Introduction to Internal Controls
7. Fraud
As we mentioned before, internal control is never perfect – employees can work together in order to bypass segregation of duties, and managers sometimes have the ability to override controls. However, the absence of a critical internal control can provide an opportunity that is just too good to pass up for fraudsters. For the remainder of this tutorial, we’ll take a look at what can happen when employees find a way to break through the system of internal controls.
Fraud is most likely to occur when an individual has a motive to perpetrate fraud, an opportunity to do so, and can rationalize such actions. A theoretical example: a bank’s branch manager runs into serious financial trouble after gambling away his financial safety net, and then his wife gets laid off from her job. He’s in charge of approving loans and writing off bad debts for his branch, and his regional manager must approve all loans above $10,000. However, because of a stellar work history, the regional manager basically rubber-stamps all of those loans and doesn’t bother reviewing any smaller loans. In addition, the branch manager was recently passed up for a raise even though he does great work for the bank. Because he thinks he is “owed” the money, he begins writing fraudulent loans to a bank account he controls. After several months, he writes them off as bad debt and keeps the money for himself.
As in the fictional case above, heavy financial pressure (the motive) and perceived unfairness (the rationalization) can tempt even the most trusted employee to commit fraud. Corporate officers can’t do much about motives and rationalizations, besides treating employees fairly, but they most certainly have a say about opportunities to commit fraud. In the case of the branch manager, duties weren’t properly segregated and there was no compensating review control.
We will now go over some real-life cases of fraud, and how they could have been prevented or quickly detected.
High-profile accounting scandals
Most well-known scandals, where corporate officers falsify financial records or siphon off company assets (think Enron, WorldCom, Lehman Brothers, and Adelphia), represent a poor control environment. Generally, CEOs and CFOs can ignore most internal controls if they really want to, so board of director oversight and a corporate spirit of ethics and integrity are some of the only things standing in the way of a major accounting fraud. Anonymous fraud hotlines can be useful here as well -- many times, all it takes is one staff accountant to blow the lid off a simmering pot of corporate deceit.
Billing scheme in Chicago
In January of 2014, the Chicago Tribune reported that a Chicago Public School employee set up nine fictitious vendors and had checks to the vendors delivered to a P.O. Box that he controlled. He then forged signatures in order to access the money. When one of the schools hired a new principal, an audit discovered some fishy payments. In total, the employee stole more than $400,000 over ten years.
If someone higher up the organizational ladder had reviewed either new vendor reports or perhaps a tailor-made exception report, the many checks sent to the same P.O. Box would have likely raised red flags.
Non-profit gets ripped off by a trusted employee
Evelyn Reynolds was a trusted subordinate of the Chief Operating Officer for Children’s Education First who stole more than $100,000 from her employer. She added extra hours to her time card (she was able to approve her own), set up donations to “needy individuals” that were actually her own children, and abused the petty cash fund. This was a classic case of the need for segregation of duties – employees should not approve their own time cards, and the person who has access to the funds set aside for charitable donations should not be able to determine who gets the donations without a separate review in place.
online accounting course:
