Fraud in the News Emphasizes the Need for Segregation of Duties
Recent news headlines expose several financial accounting scandals, and AAFCPAs brings these to your attention in an effort to increase awareness and remind clients about the importance of implementing and verifying adequate segregation of duties. In these stories, embezzlers use their position, their employer’s misplaced trust, and inadequate fraud risk management to defraud these organizations of millions of dollars. We remind clients to “trust but verify” to safeguard company assets.
Fitchburg woman pleads guilty to embezzling $1.3 million from employer – An office manager responsible for a life science technology firm’s accounts payable stole hundreds of checks that she made payable to herself, forged her boss’s signature, and then deposited these into her personal bank accounts.
Former accountant charged with stealing $3.4M from employer in Boston – An accountant/office manager for an investment advisor company wired funds from its accounts to his personal accounts and forged company checks payable to himself.
Accountant Who Hid on Appalachian Trail Jailed for Embezzling Millions from Pepsi Bottler – A controller set up fictitious vendor accounts and manipulated the monthly accounting reports.
In each of these cases, the perpetrator could have been thwarted had the entities implemented a system of internal controls, including adequate segregation of duties. Segregation of duties is a key internal control intended to minimize the occurrence of errors or fraud by ensuring that no employee has the ability to both perpetrate and conceal errors or fraud in the normal course of their duties.
Generally, the primary incompatible duties that need to be segregated are:
- Authorization or approval
- Custody of assets
- Recording transactions
- Reconciliation/Control Activity
In the life science technology firm case, it is reported that the office manager concealed her criminal acts and avoided detection by removing copies of the negotiated checks when sent back by the bank, and falsified entries into the general ledger to make it appear as if the stolen checks had been used to pay legitimate vendors. In this case, it is evident that there was a lack of controls which allowed the office manager to take custody of the check stock, record a fraudulent transaction in the general ledger, and falsify the bank statement before the reconciliation process.
In the investment advisor company case, the accountant/office manager allegedly concealed the payments by making false entries in the company’s general ledger and by manipulating the company’s bank statements to remove references to wire transfers he had made into his personal accounts. Similar to the first case, the accountant appears to have been performing three of the above incompatible duties.
In the Pepsi bottler story, the controller established fictitious vendors, used a miscellaneous account where he could charge off these fraudulent checks, and manipulated the legitimate accounts to offset the amounts in the miscellaneous account. In this case, it appears the embezzler was responsible for potentially all four of the above mentioned incompatible duties.
According to the Association of Certified Fraud Examiners’ 2016 Report to the Nations on Occupation Fraud and Abuse, “the most prominent organizational weakness that contributed to the frauds in our study was a lack of internal controls, which was cited in 29.3% of cases, followed by an override of existing internal controls, which contributed to just over 20% of cases.” The 2016 report examined 2,410 cases of fraud.
Segregation of Duties seems to be a simple process, but if not properly followed—and routinely verified—it can lead to disastrous consequences, including: financial losses, lost inventory, lost productivity, legal problems, and tarnished reputation.
AAFCPAs advises clients to implement adequate divisions of responsibilities among those who perform accounting procedures or control activities and those who handle assets. If one person does it all, and resources are limited in you finance office, consider using the CEO, Executive Director, Board members, or a consultant to help segregate duties. In addition, routinely test financial and operational processes and procedures to verify that what you think is happening is what is actually happening. Testing also sends a message that you are proactive in protecting the company’s assets, and serves as a strong deterrent to would-be offenders.
AAFCPAs reminds clients that Segregation of Duties is an important component to your fraud risk management program, which includes preventative, detective and responsive techniques. No organization is “too small” to have a fraud risk management program.
For more information, please contact your AAF Partner, or John Buckley, CPA, at 774.512.4039 or firstname.lastname@example.org.