July 2002

Preventing and Detecting Workplace Fraud

By JAMES S. ANCHIN, CPA

The newspapers are filled with stories of alleged fraud and accounting irregularities by large publicly held companies such as Enron, WorldCom and Global Crossing to name a few. Management at these companies may have been motivated to act as they did by pressures to report growth and profits in order to meet the outside world's expectations and to support stock prices. Executive compensation and stock options tied in to the value of the stock may have also been motivating factors in their actions. As a result, the companies' accountants have come under increased scrutiny and criticism for not preventing or detecting the alleged improprieties.

With all that in mind, it is easy to lose sight of the fact that most fraud in the workplace still occurs in small to medium-sized, privately held companies such as contractors. While such a company's outside accountants may detect such fraud during their audit or review of the company's books and records, there is no guarantee they will do so. Audits and reviews are not specifically designed to detect fraud.

More important to the company is the development of a workplace environment and an internal control system that helps prevent fraud from occurring in the first place.

It's important to remember that in both large and small companies management sets the tone within the organization. If top executives respect the internal control system and refuse to circumvent established procedures for personal gain, employees will be more likely to follow their example.

Why Employees Commit Fraud

Experts cite three reasons: motivation, opportunity and the belief that fraud will go undetected. Through effective internal control systems, contractors can address the opportunity and discovery aspects (motivational issues are more complicated and require extensive personal knowledge about the employee). However, the right internal control system is based on the understanding that if the fraudulent act cannot be concealed, most employees, even if they have adequate motivation and opportunity, will not commit fraud, lest they be discovered and terminated. Traditional internal control systems take a checks and balances approach, relying on strict separation of duties in the areas of decision-making, asset custody and accounting. For example, a top executive may authorize an expenditure for a new CADD system, but that executive does not have custody of the system. An IT manager cannot authorize transactions for additional software, but is responsible for its deployment. In both cases, the controller neither authorizes nor safeguards, but merely keeps the records. Fraud would require collusion among the decision-maker, custodian and controller.

That is an ideal circumstance. Unfortunately, the business climate isn't always like that. Automated computer accounting systems have put a new wrinkle into the strict separation of duties formula. Smaller businesses may find it can be economically unfeasible to maintain three different employees for purposes of its internal controls. In these cases, contractors should consider the opportunities aspect in deterring fraud.

Areas Most Susceptible

The three primary areas particularly susceptible to fraud within an organization are its payroll, accounts receivable and accounts payable departments. Manipulating the payroll is a common and relatively easy way to commit fraud. For instance, a construction supervisor with the authority to hire and supervise staff might add "ghost employees" to the payroll, falsifying time cards for these bogus workers and collecting their checks. Contractors using manually prepared time cards could easily fall prey to a fraudulent hours scheme, either by employees forging a supervisor's signature or by outright collusion with a supervisor on the take.

Manipulating accounts receivable, generally a matter of juggling sales and inventory, can also be a problem area for contractors, particularly those without the resources to employ a separation of duties system. Consider the case of a small contracting firm where there is one person responsible for the books. Payments are recorded in the ledger, but the money is pocketed - a practice that can add up to substantial sums over a period of time.

Finally, accounts payable offers a major opportunity for fraud. Consider the following real-life example: A project manager opened a bank account with a name very similar to that of the project he was managing. He approached three large vendors and requested cash rebates for purchases of their product in excess of normal industry practice. In return, he promised each vendor that they would be the sole supplier for their respective product. The rebate checks were due on the first of each month for all of the preceding month's transactions and were to be made payable to the phony bank account opened by the project manager.

The vendors, eager for the business, agreed to the conditions. They did not question the name on the check because it was very similar to the actual project name.

For a while the arrangement worked smoothly. Rebate checks were sent to the project manager who deposited them into the phony account. He then withdrew the funds from this account using cashier's checks.

The arrangement fell apart when an accounts payable supervisor for the contractor questioned why discounts for prompt payment were not being made to these vendors. The company then conducted an internal investigation, visited the vendors and discovered the existence of the canceled rebate checks. But, not until after several hundred thousand dollars of rebate checks had been cashed.

How to detected such schemes

No internal control system is foolproof. However, a qualified CPA, who has experience in evaluating the internal control systems of companies, can be a valuable resource in reviewing your system and making recommendations for improvement. It has been proven that unrelenting management vigilance can significantly reduce the incidents of fraud within a company. While vigilance is critical, just as important is the tone at the top. In fraud, as in all areas, management by example is paramount.