Becoming the Fraud Advisors We Were Meant to Be

Clients often don't understand the process, litigators lack the training, and accountants don't have the mandate. CFEs are poised to assume an even more responsible role in fighting fraud in the marketplace. 

 

The role of the traditional fraud investigator needs to morph into the best example of a Certified Fraud Examiner: devising bold deterrence and prevention programs and advising management at all levels on its litigation strategy. 

 

Fraud and all crimes of deceit are routinely front-page news as investors forfeit their life savings, employees lose their jobs and pensions, and regulators try to stem the tide. The headlines are shouting at us to step up to meet this challenge. Let's look at cases that illustrate my recommendations to broaden the profession and to take even more responsibility in fraud inquiries. 

 

I'm a commercial litigation lawyer and CFE. From my firsthand experience, I know that company lawyers need much more assistance from CFEs than they ask for; they need CFEs' advice from the beginning of engagements to trial verdicts. I became a forensic accountant and a Certified Fraud Examiner because I saw this great need. I've chosen the following cases - and have added my comments - to show the growing complexity of fraud analysis that constantly challenges investigators to upgrade and expand their professional skills. 

 

CFES MUST BE PREPARED TO EXPAND AN ASSIGNMENT 

In this case, the client was a high-tech company that had vastly expanded in the late 1990s' boom. The client was awash in money. In the marketplace's turbulence, the chief financial officer funneled hundreds of thousands of dollars for his personal gain by issuing false invoices in the names of legitimate supplier companies. The client's outside audit firm uncovered the fraud during the year-end review of the financial statements. The client gave me the auditor's report and instructed me to begin a claim against the former CFO, who had sold his house and fled the country. 

 

I was concerned about some shortcomings in the auditor's investigation. For example, why did the auditor conclude the fraud took place over only one year? Who else was involved? Where did the money flow? The response from the audit firm was always the same: "We were retained to review the books only for the last year and report on what we found. We were not asked to look at anything, or anybody, else." Another lawyer working on the case might very well have said the same. I knew that such an approach would have resulted in missing several previous years of fraud and additional claims against third parties that actually recovered the entire amount of the defalcation, which occurred over a number of years. 

 

This scenario isn't unusual. Clients and their counsel often don't understand the nature of fraud and fraud examinations. So experts are inhibited by faulty retainers and scope restrictions that impair their work. As an expert witness, a CFE can appear foolish or worse if the client's bad instructions hamper the investigation by restricting its scope. 

 

Comment: Rather than simply make do with a client's faulty retainer, I believe a CFE has to be not only an expert witness but also an expert fraud advisor, whose knowledge of fraud law and fraud patterns guides clients and their lawyers through the litigation process. In the initial retainer letter, a CFE should not only tell the client how he or she will add value as an advisor but also the dangers of unduly restricting the scope of the investigation. The suggestion of a CFE's qualified opinion rendered at the end of the engagement is usually enough to persuade a client to consider the CFE's independent view. Because few have the expertise or inclination to act as a fraud advisor, the CFE has to step into this vacuum, whether he or she is advising the client directly or legal counsel. 

 

WHEN LEGAL COUNSEL NEEDS A CFE'S COUNSEL 

Newspaper accounts about a recent scandal at a large corporation (we'll call it ABC Inc.) revealed it was a victim not only of a bad investigation but also of bad advice from its investigator. The board of directors had secretly decided to oust the CEO, but its secret was leaked to the press before the board could handle the public relations issues. The incoming CEO hired a private investigator to find the leak in the organization. The investigator obtained access to certain suspected employees' homes, offices, and cell phone numbers from ABC's employment records. Then the investigator either contacted the phone company and allegedly impersonated the targeted employee to get the target's phone records, or used other pretexts to see their phone records, in order to identify which insider employee contacted the journalist who wrote the derogatory article. 

 

The important point about this story is that the company's general counsel, a lawyer with more than 25 years of experience, was made aware of this "pretexting" soon after the investigation got started. She was curious about its legality and asked the private investigator about it. He allegedly replied he wasn't aware of any law prohibiting the practice. When a new leak occurred, the general counsel assigned her senior assistant counsel to head the investigation into the leaks and the legality of pretexting. The assistant counsel asked the global manager of security and investigations about the practice, and was told the practice was "on the edge" but had never been challenged in previous investigations. 

 

This account demonstrates that experienced corporate counsel typically looks to various types of fraud investigators for legal opinions. Anyone educated in fraud law would have advised that the U.S. Federal Trade Commission deemed pretexting a breach of the Telecommunications Act of 1996, and an unfair business practice as far back as 2001.1 

 

Comment: What this means is that anti-fraud professionals must not only have to continuously upgrade their legal education, but they can't rely on internal legal counsel to provide any assurance that investigations are conducted lawfully and they aren't crossing the line themselves. Therefore, again, they have to be fraud advisors to corporate counsel, the board, or the audit committee on legal issues that would require them to seek independent and specialized legal advice. As part of this expanded role as fraud advisors, they have to become increasingly specialized in the intricacies of fraud law that can affect examinations. 

 

FRAUD EXAMINERS HAVE TO BE SEEN AS IMPARTIAL 

David Malamed, CFE, CA, IFA, CPA, is a forensic partner with Grant Thornton LLP, a national accounting firm. He has led numerous fraud examinations involving both civil and criminal allegations. "In many forensic engagements," he said, "clients, including litigators, are fast to tell the forensic accountant or investigator what needs to be done and that all the required information is present and accounted for and sometimes what the outcome of the investigation should be." Because of clients' occasional aggressiveness, fraud examiners find themselves in witch hunts.

 

Comment: It's imperative that anti-fraud professionals maintain a skeptical mind-set to avoid assumption pitfalls and become the unwitting tools of misguided clients or lawyers. In my view, CFEs need to be more than vigilant and skeptical to provide value as independent expert witnesses. They need to step up to the role of expert consultant to advise clients from engagement letter to verdict, which means they'll need to have full access to all relevant evidence before and during the litigation process. Then they can truly be seen as trusted impartial experts whom their clients and their lawyers both need at trial. (When necessary, this might mean two fraud experts will be involved in litigation instead of one. Their fees are more than paid for by the value-added service they bring to criminal and civil litigation.) 

 

CFES MUST GUIDE CLIENTS THROUGH ENTIRE LITIGATION PROCESS 

While bad advice in the previous case was wracking the head office of ABC Inc., its Canadian subsidiary was reeling from a misplaced faith that auditors are anti-fraud professionals. Reports said a government middle manager (we'll call him Sam) had a taste for the high life. In the course of a few years, he allegedly bilked the government, and ultimately ABC Inc., a high-tech service provider to the government, of more than $100 million in the course of a few years by a familiar scheme. 

 

I've found that Canada's Department of National Defence (DND) prefers not to do business directly with the plethora of small high-tech companies that have grown up in "Silicon Valley North," just outside Canada's capital, Ottawa. The government believes that while these companies have technical expertise they lack the managerial acumen or financial strength to service a long-term government contract. To get around this, the small companies team up with large high-tech companies to become government service providers. The large companies charge a management fee and in return guarantee uninterrupted professional service to the DND. Sam effectively controlled government procurement of a vast number of these high-tech contracts. 

 

According to the allegations, it was therefore a relatively simple matter for Sam to issue, or cause to be issued, false purchase orders to ABC Inc. for a variety of fictitious services. He advised ABC Inc. to hire certain small companies to do the work. However, Sam would then tell these tiny companies they were to provide bookkeeping and billing services for even smaller companies that would do the actual work. He instructed them to produce generic invoices to ABC Inc. for "national security." Sam, and a few paper companies, were at the end of the line; they approved the false invoices for payment on behalf of DND. 

 

Sam continued this unexceptional fraud for many years. He gambled that - unless a tipster turned him in - ABC Inc.'s external auditors and DND's internal auditors probably wouldn't detect his improprieties. Only when he got sloppy with the paperwork and started to authorize contracts above the level of his authority did his fraud of more than $100 million begin to unravel. It was extraordinary that a 37-year-old, five-figure bureaucrat who lived in a multimillion-dollar home just outside Ottawa and flew on a private jet with his friends to his Caribbean home didn't arouse the auditors' suspicions.2 (He eventually plead guilty and received a seven-year prison sentence.) 

 

This case illustrates two common flaws that exist in most large institutions: a fundamental misunderstanding about the role of internal and external auditors in fraud prevention and detection, and an irrational belief that fraud stays inside the corporate boundaries of an increasingly complex world in which businesses are becoming interconnected through teaming, ad hoc grouping, partnerships, joint ventures, coventures, subcontracting, and virtual corporations. 

 

Comment: On the first flaw, external auditors are "watchdogs not bloodhounds" who will investigate frauds that happen to come to their attention, but their attest function doesn't require them to actively seek out possible fraudulent activities.3 While the mandate of internal auditors is more varied, the most common view is that "internal auditors have no responsibility for detecting fraud and investigating cases but are required to give independent assurance on the effectiveness of the processes put in place by management to manage the risk of fraud."4 

 

CFEs are often called in after the fact to do independent investigations of frauds discovered through anonymous tips or that internal and external auditors accidentally discover. The CFO, the internal or external auditor's report, or in-house counsel usually dictates the mandates. These aren't fraud professionals. The anti-fraud professional must dissuade anyone from fettering the scope of the investigation and ensure that any preceding investigation be viewed as only a point of departure for the fraud examination he or she is about to conduct even if litigation has begun. 

 

The client's role is to ensure that the CFE has full access to witnesses and documents and provide the mandate for an independent investigation that will render an impartial expert's report. 

 

And on the second flaw, a client's mandate must ensure that the fraud investigation isn't limited to the four corners of the client corporation. The CFE must be free to investigate the entire business enterprise from manufacturer to retailer because the lines between these areas are becoming more blurred. 

 

I believe an independent specialized CFE is required to detect, investigate, and report on possible participants in a fraud by doing a cradle-to-grave analysis of any impugned business transaction with the blessing of the client to investigate everyone in the supply chain as part of the CFE's obligation to provide a complete report. A CFE must design the investigation because good investigators can't rescue misguided investigations that can degenerate into witch hunts. 

 

READY, SHOOT, AIM 

An example of a witch hunt involves a federal politician and the preferential treatment he allegedly sought for a country club in his constituency by lobbying the federal Business Development Bank of Canada. It appears that the bank's board of directors allegedly dismissed the president when he refused under pressure to extend a bank loan to the country club. Soon after, the bank's miffed board of directors discovered alleged irregularities in the president's use of the corporate limousine and quickly hired a Big Four accounting firm. The board hoped the firm's review would prove he had misused corporate assets and therefore support his dismissal for cause. (In Canada, by law senior employees can't be dismissed at will.)5 

 

The judge subsequently raked the accounting firm over the coals and found the investigation was fatally flawed with a "ready-shoot-aim" approach. The bank board, which had assumed the bank president's guilt, exaggerated the importance of evidence that pointed toward him. To compound the problems, the accounting firm's investigators failed to pursue, and in some cases discarded evidence, supporting the president's assertion that the limousine drivers were using the vehicle for their personal uses. The investigators also ignored evidence that the car had registered hundreds of kilometers on weekends when the president was away using his own car. Instead, the accounting firm's investigators relied on the drivers' witness statements without critically evaluating or corroborating their accounts. Indeed, the drivers might have been pressured to give statements against the president to avoid being investigated themselves. The board's quest to produce the desired result of supporting the decision to dismiss the president for cause forced the firm to take shortcuts. The judge wasn't impressed with the investigators who appeared not to be independent but hired guns with a not-so-hidden agenda. 

 

There were other problems with the accounting firm's retainer. Because its investigators didn't have time to plan the engagement, they raided the president's office and indiscriminately retrieved "evidence" without any idea of what the forensic accountants should be looking for or who owned items in the office. As a result, the search and seizure of documents violated the president's right to privacy and property. 

 

The accounting firm also tarnished its reputation when it was disclosed that it did significant audit business with the bank and had no input into the generation of its mandate. Instead, the board told the firm to find reasons why the president should be fired for cause, which would provide sufficient proof for the bank to refuse to pay the president his entitled severance. 

 

But the real problem in this case was not accounting competence; it went deeper. The accounting firm had brought its best and brightest to a vital engagement for a key client. But the board made the mistake of telling them to conduct a witch hunt (though they didn't call it that, of course!) because no one advised them of the consequences of failing to allow them to conduct a proper investigation with proper components. The accounting firm just didn't give independent expert advice and the client paid for it in court. 

 

Comment: CFEs must realize that normally they can't do much about a suspected witch hunt except refuse the engagement. An investigator of lesser moral fiber will likely become the vehicle of the injustice. However, CFEs must address the fundamental root cause; they must speak up when management is afraid and tacitly hands authority figures extraordinary powers to swiftly deal with an emergency. At that point, as outside, impartial experts, CFEs should speak to management to ensure that an investigation doesn't deteriorate into a witch hunt. As dispassionate expert advisors, they must intervene to be the voice of reason. 

 

STOCK OPTION INTERVENTION 

Here's another example when a CFE should take an aggressive stance. A recent study found that 77.1 percent of corruption cases had a conflict of interest component.6 There's no greater potential for a conflict of interest than the relationships between boards of directors and the senior managers they appoint. Consider a typical plan that allows the board of directors to grant stock options to company executives at fair market value as of the grants' dates. Options are used as incentives for the company managers to "grow" the share price, and then cash in on them. These option plans can be abused or manipulated as with any discretionary benefit. 

 

There are many ways a company can manipulate options to benefit corporation officers. An option might be backdated, dated just before a favorable press release that will raise share price, or future-dated to coincide with a dip in price after a scheduled public release of unfavorable information. 

 

Comment: Standard internal controls across an industry aren't designed to catch this form of malfeasance. Recent cases involving some of the most well-known companies came to public attention only when a knowledgeable investor discerned that something was amiss and there was a breach of fiduciary duty through a subtle form of corporate subterfuge.7 As corporate fraud becomes more sophisticated, I see the need to professionalize fraud examinations to meet the challenge with systemic training and fraud law education to keep up with sophisticated forms of corporate malpractice because of the CFE's mantle as a true anti-fraud professional. However, more is still needed; the elements and scope of CFEs' job descriptions have to change. 

 

WHERE DO CFES GO FROM HERE? 

"In a perfect world, a Chief Risk Officer or other anti-fraud professional would assist management in managing, controlling, reporting, and taking action on the risk of fraud by ... leading fraud investigations [and] overseeing investigations conducted by specialists on their behalf. ..."8 

 

While you might disagree with my views about the various investigations in this article, you have only to look to your own experience to know that management's reaction to fraud is likely to be fear, anger, and then a desire for retribution. Cooler heads must prevail or CFEs become tools of misguided rage. Fraud examiners must participate in the formulation of their clients' mandate, but they must go further. They have to have specialized knowledge of various disciplines, including law, so they can lead an anti-fraud engagement at a time when a corporation's traditional managers aren't capable of such leadership. They must recognize fraud when no one else can and investigate it in areas that extend beyond the traditional boundaries of audit professionals. And CFEs are obligated to educate corporations that fraud isn't an isolated incident requiring only the investigations that initiated the relationships with the clients; fraud is the result of systemic failures to address it as a strategic issue. As anti-fraud advisors, CFEs' mandates must expand to ensure that companies put in place proper risk management systems with (1) human resource policies that promote the proper tone at the top, (2) fraud-risk prevention and mitigation approaches to internal controls, (3) fraud awareness training programs, and (4) fraud response plans that have emergency fraud response teams on retainer should the need arise. 

 

CFEs can no longer wait to be retained for investigations and be satisfied that their tasks are complete when they complete their investigations. Here are the moral questions for the CFE profession: Do they continue year after year with management's often-limited reaction to frauds that victimize pensioners, investors, and employees? Or do they shift the emphasis, as CFE education requires, toward advising their private and public institutions on ways to become more proactive, aggressive, and preventive to help drive fraud off the front pages of our newspapers and ensure all frauds that do make it to the front pages are fully and properly investigated? 

 

CFEs are naturally inclined to advise clients to embed preventive and deterrence controls. But sometimes they need reminders to continue to step up to the plate and be true fraud advisors during the litigation process with the assistance of legal counsel. 

 

If they don't do it, who will? And if they don't do it now, are they not complicit in the continued victimization? 

 

---

1 See F.T.C v. Information Search Inc. AMD-)!_1121 (Dist. Maryland, Fed. Ct, 2001) and www.ftc.gov/opa/2001/04/pretext.htm.  

 

2 James Bagnall and Glen McGregor. "Operation Invoice." The Ottawa Citizen. March 11, 2006. Part One. B1. Part 2 on page A9. March 12, 2006.  

 

3 Re Kingston Cotton Mill Co. (No. 2). [1896] 2 Ch. 279 (C.A.).  

 

4 See "Recognition of Anti-Fraud Profession, Part 2." Haluk Gursel. Fraud Magazine. March/April 2007.  

 

5 Beaudoin v. Dev. Bank of Canada. Court file no. 500-061128-003. Que.S.C. Feb. 6, 2004.  

 

6 D. Peltier-Rivest. "Detecting Occupational Fraud in Canada." Page 15. Supplement to Fraud Magazine. March/April 2007. www.ACFE.com/fraud/downloads/asp  

 

7 See eg Ryan v. Gifford [2007] Deleware Court of Chancellery. Lexis case 22 and in re: Tyson Foods [2007] Deleware Court of Chancellery. Lexis case 19 also reported at 919 A 2d 563.  

 

8 See "Recognition of Anti-Fraud Profession, Part 1." Haluk Gursel. Fraud Magazine. Jan./Feb. 2007.   

The Association of Certified Fraud Examiners assumes sole copyright of any article published on www.Fraud-Magazine.com or ACFE.com. Permission of the publisher is required before an article can be copied or reproduced.