One step forward, two steps back

Fraud examiners are always working to persuade management to search for internal fraud and adopt wise prevention controls. However, anti-fraud professionals can only give their best counsel and then work hard for a good outcome. Here are a fraud examiner’s early successes in a case and later frustrating management decisions. Regardless, he’s not daunted.

Sometimes, it seems like we’re making meaningful progress in our fraud examinations and fraud prevention, and then we encounter barriers. The efficacious resolution of a case is the end goal, but as risk managers tasked with reducing losses throughout organizations, we’re often embarking on long journeys with early successes and frustrating dénouements.

Some years back, before I was an independent consultant, I accepted an exciting opportunity to build an in-house risk management and asset protection program for a fast-casual restaurant chain (we’ll call it Bountiful Abundance) with an aggressive growth plan. The company already had hundreds of locations across multiple states. As a team of one, I began meeting with key stakeholders and visiting restaurants to determine the control systems they had in place to prevent fraud, which was just one of my many responsibilities.

In the hospitality business, comparative sales are perhaps the key metric to measure success. Also referred to as “same store sales,” this metric compares sales in a given period to that same period the year before, which shows whether revenues are growing or declining. Restaurants give managers various tools to manage the “guest experience,” including voids, comps and discounts (VCD). These tools can promote guest satisfaction — such as comping an entrée for a guest whose meal came out late — but employees can abuse them so they become embezzlement vehicles.

As I toured Bountiful Abundance restaurants, and discussed controls and brand standards with the operators, I determined that conditions probably were allowing fraud that could be widespread.

Exception-reporting in VCDs

Some of my peers from other organizations often wonder what could keep me busy as a fraud examiner in a restaurant. One retail management friend, whom I spent time with working on computer theft rings, once asked me if I spent my time in the kitchen inventorying the shrimp! He was kidding, of course, but he couldn’t fathom that I’d be working on anything material. I told him that where people and cash intersect, fraud opportunities always abound, and the scope can be significant.

I knew that an effective exception-reporting program was vital to identifying and controlling fraud and abuse in VCDs. Bountiful Abundance’s accounting and finance team told me each restaurant had reporting in place — a dashboard that produced each period for area managers and highlighted VCD categories on profit-and-loss (P&L) statements when expenses exceeded monthly budgets. So, Bountiful Abundance’s main office felt fraud was under control, and fighting it now wasn’t a priority. However, I knew from experience the dashboards likely don’t identify fraudulent activity. Some operators even seemed to misunderstand the potential for fraud because “most of our sales come from credit cards anyway,” they said. At the same time, sales were down. And company spend in categories like comps, which reduce sales, was widely variable across locations.

Illustrative case history for restaurant operators

I needed to give the restaurant operators an actual business case to illustrate the need for better reporting and how fraudsters could convert sales to cash and impact P&L statements.

It wasn’t long before a local restaurant sent me a tip about some questionable activity of a visiting supervisor. The manager was on vacation, so a supervisor from another restaurant (we’ll call him Stan) filled in some shifts. A longtime employee (we’ll call her Kate), a cashier, noticed that one afternoon, during a lull in the day’s traffic, Stan was ringing a transaction at the register with no guest present. Kate then saw Stan throw the receipt in the trash. After he walked away, she picked it up and determined that he’d reopened a closed transaction and comped the entrée off the check (or meal bill). This would put Kate’s assigned cash drawer in an overage position at the end of the shift because no money seemed to have been removed.

Kate confronted Stan who became nervous and agitated. He said that a female guest had been unhappy with her food, and he’d given her a refund. Stan pointed to a guest sitting in a corner booth. The cashier was confused because this guest was a regular and had told her how much she’d enjoyed her soup that day.

Kate could see Stan was upset that she’d challenged him, so she let it go. At the end of the shift, he handled the countdown and balancing of the drawer. However, a day or two later, she saw Stan do the same thing. After her shift, Kate reported the incidents to the human resources department. HR asked me to investigate. I began by pulling Stan’s personnel and time-card records. I determined the company had recently re-hired him as a supervisor, and a few months prior to that he was a cashier. I asked the company’s finance and accounting department for the dashboard reports for comps and discounts for Stan’s home restaurant. The reports showed no red flags, but the dashboard only displayed summary data as compared to the expected budget.

I asked for raw data from both restaurants and began looking at Stan’s specific activities compared to others in similar roles in comparable shifts. I found striking differences. I then compared his activity to that of other restaurants in the brand and determined that he had an extremely high rate of comps and discounts on meal checks during his shifts. He was responsible for 90% of the total VCD activity for the restaurant. Also, as part of the controls on the point-of-sale (POS) system, Stan was required to type in an explanation for the discount; in most cases, he just typed in random letters or repeatedly used the same reason, such as “burned food.”

Stan’s questionable activities began within a few weeks after the restaurant brand had hired him and then showed no signs of stopping. The average meal check at a fast-casual restaurant might range from $10 to $15, and most restaurants only comp one to two checks a day. However, his activity in aggregate showed thousands of dollars in comps compared to a couple hundred dollars by his peers.

A background check showed that he was on probation for a theft offense — shoplifting — he’d committed at a prior employer, a retail store. The company only ran background checks on salaried managers; he was an hourly supervisor when he was a new hire.

Observing Stan in action

I arranged to visit the restaurant on a day when Stan was working. I obtained access to the POS system data so I could see his activity during his shift. He comped multiple checks when no one was at the register. The HR representative was with me; we asked the general manager to cover the restaurant while we spoke with Stan.

As we sat down, I asked him if he knew why we were there. Stan’s eyes widened, and he nervously said, “No, not really.” During the interview, he admitted that he’d been stealing from the company for several weeks. Stan said he was having some financial difficulties — including legal fees related to his prior offense — and it had quickly become a habit. He said he initially intended to only take a small amount, but when no one questioned his activity, he just kept stealing.

I reviewed Stan’s documented comp and discount activity with him, and he initialed transactions he felt were fraudulent. He admitted that almost all of his activity was fraudulent. I asked Stan if he’d taken any money during his current shift, and he pulled out a wad of cash from his pocket. We obtained his statement, recovered the cash from his fraudulent activity that day, and the general manager fired him.

The general manager was surprised at Stan’s theft level. She hadn’t been trained to review daily activity, and her area manager hadn’t notified her that anything was amiss on her financials because the area manager relied on the summary report that showed the overall budget for discounts to be within an optimal range based on sales. I reviewed the general manager’s feedback with the restaurant brand’s accounting and finance team. We compared monthly reports to Stan’s activity, and the team was able to begin to understand why we needed to look at patterns of activity as compared to just looking at summary financial data.

Let’s enhance that reporting program

The head of the finance department immediately understood the need for meaningful data and assigned two analysts from the financial reporting team to help me develop an improved exception reporting program. Because of financial constraints, the company wouldn’t be able to purchase an off-the-shelf exception reporting program, but it did commit to manually producing monthly reports that would identify this type of fraud.

With their Excel skills and my investigation experience, we produced an initial report that broke down six weeks of comp and discount activity by employees compared to their peers. We set up categories for general managers, assistant managers, supervisors, cashiers, etc. We established baselines for activities and then highlighted those employees who exceeded baselines by multiples of the standard deviation. We ranked those individuals whose activity was high for a multiple of weeks to reduce unnecessary time spent on isolated incidents such as a refunded catering order.

I partnered with the vice president of operations to roll out the new reporting. I received interesting feedback during a meeting with the regional directors’ group. Some didn’t want the new reporting. I reviewed the recent investigation details, but they felt this was an anomaly. They liked the reporting just the way it was and didn’t want to sift through the details, even though each report would come to them already filtered for their region. I asked them to trust me and use the report. We’d be reviewing the report simultaneously and partner with them to investigate the exceptions.

Startling results

The results were immediate and stunning for a company that never had an effective fraud prevention program. The analysts and I identified numerous instances of questionable activities from Phoenix to Kansas City to Baltimore. From cashiers to general managers, we investigated hundreds of thousands of dollars in comp and discount activities.

Because I was just a team of one, I trained the company’s HR supervisors to lead the area managers through appropriate investigative techniques. The first resolved cases showed a clear companywide pattern of control breakdowns, and unchecked fraud and abuse. These initial investigations identified average losses of $10,000 to $15,000 per case because the activities in many cases had gone on for months.

I invited an area manager who successfully used the report to identify a significant fraud in her area to join the weekly leadership call and help other operations’ leaders see how they could use the report as well.

After the initial rounds, we continued to identify fraudulent activity with each report, but the average loss per case was significantly less because we were finding fraud more quickly. Sometimes employees were fraudulently using their managers’ or supervisors’ passcodes to enter the POS systems. Word quickly spread throughout the organization about the new fraud-fighting initiative in the VCD area. When area managers would approach suspected employees sometimes the employees would just turn in their keys and leave.

At the same time, we began implementing a comprehensive program to effectively manage and control comps and discounts. We reduced the myriad of options to comp or discount meals checks on the POS system and changed codes and reinforced password security expectations. We introduced percentage-of-sales targets for the VCD categories as compared to simple dollar amounts budgeted. The targets were an across-the-board reduction. We put in place a plan to expand background checks to hourly supervisors.

Material losses for a restaurant

The positive impact on sales and profits was measurable. You might think this is small potatoes compared to the million-dollar frauds in other sectors, but these losses are incredibly material to a small business like a restaurant. Traffic and sales are a constant battle in this competitive space. Gross margins might seem healthy, but net income is a very small percentage of sales. A restaurant that loses $5,000 to internal theft will likely need to generate $12,500 in sales just to cover that loss. Considered another way, if a restaurant makes $1 in net profits per guest, it would have to attract 5,000 guests just to break even. Many publicly traded restaurant stocks are impacted by a swing of just a penny per share on earnings. At this particular brand, $275,000 was equal to a penny on earnings. Our fraud program could, and would, have a material impact on the organization.

We began tracking and analyzing investigations. Calls to my office for help investigating all kinds of suspicious activity increased exponentially. We reported success stories and discussed them on the regional directors’ conference calls. These included the resolution and recovery of multiple missing bank deposits from a restaurant at Christmas time. 

Another case identified a manager who’d started embezzling funds after he transferred to a market with a higher cost of living. One case involved a manager who violated policy by renting a room at her house to an hourly employee. This employee stole the manager’s key to the restaurant and was caught breaking in and removing money from the safe.

Some cases were referred for prosecution. On rare occasions, we recovered some of the stolen funds. In each case, we saw improved morale and almost immediate higher profits at the location.

Frustrating retreat

Over time, other macro-economic issues pressured the company. It wanted to reduce general and administrative expenses, so it laid off employees. And managers in the company’s finance department often came to me to recommend to executives to reduce the frequency of reporting or eliminate it altogether. “It’s too time-consuming,” the finance people would tell me. “We don’t have the manpower. And we’ve already greatly reduced comp and discount expenses!” I knew about the impact of not having additional resources, but I also knew any let up in analysis and investigations would result in significant increases in fraudulent activity.

I pressed for continued support of the program. Unfortunately, because of employee turnover and the eventual sale of the company, the reporting program fell by the wayside. I continued to advocate for a renewed effort, but management felt it wasn’t a priority. They said, “we’ll re-visit” the program a few months down the road, “once we get the operational priorities ironed out.” They never did.

Confusing redirection

We know these prevention programs pay for themselves. Sometimes, even when we present an organization hard data, as in this case, it decides to focus resources elsewhere, which seems contradictory when it has goals of increasing top-line sales and increasing bottom-line profits.

Our role is to make recommendations and then support leadership’s decisions (as long as they’re ethical and legal, of course). Sometimes we’ll take a step forward only to frustratingly take two steps back. I’m no longer working with Bountiful Abundance. But if I was, I’d be re-doubling my “one-step forward” efforts.

Baffling pushback

Timing is everything. In another organization, I found a simple solution to reduce credit card fraud by simply making a change in the POS system permissions. Baffling as it was, my fellow investigators pushed back because they were worried about their stats decreasing. The operations department also resisted my solution because it would require manager approval for manually entered credit card numbers.

We continued chasing these cases instead of preventing them but when management changed, I re-visited the subject, and they agreed to implement the change in the POS system permissions. Credit card fraud from manually entered numbers was reduced by 90%. The new leadership wondered why we hadn’t made the change sooner!

Not daunted

If you’re struggling to implement lasting change at your company, don’t despair. Persistent efforts and frequent communication will produce results.

Regardless of outcomes, fraud examiners aren’t daunted. We’ll continue to espouse anti-fraud principles and practices because they work.

Jason Shepard, CFE, ARM, is managing director of Hospitality Risk Partners. Contact him at jason@hospitalityriskpartners.net.