By Rob Shaff, CFE, as told to Sarah Hofmann, CFE
Many fraud examiners are familiar with stories of fraud taking place because too much trust was placed in an employee. This problem is most prevalent in small organizations because a single person may be relied on to complete multiple job functions. In the ACFE’s 2018 Report to the Nations, organizations with less than 100 employees experienced a median loss of $200,000 per fraud instance — nearly double the amount that larger organizations experienced. Small organizations also may not have the resources to put anti-fraud controls in place. The report found that 42% of fraud instances in small organizations were caused in part by a lack of internal controls, compared to 25% in larger organizations. Too much trust in one veteran bookkeeper led one small nonprofit to lose approximately $3 million.
Susan* was a trusted employee at a small 501(c)(3) that operated under a larger national organization. She was the longest tenured employee, having worked there for 20 years, and served as a historical resource for other employees. The executive director, Marilyn* relied on Susan for a variety of tasks. Susan rarely took vacations. When she started a new side business, she told coworkers that it was her mother’s business. Marilyn noticed that Susan often had new handbags and drove a nicer car than anyone else but didn’t think about it too much.
At a human level, while Marilyn was absolutely brilliant, resolute and honest about what was going on, this took a terrible toll on her. She is a strong woman, but I could tell when we spoke that it was a nightmare for her.
One day Marilyn was talking to her friend, who happened to be the banking officer for the organization, about future projects she wanted to undertake. The banking officer seemed surprised and informed Marilyn of the low cash balance the organization had. The banking officer also commented how surprised she was at how many checks were written to Susan.
Marilyn quickly called in their law firm, which in turn hired a CFE for a consultation. The CFE explained, “After much discussion, I advised them to hire a CPA firm to attempt to quantify the individual checks, amounts and length of time — I felt having a firm quantify these amounts independent of me would provide a clearer audit trail at trial. After they completed their project, we began our engagement. It was at this time that we discovered her patterns and sheer breadth of the embezzlement.”
They soon discovered Susan had a pattern of behavior that she had exhibited for more than a decade. She would write herself checks and would either use Marilyn’s signature stamp or forge her signature. Within the accounting system, she would code these checks to an obscure general ledger account. Since the financials and general ledger were never reviewed by anyone other than Susan, there was little risk for her. Later, she would alter the checks and recode the expenditures out of the obscure account to a general ledger account befitting the type of expenditure.
Prior to their bank introducing item imaging, Susan would simply remove the canceled checks (from the bank statement package) she wrote to herself and destroy them. When the bank began using check imaging, she covered her tracks in a rudimentary way. During an interview, the hired CFE asked Susan what software program she used to alter the check images in the bank statements. “She looked at me quizzically, and said, ‘I didn’t use software. I cut-and-pasted.’”
Susan said that she would make copies of previous bank statement images, cut out a vendor name using an exacto knife and paste the vendor name over her name in the image. Then she would re-copy the current sheet of images. “I asked her if anybody ever inquired about the strange look of the images, and she said she made copies of the images sheets and never gave anybody an original bank statement,” explained the CFE. “I asked her specifically if the auditors ever requested original bank statements, and she said that if they did, she only gave copies and nobody ever objected.”
I asked her specifically if the auditors ever requested original bank statements, and she said that if they did, she only gave copies and nobody ever objected.
The organization’s bank only kept statements and image records for seven years prior, but the investigators requested and randomly examined older records from off-site storage. That sample showed the same pattern of canceled checks, leading investigators to determine Susan’s scheme had lasted more than 10 years.
In the end, Susan stole an estimated $2.8 million and was sentenced to 57 months in federal prison. However the damage was deeper than a dollar amount. “At a human level, while [Marilyn] was absolutely brilliant, resolute and honest about what was going on, this took a terrible toll on her,” explained the CFE. “She is a strong woman, but I could tell when we spoke that it was a nightmare for her. The board members I worked with displayed the typical range of emotions – disbelief, anger, anguished worry – but were unyielding in their resolve to see the case through.”
Lessons from the CFE: The clarion call on this one was a step back to basics. I think all of us lean toward the idea that numbers tell the primary story. This case is proof of the fallibility of this thought process. The basic integrity of any systems-based process is within the system structure, protocols and adherence to each step within the protocols. If there are barriers to protocol, say, a small staff inherently creating separation of duties issues, then workarounds and mitigation must be considered. The scary part of this fraud was that two separate CPA firms missed this fraud, and it was simply due to not increasing their sample sizes and accepting documents that, while appearing authentic, were not.
The Report to the Nations and any accompanying charts, graphs, PowerPoint slides, or related content (collectively "the Materials") are available for use free of charge as a public service of the ACFE. You may download, copy and/or distribute the Materials for personal or business use on the following conditions: