Living the Good Life: Case Study of Another Authorized Maker Scheme, Part 1

An authorized maker scheme is a type of check-tampering fraud. In the ACFE’s Occupational Fraud and Abuse Classification System (the “Fraud Tree”), the crime is a subset of fraudulent disbursements, which is a subset of cash schemes. (We dissected another authorized maker scheme in the November/December 2010 and January/February issues.) In these cases, the perpetrator physically prepares a fraudulent check and/or causes the organization to issue an unauthorized check, which is then converted to personal use. This raid on an organization’s treasury often drives private small businesses into bankruptcy. A trusted employee must have access to the checkbook and bank statements and the ability to forge signa-tures and alter accounting records to perpetrate this crime. 

In my experience from investigating disbursement frauds in the public sector and from my understanding of similar frauds in the private sector, one of the most common check-tampering schemes involves trusted employees who simply issue checks to themselves for personal benefit. 

A business owner who wants to deter and detect these schemes should require that monthly bank statements be delivered unopened directly to him or her or an independent party. This person then should review the redeemed checks for any unauthorized or unusual transactions, such as checks issued to the bookkeeper or custodian of an account. 

If your organization doesn’t receive its redeemed checks with the monthly bank statement, it should at least obtain a report showing the fronts and backs of the redeemed checks to perform this reconciliation. This process is critical to an organization’s survival, especially in the shaky economy.

CLERK-TREASURER RUNS AMOK 

In this check-tampering case study, the clerk-treasurer (we’ll call her Alicia) compromised the town’s internal control system by issuing 106 unauthorized checks — to herself, petty cash or a bank — totaling $79,586 during a three-year period. No supporting documents were on file for most of these transactions. For the few transactions in which Alicia prepared and retained documents to support these disbursements, she falsified vendor invoices and the check register to conceal the fraud.

The mayor, who was a part-time employee, unwittingly participated in the scheme because he trusted Alicia to a fault. He even pre-signed blank checks that she used to defraud the town.

Fraudsters sometimes exercise total control over financial transactions within small organizations, and they frequently perpetrate more than one type of fraud. In this case, Alicia spent $10,670 with the town’s credit card to make 51 personal purchases of women’s clothing and gifts from nine Internet shopping sites.

The only documents available for review for these transactions were the monthly credit card statements; all the supporting documents for these purchases had been destroyed. Also, the town’s external auditor was unable to obtain copies of the missing documents from the uncooperative out-of-state Internet shopping sites. This information would have helped identify who initiated the transactions and would have provided a description of the purchased items.

Several concealment attributes repeatedly surfaced during this investigation: accounting records were falsified, missing or destroyed. Obviously, these acts violated the trust the town had placed in Alicia to protect its funds from abuse or loss.

Alicia, 54, was the organization’s most trusted employee; she had worked at the town for about 20 years. During the external auditor’s interview, she admitted misappropriating funds from unauthorized credit card use and from fraudulent disbursements. 

The $90,256 total loss averaged 3 percent of the town’s $1 million annual operating budget. Luckily, the frauds were covered by the town’s personnel dishonesty bond policy for the clerk-treasurer position. Alicia entered into a plea-bargaining agreement with the county prosecutor, and the court sentenced her to 14 months in the state penitentiary and ordered her to pay restitution for the loss amount plus audit costs.

Let us explore some of the intricacies of these two fraud schemes.

INTERNAL CONTROL ENVIRONMENT 

Employee duties within the city’s treasury department were inadequately segregated. The environment was essentially a one-person operation with Alicia handling almost every aspect of all financial transactions. No one monitored her work to ensure all financial transactions were authorized, properly supported and accurately recorded in the town’s accounting records.

She never presented any of the fraudulent transactions to the town council for review and approval; the council saw only what she wanted them to see. The town’s accounting records were in disarray. The external auditor could not locate most of the records; he determined they had been destroyed.

Over the years, the town had accumulated about $200,000 in reserves for emergencies. Prior to the discovery of the fraud, the mayor asked Alicia why the funds in that account were decreasing. She told him the state was disbursing less funds to all cities and towns as a result of a recent change in the law. Her answer was true, but the state’s actions accounted for only a small decrease in the emergency fund. Town officials believed Alicia’s bogus statement while she was misappropriating everything in sight, including the town’s emergency reserves. She obviously believed she needed the money more than the town.

Alicia purposely isolated herself from other professionals. She never attended the free accounting classes that the external auditor sponsored, nor did she communicate with her clerk-treasurer peers in other cities and towns. 

Scheme 1: Personal Credit Card Purchases 

It must have been a slow day at the bank because the manager took time to review the town’s monthly credit card statements. He discovered something shocking. An unknown town employee appeared to be using the town’s credit card to purchase women’s clothing from a variety of Internet shopping sites. The bank manager contacted the town and found that the mayor was away at a conference. He called the mayor directly and told him about the unauthorized transactions. The alarmed mayor immediately canceled the town’s credit card.

When the mayor returned, he reviewed the monthly credit card statements and confirmed the bank manager’s findings. He talked to several town employees about the unauthorized purchases, but they were unaware of the activity. However, they did say that Alicia received many parcels at town hall, but they figured no one was at her home to accept deliveries. The mayor confronted Alicia about the unusual transactions, and she admitted making personal purchases using the town’s credit card. The mayor immediately fired her, just two weeks after the credit card account had been canceled.

The mayor notified the town’s attorney, who then contacted the external auditor about the loss as required by state law. The external auditor immediately began an investigation and confirmed Alicia had made $10,670 in unauthorized credit card purchases from a variety of Internet shopping sites. Also, there were no supporting documents on file for the unauthorized purchases — only the monthly credit card statements. (As we will see in part two of this series, this condition would become a major issue during the external auditor’s interview of this ex-employee.)

Let us think about the actions you can take if or when you encounter a situation like this. One option is to cancel the credit card account. However, if you do this, you risk indirectly alerting the employee that something is wrong when he or she tries to use the credit card, and it is no longer valid. That is exactly what happened in this case. Alicia knew she was a marked woman and yet continued to misappropriate funds.

So, if an employee is using a company credit card to make personal purchases, canceling the credit card account might not be the best idea, especially if you are interested in catching an employee in the act.

Therefore, a second option is to tell the credit card issuer you want to be notified immediately about future charges on the account. This way, you can contact the vendor for additional information, such as the identity of the person who initiated the transaction and what that person purchased. You will have a much better opportunity to obtain evidence, intercept the shipment and confront the employee about any unauthorized purchases.

This case illustrates why organizations should quickly obtain receipts for all credit card purchases, have clear policies for credit card use and train employees to ensure they understand company procedures. Credit card purchases should not be approved unless supported by receipts. If the receipts are not available at the time the credit card statement is verified, the organization should contact the vendor immediately to obtain a copy of the documents and then determine if the purchases were for official business purposes. If the organization does not quickly act, the organization might not be able to obtain credit card receipts down the road for an audit or fraud examination. That is what happened in this case.

Wayward employees should be disciplined at a level determined appropriate for the infraction. For missing receipts, the organization might give a verbal reprimand for a first offense, a written reprimand for a second offense and then terminate the individual’s credit card privileges for a third offense. More severe discipline, such as termination of employment, should also be an option when employees have misappropriated the organization’s assets.

Scheme 2: Issuing Checks to Herself 

The external auditor’s investigation detected the second fraud scheme. Employees used the town’s computer to prepare checks for routine disbursements. However, as I previously wrote, the mayor pre-signed checks for Alicia because he was not always on site. Alicia then used these checks to defraud the town.

Here is how she did it: She prepared the unauthorized checks on an electric typewriter that could make corrections. She prepared the two-part check form indicating a vendor’s name in the payee section. After removing the original check from the set of documents, she used the typewriter’s correction capability to change the payee on the check from a vendor name to either her name, petty cash or the name of a bank. (The hardest part about perpetrating a fraud like this in today’s tech-savvy world is finding an electronic typewriter.)

After Alicia altered the checks, she deposited most of them into her personal bank account. However, she or two other town employees (who did not know the checks were false) cashed the petty cash checks and the checks issued to a bank at that bank. These employees returned the funds to Alicia who then misappropriated them.

Alicia manipulated the checks from these unauthorized transactions in two ways after the bank redeemed them:

Initially, Alicia used the typewriter’s correction capability to alter the payee (her name, petty cash or a bank name) back to the name of the vendor shown on the supporting documents for the original transactions.

Later, she destroyed the checks to conceal the irregularities.

Often, the altered checks showing her name as the payee were still on file at town hall because she neglected to destroy the documents after the bank returned them. Basically, she got lazy.

As a result of her manipulations, the payees on the file copies of the unauthorized transactions, the check register and the redeemed checks often were different. As we will see in part two in the May/June issue, this would become a major issue during the external auditor’s interview with Alicia.

LESSONS LEARNED 

Let’s review some of the finer points of fraud deterrence and detection for authorized maker schemes as illustrated in this disbursement case.

• Business owners should require monthly bank statements to be delivered unopened directly to themselves or to some other independent party. This individual then should review the redeemed checks for any unauthorized or unusual transactions, such as checks issued to the bookkeeper.
• Employee duties should be appropriately segregated so one person is not able to control any type of transaction from beginning to end. And managers should monitor the work of key employees to ensure their expectations are met.
• Managers or governing bodies should receive disbursement reports listing all transactions to ensure all disbursements are reviewed and approved and there are no gaps in check numbers listed for transactions shown on consecutive reports.
• Canceling a credit card account when unauthorized purchases are noted alerts the employee that his or her fraudulent activity has been detected. Contacting the credit card issuer and asking for immediate notice of any activity on the card might give investigators a better chance of identifying the suspect.
• Train all employees on using company credit and purchasing cards and require them to turn in receipts for all transactions for review, approval and verification with the purchase detail shown on monthly statements.
• Managers should not pre-sign blank checks.
• Managers, auditors and fraud examiners should compare the payee information for agreement on supporting documents, the check register and redeemed checks.

FURTHER CASE DETAILS 

Part two of this series will conclude this case study. We will discuss the elements of this fraud, red flags, fraud detection techniques and some additional details from the investigation and the external auditor’s interview. We will also present additional lessons learned and recommendations to prevent future occurrences.

Regent Emeritus Joseph R. Dervaes, CFE, ACFE Fellow, CIA, is retired after more than 42 years of government service. He remains the chair of the ACFE Foundation Board of Directors. 

This column was adapted from a case study by Joseph R. Dervaes, CFE, ACFE Fellow, CIA, that was published in “Computer Fraud Casebook: The Bytes that Bite,” edited by Dr. Joseph T. Wells, CFE, CPA © 2009 by the Association of Certified Fraud Examiners Inc. Published by John Wiley & Sons Inc. Available in the ACFE Bookstore. 

The Association of Certified Fraud Examiners assumes sole copyright of any article published on www.fraud-magazine.com or www.ACFE.com. ACFE follows a policy of exclusive publication. Permission of the publisher is required before an article can be copied or reproduced. Requests for reprinting an article in any form must be e-mailed to: FraudMagazine@ACFE.com.