ACFE Member Profile
Patti M. Buck-Torrey, MS, CFE
Manager of Administrative Processes & Controls, FedEx SmartPost
“What if?” is a robust question. It was also the question that attracted Patti Buck-Torrey, CFE, Manager of Administrative Processes & Controls for FedEx SmartPost, to fraud investigation. “When assessing the control environment I always find myself thinking, ‘What if…?’ “So I started researching potential outcomes to various scenarios,” says Buck-Torrey. “It never ceases to amaze me how creative fraudsters can be in obtaining what they want.” This criminal creativity is what drives Buck-Torrey’s passion for fighting fraud. “Fraud is a forward-moving vehicle that you’re always trying to get ahead of, and that, to me, is what keeps me engaged, motivated and energized.”
Where were you born and raised?
I was born and raised in the South Shore of Massachusetts.
Why did you decide to become a CFE?
My career began in operations at a stock transfer company. I was exposed to a fraud that took place within the company, which I found intriguing. I felt compelled to learn more about the different types of fraud that our company was susceptible to. This led me to leave operations and join the Internal Audit Department (IAD) within the company. During my time in IAD, the need to learn more about fraud only increased and led me to earn my CFE credential.
What do you think contributed to your success of moving into your current position?
Holding the CFE credential and a Master of Science in Fraud and Forensics have helped me in my career. I obtained my CFE in 2013 when I was an internal auditor, and I became the manager of the Administrative Processes and Controls department at my present company. Effective September 2015, I will be the manager of the Recovery and Asset Protection group within the Internal Controls Department.
What does your current role entail?
In my current role, I am responsible for advancing the internal control and regulatory environment by way of an effective, sustainable and proactive control structure through education and consulting; monitoring for compliance to internal policies, procedures and external regulatory agency requirements; risk mitigation through control monitoring, testing and remediation; performance of annual risk evaluations; and oversight of SOX.
What are the most rewarding aspects of your job?
I love being in a position where I have the ability to see within the various functions of the organization, speak with and consult various levels of personnel, assist in improving the overall internal control environment, and deter and prevent fraud. I feel great about my job knowing that I’m leading a team of professionals all focused on the company’s internal control structure and how we can continuously make improvements. Believe me, no matter what company you work for and what industry you work in, there are ALWAYS improvements to be made. As fraud schemes advance and become more creative, our efforts need to advance and improve to deter and detect these occurrences.
How do you think your CFE credential has helped you in your role?
Studying for my CFE was instrumental in my understanding of the methods of preventing, detecting and deterring fraud, complex financial transactions, various types of fraud schemes, the fraud examination process and the law. My CFE credential is evidence of my proficiency in these areas. My ability to identify the red flags of fraud is a necessary skill in the world of internal controls. You can put the best internal controls in place, but if you don’t know what to look for, how do you know that the controls are working as prescribed?
What are the best opportunities for someone entering into your career?
The opportunity to educate and consult for top executives of your organization while being a part of strategic initiatives that reduce revenue leakage and increase performance through review and remediation. You can develop methods of control monitoring and reporting and be creative in your efforts to protect the assets of the organization. It’s an exciting field to be a part of and it’s extremely rewarding knowing that you’re applying your specific skillset to the protection of your organization.
What do you wish you knew (but didn’t) when you first contemplated this career?
I wish I had known that this was a career option back when I graduated. While I have learned valuable lessons along the path I’ve taken, I would have avoided some of the “filler” and gone straight to fraud fighting. Internal controls and fraud are fascinating subjects and, while I didn’t get actively involved until later in life, I’ve never looked back.
How do you stay up to date on the latest fraud schemes that people try and perpetrate at your organization?
We are continuously researching the latest fraud cases and fraud trends within our industry through various online internal controls and fraud outlets, which includes the ACFE’s Fraud Magazine and newsletters. I also have a fraud matrix of various plausible fraud schemes specific to my company and this is reviewed and updated on a regular basis. Internally, my department has an open line of communication between the legal department, IAD, and field and corporate management.
Is there a memorable case or project that you have worked on? Feel free to alter details to protect confidential information.
One of the first cases that I was a part of, in regard to control remediation, was so simple and contained classic control breakdowns. There were two shifts at the company: day shift and night shift. The night shift employees were small in number and used the computers of the day shift personnel. One of the night shift employees – who could be described as one of the nicest guys at the company and an extremely productive employee – was responsible for processing customer requests to either sell their existing stock shares or issue stock certificates. This nice guy, when selling the shares and issuing customers checks, would issue the check for the whole shares sold, but transferred the fractional shares to accounts set up for his various relatives. The simple fraud was discovered when a customer, who was apparently very detail oriented, called in to inquire about his fractional shares and why that amount was not included in his check. Research into the situation identified the following:
The “nice guy” met his productivity number using his own employee ID number.
He used other employee ID’s to commit the frauds – employees were leaving their IDs and passwords on yellow sticky notes within their cubicles.
He would alternate the computers he worked on and employee sign-ins to help avoid detection.
He had been transferring fractional shares to his relatives’ accounts for at least three months.
He didn’t set out to steal large amounts of money as fractional shares are relatively minimal in value, depending on the stock and the sale price; however, accumulating fractional shares every night for three months for numerous customers can accumulate rapidly. That was my first direct lesson that nice does not equate to honest.
What do you consider to be the most important values a CFE must have?
A CFE must be ethical, without a doubt. Considering all of the training CFEs receive, an unethical person could potentially use that knowledge to commit some pretty significant frauds. Other values I would consider important for a CFE include being inquisitive, adaptable, compassionate, empathetic, influential, logical, confident and proactive.
When you are not working, what types of things do you enjoy doing?
I enjoy playing with my son, traveling and doing things outdoors such as camping, kayaking, or just reading in the hammock. I am also a big fan of baseball – Go Red Sox!
For more information, contact Sarah Hofmann, Public Information Officer, at (512) 478-9000 ext. 324 or