Chris Hamilton Case Study Fraud | Chris Hamilton Forensics

Case studies: Fraud

#1: Forensic Accounting, Prosecution
#2: Forensic Accounting, Court Testimony
#3: Bank Reconciliations, Internal Controls
#4: Forensic Accounting, Trial testimony, Defense
#5: Embezzlement of Company Funds
#6: Fraud and Theft of Residential and Commercial Real Estate and Cash and Marketable Securities
#7: Fraud & Identify Theft of Elderly Victim
#8: International Corporate Fraud & Internal Controls
#9: Embezzlement Scheme: Lessons Learned
#10: Embezzlement: What the Auditors Could Not Find!
#11: 7 Simple Steps to Corporate Fraud Prevention: A Case Study
#12: Fraud Examination with Surprising Results
#13: Real Estate Fraud: How a Forensic Accountant Saves Clients Money — With Just a Few Questions!
#14: Fraud Examination with Disappointing Results
#15: Culture Matters – Proving Fraud in a Silo
#16: Refusing Fraud Work

#1: Forensic Accounting, Prosecution

A bookkeeper, and family friend of the business owners, knew the accounting system inside out. He was also completely trusted and he decided to take advantage of the close relationship and total access to the money of the business. Over three years the bookkeeper stole several hundred thousand dollars.

An IRS audit ultimately blew the whole scheme apart. The outside CPA called the business owner and said that getting information from the bookkeeper for the audit was ridiculously hard and that none of the numbers were adding up. The owner responded by retaining Arxis to come in to the business to review the records. Within an hour it was evident that cancelled checks did not match the accounting records for the business and that many checks had been forged. The bookkeeper had established a bank account for a fake business and had written checks to this business.

Arxis conducted the investigation, prepared a report and supporting file, and the client submitted the evidence to the prosecutors’’ office. Criminal charges are pending against the bookkeeper.

#2: Forensic Accounting, Court Testimony

The accounting staff of a company discovered strange transactions on their monthly bank statement. The employee who normally opened the bank statement was unexpectedly out that day and one of the owners decided to take a look. It became quickly obvious, even to an untrained eye, that something was wrong. The initial assumption was that there was a bank error.

Arxis Financial was retained to resolve the problem. Once on-site, it became obvious to a trained eye that it was not a bank error, it was fraud. What began as a reconciliation engagement became a full-fledged fraud investigation and prosecution. After eight hours of forensic work, enough evidence was gathered to support a report proving the defalcation and quantifying the total loss.

Chris Hamilton eventually provided key evidence in Los Angeles Superior Court that was instrumental in proving the case against the employee.

#3: Bank Reconciliations, Internal Controls

Arxis was hired to do a review of the accounting records of a business because senior management was suspicious of the financial reports they were receiving from the controller. The reports just didn’t make sense and there was a sense that the accounting department was sloppy and out-of-control.

The first step was to review bank reconciliations. It was represented by the controller that they were current. However, it was quickly determined that bank reconciliations had not been completed for over 20 months. It was further established that the cash records were incomplete and as sloppy as perceived. And, this was just the beginning.

The result of the investigation was that there was no embezzlement. Every dollar was eventually accounted for. The controller had simply been exposed as under-qualified and overpaid. Arxis assisted in hiring a new controller and establishing a system of internal controls that would assure complete, accurate, and timely financial reporting. The owners of the business realized when the engagement was done how fortunate they were that the controller was not dishonest to the same level as they were incompetent.

#4: Forensic Accounting, Trial testimony, Defense

A prestigious law firm contacted Arxis with an unusual request. They had a client who was the defendant in a lawsuit alleging fraudulent behavior. The law firm requested that Arxis examine the records and develop an opinion regarding the case, how to present it, and most importantly they wanted an opinion as to whether their client was guilty of the allegations. This was the beginning of a series of cases extending over several years that resulted in one jury verdict and two bench verdicts all in favor of the law firm’s client.

Early in the case Arxis requested authorization to completely recreate and recast the financial statements for the entities involved in the alleged fraud. The client and the law firm gave the authorization and each transaction was analyzed, classified, and recorded. When the accounting work was done it was obvious the client was not guilty of the many accusations and the law firm had the basis to present a vigorous defense. In addition to the favorable verdicts, the client received a written apology from the plaintiff.

In one of the bench verdicts, the court noted that the testimony of Chris Hamilton was “His detailed testimony that followed was vastly more persuasive than any contrary evidence” and “his testimony was perceived as accurate and knowledgeable.”

#5: Embezzlement of Company Funds

Summary of Issue: Members of the board of directors contacted Arxis Financial, Inc. to discuss a strange pattern of information and lack of information being provided to the board. The conference call revealed that once the board began asking questions of management, the CEO resigned. After an initial discussion it was determined that the pattern suggested more than incompetence. Several facts pointed towards potential fraud.

Money involved: Over $200,000 was found to have been misappropriated.

Arxis’ work: We proposed a multi-stage engagement. Phase 1 was designed to establish whether there was evidence confirming fraud rather than simply incompetence or sloppiness by management. Phase 2 was designed to quantify a preliminary loss given specific parameters determined in phase 1. In simple terms, phase 2 was designed to pick the “low hanging fruit” and establish the basis for the board to determine a legal course of action, if any. Phase 3 was designed to complete the investigation and prepare for civil or criminal prosecution.

Phase 1 established that indeed there was evidence of both management sloppiness that allowed for unauthorized financial transactions, as well as evidence that such transactions had taken place. On the first day that Arxis was on-site the CFO resigned. The board was completely unaware that there were no internal controls.

In phase, 2 Arxis reviewed several years of bank reconciliations and traced cancelled checks and deposit slips back to the accounting records. This process exposed unauthorized payments as well as a sophisticated attempt to cover the payments so that reports to the board would not reflect the actual economic activity. Arxis presented the findings to the board and recommended that phase 3 was not necessary as there was no insurance to cover the loss and the board had determined that there would be no prosecution.

Result: Arxis assisted in assuring the security of the computer network and establishing a system of internal controls and reporting that, if maintained, would eliminate the possibility of continuing problems. The board of directors terminated several members of senior management and the outside audit firm. Arxis assisted the company with the identification and hiring of qualified accounting staff and replacement auditors.

#6: Fraud and Theft of Residential and Commercial Real Estate and Cash and Marketable Securities

Summary of issue: Arxis Financial was hired by plaintiffs, an elderly couple who believed they had been swindled. The couple was, at one time, very wealthy with extensive investment in residential and commercial real estate – all of which was completely debt-free. Additionally, they had substantial wealth in cash and marketable securities that were growing from the cash flow provided by the real estate holdings. Among the allegations was that defendants re-titled (stole) real property, encumbered the properties, that were not re-titled, with debt (proceeds disbursed to defendants) and that cash had been stolen from checking accounts. Arxis was hired to quantify the money that was stolen. Other experts were retained to deal with the real estate-related fraud.

Arxis’ work:

Discovery – Extensive research had been done prior to our involvement in the case – discovery was closed already. We were provided with 954 exhibits and several depositions including those of the defendants.

Forensic – Work was done to quantify the losses based on an incomplete record of transactions. It was unfortunate that we were retained “too late” in the case to assist with efficient and adequate discovery. 954 exhibits was a lot of information but much of it was incomplete or irrelevant.

Trial – Trial was held involving testimony from several experts. The accounting testimony took several hours and established the flow of money and evidence that the transactions were hidden or misrepresented to the plaintiffs. It was established that several hundred thousands of dollars were stolen.

Result: Verdict in favor of the plaintiffs. Real property was returned. Further restitution is still underway.

#7: Fraud & Identify Theft of Elderly Victim

Issue: Arxis was contacted to assist the elderly victim of abuse. The victim reported that she had not gotten mail in a while and that a strange lady had come into her home uninvited. The concern was that personal papers and forms of identity had been stolen thus exposing all of the cash, investments and other assets to theft. The client requested that we verify that current holdings were intact and to prevent the loss of cash and investments.

Arxis work: The fact that all mail had apparently been diverted caused concern that identity theft and other crimes had been in process for a long time. We immediately visited the banks and brokerage firms to discuss the activity in the accounts. It became apparent right away that our worst fears were realized. Hundreds of thousands of dollars had been stolen from several checking accounts and a brokerage account. We also found that serious attempts had been made to access additional accounts.

We determined that the first step was to shut down every account and consolidate all cash accounts into one bank account and all investment accounts into one. All credit cards were closed. The mailing address for all vendors and banks were established at a remote location under the control of a trusted caretaker of the records. Signature and password protection was established to prevent unauthorized access. Tracing was initiated that resulted in identifying the names and physical location of the people who were operating the scheme.

Result: Most of the stolen money was recovered through insurance claims filed by the banking institutions and our interfering with the theft that was actually in-process when we got involved. Interrupting the scheme allowed us to stop it, rewind some of it, and identify with significant confidence who was abusing our client.

Police reports were filed – to no avail. Apparently, elder abuse is so pervasive that the police do not have sufficient resources to pursue or prosecute crimes of this nature. The client was restored to her financial position before the theft took place. What took much longer was the restoration of her sense of security and personal safety. It resulted, ultimately, in her moving from her home before she felt completely safe.

#8: International Corporate Fraud & Internal Controls

Issue: A busy week was interrupted by a phone call from a person who, it turned out, was cold calling forensic accounting firms that might be able to help with a fraud examination. After a brief telephone interview, arrangements were made for a meeting later that same afternoon. The meeting was between the senior management of the firm, the shareholders, corporate counsel and Arxis Financial. After introductions, the management group began to describe the circumstances leading to their initial phone call.

For several years the company’s CFO was a trusted and reliable member of the management team. In fact, she had established herself as the most reliable resource in the firm and was viewed by management, owners, and employees as the de facto leader of the company. As such, she was completely trusted and never gave any reason to question that trust – until recently. They proceeded to describe a pattern of behavior that started as strange, progressed to bizarre, and then to simply unacceptable. In the midst of her behavior, there were increasing questions about her ability to do her job and nagging concerns about why the business was so cash starved. After a few questions it became obvious that the nature of the engagement was not primarily concerned with the question of whether fraud had taken place but rather how much had been stolen. This proved to be true.

Arxis Work: A fraud examination commenced immediately while the CFO was put on paid leave. What we found was astounding in two aspects. First, there were absolutely no internal controls. Second, the company’s exposure to potential loss was vast and while it was found that embezzlement had taken place it was nowhere near what it could have been. The loss was quantified and documented and insurance claims filed appropriately. The company made a decision whether to prosecute the now-retired CFO. In addition to quantifying the loss, Arxis Financial was very involved in establishing policies and procedures to prevent similar problems in the future.

The company had divisions in several countries located on all five continents of the world. As such, enormous amounts of money were moved via wire transfer on a daily basis. The CFO had complete control and sole knowledge of both sides of the transfers. She had the authority to make the transfers and record the transfers. There were no reconciliations done nor was reporting done to anyone else in the organization. All confirmations from the remote offices came to the company – via the CFO’s email. The exposure in just this area amounted to millions of dollars. Arxis Financial immediately initiated a change of all passwords and arranged with the bank to institute controls over the movement of money initiated by company personnel.

Arxis Financial also found that the CFO initiated all disbursements, signed checks, received and reconciled all bank statements, and recorded all transactions in the general ledger. Deposits were handled by an AR department but all deposit records were given directly to the CFO. All payroll and HR functions were under the control and authority of the CFO as were purchasing, receiving, and all subsidiary and divisional accounting. Arxis Financial, with the cooperation of management, established a system of internal controls to prevent the possibility of theft or errors going unnoticed. Accounting functions were assigned to several people rather than localized with just one person.

While this is a sad story, it is anything but an unusual event. Most fraud is committed by trusted employees who find a way to exploit that trust – or they take advantage of the opportunities right in front of them. The most basic elements of internal control were suppressed because of the long personal relationship with the CFO and the tremendous trust that came with years of faithful and competent work. However, when the personal life of the CFO began to unravel, there were no systems in place to prevent, or quickly expose, the embezzlement.

#9: Embezzlement Scheme: Lessons Learned

“I Can’t Believe It Happened to Me – I Should Have Known”

The shock of realization when a victim recognizes that a trusted employee – and even a friend – has stolen from them ranges from sad to tragic. It is a very personal feeling of betrayal and violation. It strikes fear in some, grief in others, and anger in most. In my experience, it is almost always accompanied by a sense that “I should have known this was going on.” The evidence of theft sheds a very bright light on the rearview mirror. Patterns and circumstances take on a clarity that contemporaneous experience either hid or obscured. Sometimes the clarity was there but for a variety of reasons it was ignored.

The following is just such a case – the victim immediately recognized the theft and simultaneously felt incredibly stupid for “allowing it to happen.” The lesson cost him several hundred thousands of dollars in uninsured losses. The recognition happened when his bookkeeper unexpectedly missed a few days of work and he ventured into the mail and opened a bank statement. The simple act of thumbing through cancelled checks from one month’s bank statement prompted a phone call to his attorney who directed him to a forensic accountant.

What developed was evidence of a simple and devastatingly effective embezzlement scheme. The bookkeeper had set up vendors that were very similar to existing real vendors. For example, if the real vendor was ABC Service Company then a fake vendor was established called ABC Service Co. The bookkeeper went to the bank and set up bank accounts for the fake vendors. That was the hard part. The rest was easy. The business owner signed hundreds of checks to the fake vendors thinking the checks went to legitimate business activity.

Since that worked so well, the bookkeeper began forging checks made payable to pay the vendors, personal expenses, and provide cash gifts to family and friends. And, since all that worked without any notice by the business owner, the bookkeeper got an unauthorized increase in salary. It was bold. It was also easily discovered and should have been easily prevented.

The bookkeeper was pretty quickly arrested and has spent some serious time in jail. The following are Fraud Prevention 101 steps that were ignored and could have prevented the fraud.

• Know your employee. In this particular case the business owner recounted that he knew the prior employer of the bookkeeper really well. He was aware that the bookkeeper had left the prior employer on less than positive terms but figured it was none of his business and hired the bookkeeper because of knowledge of the industry. A phone call to the prior employer/friend after the embezzlement was discovered revealed that the bookkeeper was probably stealing from the current employer to pay off a judgment obtained by the prior employer to recover embezzled funds.

• Embezzlers tend to be repeat offenders. This is an obvious follow-up to the prior point. A simple background check is not expensive, easy to do, and in this case would have prevented a really bad hiring decision. It would have confirmed the ill-at-ease feeling of the employer at the time of hiring.

• Open your own mail. Let the bookkeeper do the bookkeeping. You cannot abdicate other important (and seemingly unimportant) functions because the clerk is always around and does their job well. Vendor communications, bank statements, and bills from vendors and suppliers are important sources of information.

• Separate functions and duties. Many small business owners are so busy that they tend to overlook common sense when assigning work. In this case a bookkeeper was eventually given the responsibility for answering the phones, opening all the mail, writing checks, making deposits, preparing invoices, reconciling the bank statements, and preparing the financial reporting provided to the business owner and his outside tax preparer. As noted above, simply opening the mail would have prevented some of the problems – or would have caught it a lot earlier.

• Don’t accept bad answers to good questions. When the forensic accountant arrived on-scene, the business owner requested a report showing payments to all vendors. The request was preceded with a long list of qualifications recognizing that it was difficult to put such a report together, would take a long time, and would not be precisely correct. The accountant produced the report in about 90 seconds. The business owner was shocked – and the point was made. His bookkeeper, for a long time, had prevented him from seeing the very report that exposed the whole scheme. He had been given every reason in the book why the report couldn’t be produced.

• Force vacations. Nobody else had access to the bookkeepers work for over two years. Any other eyes on the accounting records would have exposed everything.

• Acknowledge your instinct. If the lifestyle of the employee exceeds what you know about their legitimate compensation there is good reason to look harder. If the bookkeeper can’t produce simple reports from “the books” they are keeping there is a problem. If you feel like you are working for the bookkeeper rather than them working for you, something is wrong. If it feels like the business is doing better than ever but there isn’t any cash there is good reason to find a reasonable explanation. All of the bullets were separate points of recognition by the business owner in this case – “I knew something wasn’t right. I should have known this was happening.” That is never good after-the-fact.

#10: Embezzlement: What the Auditors Could Not Find!

Type of Matter: The Board of Directors and senior management of a large company with several divisions began to suspect that a division controller was embezzling significant amounts of cash. They initially brought in the outside auditors to review bank reconciliations and other reporting for the division. The company spent material amounts of money for up to 6 staff members from the outside audit firm reviewing bank reconciliations for over a week. The Board members began to get uncomfortable with the results of that review and decided they needed a focused fraud examination and called Arxis Financial.

Arxis Work: At the initial meeting with Arxis Financial, the bank reconciliations were specifically excluded from the work scope approved for Arxis. While this was understandable due to the enormous cost of reviewing them already, it became a point of significant contention. Ultimately, we refused to take the engagement unless we were allowed to review the bank reconciliations – essentially covering the same territory as the outside audit firm. Either the reconciliations accurately reflected the activity in the accounts or they were being fabricated to hide illicit activity. Either way, it was the logical starting point.

Once we were authorized to review the bank reconciliations we began work. On the first day it was determined that the reconciliations were indeed problematic. What became apparent very quickly was that the beginning cash balance on any given reconciliation did not agree with the prior month’s ending cash balance. The client was relieved that it did not require a week of Arxis Financial’s time to evaluate the reconciliations.

Once we had proof that there were anomalies in the accounting for cash, further investigation was initiated to determine if the discrepancies were the result of human/software error or the result of intentional manipulation and misrepresentation.

Result: We found that material and significant misappropriation of company assets had taken place over an extended period of time. As a result of our fraud investigation, the Controller was terminated, arrested subsequently convicted, and is serving time in state prison. The method of hiding the embezzlement was so simple that apparently 6 auditors didn’t think to check it, which although disappointing to the company, is a key reason why a professional fraud investigation team should be engaged to investigate such suspicions.

We provided several recommendations for company management in order to minimize the chances of future embezzlement. The company was greatly pleased with Arxis Financial’s expertise, expediency, successful investigation and recommendations.

#11: 7 Simple Steps to Corporate Fraud Prevention: A Case Study

The shock when a victim discovers that a trusted employee – and even a friend – has stolen from him or her is absolute. It’s a feeling of betrayal and violation that strikes fear in some, grief in others and anger in most.

In my experience, it is almost always accompanied by a sense that the victim should have known it was going on. The evidence of theft sheds a bright light in the rear-view mirror. Patterns and circumstances take on a clarity that contemporaneous experience obscured. Sometimes the clarity was there but for a variety of reasons it was ignored.

A Case Study

A victim uncovered theft when his bookkeeper unexpectedly missed a few days of work and he opened a bank statement. The simple act of thumbing through cancelled checks from one month’s bank statement prompted a phone call to his attorney who directed him to a forensic accountant. The internal fraud was revealed, he felt stupid for allowing it to happen and the lesson cost him several hundred thousands of dollars in uninsured losses.

The forensic accountant uncovered evidence of a simple but effective embezzlement scheme. The bookkeeper had set up vendors that were very similar to existing real vendors. For example, if the real vendor was ABC Service Company then a fake vendor was established called ABC Service Co. The bookkeeper set up bank accounts for the fake vendors. That was the hard part. The rest was easy. The business owner signed hundreds of checks to the fake vendors thinking the checks went to legitimate business activity.

Since that worked so well, the bookkeeper began forging checks to pay the vendors, personal expenses, and provide cash gifts to family and friends. And, since all that worked without detection by the business owner, the bookkeeper took an unauthorized increase in salary.

It was bold. It was also easily discovered and should have been easily prevented. The bookkeeper was quickly arrested and has spent time in jail.

Fraud Prevention 101

The following are fraud prevention steps that were ignored and could have prevented the theft:

Know your employee. In this particular case the business owner recounted that he knew the prior employer of the bookkeeper well. He was aware that the bookkeeper had left the prior employer on less than positive terms but figured it was none of his business and hired the bookkeeper because of knowledge of the industry. A phone call to the prior employer/friend after the embezzlement was discovered revealed that the bookkeeper was probably stealing from the current employer to pay off a judgment obtained by the prior employer to recover embezzled funds.
Do a background check. Embezzlers tend to be repeat offenders. This is an obvious follow-up to the prior point. A simple background check is not expensive, is easy to do and, in this case, would have prevented a bad hiring decision. It would have confirmed the ill-at-ease feeling the employer had at the time of hiring.
Open your own mail. Let the bookkeeper do the bookkeeping. You cannot abdicate other important (and seemingly unimportant) functions because the clerk is always around and does his or her job well. Vendor communications, bank statements, and bills from vendors and suppliers are important sources of information.
Separate functions and duties. Many small business owners are so busy that they tend to overlook common sense when assigning work. In this case a bookkeeper was eventually given the responsibility for answering the phones, opening all the mail, writing checks, making deposits, preparing invoices, reconciling the bank statements, and preparing the financial reporting provided to the business owner and his outside tax preparer. As noted above, simply opening the mail would have prevented some of the problems – or would have caught it a lot earlier.
Don’t accept bad answers to good questions. When the forensic accountant arrived on the scene, the business owner requested a report showing payments to all vendors. The bookkeeper had previously argued that it was difficult to put such a report together, would take a long time, and would not be correct. The accountant produced the report in about 90 seconds. The business owner was shocked – and the point was made. His bookkeeper, for a long time, had prevented him from seeing the very report that exposed the whole scheme.
Force vacations. Nobody else had access to the bookkeepers work for more than two years. Any other eyes on the accounting records would have exposed everything.
Acknowledge your instinct. If the lifestyle of the employee exceeds what you know about their legitimate compensation there is good reason to look harder. If the bookkeeper can’t produce simple reports from “the books” they are keeping there is a problem. If you feel like you are working for the bookkeeper rather than them working for you, something is wrong. If it feels like the business is doing better than ever but there isn’t any cash find out why.

All of the steps above were recognized by the business owner in this case: “I knew something wasn’t right. I should have known this was happening.” That is never good after the fact.

#12: Fraud Examination with Surprising Results

Type of Matter: Business partners in multiple real estate transactions stretching over many years had a falling out that eventually resulted in a claim of fraud against one of the partners.

Background: Over 20 commercial buildings were acquired over several years. Some had been sold and some were still owned jointly. Neither of the partners, jointly or individually, maintained any formal accounting for the purchases, sales, or management of the properties. One of the partners took the lead role in buying, selling, and managing the properties. The non-active partner made claims of substantial amounts of cash that were unaccounted for and presumed stolen.

Arxis was retained by defense counsel to direct discovery and prepare a forensic accounting needed to establish whether the money had indeed been stolen.

Arxis Work: Documentation was needed to establish purchase date, purchase price, identity of property, and source of funds for each of the purchased properties. For properties that were subsequently sold, documentation was needed to establish the sale date, sale price, identity of the sold property, and the distribution of proceeds from the sale. For property that was retained, documentation was needed to establish the source (rent) and use (expenses) of funds for each individual property.

The traditional sources of such information were not available as formal accounting records were not maintained and most relevant records were not even preserved. Third-party sources were used to accumulate deeds, escrow statements, bank statements, and other data to allow us to piece together what actually happened.

Result: Contrary to all expectations, the evidence showed that the Plaintiff had already received substantially more proceeds than were originally invested in the projects. When adding together proceeds plus the fair market value of the property that was still owned, not only had his partner not stolen from him, but he had turned a very healthy profit. Even the defendant was impressed with his own success. Due to the lack of contemporaneous accounting neither party understood that their real estate partnership was actually quite successful.

#13: “Real Estate Fraud: How a Forensic Accountant Saves Clients Money — With Just a Few Questions!”

Summary: Arxis Financial was contacted to assist legal counsel in determining the validity of a fraud claim and the best approach to credibly establishing the claim. The victim was a network of inter-related entities that owned commercial property and undeveloped real estate. Significant cash flow from the entities was managed and controlled by one of the owners. The allegation was that millions of dollars had been fraudulently taken by the manager/owner. The initial contact by the law firm was to retain Arxis to do a preliminary forensic investigation to establish the equivalent of probable cause.

Arxis Work: In this case not a single document was reviewed. No forensic accounting was done. No damage calculations performed. Instead, a series of simple questions established that all the elements of fraud could be easily proven – except one. In this case, the disbursements to the owner were recorded as loans and reported on internal financial statements and tax returns. Therefore, the core of the case would revolve around whether the loans were authorized and whether the disclosures to the other owners over several years constituted ratification or approval of the transactions. Significant work might eventually be done to verify the accuracy and completeness of the accounting and to establish whether additional money was taken through other forms (expenses, distributions, payroll, etc.).

Result: The client was saved a lot of unnecessary accounting fees by redirecting the focus of the efforts away from an accounting and back to a legal question that would eventually be the core of the case.

#14: Fraud Examination with Disappointing Results

Summary: A volunteer in a charity organization noticed unusual relationships and transactions and decided to investigate. What he found was fraud – funds diverted by a staff member to friends.

Background: A religious, charitable organization was very active in matching available funds with specific needs of families. They did not hand out cash. Instead, they paid directly for groceries, car repairs, home repairs, etc. Detailed files were maintained for each of the “clients” providing information on dates of meetings, services needed, services provided, and vendor payment information. A dedicated volunteer noticed that some of the files were not being updated. In other cases, the relationship and payments were not documented at all. The reason given was that everyone was overworked, and they were more intent on meeting the mission of the organization than “filling out paperwork.” The volunteer, with the approval of the Board of Directors, began working on reconstructing data for the client files. It became obvious to the volunteer that payments were being made to one specific vendor on a regular basis when no services were being provided. At this point, the project went from cleaning up paperwork to investigating fraud.

The oversight board ignored warnings about what was discovered. They eventually ordered the volunteer to stop all work and to not discuss his “opinions” publicly. However, with the approval of one board member, the volunteer took the information he had gathered to local law enforcement. Prosecutors determined that there was good reason to look further but encouraged the volunteer to contact Arxis to help put together a well-documented case that they could prosecute.

Arxis Work: Thousands of pages of documentation were provided for review. The records provided were inconsistent and incomplete. This was due to limited information available to the volunteer without access to all relevant data. Work was done to complete an analysis of a single client from commencement of the relationship through payments of a vendor to establish expectations of process and documentation. Even this step was impossible. Without the ability to benchmark, it became nearly impossible to prove unusual or unauthorized transactions.

Analysis was done to determine the documents that would be needed to complete the investigation. In meeting with the volunteer, it became apparent that without the approval of the oversight board or key members of management the documents could not be obtained without the weight and reach of law enforcement. Since law enforcement already referred the matter out for documenting the case and providing evidence, it was obvious they were not able or willing to pursue that step.

Result: In a case where there was significant evidence of malfeasance, there was the inability to document it sufficiently to prove the legal elements of the crime to a trier of fact. This case highlighted two common hurdles to prosecuting fraud. First, it is not always possible to gather evidence sufficient to meet the standards required to pursue a conviction. Second, in an organization where there is a culture that tolerates or encourages fraud, it is difficult, if not impossible, for one or two people to identify and eradicate fraud. There is enormous pressure on nonprofit organizations to never publicly admit financial malfeasance. Therefore, in these situations, there is little motivation to pursue the matter when malfeasance is found.

#15: Culture Matters – Proving Fraud in a Silo

Summary: Sometimes the system of internal controls is so bad or non-existent that fraud cannot be proven, or the loss quantified. We were recently retained to do a fraud examination for an off-site division of a very large business. Corporate management was new, and they had begun the work of reshaping operations and clearing out problems within all the divisions of the company. Management described several indications that there were serious problems within this particular division and they did not want to use the outside audit firm to examine those concerns. They alleged that company policies and procedures were not being followed, that company assets were being misappropriated, and there was an unusual and detrimental relationship with a significant vendor. This is a very common scenario and we followed the usual protocol.

Arxis’ work: The first phase of the engagement was to get documents and figure out a scope and sequence of work, the time period to be examined, and the form of reporting to our client. As is typical, we saw quickly that management had very good reason for concern, and the direction and method of the examination was quickly determined.

Problems and hindrances developed once we started the second phase of the work. First, this division of the company had long ago isolated itself from the rest of the company. It had become a self-contained silo within the larger company. Management had adopted accounting and process software different from the rest of the company. A culture had developed where information was not shared with the rest of the company and employees had a fierce loyalty to division management and each other. It turned out some or most of that loyalty was driven by fear of the division president. The ability to conduct a review without raising undue notice or alarms was virtually impossible. None of the staff was made available for interviews to determine policies and procedures within the division.

It was also apparent that the culture had existed so long that the centralized systems designed to maintain and monitor internal controls within the division had long ago been intimidated so completely that the division was avoided and ignored. Auditors avoided the division president and his team. Essentially, there was no audit of the division and it was probably justified as being immaterial. Internal audit and the accounting staff of the company simply avoided contact with the division because it was so unpleasant and non-productive. Requests for information were ignored or delayed to such an extent that people gave up. We saw this first-hand in the course of our work.

Result: The result was a completely different set of accounting policies and procedures in the division than existed in the rest of the company. We never could determine what those were and/or whether they were being followed. Evidence was developed supporting the suspicion that assets were being misappropriated, there likely was a kickback scheme with a significant vendor, and that the company’s policies and procedures had been ignored, modified, and overridden. However, because of the communication lockdown within the division and the lack of data we could not “prove” it.

Not all of our engagements culminate with a complete and final solution; some end as a series of recommendations for the next phase of assessment and problem resolution. In this case, if there were crimes committed it was likely one, or a few, individuals were involved. Internal controls and a fraud examination can identify those individuals and exonerate others. We left that engagement having issued a long list of observations about the lack of controls and reasonable business practices along with recommendations for fixing the situation. Unfortunately, we also left the company having not completed the process of identifying the responsible people or quantifying the loss in a definitive way, due to the lack of controls and documentation. Consequently, we were forced to leave behind a dark cloud over a large group of people – some of whom would have been well served by a solid and function system of internal controls.

#16: Refusing Fraud Work

Summary of Issue: A business owner called asking for Arxis Financial to do a fraud investigation. The relevant law enforcement agency referred the business owner to our firm to conduct an investigation, and prepare a report.

Why the Referral?: A cursory review of documents indicated that company income had been diverted, there were numerous and material unauthorized checks and ATM withdrawals, and the former employee had developed a scheme where the company records were manipulated to indicate that he was owed substantial sums. The sophistication of the fraud indicated this was a targeted takedown of this business and that the “employee” had done this before – he was very good at it! The local police department acknowledged several crimes had been committed but did not have the resources to build the case on the financial crimes. By all appearances, they were not interested in doing so.

Choices: There are three paths of recourse in a fraud matter. The first is an insurance claim. The initial question is always whether the business was insured for such a loss and, if so, what is required to make that claim. Most policies that cover this type of loss also cover the cost of the investigation which makes the fees for a forensic investigation much easier to contemplate. Sadly, in this case, there was no insurance coverage. This is true in many cases. The failure to cover employee embezzlement, malfeasance, and error means less insurance premiums but, when fraud happens, is a devastating blow to any chances of recovery.

The second path after a suspected fraud is contacting law enforcement and initiating a criminal investigation. This is a path that results in possible moral satisfaction, but it is not designed to recover any money. A successful prosecution for fraud usually results in consequences for the perpetrator (jail time, public notice, etc.) but rarely financial restitution for the victim.

The third path is a civil prosecution (lawsuit) against the employee. This involves hiring an attorney and moving a case (i.e., developing evidence, etc.) towards a trial where the legal threshold for proving the case in most jurisdictions is much lower than a criminal case. If a favorable verdict is obtained and money is awarded, then begins an entirely new legal process of collecting on that judgment. There is a public record of the verdict thus possibly preventing a repeat crime by the former employee. All too often that, and a lot of legal bills, is the only real result of civil litigation.

Arxis Analysis: It is a hard conversation to accurately describe the above choices to a business owner that did not insure for such a loss, and who is dealing with the financial and emotional devastation of theft and other malfeasance by a trusted employee. The criminal process results in some satisfaction but no restitution. It is hard to recommend spending money on that process when law enforcement isn’t willing to engage and assist with their resources. The civil litigation route is also difficult to recommend due to the cost and the very long timeline of getting to a trial and financial restitution.

Result: We likely talked ourselves out of business. However, the client is better served to consider hard facts before the investment of fees, rather than after significant funds have been spent with unexpected results. We recommended that the business owner consult with a civil litigation attorney before retaining us. We also asked the potential client to think long and hard about paying for a forensic investigation at the request of law enforcement. While they may be unable or unwilling to do the investigation, the best result (criminal conviction) will provide no financial return on the investment. The consideration must be whether the moral or other satisfaction of a favorable outcome is sufficient to justify an expensive undertaking. Also, there is no guarantee that the elements of fraud could be proven, that our report would be persuasive, or that even with an ironclad case documented in a report a criminal or civil court would secure at minimum a hearing of the matter. Finally, we recommended they call their insurance agent and add appropriate coverage to protect the business should this happen again. Remarkably, of all our recommendations, this is the one likely to be ignored. It happens all the time!

Fraud