transactions.

Auditors set their own level of what kinds of transactions to review and at what number (in this case, $5,000). Though auditors will occasionally spot check below that number, make sure they’re regularly peeking at any transaction above 80% of that number (in this case $4,000). I’ve found that to be, more or less, the sweet spot of those committing this kind of fraud.

What level do your auditors automatically check? What will you have them do now?

20120325-162646.jpg

Fraud Prevention Tip: Always Have Someone Double Check the Payroll

There are a number of good payroll services out there that will handle all of your payroll needs. All you do is enter employee hours or salaries into the system and – poof! – everybody gets paid on Friday.

Many businesses opt not to engage a service like this; perhaps they don’t like the technological integration, perhaps they like to keep things in house, or maybe they just don’t know such services exist. Whatever the reason for not contracting out one’s payroll, if you do payroll in house, make sure someone is double checking the work.

And that brings me to Aunt Tess.

Aunt Tess was a payroll clerk I once had the pleasure of encountering. She’d been working at the same company doing the payroll for over 25 years, and everybody loved Aunt Tess. After all, that’s why they all called her Aunt Tess.

Well, I suspected something fishy was going on when Aunt Tess came into work the day after an appendectomy to do the payroll. There she was, just handing out pay checks as if 18 hours earlier she hadn’t been split open unconscious on an operating table.

Really, Aunt Tess? Not even a day of recuperation?

I inquired and learned that in 25 years Aunt Tess had not missed one single payroll day. Not one. Does that strike you as bizarrely as it struck me?

At a big company, no one knows all the hourly people’s names, and this was a fact that Aunt Tess had been methodically exploiting for a quarter of a century.

As it turned out, she’d created a handful of specious hourly employees, whose concocted existence allowed her to steal between $75,000 and $100,000 a year. She’d just hand out checks, hold on to her unknown friends’, and deposit them into bank accounts that she controlled.

It was both elaborate and simple. Considering the love for Aunt Tess both from management above and employees all around, everyone was quite shocked to learn of this betrayal, and their inclination to forgive her is something we’ll explore in future tips.

But for now, I’ll leave you with a reminder of this tip: Always Have Someone Else Double Check the Payroll. You never want just one person doing your payroll.

Do you have just one person doing your payroll? What kind of check will you put in place now? Let us know in the comments below or ask questions if you need some suggestions.

20120325-161504.jpg

Fraud Prevention Tip: Keep Your Security Room Locked

When I prepped you for this series on fraud, I mentioned that some of the tips were going to seem a little obvious. This opening tip should seem head-slappingly “duh,” but you’ll have to believe that the example is nonetheless true.

I was working on a company in Dallas where all the surveillance equipment was kept in one room. Logical, right? But delightfully for those interested in doing wrong by the company, this so-called surveillance room was kept unlocked all the time.

That may be fine in these days of digital data automatically uploaded to secure servers and kept for months, but this was back in the days of video cassettes – a time when the data was in one place at one time and easily destroyed.

As you can imagine, this place had a theft problem. And after people would steal something, he would walk right into the surveillance room, change the tape or erase it; and sometimes before committing a crime the thief would just stop the VCR for the duration of his crime.

So, my Fraud Tip:

Keep Your Security Room Locked.

Do not let this happen to you! Having security equipment is great, but you have to secure the security equipment.

Is your security room kept locked or unlocked? If you don’t know, please go check right now.

Fraud Prevention Tip: Leverage the Value of an Informal Fraud Policy

We’ve been talking about fraud, and last week I asked you to create a fraud policy if you didn’t already have one. Pardon me for assuming that you don’t already have one but experience tells me you don’t. What you may find that what you do have, though, is an informal fraud policy – and you may not even know it.

Though I insist that an official, stated, written and shared Fraud Policy is important, I will be happy knowing that you also have an informal fraud policy.

An informal fraud policy is one that is implied by your actions and the state of things around your business – like security – but that is not directly stated. An informal policy is also known as a psychological fraud policy.

The Circuitous Route

I once ran a retail chain out of Delaware. The shrinkage was 5 or 6%, and when the company was doing 100 million dollars a year in business, we weren’t talking about an insignificant number here. That was about 6 million dollars a year of stolen goods.

Before I got there, when a cashier or sales associate was caught stealing the manager would have that person quietly taken into the back, loaded into a police car and inconspicuously taken to jail. But this is not Victorian England, and we need not be so discreet.

When I started running this operation and I caught someone stealing, I had multiple police officers parade them through the store in hand cuffs in a circuitous route. The police car would be out front lights swirling and sirens blaring, and the perpetrator would have tears coming out of his or her eyes. I wanted everyone to see, from employees to customers to management.

The Effects of the Roundabout Way

That policy resulted in a reduction of shrinkage by 50% in the first month. Over the course of the year that translated into three million dollars saved because people became far more terrified of the embarrassing consequences of getting caught stealing. They knew that I would take real and serious action against them and prosecute them for stealing.

Another example of a psychological fraud policy is a warehouse at which I had a ton of merchandise walking out the back door. All I did was stick a camera right outside that door, drill a hole in the wall and feed a little wire through. That camera and wire didn’t even go anywhere! They weren’t hooked up, but just putting it there scared everyone enough to stop stealing. Shrink declined immediately and dramatically.

Those are examples of informal and psychological fraud policies. Neither is stated in words on a sign, but they are actions that are regularly being taken agains those who are stealing and committing fraud, and employees understand the consequences of those actions.

Do you have an informal or psychological fraud policy at your business? If so, what is it and if not, what sorts of measures could you put in place to have one?

Fraud Prevention Tip: If Someone Commits Fraud, Have Them Thrown in Jail

One thing I consistently find to be true is that, from a legal perspective, 75% of people who are caught stealing and committing fraud are first time offenders. That’s not because it suddenly occurred to them that they could steal and supposedly get away with it; these are people who have been caught in the past but who were never prosecuted.

That’s right – people catch other people stealing money and inventory from them and don’t use the law to prosecute them, whether for restitution or punitive reasons.

Why Don’t People Prosecute?

People don’t prosecute for a few reasons.

1. It seems easy for us to say, “Oh my gosh. Someone was stealing from you? You had them arrested and sued them, right?” After all, if someone broke into your home and stole your grandma’s diamond necklace, you would sue them, wouldn’t you? Of course you would, but for some reason when people work for us and we feel like we know them, we want to forgive them and not mess up their lives, so we fire them – but we don’t prosecute. However, if people don’t go to jail, they don’t learn their lesson (this isn’t some legalistic philosophy I stick by – this is based on the experiences that I’ll flesh out more below and in future posts).

2. Prosecuting seems messy. It creates paperwork, involves lawyers, and it takes time, energy and more money, and you’d rather not lose more considering that someone’s been stealing it already, right? Wrong. You can get some of that money back if it can be had, and the mess is worth the trouble.

3. It’s embarrassing. People think it’s embarrassing that someone was stealing from them and they didn’t uncover it sooner. They don’t want other people to know, whether employees, the public, friends or family. They don’t want a big deal made, attention attracted, ill will and weird feelings. It seems icky somehow and people seek to avoid the associated feelings.

What Are the Consequences of Not Prosecuting?

When people don’t prosecute it hurts everyone and it’s bad for the larger business world. In the long run, when people prosecute it benefits everyone, from employers and industry to the average honest worker who deserves a job for which he’s not competing against thieves.

One of the biggest problems of not prosecuting those who steal and commit fraud is that you can’t say to their next potential employer that they’re thieves. Legally, if you fire someone for theft but don’t prosecute in a court of law, you can’t say that he’s a thief. That means you have to say that you chose to part ways amicably or you will be seen to be impeding his ability to acquire gainful employment without legally proving the reason he doesn’t deserve it. The word that comes to mind here is poppycock!

Prosecute thieves and those who commit fraud to ensure that you can tell future employers the information that they deserve to know. Then you can let those employers make informed decisions about who to let in their businesses.

Again, those who commit fraud aren’t first time offenders – they’re just getting caught for the first time and prosecuted. Do us all a favor and make sure people are prosecuted for their crimes.

Have you ever prosecuted someone for fraud? What happened?

Have you ever chosen not to prosecute someone for fraud? Why not?

What Are You Doing for Fraud Prevention Month?

“Every young man would do well to remember that all successful business stands on the foundation of morality.”

– Henry Ward Beecher

This quote seemed like a good way to address the month of March, which is National Fraud Prevention Month. Last year, I wrote the following post encouraging you to be aware of fraud and to seek it out.

As I’m fond of saying, if you haven’t found anyone at your business committing fraud, you’re just not looking hard enough.

If your controller is required to look at only transactions above $5,000, during the month of March encourage him to look at all transactions over $4,000. Think about it. If someone wanted to steal money and knew that all transactions over $5,000 were routinely reviewed, wouldn’t that person steal money in the amount of, oh, say, $4,999?

If you’re saying, “No way!” you better believe that I have uncovered more than one case of fraud on just this basis.

Here’s something else I would like you to do for the month of March: kick your CFO out. No, not permanently (well, hopefully not permanently). Just ask him to leave for 2 weeks. Perhaps right before taxes are due is not the best plan for some businesses, but perhaps his vacation is coming due just after that. If this is too short notice GOOD! You don’t want him to be aware this is coming. You just want him out for two weeks.

Now you do his job. Sit at his desk. Open his mail. Talk to his secretary or assistant. And don’t let him back in the building for any reason. Just see what comes up – trust me.

If you don’t find anything unusual, wonderful. Be glad you did this and move on. But if you do find something, know that you’re not the only one out there who did. This is one of the number one ways I uncover fraud, and I encourage you to do it annually.

So, over the course of this month, I hope you’ll enjoy some of my many stories of fraud, and when I say enjoy I mean I hope they’ll inspire you to put more strict measures in place at your business to prevent fraud.

Remember, if you haven’t found fraud, you’re not looking hard enough.