Embezzlement and Employee Theft
A few years ago, I was engaged by an insurance company to validate a fraud claim. The embezzlement was perpetrated by a highly regarded employee in a real estate service (escrow) business. It was a relatively large claim because the fraud had been perpetrated for approximately 5 years. The claim was made up of over 100 disbursements, checks written primarily to various credit card companies, which paid the credit card debt of the perpetrator. The attorney for the insurance carrier wanted to know why the embezzlement occurred for such a long period of time before it was finally uncovered by the owner’s spouse.
Customary business practices include the establishment of internal controls, generally defined as systems, policies and procedures that provide reasonable assurance in reducing the risk of asset loss. Internal controls apply to all entities but may be implemented differently depending on the size of the company. Insurance carriers often want to know whether customary controls exist at the claimant’s business because, without them, the risk of a fraud loss is elevated to a very high level. Additionally, without such controls, if a fraud scheme were to occur, the loss would likely be great because it would not be detected in its early stages.
Segregation of duties, an important component of internal controls and found in large companies, reduces the opportunity for an employee to both perpetrate and cover-up a theft in the normal course of his or her duties. This is because without segregation of duties, the employee “touches” a significant portion, if not all, of a transaction (i.e., from the beginning to the end). Segregation of duties is often lacking in small businesses. However, the internal control principles state that a lack of segregation of duties can be overcome through management oversight and review.
Management oversight and review would include the regular and timely review of financial statements or reports, detailed transaction reports, the periodic observation and counting of physical inventory and equipment and comparing them to the accounting records, and the review of reconciliations of account balances such as cash, accounts receivable and accounts payable. Understanding the Behavior (Reference: Internal Control – Integrated Framework, May 2013 (COSO Report), p.160-161)
In the case described above, the largest individual disbursement in the claim was part of a complicated scenario in which a valid check was processed, intercepted by the perpetrator before mailing, re-deposited into the bank account and then a new disbursement in the same amount was made payable to one of the perpetrator’s credit card companies. This lengthy set of events caused all of the steps involved to not be completely recorded in the accounting system in one month but rather stretched into the next month. The perpetrator was not an accountant, and, therefore, did not understand the consequences of not being able to record all aspects of the scenario in the same month.
The consequence is that the bank reconciliation at month-end displayed the disbursement amount as a “pending difference”. This dollar amount was needed to reconcile the cash balance because not all aspects of the transaction had been recorded by month-end. Management viewed this as a simple timing difference and did not make inquiries or look further into it. This occurred almost 2 years before the fraud was ultimately uncovered.
One might say that timing differences are not that unusual in bank reconciliations. For example, outstanding checks and deposits in transit are timing differences. But during this time period, the books also showed a decline in revenue, which may have been too quickly excused by the owner. The decline in revenue was directly related to the unauthorized disbursements and was consistently increasing over time. As a result, this was a second item that should have been pursued.
In the Association of Certified Fraud Examiners 2016 Fraud Study, Report To The Nations, the median duration of disbursement-type frauds is 24 months. They also found that only 12.7% of frauds are initially detected from management review and 4.4% from account reconciliations for companies with 100+ employees. If these two internal controls were effectively being performed, these two percentages would be much higher.
Large corporations, including publically-traded organizations, are consistently surveyed by PwC. In PwC’s 2014 Global Economic Crime Survey, their analysis revealed that 55% of the survey’s frauds were detected by some type of internal control. However, in PwC’s Global Economic Crime Survey 2016: U.S. Results, their analysis looked at economic crime from the standpoint of what is known as the fraud triangle. The fraud triangle is a model designed to explain the reasoning behind an employee’s decision to commit workplace fraud. The three points of the triangle are: Incentive or Pressure, Rationalization and Opportunity, They found that the opportunity or ability to commit the crime was a factor in 57% of the economic crimes in the 2016 survey. This would directly relate to internal controls.
Virtually all frauds have “red flags”. When employee embezzlements occur over a relatively long period and the loss is great, insurance carriers should look closely at the adequacy and reasonableness of the claimants internal controls (in particular, those that relate to management review and oversight) and validate whether these controls were performed and performed timely during the period in question. Because well designed internal controls, when operating, should spot red flags, providing reasonable assurance that the fraud will be detected in its early stages.
Anne Renna is a CPA, Certified Fraud Examiner and is Certified in Financial Forensics. She has been a licensed CPA in California for over 35 years. Ms. Renna has given presentations on Fraud to professional organizations and has taught Fraud Awareness Training to Corporations.
Anne started her career as an auditor with a Big 4 accounting firm (KPMG) where she served for 15 years and achieved the level of Senior Manager. Anne now maintains her own consulting practice in Santa Monica where she focuses on forensic accounting, fraud investigations and internal accounting controls. She has testified as an accounting expert witness in Federal and California courts.
Anne has a Masters degree in accounting from USC and a Bachelors degree in accounting from California State University at Northridge.
The Landy Agency is a national leader in providing non-medical, professional liability and cybercrime insurance for accountants, attorneys, and real estate professionals. John Torvi can be reached at 781‐292‐5417 or johnt@landy.com. Visit www.landy.com for more information.
If you are an insurance producer looking to register with us or obtain coverage for your client, please visit Partner Resource Center for information.