Riding a Tiger and Not Knowing How to Get Off: Lessons Learned from the Satyam Fraud

Enron and WorldCom sounded the wake-up call for a renewed focus on corporate governance, but the U.S. certainly does not have a monopoly on huge frauds. In early January 2009, B. Ramalinga Raju, the founder and chairman of Satyam Computer Systems, one of the largest IT outsourcing companies in India, made a startling public confession: For years, he had engaged in a massive fraud — the largest ever in India's history.  

Raju's disturbing confession letter, which he delivered to Satyam's board of directors "with deep regret and tremendous burden," revealed that "The Balance Sheet carries as of September 30, 2008 inflated [non-existent] cash and bank balances of rupees 5,040 crore [more than U.S. $1 billion]." Grossly inflated revenues included fictitious accounts and amounts. The materially misstated balance sheet contained these inflated, imaginary profits throughout several years.

Investigators eventually found willing suppression of accounting irregularities. Authorities arrested numerous executives, including Raju and two of his brothers, who are in prison. Others have been released.
In this column, we explore why internal and external auditors did not spot this massive fraud and what could have deterred it. We hope the lessons will improve your understanding of global fraud and help you in your anti-fraud fight.

'RIDING A TIGER'  

What exactly triggered the fall of Satyam from its highly regarded reputation — a company that boasted more than 40 percent of the Fortune 500 as clients?  

Founded in 1987, Satyam was a leading global technology outsourcing company headquartered in Hyderabad, India, a center of technology and the home of other IT-outsourcing companies such as Infosys, Wipro, Cognizant and Tata Consultancy Services.

Satyam was publicly listed on stock exchanges in Bombay and New York City and the New York Stock Exchange's (NYSE) EuroNext. However, the Raju family owned Satyam and dominated its management (similar to the Rigas family in the Adelphia Communications Corporation fraud case in the U.S.).

With total revenues of more than U.S. $1.7 billion in 2008, Satyam claimed it had 50,000 employees in 66 countries. The company received accolades for its excellence, including the 2008 Golden Peacock Award from the U.K. for being one of the "best in corporate governance." Raju represented India as co-chairman of the prestigious Davos World Economic Forum in 2008.

In his confession, Raju colorfully characterized his experience as being " ... like riding a tiger, not knowing how to get off without being eaten." He attempted to take the fall and protect family members and others from shame, embarrassment, loss of reputation, criminal charges and jail time. Much like Madoff and his Ponzi scheme, Raju asserted that he acted alone.

So, what exactly precipitated Raju's confession? It was not for altruistic reasons. In mid-December 2008, he bullied the Satyam board into approving the acquisition of Maytas Properties and Maytas Infra. However, Raju actually already held ownership interests in the two Maytas, which his sons managed. (Satyam, which means "truth" in many Indian languages, is "Maytas" spelled backwards or "truth reversed.")

The thinly veiled ruse to doctor the financials did not get far. (Raju, in his confession, wrote, "The aborted Maytas acquisition deal was the last attempt to fill the fictitious assets with real ones.") Institutional investors vehemently objected and dumped the Satyam stock, which fell in price more than 50 percent overnight on the New York Stock Exchange.

Many global investors were outraged, which prompted Satyam board members to deny Raju's Maytas proposal. By the end of the month, four of the Satyam's nine board members resigned. Merrill Lynch, which had been exploring strategic opportunities for Satyam, resigned on Jan. 6, 2009.

In the same week, the World Bank, citing other irregularities, announced that it had debarred Satyam as one of its vendors for eight years. Also, a whistleblower, who claimed to be a former Satyam senior executive team member, allegedly sent emails to an independent director of Satyam's board in December 2008. The whistleblower wrote that banks would confirm that Satyam had no liquid assets, according to the April 17, 2009, article "Ex-insider blew the lid off Satyam scam," by Souvik Sanyal and Dheeraj Tiwarlet, in The Economic Times. 

RISK FACTORS AND RED FLAGS FLYING  

Satyam had high debt on its balance sheet in spite of huge amounts of available cash. Global brokerage firm CLSA observed, "With almost $1.2 billion of cash, we find it intriguing that Satyam closed 2007-08 with $56 million of debt. In fact, an enormous amount of cash Rs 4,462 crore [approximately U.S. $892 million] appeared to sit in the current account unused. This is an extraordinary thing for a company since most often excess cash is kicked back to shareholders in the shape of a dividend, or is earning valuable interest if it isn't being utilized to pare debt or fund acquisitions," according to the cover story of the Feb. 8, 2009 issue of Business Today, "On the trail of fraud" by Puja Mehra. 

Although banks at the time were offering many CD schemes with attractive returns, apparently no external auditors, internal auditors or board members questioned this large amount of sitting cash. Much of Satyam's fixed deposits, which had grown from Rs 3.35 crore (U.S. $670,000) in 1998-99 to Rs 3,320.19 crore (approximately U.S. $664 million) in 2007-08, were fictitious.

Then, there is the question of how the imaginary numbers went unnoticed. Either the auditors (external and internal) were careless, they were in collusion with management or Satyam was devious enough to intercept the auditors' requests for statements and forged them. Many external auditors have said the interception and forging of documents has happened in other large-scale Indian fraud cases.
Satyam may have paid Price Waterhouse & Co. (the name under which PricewaterhouseCoopers does business in India) excessive audit fees. And the external accounting firm may have treated Satyam as a "trophy client" much like Arthur Andersen had regarded Enron — with forgiving oversight.

We can see a lack of effective corporate governance in the Satyam case. Professor John Alan James of Pace University, New York, remarked "Corporate governance in India was late on the scene, it is more politically motivated than legally based, and regulatory laws and agencies are burdened with the complex, slow-moving legislative and judicial processes." ("Satyam Overlooked Oversight" by Marie Leone on www.CFO.com, Jan. 16, 2009)

Even so, the Raju family's dominance of Satyam overrode basic governance principles. Satyam's filings with the U.S. Securities and Exchange Commission (SEC) in mid-2008 disclosed there the company did not have an independent director with "financial expertise" on its board or an audit committee despite the Sarbanes-Oxley Act (SOX) requirement. Also, non-management directors were primarily academics, and the company did not have nominating or governance committees. The positions of chairman and CEO were separate, but they were held by two brothers. (This is also reminiscent of the Rigas family member presence in the Adelphia Communications Corporation fraud.)

A study by India's Central Bureau of Investigation (CBI) revealed that the company padded itself with 13,000 ghost employees so it could siphon off funds. CBI also identified complicity among the audit engagement partners at Price Waterhouse & Co. The Serious Fraud Investigation Office (SFIO) of India also conducted its own investigation and issued a 14,000-page report. This investigation concluded that Satyam's independent directors were unaware of Raju's fraudulent actions in the falsification of the company's accounts.

While the trial continues, the allegations are that Raju, two of his brothers and other Satyam executives committed the fraud by forging more than 7,000 fake invoices, creating fictitious customers, bogus bank statements and loans raised by forging board resolutions to inflate Satyam's earnings. According to "Additional Fraud at Satyam Discovered," by Bloomberg News in the Nov. 25, 2009, edition of The New York Times, a total of 10 individuals, including the Satyam internal auditor, had been accused. All of them eventually have gone to jail and served time.

Raju still remains in jail. Although the court gave him temporary bail on Aug. 18, 2010, it later revoked it, and he surrendered on Nov. 8. His brother, B. Rama Raju, the Satyam CEO, is also jailed along with another brother, B. Suryanasayana Raju. B. Suryanasayana controlled SRSR Holdings, the entity used to off load shares of Satyam, pledging them as security on behalf of over 300 front companies of Raju and his family. He was also the director of SRSR Advisory Services, which provided accounting and advisory services to those same businesses.

Also serving time are Satyam's chief financial officer, Vadlamani Srinivas, and three of his accounting managers. Satyam's chief audit executive, V. S. Prabhakar Gupta, who has been described as "All Roar, No Bite" by Francine McKenna in The Auditor blog of Feb. 14, 2011 (and originally published at GoingConcern.com on Dec. 17, 2009), was arrested for willing suppression of auditing irregularities. Two of the outside auditors, S. Gopala Krishnan and Srinivas Talluri, also languish in jail.

At the end of September 2010, the company issued financial statements, audited by Deloitte, Haskins & Sells (the name of Deloitte's business operations in India), for the fiscal years 2008-09 and 2009-10. A "prior period adjustment" in the amount of 63.2 billion rupees (approximately U.S. $1.4 billion), primarily due to overstated cash, cash equivalents, deposits and receivables, was recognized as of March 31, 2008. In February 2011, Satyam agreed to pay $125 million to settle U.S. shareholder litigation arising from the accounting fraud, according to the Feb. 16, 2011, Reuters article, "Satyam to pay $125 mln, settle US suit over fraud," by Jonathan Stempel. 

Satyam reached an agreement with the U.S. SEC in April 2011 to pay a $10 million fine. PriceWaterhouse India paid a $6 million penalty to the SEC for "deficient audits." According to the April 6, 2011, article in The Hindu, "SEC slaps $17.5 million fine on Satyam, PriceWaterhouse," Lovelock & Lewes and PriceWaterhouse of Bangalore agreed to pay a $1.5 million fine to the U.S. Public Company Accounting Oversight Board for "violating their rules and standards."

Meanwhile, India's Central Board of Direct Taxes claims that Satyam "… owes more than $137 million in unpaid taxes" and an Indian court froze certain bank accounts of Satyam Mahindra, according to the March 28, 2011, article, "India's Satyam Hit With Asset Freeze," by Paul McDougall in InformationWeek. The NYSE de-listed the stock in 2010, but the current Satyam management is anxious to have it re-listed after complying with U.S. accounting standards by the end of 2011. 

Satyam has been sold to Tech Mahindra, a subsidiary of Mahindra & Mahindra, and operates today as Satyam Mahindra. The new management team, as discussed in its two-year annual report for 2008-09 and 2009-10, has identified that under prior management, the company: 1) had few internal controls at the entity level, 2) no enterprise risk management, 3) an excess of unrestricted user access to many IT applications and 4) deficiencies in internal audit.

External auditors' remuneration of 37 million rupees for FY2008 grew to 74 million rupees in FY2009 and fell back to 33 million rupees in FY 2010. The Institute of Chartered Accountants of India, the country's certifying, standard-setting and regulatory body since 1949, was also placed under pressure. They have been monitoring the case closely and evaluating whether to suspend or revoke the licenses of four chartered accountants involved with the Satyam fraud.

LESSONS LEARNED: CORPORATE GOVERNANCE BEST PRACTICES  

Related parties. Of course, internal or external auditors, or other key stakeholders, including the board of directors, should never ignore significant risk factors. The Satyam case involved a family-dominated business with rapid growth and excessively large cash balances. A heightened professional skepticism was imperative.

The Raju clan strove to maintain an entrepreneurial, family-managed and family-controlled entity while simultaneously wanting access to global capital markets to fuel its business growth. However, whenever a business desires access to these markets, it must recognize the rules of engagement set forth by regulators and the marketplace. Then, generally, compliance is mandatory for long-term sustainability in the global capital markets.

Many leading multinational organizations will only retain family management of an acquired business, especially one in an emerging market, for less than two years — the business cannot be perceived as a "family dynasty." Typically, an organization will install a new, professional management team, competent in good governance principles, to implement the business' governance best practices.

Qualified governance professionals. Each member of the board of directors in general, and the audit committee in particular, should be well-qualified for the job. They must have the independence, competency and experience to address the strategic and operational business risks. Satyam had glibly claimed full compliance with SOX, but it had no audit committee financial expert and no formal enterprise risk management program, which are both violations of the act.

External auditors. External audit firms should not have "trophy clients," which receive special treatment. In the Satyam case, the excessive high audit fees (anecdotal evidence is that Satyam paid auditors two times the going market rate for audit fees for a company of its size) were a red flag. The representation of an international audit firm by different local firms doing business within a country [i.e., the continuing presence of Price Waterhouse & Co. and Coopers & Lybrand (Lovelock & Lewes)] may have possibly resulted in quality control issues. These combined factors erode auditor independence.

Internal auditors. What can an internal audit department do to assess whether safeguards have been compromised or if there are loopholes? Study previous fraud cases of international entities listed on multiple stock exchanges and the reasons why the fraudsters were able to succeed. Recognize that fraud is often a team sport! In the Satyam case, 10 individuals were sent to jail. Internal auditors must always look for collusion and complicit behaviors. And it does not hurt to load your internal audit department and special investigative unit with CFEs.

Internal audit leadership. Carefully assess the governance of the chief audit executive (CAE) role. Some organizations are outsourcing the internal audit function, but outside auditors often are not familiar with your internal workings and your unique suspicious behaviors and irregularities. Other businesses are filling the CAE role on a rotational basis with financial executives within its organization. When weighing this option, consider the CAE's ability to maintain independence and develop necessary competencies within the function. It is difficult for the internal audit function to be independent within a family-dominated business.

Whistleblowers. The U.S. Dodd-Frank Act of 2010 offers major protection and bounty afforded to whistleblowers. Other countries must now adopt similar legislation to retain healthy capital markets and flow of international capital.

Investigative approach. After Raju's confession, it was critical that Satyam select and oversee an independent outside investigation team of professionals. In the early stages of an investigation, all bets are off. So an organization should consider all factors including the local context, language, culture, and applicable laws and regulations. The professionals must ask questions, questions and more questions. Indeed, the only questions that should be feared are those that are never asked.

Investigators cannot do anything about the unknown. Organizations must resolve inconsistent story lines and contradictory evidence. To do otherwise, a cunning fraudster who is "riding a tiger," will fall off and be eaten. And blindsided financial executives will earn the disparaging description of "All Roar, No Bite."

Marjorie Maguire-Krupp, CPA, CIA, CFSA, is president of Coastal Empire Consulting in Savannah, Ga.  

George W. Krull Jr. , Ph.D., CPA, retired in 2000 as a partner in the Executive Office of Grant Thornton LLP. He is a member of the Sponsoring Group of the Pathways Commission to study future paths of higher education for those seeking entry into the accounting profession.  

Sridhar Ramamoorti, Ph.D., CFE, ACA, CPA/CITP, CFFA, CFSA, CGAP, CGFM, is an associate professor of accountancy at Kennesaw State University in Kennesaw, Ga.   

The Association of Certified Fraud Examiners assumes sole copyright of any article published on www.fraud-magazine.com or www.ACFE.com. ACFE follows a policy of exclusive publication. Permission of the publisher is required before an article can be copied or reproduced. Requests for reprinting an article in any form must be emailed to FraudMagazine@ACFE.com.