Accounts Payable (AP) Fraud: Critical Steps and Guidance to Minimize Your

Accounts Payable (AP) Fraud:
Critical Steps and “How To”
Guidance to Minimize Your
Organization’s Exposure to AP
Fraud
FEATURED FACULTY:
Peter Goldmann, CFE, President, White-Collar Crime 101 LLC/FraudAware
1-800-440-2261
pgoldmann@fraudaware.com
Peter Goldmann, CFE, President, White-Collar Crime 101 LLC/FraudAware
Peter is founder and President of White-Collar Crime 101 LLC, the parent
company of FraudAware and publisher of the monthly newsletter, White-Collar
Crime Fighter. Peter has been the Publisher and Editor of White-Collar Crime
Fighter for over 12 years and is recognized as a leading expert in the areas of
fraud detection, prevention, investigation and training. He has written numerous
articles on practical approaches to fraud prevention and detection for, among
others, Internal Auditor, Investor's Business Daily, Financial Executives Institute
and Bottom Line/Personal.
**Certificates of attendance and CEUs, when available,
must be requested through the online evaluation.**
Evaluation for Live Event:
We’d like to hear what you thought about the audio conference. Please
take a moment to fill in the survey located here:
http://www.c4cm.com/handouts/081513.htm
Requests for continuing education credits and certificates of attendance
must be submitted within 10 days of the live event.
Evaluation for CD Recording:
Please use the following link to submit your evaluation of the recorded
event:
http://www.c4cm.com/handouts/CDEval.htm
Please note: All links are case sensitive
Receive 1.5 CPE credits by attending the live Audio Conference! CCM is registered with the
National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing
professional education on the National Registry of CPE Sponsors. State boards of accountancy
have final authority on the acceptance of individual courses for CPE credit. Complaints regarding
registered sponsors may be addressed to the National Registry of CPE Sponsors, 150 Fourth
Avenue North, Suite 700, Nashville, TN, 37219-2417. Web site: www.nasba.org
Program Level: Intermediate
Prerequisites: This course is for participants with some exposure to the subject.
Advanced Preparation: None
Delivery: Group Live
CPE Credits: 1.5
Recordings of the program do not qualify for CPE credits. For more information regarding
administrative policies such as complaint and refund, please contact our offices at 877-900-C4CM
(2426).
Procure to Pay Fraud
Detection and Prevention
This training session is sponsored by
© 2013 ComplianceOnline
www.complianceonlie.com
©2013 Copyright
Peter Goldmann








President and Founder of White Collar Crime 101 &
FraudAware
Co-Developer of IAPP AP Fraud and AR Fraud Webinar series
Author of “Detecting and Preventing Fraud in Accounts
Payable” (available at www.iappnet.org)
Monthly columnist, The Fraud Examiner, ACFE Newsletter
Member of Editorial Advisory Board, ACFE
Speaker at numerous fraud prevention association events.
Author of “Anti-Fraud Risk and Control Workbook” (Wiley)
University of Michigan, BA; London School of Economics, MSc
1
Today’s Agenda
 Introduction
 Fraud Statistics
 Why People Steal
 Tone at the Top
 Communicating Integrity
 HR Policy: Compensation, Performance Reviews,
Team Spirit, Career Opportunities
 Ethics Policy, Compliance Policy and FRAUD POLICY
 Fraud Response Plan
 Your Questions
Fraud: The Big Picture
According to major accounting firms, professional fraud
examiners and law enforcement:
 Fraud jumps significantly during tough economic times
 Business losses due to fraud increased 20% in last 12
months, from $1.4 million to $1.7 million per billion dollars of
sales. (Kroll 2010/2011 Global Fraud Report)
 Average cost to for each incident of fraud is $160,000
(ACFE) Of Financial Statement fraud: $2 million
 Approx. 60% of corporate fraud committed by insiders
(PwC)
 Approx. 50% of employees who commit fraud have been
with their employers for over 5 years (ACFE)
2
P2P Fraud Perpetrators
Procurement Phase




Dishonest Purchasing Staff (Billing/sham supplier schemes)
Senior Management (Overriding controls/Bid-rigging)
Department heads (Ordering unneeded goods & services)
P-Card holders (Making unauthorized purchases)
Receiving Phase
 Dishonest Shipping/Receiving Employees
 AP Staff (Diverting deliveries)
 Collusive parties – Purchasing or AP staff
with suppliers
Payment Phase
 Dishonest AP staff
 Fraudulent suppliers/billing
 Check fraudsters (Internal AND External)
Procurement Fraud Risks
 External and internal supplier schemes (double
billing; sham supplier schemes by insiders OR
outsiders)
 Collusion between Procurement and suppliers:
 P-Card Fraud: External versus Internal
 Abuse of bidding process (Bribery/Kickbacks)
 Unauthorized purchases by procurement staff
 Embezzlement
3
Invoicing/Billing Schemes/Shell Company Scams
How it works:
 Accounting/purchasing employee
creates “shell company.”
 Fraudster generates bogus
invoices from phony company.
 Forges approval and has invoice
submitted for payment.
 Checks go to phony company P.O.
box that fraudster controls.
Supplier Master File Fraud
How it works:
 Absence of controls over who can add new suppliers
to SMF allows dishonest employees to add sham
suppliers to SMF and then generate phony invoices.
 Abuse of dormant or phony accounts. If phony
suppliers have been added, or inactive ones used to
commit billing fraud, you may not find out about
them w/out a thorough “cleaning” (ideally 2X/year).
 Fraudulent alteration of existing supplier data in
SMF—such as payment instructions (e.g., changing
from check to ACH using employee’s bank account
data—details upcoming.)
4
Collusive Procurement Fraud/Corruption
How it works:
Bid rigging
Bribery
Kickbacks
Often combined with each other, depending
on the opportunity and nature of the project
P-Card Fraud
How it works:
 Most frauds committed by outsiders (AFP) — via stolen
card or counterfeiting cards with stolen PII.
Insider P-Card fraud:
 Employees are responsible for 27% of P-card fraud (AFP).
 Making personal or other unauthorized purchases in a
company w/ inadequate control.
 Split purchases
 Mixed purchases
 Excess goods purchased
 “Gift” Lists (“Susan”, The Overly-Generous Sales Rep)
5
P-Card Fraud
Case Study:

Thomas Coughlin, former co-chairman of WalMart earned a base salary and bonuses of $4 - $5
million.
 Coughlin initiated numerous illegal purchases; some
involved use of a subordinate’s Wal-Mart P- Card to
buy store gift cards which Coughlin used to pay for
cartons of vodka, beer and other personal items.
 Was part of a larger abuse of authority which ended
with a total tab of $500,000 worth of fraudulently
obtained goods and services including, a pair of
$5,000 alligator cowboy boots.
“Straw Suppliers”
 Creating a shell company that
purchases items the organization
actually needs, then marking up
the prices and selling them to the
organization. (Straw supplier or
“Pass-through” supplier scheme)
6
Bid Rigging
Three Phases of Bidding Fraud:
1) Pre-solicitation phase.
 Needs-recognition schemes (altering project requirements to
what preferred supplier can offer).
 Specification schemes
 Tailoring/narrowing of prequalification requirements
 Vague specifications
 Bid splitting (to avoid bidding threshold)
 Advance look
Bid Rigging
Three Phases of Fraud (Continued):
2) Solicitation phase
-- Bid rotation/pooling
-- Fictitious suppliers
-- Restricted bid period
3) Submission phase
-- Abuse of sealed bid process
-- Advance or inside information
7
Case Study: Bid Rigging
 A tender for Commonwealth Office at Haymarket, Sydney led to the
exposure of collusive practices by large construction firms.
Details: Before the close of the tender, the industry association, the
Australian Federation of Construction Contractors, called a meeting of
the four firms bidding for the contract. It was agreed that the winning
firm should pay the three losers $750 000 each, and the AFCC $1
million.
 Project was worth around $200 million. The transactions were to be
concealed by invoices for consultancy services.
 Exposed by subsequent government audit of construction industry.
Receiving Fraud Risks
 Diversion of goods: Similar to inventory fraud–
 Document falsification of deliveries
 Shortage of delivery
 Delivery of substandard product (“Big Dig” Disaster”)
 Concealment (falsification of GL entries on deliveries)
8
Payment/Disbursement Fraud Risks
Phony Invoice/Duplicate Invoice/ Invoice alteration
(Internal OR External)
Supplier Master File Manipulation
Check Fraud
ACH/EFT
Management level payments fraud
Check Fraud and Tampering
Common types of check fraud:
 Creating Forged/counterfeit checks
 Check Interception and Forged Endorsement
 Check Altering by Inserting Numbers or Letters
 “Hidden Check” Fraud
18
9
Creating Forged Checks
 Employee (AP, bookkeeper, office manager, etc) without checksigning authority steals company check (usually blank)
 Makes out to self, cash, phony supplier, or accomplice
 Forges authorized person’s signature
19
ACH/EFT Payment Fraud
External:
 “Vendor” requests change from check payment to ACH
payment, but request is actually made by fraudsters who
works for the vendor. New payment info and acct are
his/hers
 Account hijacking
Case Study: Supervalu case
Internal:
 Instead of providing a creditor such as a credit card company
or utility company his or her own bank account information,
one of your own employees gives the creditor your payroll
checking account numbers, representing to the creditors that
they are from the employee’s personal account
20
10
Management Level AP Fraud
Self-Approval of Fraudulent Invoices
Usually tied to a shell company the manager has set
up to receive fraudulently approved disbursements
after he or she has approved the very invoices he or
she is submitting
Using company funds for personal expenses
Koss Corporation Case
Sue Sachdeva:
21
Lessons from Internal Fraudsters
11
Fraud Detection Techniques
FRAUD DETECTION PART 1:
The All-Important Role of Red Flags
12
Procurement Fraud Red Flags













Consecutive invoices from same supplier
Unusual pricing from supplier
Sudden replacement of longstanding supplier
PO doesn’t match invoice or delivery documents
Unusual (personal) P-Card purchases
Supplier address matches employee address
Unusual patterns in quantities purchased
Invoices have consecutive numbers despite being weeks or
months apart
Invoices missing key detail
Supplier address does not match address on approved supplier
list
Unusual pricing (high or low)
Supplier’s address is a P.O. box
Invoice documentation (PO’s, shipping documents, etc.) appear
unprofessional
Procurement Fraud Red Flags (cont)
 Large number of inactive suppliers. (Could indicate employees
added bogus supplier but no longer work for the company)
 Unusual number of “dupe” supplier. “Bill Skeem Ltd.” and “Bill U.
Skeem Plc.” in the SMF.
 Too many employees have access to SMF. Many organizations
trust employees to be honest in making entries or changes to the
SMF. If this group expands, one or more of the “authorized”
employees could be stealing.
 Same supplier awarded contracts on consecutive projects
 Product or service prices jump unexpectedly
 Long-time supplier suddenly replaced by new one
 Unusually large orders of specific goods or services
13
Receiving Fraud Red Flags
 Deliveries are late or missing
 Unusual patterns (exceptionally high or
low) level of deliveries of specific items
 PO details don’t match physical delivery
 Delivery of product from different
(wrong) manufacturer
 No Three Way Match
 Complaints of defects from end-users
AP/Disbursement Fraud Red Flags
Consecutive invoices from same vendor
Unusual pricing from vendor (kickbacks/bribery/bid-rigging)
PO doesn’t match invoice or delivery documents
Vendor address matches employee address
Unusual patterns in quantities purchased (Bid-rigging)
Patterns of unusually frequent or high payments to long-time
vendor (kickbacks)
 Invoices appear unprofessionally prepared (employees
attempting to embezzle via phony invoice scheme)
 Unusual (personal) P-Card purchases
continued…






14
AP/Disbursement Fraud Red Flags
 Invoice is unfolded (same as previous)
 Product or service prices jump unexpectedly. (Kickbacks)
 A long-time vendor is suddenly replaced by a new one.
(Kickbacks)
 Inferior quality product is delivered, but invoice prices are for
higher quality. (Kickbacks)
 Bills appear unprofessionally prepared
 Check tampering/alteration signs
 Patterns of unusually frequent or high payments to long-time
supplier
 Cancelled checks have dual endorsements
 Forged payroll checks (using ACH banking information)
Red Flags of ACH Fraud
 Unexplainable EFT/ACH debits
from one or more bank accounts
(may indicate account “hijacking”)
 Requests from new vendors to
allow EFT/ACH debits to receive
payment of invoices (may be a sign
of a phony vendor looking for a
quick fraudulent payoff)
15
FRAUD DETECTION PART 2:
Detecting the Red Flags of P2P Fraud
16
Overview of Fraud Risk Assessment Process
Identify key business processes
Fraud team brainstorming (next slide)
List possible fraud risks, scenarios and schemes
(Procurement, Receiving, Disbursement)
 Conduct the detailed fraud risk assessment: Asking
the right questions of the right people at the right
time and weighing risk level of schemes and
scenarios (next slide)



17
Continue FRA Questioning—Bus. Process Level
Example: Procurement Fraud
Possible Schemes: Double-billing schemes, phony supplier
schemes, bid-rigging, check fraud, etc. Questions to ask:
 Who can request a supplier? Can anyone?
 What forms must be completed (PO, receiving docs, invoice,
etc)?
 What are the requirements to be an approved supplier?
 What controls exist to verify the supplier exists?
 Do purchase orders specify description of items, quantities,
prices, dates
 Are competitive bids required for all purchases?
 Does the company maintain a master supplier file?
 Important: The Business “doer” is often a better source than
the business “owner”!
Fraud Schemes and Scenarios
Based on answers, list all specific fraud
schemes and scenarios that could be
perpetrated in each key business process.
 Identify potential perpetrators
 Determine if potential perpetrators possess
the Knowledge, Skills and Abilities to commit
fraud
 Identify incentives that may be in play for
potential fraudster(s) (Layoffs, pay cuts etc,
Fraud Triangle factor).
 Rank fraud risks on likelihood and potential
damage —including assessment of existing
controls
18
Assign Red Flags to Each Fraud Risk
 List red flags of likeliest schemes, e.g. for billing
fraud: New supplier replacing a long-standing
one; consecutively-number invoices,
unprofessionally prepared invoices, altered PO’s.
19
Basic Red Flag Audit/Detection Methods
 Surprise audits
 Hotlines – to gather red flags and potential evidence (50% of
detected fraud is by employee tip—highest in the world)
 Ratio analysis: Horizontal, vertical, entity vs industry,
 Surveillance (in the mailroom, other key locations
 Regular internal audits (including assessment of effectiveness
of anti-fraud controls)
 Manual review/comparison of SVF for phony or dormant accts
 Using technology to detect anomalies in financial records
 Physical inventory counts
 Supplier verification and Supplier audit
(continued)
20
Detailed Red Flag Detection --Procurement Fraud
 Review contractor records to identify questionable payments
 Review contract awards to identify contractors with
continuous contracts slightly lower than the next bidder
 Review payments for possible circumvention of established
contract procedures (suspicious new vendor names, conflicts
of interest, etc).
 Review anti-bribery and gift policies and test for compliance
 Review/audit for unusual price spikes
 Conduct an automated audit for duplicate payments using
ACL, IDEA, or other tool. Examine anomalies found.
 Review GL for possible altered entries
continued…
41
Detailed Red Flag Detection --Procurement Fraud
Determine if company has been invoiced correctly
Evaluate contractor and company personnel and
compliance with ethics policies
Evaluate company control procedures and compliance
with company policies
Examine consecutive awards to single vendor
 Investigate sudden price increases
 Validate new vendors that replace long-standing ones
 Review/audit for vendor-employee address match
42
21
Detailed Red Flag Audit/Detection: Disbursement Fraud
Use These Fraud-Related Audit Procedures to Find Red Flags:
 Examine supporting documents for payments of amounts just
under the threshold required for approval.
 Match supplier master file against employee file.
 Run 3-way match (PO-Invoice-Receiving) or FOUR-way
 Run Benford’s Law test to look for anomalies
 Examine supporting documents for reconciliation problems
between aging accounts and the general ledger.
 Perform analytical procedures and predictive tests of key ratios
(sales to inventory; cost-of-goods to sales, etc).
 Search public records for supplier legitimacy; supplier audits
 Perform tests of controls over accounts payable and purchases.
Source: CCH/WCC
101
Detailed Red Flag Audit/Detection: Disbursement Fraud
Use These Fraud-Related Audit Procedures to Find Red Flags:
 Match supplier names and addresses from invoices with master
supplier list.
 Search for unusual or large year-end transactions and adjustments,
e.g., transactions not containing normal processing approvals or not
having normal supporting documentation.
 Review supplier files for unusual items, such as manual and noncustomized forms; different delivery addresses; and suppliers that
have multiple addresses.
 Examine disbursements for items that do not require delivery of
goods.
22
P2P Fraud Prevention/Controls: Best
Practices
23
Best Practice Procurement Controls











Random Audits
Targeted Audits
Minimum payment review threshold
Supplier master File Clean-up
New-supplier validation/due diligence
Implement anonymous hotline
Require approval of all purchase requests over a specified
amount.
Separate duties of invoice approval from making changes to SMF
Require competitive bids for all purchases over a certain
amount.
-- Monitor for potential bribery or kickback/bidding fraud
Implement audit recovery/double invoicing control software.
Review any invoices that have been paid without a PO reference.
Continued
…
Best Practice Procurement Controls
 Implement strict PO Policy: “No PO; No Pay”
Continued
…
 SoD and DoA
 P-Card Fraud Controls
-- Require original itemized receipts for each transaction w/
details…
• Quantities
• Price per unit
• Description of goods or services purchased
• Total charge amount
• Date of purchase
• Merchant’s name and address
 Job Rotation
 Mandatory holiday
 Background check
24
Best Practice Receiving Fraud Controls
SoD: Procurement not to review delivery docs.
3-matching (PO, Invoice, Delivery docs)
Monitor all shipping documentation
Inspect all shipments for quantity/quality
Surveillance of shipping dock (CCTV)
Background checks on shipping/receiving
personnel
 Implement anonymous hotline






Best Practice Disbursement Controls
Enforce SoD over SMF (and minimum access to SMF)
Enforce SoD over check preparation, signing and mailing
Tighten check security
ACH debit blocks/filters
Positive Pay/ Payee Positive Pay/ Reverse Positive Pay
Automation controls: ACL/IDEA/Continuous Transaction
Monitoring (ACL, Oversight)
 Conduct surprise Audits of AP (Deterrent Effect)






 Immediately investigate sudden replacements of vendors who have
been working with your organization for a long time
 Consider hiring out duplicate invoice audit
25
Best Practice Disbursement Controls
 Implement anonymous hotline
 Enforce immediate supplier payment (to prevent check
interception)
 Send all shipping documents and signed receipts for goods to AP
within one business day (to prevent alteration)
 Conduct periodic supplier master file clean-up to flag duplicate and
dormant suppliers
 Investigate multiple vendors with the same name but different
operating addresses
 check signing/EFT approval by TWO signatories
Best Practice Disbursement Controls
 Conduct detailed reviews of procurement records to detect unusual
pricing for certain vendors – before payment is made
 Enforce consistent adherence to competitive bidding rules
 Immediately investigate any replacements of vendors who have been
working with your organization for a long time
 Conduct a vendor audit if a billing, shell company, “straw vendor,” or
kickback scheme is suspected
 Mandatory job rotation
 Background checks
 Mandatory holiday for AP manager(s)
26
Questions?
 Any Questions?
Don’t be Shy!
Thank You!
Peter Goldmann, MSc. CFE
White-Collar Crime 101 LLC/FraudAware
919-890-5009 (USA)
pgoldmann@fraudaware.com
www.fraudaware.com
27