Fraud'S Ingerprints: Dusting Data

prevent procurement fraudulent T&E reports, firing your emotional discerning predication best defense?
‘leakages’ P. 12 ethical lapses P. 20 intelligence P. 26 to examine P. 40 a good offense P. 46
VOL. 35 | NO. 6 | NOVEMBER/DECEMBER 2020

Fraud-Magazine.com
DUSTINGyourDATA
for
FRAUD'S
F INGERPRINTS
P. 32
Learn from the acclaimed authority on Benford’s Law
on how numbers can become your best friends.
S TAT U S Q U O I S C H A I N E D TO T H E PA S T.
Status Go ™
U N C O V E R S W H AT ’ S N E X T.
Are you prepared for what’s next?

See how our innovative solutions can help
your organization deliver results.
Welcome to Status Go.
gt.com/statusgo
© 2020 Grant Thornton LLP | All rights reserved | U.S. member firm of Grant Thornton International Ltd. In the U.S., visit gt.com for details
FROM THE PRESIDENT CONNECT WITH US
FM
Number-pattern tests, like

Read more Fraud
Magazine content online
at Fraud-Magazine.com.
Benford’s, are still valuable FM
W e’ve all been there in a fraud examination.

You’re looking at financial statements, invoice
amounts or expense reimbursements that
appear normal, but you know in your gut that something is
Download the Fraud
Magazine app for
iPhone or Android.
wrong. The numbers just don’t feel right, but it’s not obvious.
Like Alice going down a rabbit hole, you’re becoming
“curiouser and curiouser” about what you’re inspecting.
Mark Nigrini, Ph.D., a leading Benford’s Law expert, Like the ACFE on
Facebook for the latest
writes the excellent, detailed cover article on six typical num-
news, photos, videos and
ber patterns (including Benford’s) that you can search for dur-
exclusive online content.
ing your cases to possibly find fraud. Most of us use modern
continuous audit techniques and data analytics tools, but it’s
valuable to revisit some rock-solid detection methods.
Benford’s Law tells us the distribution of digits in multi-
digit natural numbers isn’t random but follows a predictable Follow @TheACFE
pattern. Certain digits will show up more than others. For on Twitter and keep
example, you’ll see more 1s than 2s, more 2s than 3s, and so informed on breaking
news and industry trends.
on. Fraudsters either aren’t cognizant of this law and the
other number patterns Nigrini covers, or they don’t know
how to override them. They often manipulate numbers to try to fly under the radar, but their data altera-
tions always tell a story.
I can recall seeing several illegal payments beginning with “9” or many round numbers in several Make connections with
cases I prosecuted. And I remember procurement fraud cases in which government officials knew the ex- fellow fraud fighters in
act authorization limits, but they thought they could avoid detection when they bumped up the amounts. the ACFE Community at
As Nigrini writes, fraudsters “don’t know when to stop.” They might start small and carefully, but Connect.ACFE.com.
after their initial success they often become brazen and greedy. The numbers and frequencies begin to
increase unnaturally, and these established number-pattern tests will catch them. That’s when you can
isolate transactions for further review.
The ACFE Report to the Nations (ACFE.com/RTTN) demonstrates that organizations with anti-fraud View stories and photos
controls discover frauds faster and lose less than their counterparts who don’t. CFEs who are trained on Instagram and never
in fraud detection techniques, including recognizing number patterns, of course, help organizations miss exclusive Fraud
reduce their fraud losses. Magazine content.
Unfortunately, in the ACFE’s recent study on the impact of COVID-19 (ACFE.com/covidreport), more
CFEs are seeing reductions in their anti-fraud budgets. Now isn’t the time to cut controls as financial
pressures mount. We can’t let our guard down, especially in a pandemic. We must remain vigilant in
reducing the opportunities for fraudsters to thrive.
“All fraudsters think they’re unique,” Nigrini writes. But CFEs can prove fraudsters wrong with
CONTRIBUTE
Share your expertise
number-pattern procedures. Though we depend on high-tech, fraud-detection tools, Nigrini shows us
and earn up to 10 CPE
that decades-old discovery methods are still valuable. ■ FM credits annually for your
published work. Visit
Fraud-Magazine.com/
Bruce Dorris, J.D., CFE, CPA, is president and CEO of the ACFE. Reach him at:
getpublished.
President@ACFE.com.
FRAUD-MAGAZINE.COM NOVEMBER/DECEMBER 2020 FRAUD MAGAZINE 3

Contents Volume 35, No. 6, November/December 2020
COVER STORY
32
Dusting your data for
fraud’s fingerprints:
Six number patterns
that fraudsters use
By Mark J. Nigrini, Ph.D.
Fraudsters tend to steal in similar ways.

Here are six number patterns you
can search for and possibly find hid-
den fraud. Learn from the acclaimed
authority on Benford’s Law on how
32 Dusting your data for fraud’s fingerprints numbers can become your best friends.
FEATURES
20 Fraudulent t&E ReportS 26 Emotional Intelligence 40 Predication
Fraudulent T&E reports can Predication or not? Discerning when

indicate greater ethical lapses
By Matt Molchany, CFE 20 it’s time to begin a fraud examination
By Dick Carozza, CFE 40
Set fire to your Best defense is a good offense:
26
‘emotional intelligence’ Anti-Fraud Playbook provides practical,
46
By Mandy Moody, CFE actionable guidance
By Sophia Carlton, CFE; and James Ruotolo, CFE
4 FRAUD MAGAZINE NOVEMBER/DECEMBER 2020 FRAUD-MAGAZINE.COM

Publisher John Gill, J.D., CFE
Editor-in-chief Dick Carozza, CFE
Contributing Editors
Cora Bullock, Scott H. Patterson, Randi Zimmer,
CFE
COLUMNS AND DEPARTMENTS Legal Editor Ron Cresswell, J.D., CFE

Contributing Writers
Robert Tie, CFE, CFP; Donn LeVie Jr., CFE
FROM THE PRESIDENT CAREER CONNECTION
Art Director Becky Plante, CFE
Number-pattern tests, like ‘Moneyball’ leadership:
Designers Jennifer Rother, Tracy Paccone
Benford’s, are still valuable Developing leaders from
Circulation Manager Aimee Jost, CFE
By Bruce Dorris, J.D., CFE, CPA 3 within to help deter fraud
Advertising Coordinator Travis Kolaja
By Donn LeVie Jr., CFE 54 Contact: (800) 245-3321 | tkolaja@ACFE.com
FRAUD IN THE NEWS
Editorial Advisory Committee
COVID-19 ripoff, Wirecard FRAUD SPOTLIGHT Jonathan E. Turner, CFE, CII, chair; Emmanuel A. Ap-
piah, MBA, CPA, CFE; Johnnie R. Bejarano, DBA, CFE,
fraud tentacles and more Keeping tax-supported CPA, CGMA; Richard Brody, Ph.D., CFE, CPA; Jeimy
J. Cano, Ph.D., CFE, CAS; Courtney Castelino, CFE,
Compiled by Dick Carozza, CFE 6 officials around the globe CPA, CA, CBV, CFF; Franklin Davenport, CFE; David J.
accountable Clements, CFE; Peter D. Goldmann, CFE; Katya Hirose,
J.D., CFE, CAMS; Robert Holtfreter, Ph.D., CFE; Robert
Kardell, CFE, CPA; Thomas Cheney Lawson, CFE, CII;
CASE IN POINT By Haluk Ferden Gursel, Ph.D., Philip C. Levi, CFE, CPA, FCA; Robert Loh, CFE, CFCS,
Doctoring the books CFE, CPA 58 CIRA; Larry Marks, CFE, CISA, PMP, CISSP, CSTE;
Jimmy S. Pappas, CFE; Cecily Raiborn, Ph.D., CFE,
By Joshua Wiesenfeld, CFE, CPA 8 CMA, CPA (Texas); Dorothy Riggs, CFE; Daniel Semick,
MPA, CFE, CGFM; Katharina Shamai, CFE, CIA, CA,
FRAUD BASICS IIA; Herbert Snyder, Ph.D., CFE; Stéphane Vuille, CFE,
Dealing with narcissistic PCI
interviewees 2020-2021 Board of Regents

Lyn Cameron, CFE, LL.B; Kenneth R. Dieffenbach, CFE;
By Benjamin Schorn, CFE 62 Bruce Dorris, J.D., CFE, CVA, CPA; Eric R. Feldman, CFE;
Bethmara Kessler, CFE; Jeanette LeVie, CFE; Victoria
Meyer, CFE, FCCA, MICA; John Warren, J.D., CFE
Fraud Magazine (ISSN 1553-6645) is published bimonthly

by the Association of Certified Fraud Examiners, 716 West
Avenue, Austin, TX 78701-2727, USA. Periodical postage
paid at Austin, TX 78701 and at additional mailing offices.
Postmaster — Please send address changes to:

Fraud Magazine | ACFE Global Headquarters
8 Doctoring the books 716 West Avenue | Austin, TX 78701-2727, USA
(800) 245-3321 | +1 (512) 478-9000
Fax: +1 (512) 478-9297
Subscriptions
INNOVATION UPDATE ACFE members: annual membership dues include
Prevent procurement $45 for a regular one-year subscription; $15 for an
electronic member subscription, and $15 for student
‘leakages’ and save and retired member subscriptions. Non-member sub-
scription rates are $65. Membership information can
precious working capital 68 Priti Amin, CFE be obtained by visiting ACFE.com or by calling (800)
245-3321, or +1 (512) 478-9000. Change of address
By Vincent M. Walden, CFE, CPA 12 notices and subscriptions should be directed to Fraud
Magazine. Although Fraud Magazine may be quoted
I’M A CFE with proper attribution, no portion of this publication
may be reproduced unless written permission has been
TAKING BACK THE ID Priti Amin, CFE obtained from the editor. The views expressed in Fraud
IRS telephone scams, By Dick Carozza, CFE 68
Magazine are those of the authors and might not re-
flect the official policies of the Association of Certified
remote-working risks and Fraud Examiners. The editors assume no responsibility
for unsolicited manuscripts but will consider all submis-
VPNs for tax pros ACFE NEWS 70 sions. Contributors’ guidelines are available at Fraud-
Magazine.com. Fraud Magazine is a double-blind,
By Robert E. Holtfreter, Ph.D., peer-reviewed publication.
CFE 16 CPE QUIZ 72 To order reprints, visit Fraud-Magazine.com/reprint or
email reprints@fraud-magazine.com.
© 2020 Association of Certified Fraud Examiners, Inc. “ACFE,” “CFE,” “Certified
Fraud Examiner,” “CFE Exam Prep Course,” “Fraud Magazine,” “Association of
Certified Fraud Examiners,” “Report to the Nations,” the ACFE Seal, the ACFE
Logo and related trademarks, names and logos are the property of the Association
of Certified Fraud Examiners, Inc., and are registered and/or used in the U.S. and
countries around the world.

FRAUD in the news Read more news at Fraud-Magazine.com
Defense contractor Singapore charges businessman

for claiming he held $1 billion
allegedly rips off
for Wirecard
$12.8 million in
COVID-19 relief aid
R. Shanmugaratnam, a Singapore businessman, faces
11 charges for falsely claiming he held about $558 mil-
lion (475.5 million euros) on behalf of infamous Ger-
man payments business Wirecard AG. This accusation
Opportunists with no consciences always follows six earlier charges against Shanmugaratnam.
use crises to commit fraud. The U.S. The 11 charges cover more than $1 billion (868 million euros) in cash.
Department of Justice (DOJ) recently According to Singapore court documents, this director of Citadelle Corporate Ser-
arrested and charged Martin Kao, 47, vices Pte was charged with five counts of “willfully and with intent to defraud” falsifying
the CEO of Martin Defense Group of letters to Wirecard, Wirecard UK & Ireland Ltd. and Cardsystems Middle East FZ LLC.
Honolulu, for allegedly bilking $12.8 mil- The charges say Shanmugaratnam falsely stated he’d held about 378 million euros
lion in coronavirus relief aid earmarked in escrow across multiple accounts as of December 2016 and 97.5 million euros as of
for small businesses. November 2016 in another account.
The DOJ charged Kao with bank Singapore is home to Wirecard’s Asia-Pacific headquarters. The region accounted
fraud and money laundering for falsify- for almost 45 percent of the groups reported revenue in 2018.
ing loan applications for the Paycheck (See “Singapore Businessman Charged With $558 Million Wirecard Fraud,” by
Protection Program (PPP) that Congress Chanyaporn Chanjaroen, Bloomberg, Oct. 1, tinyurl.com/y6sfswrx.)
created as part of the $2 trillion CARES
IMAGE: Alexander Hassenstein / Getty Images Europe
Act.
According to the criminal complaint,
Kao lied to lenders about how many
employees he had so he could receive Grand Prix CFO’s tax-defrauding racer stalls
more money than he was eligible for. The
complaint said he told a bank that he According to The Boston Globe, JOHN obtained more than $145,000 in small
had nearly 500 employees when he had F. CASEY, 56, the former CFO of the business loans for the rink business
fewer than 150. He allegedly used his defunct Boston Grand Prix race, was re- even though he’d sold it more than two
subsidiary companies to hide that he’d
cently arrested on charges he allegedly months earlier.
already obtained PPP loans from other
failed to report income he received as a Prosecutors said Casey also is
institutions.
race executive, and plotting to defraud charged with allegedly LAUNDER-
The criminal complaint describes
how Kao tried using his U.S. Senate equipment and small business financ- ING FUNDS from his fraud and with
connections to convince banks to fork ing companies. failing to include the income on his
over the bucks. Kao emailed a bank ex- Prosecutors say the Grand Prix TAX RETURNS.
ecutive on April 2 that he works “very group made payments to or on behalf (See “Former Boston Grand Prix
closely” with several U.S. senators who of Casey totaling $308,292 in 2015 and CFO arrested for alleged tax and
were champions of the CARES Act. He $601,073 in 2016, which he allegedly fraud scheme,” by Travis Anderson,
said he wanted to provide lawmakers “failed to include in the gross income Boston Globe, Sept. 29, tinyurl.com/
with a positive story about securing a he claimed on his personal tax returns y2z57rnm.)
loan — his own. for those years.”
(See “Prominent Hawaii Defense
Prosecutors also allege that Casey
Contractor Arrested For CARES Act
secured more than $743,000 in funds
Fraud,” by Nick Grube, Honolulu Civil
from equipment financing companies
Beat, Sept. 30, tinyurl.com/yxgosp65.)
purportedly to buy equipment for an ice
rink he owned. They say he allegedly
6 FRAUD MAGAZINE JULY/AUGUST 2019 FRAUD-MAGAZINE.COM

ACFE On-Site Training
Anti-Fraud Training for Your Team
Increase your team’s ability to detect and prevent
fraud with knowledge and solutions that can be
applied immediately in a cost-effective way. Our
instructors bring years of fraud fighting experience
directly to you by using course materials from the
world’s leading provider of anti-fraud education.
One-day and multi-day course topics include Bribery and Corruption,

Financial Statement Fraud, Professional Interviewing Skills, and more.
CONVENIENT DYNAMIC NASBA COMPLIANT

On-Site Training is conducted at a Your team’s specific concerns and ques- On-Site Training Courses adhere
time that works with your team’s tions will be addressed and focused on to NASBA standards to meet the
schedule at your facility. your organization’s unique needs. continuing professional education
needs of your staff.
On-Site CFE Exam virtual formats

Review Course available
Get your team on the fast track to passing Livestream training to any number of
the CFE Exam with an On-Site CFE Exam employees with no travel required.
Review Course. Our expert instructors travel Virtual classes can be viewed from
to your organization and give your staff the multiple locations at once and offer a
tools they need to pass the CFE Exam in an convenient way for you to provide
efficient 4-day course. high-quality training to your teams.
Bring the ACFE’s premier anti-fraud training to your organization.

ACFE.com/OnSiteTraining
CASE IN POINT Case history applications
Doctoring the books

These case studies will help inoculate medical practices against fraud through
sound ACFE principles — from financial oversight to segregation of duties.
A
former dental office employee dry, business-related tasks necessary to Ignorance of financial
I recently met, after hearing operate functioning practices. operations
that I’m a CFE, immediately Physicians in smaller practices, In 2004, Benjamin Perlman, a Boston-
began to fill me in about an embezzle- especially, are likely to trust just one or based dentist, interviewed a young
ment his former workplace suffered. I two individuals to handle every finan- woman, Tina, to fill the business manager
cial aspect of the business — including position at his practice. Tina was smart,
smiled wryly as the narrative unfolded.
receipts, invoices and bookkeeping. Medi- confident and knowledgeable. He hired
This wasn’t the first time a member of
cal practices are ripe for exploitation. her on the spot.
the medical industry shared this kind of
Through my work investigating Perlman had a lot going on in ad-
story with me. Indeed, this reaction is
medical employee fraud and speak- dition to his dental practice. He ran a
almost de rigueur.
ing to victims, I’ve noticed emerging charity dental clinic in the Middle East
Medical establishments are unique- patterns. These case studies, which and held several real estate interests.
ly vulnerable to fraud their employees I’ve collected through my work experi- He didn’t have the time or proclivity to
perpetrate. Doctors, dentists and their ences, exhibit some common red flags manage the tiresome details of running
ilk generally prefer to focus on caring for of fraud-susceptible medical practices. his busy practice. Perlman felt that Tina
their patients rather than attending to I’ve changed names and places. could free him of that responsibility.

She proved uber-competent, so the check for $3,465 wasn’t mailed to
Perlman trusted her implicitly. He Moriarty, but to an Anita Gonzalez at a
COLUMNIST
totally removed himself from financial JOSHUA totally unrelated address.
operations and allowed her to run the WIESENFELD, Franklin’s billing department placed
practice as she saw fit. Tina opened all CFE, CPA a call to Gonzalez and asked her if she’d
mail and cut every check, including her FORENSIC ACCOUNT- received a check from the Franklin
ING SUPERVISOR,
own paycheck. She made all the bank WISS & COMPANY Group for $3,465. “I did,” she replied.
deposits and became well-acquainted “My mother works at Franklin. I’ll check
with the bank employees. They knew with her and see if she knows anything
that her boss trusted her and authorized Take control of your about this.”
her every request.
After about a year, Perlman began
books and protect The billing department found that
Gonzalez’s mother, Amy Lopez, worked
to notice that the business checking ac- your practice. Maybe as a payment poster. Lopez was respon-
count seemed to be perpetually short on
funds. He chalked it up to a temporary
it’s boring and sible for recording patients’ payments
and alerting the accounting department
dip in business and didn’t give it much tedious. But better when a patient overpaid so it could
thought. He knew Tina had everything
under control. One morning soon after,
bored than defrauded. issue a refund. Lopez was immediately
escorted off the premises.
however, the bank notified Perlman that A subsequent investigation found
four checks had bounced. Confused, that Lopez had manipulated the refund
he paid a visit to the bank. The teller She was sentenced to two years in system so she could embezzle $50,000
produced copies of the day’s checks for federal prison and deported to her na- within three years. Lopez would iden-
review. Perlman scanned the images tive Vietnam after her release. Perlman tify her victims by studying a master
and felt a pit form in his stomach. The wasn’t able to recover all the stolen mon- schedule of stale payments, which
very first check amounted to $1,500 — ey, and he had to borrow money from his management rarely, if ever, reviewed.
and was made out to Tina. sister to make it through the year. Lopez would change patient names and
Perlman quickly asked to see all Perlman now regularly reviews all addresses to that of her family members
the practice’s activity for the last 30 the practice’s financial records. He also in the computer system. Once account-
days. He did some quick calculations personally cuts every check and has all ing would issue a refund, Lopez would
and realized that, during this period, business mail delivered to his house. change the information back to the
Tina had paid herself $10,000 on top of He’s determined to never be victimized patient’s.
her normal paycheck. He immediately this way again. We spoke to every payment poster
placed two phone calls. The first was to at Franklin. They all told us they didn’t
his accountant; the second was to the Insufficient oversight need the ability to alter demographic
police. When Tina arrived to work that The billing department at the Frank- information to perform their jobs.
morning, two officers awaited her. She lin Group, which ran a chain of pain- Therefore, Franklin payment posters are
wordlessly supplied the officers with treatment centers, received a call from no longer able to change demographic
her lawyer’s business card and present- a patient, Gilbert Moriarty. Moriarty information, and management now
ed her wrists to be handcuffed. had found a credit card charge of $3,500 reviews the payment schedule each
Perlman ultimately discovered from the Franklin Group, but his copay month.
that Tina had embezzled more than should’ve been only $35. Clearly, a Frank-
$100,000 from his practice during her lin employee inadvertently added two Duties aren’t segregated
year of employment. And he wasn’t zeros to the charge. Steven Walsh’s father died when Steven
Tina’s first victim — she’d executed the The billing department reviewed was still a boy, and his uncle, Henry
same scheme at several other practices. their records and found another prob- Walsh, assumed the role of father figure
Tina’s total ill-gotten gains had exceed- lem. The Franklin Group had already to his young nephew. When Steven went
ed $500,000. issued a refund for the balance. Oddly, off to college, Henry encouraged his

NEW! DOCUMENTARY SELF-STUDY CPE COURSE
CASE IN POINT
nephew to follow in his footsteps and

become a doctor. Steven did so, even
attending the same medical school as
his uncle. He ultimately joined Henry’s
orthopedics practice.
Five years into the venture, Ste-
ven’s wife, Linda, grew suspicious. She NEW!
consistently earned more money in her
job as a physical therapist than did her
orthopedist husband even though his
practice was busy. Henry’s wife, Debbie,
kept the company’s books and handled
all the practice’s mail. Henry assured
Steven that his low salary was the
result of a struggling practice. Steven
trusted his aunt and uncle — the last
thing he wanted to consider was that
they were swindling him.
Collared: A Story of Insider
Debbie eventually convinced Ste-
ven to approach his uncle and ask for
Trading and White-Collar Crime
access to the company’s books and tax
returns, but Henry repeatedly rebuffed
This unique online self-study course includes the feature-length documen-
Steven. One afternoon, while Steven
was chatting with the billing manager, tary, “Collared: A Story of Insider Trading and White-Collar Crime.” In the doc-
he casually mentioned that the practice umentary, you will learn about the most prolonged insider trading scheme
was doing poorly. The billing manager ever discovered by American and Canadian securities investigators from
gave Steven a quizzical look. “What are leading scholars, experts and the fraudster that perpetrated the scheme.
you talking about?” she asked. “We’re
clearing millions every year.” In this course, you will learn what constitutes insider trading and the ways
Steven promptly hired an attorney that inside traders rationalize their criminal behavior. Additionally, you will
and a team of CFEs. The team ulti- discover methods used by insider traders to avoid detection and ways to
mately uncovered almost $2 million in
identify and prevent insider trading.
damages and discovered that Henry
and Debbie Walsh had paid all their
personal expenses through the practice
YOU WILL LEARN HOW TO:
and drew unusually high salaries. In • Differentiate what constitutes insider trading
CPE Credit
concert with their CPA, they’d hid their • Recall ways that insider traders rationalize 4
fraudulent activity from Steven for five their criminal behavior
years. • Identify the consequences of an insider
Steven eventually settled with his trading conviction
aunt and uncle out of court and took • Determine ways to identify and prevent
Course Level
over as full owner with total access to insider trading
Overview
the financial records. He now runs a • Recognize methods used by insider traders
thriving practice, but he hasn’t recov- to avoid detection
ered from the emotional toll of his
uncle’s betrayal.
$159.20 Members / $199 Non-Members Prerequisite
None
10 FRAUD MAGAZINE
Visit ACFE.com/Collared to learn more.
One afternoon, while Steven was chatting with the would’ve struggled to hide his illicit
financial activity.
billing manager, he casually mentioned that the
• Familiarize yourself with the book-
practice was doing poorly. The billing manager gave keeping and business side of your
Steven a quizzical look. “What are you talking about?” practice. Franklin employees know
that, after the Lopez incident, the
she asked. “We’re clearing millions every year.”
chances of getting anything by
management are slim to none. The
Better bored than defrauded • If you run a small practice, don’t en- knowledge that you regularly review
Unfortunately, none of these cases are trust an employee to cut checks. Write the books should be enough to deter
unique. Medical partner fraud is more the checks yourself. It’s too easy for an most ethically challenged employees
employee to take an unauthorized cut from defrauding the practice.
common than most medical profession-
Take control of your books and
als realize. Medical practitioners who of your earnings. Remove that tempta-
protect your practice. Maybe it’s bor-
wish to avoid employee fraud can take tion and avoid defalcation.
ing and tedious. But better bored than
these steps to protect their practices. • Properly segregate duties. Henry and defrauded. ■ FM
• Consider having business mail sent to Debbie Walsh were able to cheat their
your home, a step Perlman adopted. nephew for five years because they Joshua Wiesenfeld, CFE, CPA, is
This will minimize, if not eliminate handled the books and taxes. Had a financial investigator at Labaton
entirely, the opportunity for employ- Steven been responsible for some of Sucharow, LLP. Contact him at Joshua.
ees to tamper with correspondence. the practice’s fiscal tasks, his uncle wiesenfeld@gmail.com.
Are you
winning the fight
against fraud?
SPEND LESS TIME ACQUIRING AND ANALYZING DATA AND
MORE ON STOPPING FRAUD
Helping you manage robust anti-fraud or anti-bribery programs from

detection through to case resolution—to protect your organisation’s
integrity and to meet your anti-fraud compliance obligation.
Ready to focus with HighBond?
See how FraudBond can work for you: wegalvanize.com/fraud-risk-management/

INNOVATION UPDATE Practical anti-fraud ingenuity
Prevent procurement ‘leakages’

and save precious working capital
Given the current economic climate and regulatory expectations,
monitoring procurement spending for fraud, waste and abuse
(aka “leakage”) is even more important. We can proactively monitor
procurement data via big data analytics, which will reveal transactions that
are fraudulent or diminish working capital.
C hief financial officers (CFO) are

always looking for opportunities
to optimize working capital and
plough it back into their businesses.
COLUMNIST
VINCENT M.
WALDEN, CFE, CPA
MANAGING DIRECTOR,
goods and payment activities to effec-
tively combat procurement fraud and
coalesce several skill sets to design fraud
control processes.
Too often, we see compliance or
(Working capital is the money a busi-
ALVAREZ & MARSAL’S
ness uses in its daily operations. It’s cal- DISPUTES AND INVESTI-
investigations operating separately
culated as current assets minus current GATIONS PRACTICE and independently from procurement,
liabilities.) finance or even internal audit. Depart-
Let’s say your CFO uses a fraud risk ments don’t have insight into what their
management program to save your orga-
The timing has never colleagues are pursuing, which can lead
to duplication of efforts and data “silos”
nization 1% to 5% of total procurement been better to imple- of potentially incomplete information.
spending by finding improper expen-
ditures. If your organization invests a
ment monitoring mech- A chief compliance officer (CCO)
needs to amalgamate expertise from
fraction of this savings it will increase its anisms to forensically manufacturing, procurement, account-
bottom line.
So, if your annual procurement
mine procurement ing, investigation and legal departments
when they design a fraud risk manage-
spending was $50 million, you could data for potential ment process. Organizations also must
retrieve $500,000 to $2.5 million in
recoveries or cost savings with minimal
irregularities. use data science and anti-fraud exper-
tise to combine these skills in designing
personnel and financial investment.
risk algorithms that help prevent and
Would you do it? I’m sure your answer is detect payment irregularities. As anti-
an unequivocal yes. analytics cheaper and faster than tradi-
fraud professionals, we often can bring
The timing has never been better tional tools or controls.
these teams together to design preven-
to implement monitoring mechanisms tive solutions.
to forensically mine procurement data Analytics help break silos and The Institute of Internal Auditors
for potential irregularities. Improved holistically view fraud risks (IIA) recently highlighted dismantling
compliance and anti-fraud monitoring Organizations must thoroughly under- work silos so business functions could
technologies use advanced data analyt- stand the interrelated activities within better collaborate in its “Three Lines
ics, automation and intelligent risk- their procurement processes, such as Model,” a July 20 update to its widely
scoring techniques. Organizations can vendor due diligence, contract terms, accepted “Three Lines of Defense.” (See
now deploy comprehensive spending purchase orders, invoices, receipt of tinyurl.com/y46z8bkd.)

The IIA model suggests that In my March/April 2020 column, fraudulent payments processing and
among all risk management roles of “Avoiding the DOJ’s Red Flags of Collu- material pricing frauds, among many
the organization, “The governing body, sion,” I explored the efforts of the U.S. others.
management, and internal audit have Department of Justice’s recently formed
Some of my preferred
their distinct responsibilities, but all Procurement and Collusion Strike Force.
procurement leakage analytics
activities need to be aligned with the (See tinyurl.com/y6omg5hm.) In this
My friend, David Coderre, wrote one of
objectives of the organization. The basis column, I’ll focus more on potentially my favorite reference books, the 2009
for successful coherence is regular and improper payments, which can include “Computer-Aided Fraud Prevention
effective coordination, collaboration, conflicts of interests, high-risk or shell and Detection,” that still helps ignite
and communication.” companies, bribes and kickbacks, my passion for anti-fraud analytics. In
Source Determination Vendor Selection

• Leaking advance knowledge of procurement activity giving • Conflicts of interest between evaluating members and vendors.
extra time and context to selected vendors invited for bids.
• Approvals for pricing schedules that might result in over-charging (e.g.
• Structuring contracts payment schedule and terms and clauses relating to travel and sub-contracted procurement by vendors).
conditions that may result in over-invoicing by vendors (e.g.
• Bid rigging in which a set of bidding forms indulge in collusive
selecting a cost reimbursement payment model instead of a
price-fixing to guarantee selection of at least one member.
fixed price one).
Goods receipt
• Product substitution: accepting
substandard goods for the same price
as the ones agreed in original contract. Payment Processing
Common • Duplicate payments made to a vendor
without services rendered to justify the
second payment. A vendor colluding with
Buying Procurement an employee normally commits this fraud.
• Manual/long open POs. Fraud Schemes • Changing the vendor master file so
payments can be routed to parties not
• Unauthorized changes to POs. originally part of the agreement.
• Unjustified terms
(e.g. advance payment).
Requirements buying definition Invoice verification

• Creating product requirements that favor a • Phantom vendor-employee establishes a fictitious vendor
specific bidder. and submits false invoices for payment.
• Inadequate market research that results in unneces- • Kickbacks often facilitated through accounts payable: A
sary restrictions in competition. company or individual submits an invoice for services that
never occurred or is inflated by the amount of a kickback.
Interrelated activities in the procurement-to-pay process and fraud schemes at each stage

INNOVATION UPDATE Practical anti-fraud ingenuity
the appendix, Coderre lists hundreds of • Ascertain dormant vendors who’ve • Identify payments made to state-
rules-based tests that fraud examiners had, for example, no activity for more owned entities or organizations with
can deploy on procurement spending. than a year but suddenly receive close relations to government entities.
In collaboration with the Committee of payments.
Sponsoring Organizations (COSO) of the • Discover vendors with missing or Raw material pricing frauds
Treadway Commission, the ACFE also incomplete information such as tax • Check for a supplier charging a differ-
maintains an online library of sample IDs, website addresses and phone ent price for a similar “stock-keeping
analytics, divided by fraud scheme, at numbers. unit,” or SKU.
ACFE.com/fraudrisktools. I contributed • Examine suppliers’ pricings at differ-
• Review vendor due diligence ques-
to the development of this library. ent purchase locations.
tionnaires for suspicious language, or
Just like enthusiasts collect baseball conduct adverse media or watchlist • Look for purchase-order prices that
cards or rare coins, I’ve been creating scans on high-risk vendors. are different from contracted prices
a library of anti-fraud tests gathered for the same materials.
from my investigative experiences and Conflicts of interest • Check for different payment terms for
networking with fellow fraud fighters at the same suppliers.
• Identify database linkages between
ACFE conferences or at client locations.
the employee and vendor master —
Here are some of my favorite procure- Caution: These lists of anti-fraud tests
addresses, phone numbers (including are only representative and intended
ment fraud risk tests for discovering
spouse emergency contact numbers) to spark ideas. It’s important that you
various fraud schemes, many of which align your final list of tests with your
and bank account information,
are in the procurement-to-pay (P2P) organization’s fraud risk assessment
among others.
cycle. (See the figure on page 13.) results and customize them to your
• Check for unusual preference given to specific industry, business and
vendors, such as pricing or discounts, prevailing risk dynamics.
Cash disbursements
and then examine whether any of
• Find duplicative payments as evi- Use advanced data science
the employees hold any undisclosed
denced by exact match in invoice to look for irregularities
interests in those vendors.
number, invoice date, purchase order/ Aim to have your analysis experts run
reference, amount — among many all tests on an entire population of data
Bribery and kickback schemes
other duplicate combinations. to get maximum results. Don’t apply
• Compare order quantity to optional individual tests or rules to procurement
• Analyze weekend and holiday
reorder quantity. data in isolation because they won’t
payments.
• Check for any vendor with an ir- provide your desired results or return on
• Search payment dates prior to invoice investment. Have them combine differ-
regular share of the business, and
or purchase-order dates. ent tests to see what will be applicable to
then check for any directorship or
• Find payments approved by the same shareholding by any of the company high-risk transactions.
person who created the payment. employees with these vendors. Run all transactions through your
testing algorithms. The analytics will ap-
• Look for invoiced vendor informa- • Conduct text mining of payments for
ply each test on all the transactions and
tion not matching purchase-order kickback-related terms such as “fa-
assign a risk score to each transaction
information. cilitation pay,” “friend fee” and “help
depending on the number of transac-
payment.”
tion matches. “Many of these complex
Vendor management and fake • Find excessive or frequent payments linkages and anti-fraud tests are now
vendor schemes made to charities, luxury retailers scripted and automated, with integrated
• Identify duplicate vendor numbers or (for expensive gifts) or miscellaneous machine learning. A 200- to 300-hour
names in the master vendor file. journal-entry accounts. process now takes 20 to 30 hours to

run,” says Anil Kona, CEO of Spectrum of suppliers and you focus on the top five • Select the appropriate tests for pro-
Data Science Corporation. or 10 based on their payment activity. curement fraud risk identification in
Now, simply count up the risk Thankfully, advancements in auto- collaboration with all stakeholders in
scores to lead you to the riskiest transac- mation and application of data science the P2P process.
tions that might be potential improper are helping compliance and anti-fraud
• Combine the correct continuous-mon-
payments. teams achieve a five to 10 times return
itoring data automation, data integra-
on procurement- spending investment
tion and risk-scoring techniques.
in as little as three to four weeks.
Happy hunting! n FM
It’s amazing how efficient
you can be when you sort Maximize your savings
A successful data analytics program on Vincent M. Walden, CFE, CPA, is
tens of thousands of sup- procurement spending has several mov- a managing director with Alvarez &
pliers and you focus on ing parts. All of them need to be perfect- Marsal’s Disputes and Investigations
the top five or 10 based ly aligned to give the best results. Your Practice and assists companies with
chances of finding those cost savings of their anti-fraud, investigation and com-
on their payment activity.
1% to 5% on the overall procurement pliance monitoring programs. He wel-
spend population will be maximized comes your feedback. Contact Walden
Naturally, each high-risk payment when you put these into practice: at vwalden@alvarezandmarsal.com.
is also linked to a vendor, which then • Dismantle functional silos to bring Walden thanks his colleague, Varun
allows you to also risk-rank your top together skills and expertise from Mowar, who contributed to this article.
vendors. It’s amazing how efficient you diverse sources to design the most Contact Mowar at vmowar@alvarezand-
can be when you sort tens of thousands optimum solution. marsal.com.
Business Email Compromise (BEC)

fraud is arguably the more pervasive
and persistent financial crime
challenge facing U.S. businesses.
Combat BEC Fraud with NICE Actimize:
Define Detect Defend
Learn More
info@niceactimize.com | www.niceactimize.com/blog | @nice_actimize | linkedin.com/company/actimize | facebook.com/NICEActimize
TAKING BACK THE ID Identity theft prevention analysis
IRS telephone scams,

remote-working risks
and VPNs for tax pros
The IRS won’t call you or text you to threaten jail. And the pandemic
has created security threats and opened new opportunities for cybercrimi-
nals. Plus, tax pros need VPNs.
H as this happened to you? A

caller, claiming to be from
the U.S. Internal Revenue
Service (IRS), rings you in the middle of
COLUMNIST
ROBERT E. HOLT-
FRETER, PH.D., CFE
PROFESSOR OF
artists might also use fake names and ID
numbers, and leave supposedly urgent
call-back numbers if the intended vic-
tims don’t answer the calls.
the day. Apparently, you need to settle Here are five things the IRS will
ACCOUNTING AND
a tax-related charge, or you’ll be taken RESEARCH never do:
to jail. You’re the target of a typical IRS • Call you about taxes you owe without
telephone scam. (See “Worried About first mailing you an official notice.
the IRS Scam? Here’s How to Handle These spear-phishing • Demand you pay taxes without giving
Phone Fraud,” by Christine Hauser, The
New York Times, July 26, 2018, tinyurl.
IRS telephone scams you the opportunity to question or ap-
com/yc2tmfbo.) can be convincing peal the amount they say you owe.
• Require you to use a specific payment
Ways to identify IRS
because the caller method for your taxes, such as a pre-
telephone scams appears to know a lot paid debit card.
IRS telephone scams have been
around for years. In a 2018 alert, the
about the individuals • Ask for credit or debit card numbers
over the phone.
IRS informed taxpayers about ways to and they even change • Threaten to bring in local police or
spot fraudulent telephone scams by
fraudsters impersonating IRS officials
their caller IDs to other law enforcement groups to ar-
rest you for not paying.
(tinyurl.com/y5m3rc92). appear legitimate. The IRS offers this advice if you
The scam artists’ scripts vary, but
get a phone call supposedly from them
they typically mention that the recipi-
requesting money:
ent of the call has a refund due or might
doesn’t use email, text messages or any • If you know or think you might owe
threaten them by demanding money.
social media to contact taxpayers. taxes, call the IRS at 1-800-829-1040.
Regardless of the script, the main inten-
These spear-phishing IRS telephone • If you know you don’t owe taxes,
tion of the scam is to get individuals to
unload their personally identifiable in- scams can be convincing because the report the incident to the Treasury
formation (PII) so the criminals can use caller appears to know a lot about the Inspector General for Tax Administra-
it for fraudulent purposes. When the IRS individuals and they even change their tion (TIGTA) at 1-800-366-4484 or at
wants to discuss personal tax issues, it caller IDs to appear legitimate. The scam tigta.gov.

• If you’ve been targeted by this scam, thousands of endpoints, but the rise in
also contact the Federal Trade Com- cyberattacks and critical vulnerabilities
mission (FTC), and use its FTC Com- has made it apparent that we’re still far
plaint Assistant at FTC.gov. Please add from an effective strategy for the new
“IRS Telephone Scam” to the com- IT reality.
ments of your complaint. “Whether companies choose to
To learn more about reporting tax permanently move their operations
scams, go to IRS.gov and type “scam” in remote, return employees to the office,
the search boxes. or some combination of both, one thing
is clear: The edge is now distributed. IT
Be aware of the security risks leaders need to incorporate resilience
standards. Zoom is one popular
of remote work into their distributed workforce infra-
virtual meeting application that
Organizations were caught off guard structure. A key part of this is making
has been beset with critical security
when the coronavirus struck and had sure organizations have visibility of
flaws.
to quickly pivot to remote working. The computing devices in their IT environ-
• 88% mentioned a problem keeping
shift has created security threats and ment,” Hodson said. (Also see “Edge
devices updated with software patches.
opened new opportunities for cyber- computing: The cybersecurity risks
criminals to gain access to important you must consider,” by Danny Palmer, • 43% said they had difficulty patch-
business resources, including money ZDNet, Oct. 1, 2018, tinyurl.com/ ing the personal devices of remote
and PII. ybt8oyoa.) workers.
Security firm Tanium surveyed The report found that 22% of those • 45% said they were able to scan and
1,000 chief experience officers (CXOs) surveyed pointed to overwhelmed IT patch network devices but were
in the U.S., U.K., France and Germany capacity because of VPN requirements unable to keep track of how many
between May 29 and June 6. Tanium as a major challenge. VPNs that fail to devices had been patched.
produced a report that describes how IT work consistently impact the rollout of • 25% said finding and patching
leaders were surprised by the security patches and force IT staffers to sidestep vulnerabilities has taken a backseat
threats and challenges they face from routing of employee traffic through during the pandemic. Many depriori-
the COVID-19 pandemic. (See “How IT their organization’s security measures. tized this task because of overloaded
leaders were unprepared for the secu- The report also found that 88% felt VPNs and a lack of visibility into
rity challenges posed by COVID-19,” by ready to shift to fully remote workforc- endpoints.
Lance Whitney, TechRepublic, July 29, es, and 96% admitted that they were
• 93% of the respondents said they had
tinyurl.com/y6qhm6hz.) caught off guard by the security chal-
to cancel or postpone certain security
“The almost overnight transition to lenges that emerged within the first two priorities to deal with the shift to
remote work forced changes for which months of the lockdown. remote working. The top two kinds of
many organizations were unprepared,” Other report findings include: projects that have been canceled or
said Chris Hodson, Tanium’s chief • 27% cited the struggle to identify new delayed are identity and access man-
information security officer, in a press personal computing devices on the agement and security strategy.
release. “It may have started with network. • 85% said they have seen an increase
saturated VPN [virtual private network]
• 50% would return to normal by in cyberattacks since the start of the
links and a struggle to remotely patch
prohibiting personal devices on the pandemic. The most common types of
network to reduce risks. attacks witnessed have involved data
• 20% were concerned with increased leaks, business email compromise
security risk from video confer- (BEC) or transaction fraud, and phish-
encing. In many cases, conferenc- ing campaigns.
ing tools that are quickly adopted • 85% said they think the negative
might not meet enterprise security effects of operating during the

TAKING BACK THE ID Identity theft prevention analysis
pandemic will last at least three more A VPN is extremely important to protect Business Information Security: the
months; 33% predicted it would lin- and secure internet connections. Fundamentals” (PDF) by the National
ger for another six to 12 months. If a tax professional decides to not Institute of Standards and Technology
• 70% said they will make cybersecu- use a VPN, they risk a remote takeover (NIST).
rity the top priority for remote work. by cybercriminals, which gives them the • Publication 5293, “Data Security
opportunity to gain access to the office Resource Guide for Tax Professionals”
Some of the specific goals will be to
network and important client informa- (PDF) provides a compilation of data
meet compliance requirements, man-
tion that they can use for tax refund theft information available on IRS.
age cyberrisk and balance risk with
fraud, among other schemes. gov. Also, tax professionals should
the privacy of employees.
The Department of Homeland Secu- stay connected to the IRS through
rity’s Cybersecurity and Infrastructure subscriptions to “e-News for Tax
Tax practitioners: get your VPN
Security Agency (CISA) also encourages Professionals” and social media or
In conjunction with the Security Sum-
organizations to use VPNs. CISA (March visit Identity Theft Central at IRS.gov/
mit, the IRS recently released important
13 alert, tinyurl.com/yahdtvaz) offers Identity Theft.
security tips for tax professionals to
this advice:
secure remote locations by using VPNs
to help protect them from cybercrimi-
• Update VPNs, network infrastructure Contact me
devices and devices being used to Include these scams and important
nals when considering teleworking. (See
remote into work environments with information to protect your online
tinyurl.com/y5wqk3wq.)
the latest software patches and secu- identity in your outreach programs and
The Security Summit is an aware-
rity configurations. with your family, friends and business
ness initiative comprised of members
• Alert employees to an expected in- associates.
of the IRS, state tax agencies and the tax
crease in phishing attempts. As part of my outreach program,
community, tax preparation firms, soft-
please contact me if you have any ques-
ware developers, payroll and tax finan- • Ensure information technology secu-
tions on identity theft or cyber-related
cial product processors, tax professional rity personnel are prepared to ramp
issues that you need help on or you’d
organizations and financial institutions. up these remote access cybersecurity
like me to research and possibly include
Total membership includes 42 state tasks: log review, attack detection, and
in future columns or as feature articles.
agencies and 20 industry offices in addi- incident response and recovery.
I don’t have all the answers, but I’ll do
tion to the IRS state tax agencies and the • Implement multi-factor authenti- my best to help. I might not get back
private sector tax industry. The mission cation on all VPN connections to to you immediately, but I’ll reply. Stay
is to combat tax refund fraud to protect increase security. If multi-factor is not tuned! n FM
U.S. taxpayers. implemented, require teleworkers to
“For firms expanding telework op- use strong passwords.
Robert E. Holtfreter, Ph.D., CFE, is a
tions during this time, a virtual private • Ensure IT security personnel test VPN
professor of accounting and research at
network is a must have,” according to limitations to prepare for mass usage
a university in the U.S. Northwest. He’s
IRS Commissioner Chuck Rettig. “We and, if possible, implement modifica-
a member of the Accounting Coun-
continue to see tax pros fall victim to tions — such as rate limiting — to pri-
cil for the Gerson Lehrman Group, a
attacks every week. These networks oritize users that will require higher
research consulting organization and
are something you cannot afford to go bandwidths.
is a member of the White Collar Crime
without. The risk is real. Taking steps • To help locate a legitimate VPN ven- Research Consortium Advisory Council.
now can protect your clients and protect dor, search “Best VPNs.” He’s also on the ACFE’s Advisory Council
your businesses.” Tax professionals also can learn and the Editorial Advisory Committee.
A VPN provides an organization about other security measures to secure Holtfreter was the recipient of the Hub-
with an encrypted tunnel to move important data: bard Award for the best Fraud Magazine
important information between the • IRS Publication 4557, “Safeguard- feature article in 2016. Contact him at
internet and an organization’s network. ing Taxpayer Data” (PDF) and “Small doctorh007@gmail.com.

Travel and entertainment spending is
common in many industries, but it also
opens the door for disgruntled or seedy
employees to steal from organizational
coffers. Falsified invoices, altered receipts
and spending on personal luxuries can
add up. Fraud examiners can use data
analytics and tested fraud examination
techniques to root out employees with
nefarious intentions.
BY Matt Molchany, CFE

Fraudulent
reports
CAN INDICATE
GREATER ETHICAL LAPSES

Fraudulent T&E reports
Some companies don’t want

their fraud investigations
and/or internal audit teams
In 2008, looking into T&E fraud be-
shortly after receiving my CFE credential,
my boss emailed me asking to join her in a cause they might be afraid of
meeting with the company’s general coun-
sel to discuss a travel and entertainment what they could find, or they
(T&E) matter. I was young and a newly
minted CFE. I naturally felt terrified and
nervous to be included in such a high-pro-
feel their employees would
file meeting at an early stage in my career.
The general counsel told my boss and me
never steal from them.
that a member of upper management was
potentially falsifying expense reports. This
was my big chance to make a difference
at my company to root out fraud but also
make a name for myself.
The general counsel gave me a year’s
worth of the manual expense reports and You might be asking why a company analytics tools (Tableau, ACL and Excel,
all the applicable receipts for each. I quick- would fire a higher-level employee over among others) most companies can iso-
ly noticed a trend that all the handwriting some made-up taxi receipts? This step late red flags from overall data to perform
for the costs listed on taxi receipts matched was crucial to ensure tone at the top and review of expenses.
the signature of the driver. Coincidentally, communicate that all individuals were ex- Once management has given you the
I also used the same taxi service when I pected to act ethically and with integrity green light to review T&E spending, you
traveled to the airport, and I remembered at all times.
need to establish procedures. Management
how the taxi driver, when dropping me off, might feel more comfortable with your
would give me a handful of blank receipts REVIEWING T&E SPENDING
proposed process if you establish clear and
for me to fill in. T&E comprises significant amounts of
defined procedures for how you’ll iden-
Ultimately, I determined that the annual spending in many organizations,
tify red flags, what you’ll do once you find
manager had forged the taxi receipts to including airfare, lodging and meals,
those red flags, who you’ll notify during
the tune of a couple thousand dollars, but among other line items. It’s an area that’s
the process and how you’ll ultimately dis-
we didn’t identify anything further dur- quite susceptible to fraud. Some compa-
nies don’t want their fraud investigations cuss these with the suspected employee.
ing the expense review. However, when
I presented this information back to the and/or internal audit teams looking into This defined process review also pro-
general counsel, they decided this man- T&E fraud because they might be afraid tects you, the investigations team and the
ager’s misdeeds were enough to tarnish of what they could find, or they feel their internal audit team. You don’t want people
their trust, and the company terminated employees would never steal from them. within the company developing precon-
the employee. But with trained fraud examiners and data ceived notions that the investigations and

internal audit teams are predetermining • Expenses marked as personal. the period in review. With this tactic, you
who they want to review. • Air travel not within compliance of might uncover employees whom you
If you have a data analytics team at policy. wouldn’t expect to incur significant vol-
your disposal, this would be a great time umes of spending on their company card.
• Expense reports approved within a
to get them coordinated with your fraud For example, and depending on the na-
short time of submission.
examiners to begin creating rules that ture of your organization, it might make
• Expenses with MCC (Merchant sense for a vice president of sales to be one
can flag potential anomalies within your
Category Codes) related to political of your top card spenders but identifying
T&E spending. You might want to run
or charitable donations (These could administrative assistants in the top tier
these rules by those within your estab-
help identify potential anti-corrup- of spending might require some further
lished core investigations team (human
tion issues.) review of that spending.
resources, compliance, legal, internal
Results of these tests don’t neces- I’ve used this last example of plot-
audit, among others).
sarily mean identified transactions are ting spending by title to swiftly identify
And if a core investigations team
fraudulent. However, it begins to paint instances of employees misusing their
doesn’t exist, you might consider creat-
a picture of how an employee acts with company credit cards. If not for company
ing it so management knows exactly what
their company credit card. For example, management allowing internal audit to
you’re looking for within the data and can
while it might be acceptable with your review the T&E spending, these frauds
provide input. Also, establishment of the company’s T&E policy that employees can most likely would’ve continued and
core investigations team helps ensure you use their company credit card for personal could’ve caused the company serious
don’t receive pushback from management purchases, you should consider two key damages.
when you do uncover issues within the factors: When you review the results of the
data. You don’t want to get access to the
1. Is the employee making the neces- tests performed over the T&E data, some
data, run queries and find red flags and
sary payments to the credit card misuses of the company card will pop
then have to explain to management what
company to keep the card current? right out to you, and others might need
you plan to do with the identified employ-
2. Is the employee accurately mark- review of additional data, such as receipts
ees. It’s better to communicate upfront to
ing personal transactions in the an employee provides, the employee’s
management what you’re doing, so you
expense tool or are they passing company emails and social media.
don’t have to hand them any surprises
personal expenses through as busi- An expense might appear to be re-
when you discover something. lated to business, but then you dig a little
ness expenses?
I’ve gone through reviews where further and uncover fraudulent behav-
REVIEWING THE DATA ior. For example, business meals and
I’ve identified employees who marked
The No. 1 key to success when you review entertainment are common practice for
transactions as personal but never made
data is ensuring levels of management employees. However, it might not make
payments to the credit card company.
are involved from the start and can pro- sense if a significant portion of those ex-
The employees were, in essence, running
vide necessary input and support to your penses are conducted within a mile radius
personal balances in excess of $5,000
review. Once you get access to the data, of the employee’s home.
on their company card for more than 18
you’ll want to establish various tests to When you identify red flags in an
months. The organizations never flagged
run against the data. employee’s T&E you must dig deeper on
these personal charges as past due be-
Be sure to flag: the entire population (normally about two
cause the employee continued to make
• Spending that’s right below the re- new business charges and submit them years of expense reimbursements). I had
ceipt threshold (i.e., if you’re required for payment. It wasn’t until the team iden- one case in which the expenses appeared
to submit receipts for expenses above tified these personal expenses through to be legitimately related to business. But
$25, isolate expenses at $24.99 or testing red flags that it was able to per- then I linked a majority of those expenses,
right below that). form a reconciliation of the employee’s marked as business, to personal pictures of
• Expenses that are submitted as out of account to identify the personal balances. events — such as celebrating their birth-
pocket (why isn’t the employee using Data analytics also can plot employee day party with friends — posted on the
their company card?). spending by title and total amount for employee’s social media account.

Fraudulent T&E reports
INTERVIEW OF EMPLOYEE The steps you and the company

After you’ve performed a deep review of an
employee’s expenses and found red flags, take following the interview are
the second-to-last stage of the T&E review
process is the interview. This is the part probably the most important
because they set the ethical tone.
I enjoy most. You might spend weeks or
months reviewing an employee’s transac-
tions, receipts and emails, and now it’s time
to sit in front of them and ask pointed ques-
tions to which you might already know the most important because they set the The steps you take in this final stage
the answers. ethical tone. These actions set a barometer will not only affect your organization but
This isn’t an “I got you” moment — it’s for your fraud tolerance. Do you termi- also future organizations that employee
a chance to see the three sides of the Fraud might work for. In the ACFE’s 2020 Report
nate the employee, make the employee
Triangle (pressure, opportunity, rational- to the Nations (ACFE.com/RTTN), 89% of
pay the company back or do you provide
ization) appear as the employee tries to perpetrators were never charged or con-
the case details to law enforcement for
justify the expense. victed, and 41% of the occupational frauds
prosecution? In the last example above, the
I’ve learned it’s best to be courteous, in the study were never reported to law
employee felt that because their previous
but firm, when conducting these inter-
enforcement. In the previous four reports,
employer didn’t do anything to them they
views. Try to hear their side of the story.
“Fear of Bad Publicity” was the No. 1 reason
could continue doing the same thing to
You might start the interview thinking the
organizations declined to refer cases to
employee is committing fraud, but you their next employer.
law enforcement, but this has moved to
might leave knowing about a larger culture
the No. 2 spot, while “Internal Discipline”
or company issue you didn’t know existed.
rose drastically from 33% in 2018 to 46%
89%
This is also the time when you take all the
in 2020.
data you’ve collected and ask the employee
I’ll leave you with this thought:
what transpired.
Though internal discipline has risen, is
I’ve had T&E data interview pro-
cesses in which I’ve taken more than an
of perpetrators it enough of a deterrent to keep that em-
ployee from performing the same nefari-
hour to get an employee to admit to their WERE NEVER
ous deeds at another company? FM
CHARGED OR CONVICTED
n
misdeeds. An employee once admitted to
the fraud on my first question of “Do you
know why we are here?” The employee felt and Matt Molchany, CFE, is in a senior
41%
comfortable admitting to the same fraud fraud role with a leading hospitality
they’d committed at another company, but company. He’s president of the ACFE
it never appeared on a background check South Florida Chapter. Contact him at
because the previous employer never re- molchy66@gmail.com.
ported the crime to law enforcement. of frauds
WERE NEVER REPORTED The author’s views and depic-
POST-INTERVIEW ACTIONS TO LAW ENFORCEMENT. tions in this article are those of
the author and not those of his
As a CFE, the steps you and the company
– ACFE 2020 REPORT TO THE NATIONS current or former employers.
take following the interview are probably ACFE.COM/RTTN

Prepare to Pass the CFE Exam
The CFE Exam Prep Course® software gives you flexibility to prepare for the
CFE Exam on your schedule. Including study questions and practice exams, the
CFE Exam Prep Course will help you prepare to pass the rigorous CFE Exam.
Includes a two-year subscription to the

online Fraud Examiners Manual!
1,400+ STUDY QUESTIONS PRACTICE EXAMS FRAUD EXAMINERS MANUAL

Review sample exam questions with Evaluate your preparedness for the CFE Explore topics in depth with the
explanations of the correct answers. Exam with practice exams and results. Fraud Examiners Manual.
Visit ACFE.com/CFEPrep to learn more.

Set fire to your
‘EMOTIONAL
INTELLIGENCE’
by Mandy Moody, CFE
You might be a brilliant fraud examiner, but if your “emotional
intelligence” is stunted, you’ll be ineffective with those you work with
and investigate. Here’s how to buck the stereotypes of your hard-wired
personality, learn practical ways to change your management style and
be more empathetic in your job and life.
“Neurons that fire together, wire together.” That’s one of the most
insightful, albeit simple, phrases anyone has ever said to me. It
resonates with me professionally, and personally, because it gives
me hope that I really can change my ingrained habits.
As a child, teenager, young woman, parent and now manager, I’ve

heard people say countless times, “That’s just the way you are”
or “You’re just built that way” or “Your brain is hard-wired to think
like that.” While my brain, and yours, might be hard-wired one way
because of experiences and genetics, that doesn’t mean that those
wires can’t be rewired with practice, intention and coaching.

In March, I hosted an ACFE Fraud Talk podcast interview with
Lisa Walker, Ph.D., MCC, owner of Walker Consulting LLC
(tinyurl.com/y6jcr97x). We discussed an executive we’ll call
“Samantha.” Here’s Walker’s story of how Samantha rewired
her management style via changes in her emotional intel-
ligence (also known as EQ or emotional quotient):
SAMANTHA’S STORY
“Samantha is this go-getter. She’s known Because, as I always say to my leaders, you “We hear in the sales world that you
as this person in her organization … [where cannot effectively manage what you’re not buy things from people who you like and
you] give her the hardest task and she is aware of. trust. Well, the same thing happens in the
going to push through that wall and ensure “She had to be willing to ask and an- workplace on a team. We want to collaborate
that they’re getting amazing results,” Walker swer some really tough questions about more with people who we trust. The work
says in the podcast. “The challenge is any herself. As she navigated that and devel- that she did first on self-awareness and on
wall that Samantha comes up against — oped a deeper awareness of herself, then managing herself more effectively, then no-
meaning people and others — she tended she could figure out how she could manage ticing how she was impacting others around
to bulldoze them. more effectively so she’s not bruising, hurt- her, allowed her to build stronger relation-
“Interestingly enough, because she was ing or damaging folks and her team. As she ships that were now founded on trust.
rewarded for the business results year after improved in her self-management, then she “That allowed her work to be more ef-
noticed additional ways she could enhance fective, so not only is she more productive,
year and no one was coaching or paying a
relationships with her peers and stakehold- her team members are more productive. Of
lot of attention to the damage that was being
ers,” Walker says. course, that impacts the bottom line for the
caused to personnel, she continued on that
“Part of how we set this up is that she organization in a positive way. She’s a great
path. As she was now … thinking, ‘I’ve been
was constantly getting feedback from oth- example for me of when somebody takes this
in this place for such a long time. I need to
ers around her. She shared with them the seriously, and leans in and does the work
be further along in the organization.’ She be-
specifics of what she was working on. She around building emotional intelligence,”
gan asking why she wasn’t being promoted.
was working on being less abrasive. She was Walker says in the podcast.
This is when she received answers like, ‘Well,
working on asking questions that were more The emotional intelligence changes
people fall when they’re around you. People
open-ended, inviting and inclusive. She was that Walker shares in Samantha’s story
who work with you report you tend to be aren’t about “being in touch with one’s feel-
working on not cutting folks off in conversa-
abrasive. You tend to be highly competitive, ings” or participating in a human resources
tion. These were all things that folks reported
and you don’t really care much about others’ trend. Psychology Today defines emotional
that they couldn’t stand about Samantha.
feelings.’ When she got this feedback, it was intelligence as “the ability to identify and
They gave her feedback as they observed
crushing,” Walker says. manage one’s own emotions, as well as the
her over time, and even gave her sugges-
“There’s a part of her that doubted emotions of others.” But I like how Walker
tions on what we call ‘feed-forward’ about
whether or not she could learn these people how to continue on this path,” Walker says. initially described the concept to me. She
skills, but then the other side of her that was “Over time, Samantha became an ex- said, quoting psychologist and author Daniel
so competitive made her stand up to the ample to her people of what this work can Goleman, “CEOs are hired for their intellect
challenge. do. There were individuals who I interviewed and business expertise — and fired for a lack
“First, she had to start with understand- on her behalf who didn’t trust her and they of emotional intelligence.”
ing who she is as a person; how she shows wanted her to know that because of how she As we see in Samantha’s story, and as
up. Then, [she needed to] understand the treated them over time. To see her do the we’ve seen with those we work with, our
gaps in how she navigated relationships and work, to build trust with these folks who are emotional intelligence is just as important, if
what she needed to manage in order to show now people who want to collaborate with not more important, than our business acu-
up differently. Samantha buckled down to do her and feel good about being in meetings men. And, for some, that’s a tough lesson
this work, to develop deep self-awareness. with her. to learn.

PSYCHOLOGY TODAY DEFINES
EMOTIONAL INTELLIGENCE AS
“the ability to identify
and manage one’s own

emotions, as well as the
emotions of others.”
‘360-DEGREE EVALUATIONS’ between actors. To my dismay, the confi- of research at a virtual event for associa-
dential information I was obligated to keep tion executives on how we can develop
After a brief stint as a newspaper reporter,
to myself didn’t satisfy any of my tabloid three good habits that will help us move
I joined an Austin, Texas, executive coach-
curiosity. us forward in our jobs. This presentation,
ing firm, which quickly trained me to con-
Instead, the interviews yielded com- directed at women, was based on the book,
duct “360-degree evaluations” of clients’
ments upon comments about leadership “How Women Rise: Break the 12 Habits
employees and leaders — comprehensive
styles: bulldozers, dictators, dominators, Holding You Back From Your Next Raise,
views gained via interviews with their di-
appeasers, wallflowers or robots. The Promotion, or Job,” by Sally Helgesen and
rectors, peers and direct reports.
flawed emotional intelligence of each Marshall Goldsmith, but the habits apply
We and the clients would group the
coached employee and leader was, just to everyone.
interviewees’ comments (some recorded like Samantha, a prevalent factor in their We not only shared our ingrained bad
verbatim) by themes and share them with effectiveness. The only substantive way habits we most identified with but how we
the coached employees and leaders. As a for them to change was to acknowledge can overcome them with intention and
young professional, I relished the chance their emotional intelligence challenges, practice. Just like the opening quote to the
to hear what I expected to be juicy gos- value them, and then rewire these default, article explained, to change a default reac-
sip and insider knowledge of some of the learned characteristics that got them to tion we must stop and rewire those firing
world’s top executives. I even worked with where they were but held them back from neurons. And, just as Walker showed us
a talent agency client from Los Angeles, where they needed to be. with Samantha, we must use emotional
and I just knew I’d discover a new movie I recently gave a presentation with intelligence to take us beyond where our
to be released or secret romances forming Andi McNeal, CFE, CPA, the ACFE’s director acumen stops.

Set fire to your ‘emotional intelligence’
HERE ARE THE THREE HABITS, AS DESCRIBED IN HELGESEN

AND GOLDSMITH’S BOOK, AND THE WAYS TO TURN THEM
INTO POSITIVES:
SHARE SUCCESSES AND BUILD RELATIONSHIPS AND

ACHIEVEMENTS. ENLIST ALLIES.
For some people, sharing a success- You might have read these two actions
ful project or job well done comes naturally. But some as synonymous, but they’re actually two separate ways
feel uncomfortable because they worry they’ll sound to look at partnerships you build at work.
like braggarts or show-offs. Others think they shouldn’t Many of us think of building relationships as go-
have to say anything, and their work will speak for itself. ing for coffee with our work friends, attending a virtual
Unfortunately, your work doesn’t always speak for itself happy hour or setting up recurring meetings with staff
or even make it in front of the people we’re trying to members. But the real value is in enlisting allies. Reach
impress. And, if we aren’t promoting ourselves, who can out to someone who might need information you have.
we depend on to do it for us? Ask others to join a project with you. Support people in
Just like a muscle you exercise, you only become front of key stakeholders. These are ways to make not
comfortable with sharing your own achievements by only friends, but allies, in the workplace. The benefits
intently, repeatedly practicing. One way to begin using make your efforts worthwhile. These allies offer differing
this muscle is by sharing your excitement for a project perspectives, honest feedback, buy-in for key initiatives,
pre-launch and then naturally following up with a suc- and views of your organization from varying levels and
cess post-launch. expertise.
Another way is by using your annual review and
evaluation to tout all the things that went well during TURN PERFECTIONIST
the year. I actually keep a folder in my email box called TENDENCIES INTO STRENGTHS.
“Personal Successes.” I place in there all compliments Perfectionism can be our biggest
and words of appreciation about my work and then share strength, but, in the blink of an eye, can
them with my director during my annual evaluation. become our biggest weakness. While we might bask in
Another way to tout yourself is by promoting your the glory of attention to detail, high achievement, spotless
team members and their achievements. Any success report findings and an eagerness that sometimes can’t
by one of your employees is a direct reflection of your be tamed, perfectionism can also make us succumb to
own success as a manager. It also instills trust with your procrastination, develop fears of failure and taking risks,
team members that you’re looking out for them and are and be unable to trust others to accomplish tasks the
proud of what they’re accomplishing. way you would do them.
As Andi McNeal said in our presentation, “Like any trait, those of us who are perfectionists know we can’t just stop
being that way. And the instinct itself can be powerful and positive. But if we want to make it work for us as we
rise, we need to learn how to harness it and direct it.”
Again, we must rewire and practice things like risk-taking, recognizing failure and mistakes and letting them go,
assessing risks, prioritizing worries and then repeating all of these.

USING EMOTIONAL INTELLIGENCE DURING CRISIS AND UNCERTAINTY
Combine the pandemic with social unrest and we have a mix of heightened emotions, shifting priorities, tension, discomfort, mo-
ments of clarity and anxiety. But, as Walker pointed out at her recent presentation at the 31st Annual ACFE Global Fraud Conference
in June, “We still have to be in control. We have work to do, and we have to get things done.”
During her live virtual presentation, Walker began by asking attendees several questions to think about, including, “When
do you have your biggest breakthroughs?” Attendees responded with things like mowing the grass, showering, riding their mo-
torcycle, shaving, cooking, prayer, meditation, running, walking and being alone in nature.
According to Walker, it’s during these times we’re able to reset our brains, which are hard-wired during times of crisis or
stress to immediately go to “fight or flight” in our amygdala. She said we need to be deliberate about creating these moments so
we can slow down our hamster wheels; regain clarity and control; and begin to empathize, strategize and make better decisions.
HERE ARE SOME OF HER SUGGESTIONS TO RESET OUR BRAINS DURING DIFFICULT MOMENTS:
Name it to tame it
Walker said we must be able to name the emotions we’re Is it health, safety, process or efficiency? For whom is this a
feeling as they’re happening. “We cannot effectively man- priority? As one attendee wrote in the chat, “If everything
age what we aren’t aware of,” she said. “This will then help is a priority, then nothing can be a priority.”
us figure out how best to respond to it.”
Normalize it
Reframe the situation Walker said once we start to normalize a situation, we then
Instead of looking at a crisis or situation as difficult, Walker have more resources at our disposal. Talk to people who have
encouraged attendees to look at it as a learning opportunity. been through crises before and ask how they dealt with them.
She gave the example of the conversation you need to have Look at your own organization and reflect on a time you’ve
with a peer or employee that could be awkward or hard. She been through a crisis in the past. How did you come out of
said to reframe it as an important conversation that will it? Who did you lean on for support? Who did you support?
help the team and the organization instead of a difficult
situation you’re dreading. Reposition it
Look at the situation from different perspectives. Think
Reorder and prioritize about how: (1) your customers or clients see a situation (2)
Walker posed multiple questions that would be useful to your executives see it (3) people of different backgrounds
ask during times of heightened anxiety. What priority is see it (4) different people within your company see it. “Try-
this for me, my team, my customers or the organization? ing to see from different perspectives of others will help us
When should this be a priority? What kind of priority is this? navigate the crisis more successfully,” Walker said.
New Year’s Eve of 2025

Walker left attendees with a hopeful and promising challenge. She asked everyone to close their eyes and think about where
they’ll be and who they’ll be with on New Year’s Eve of 2025. She said to imagine on that day in the future you’re talking about the
pandemic of 2020 and what you learned. She encouraged listeners to think about what they hoped they’d say when friends and
family asked how they made it through. Definite food for thought. Hopefully, in 2025 we’ll share about our renewed emotional
intelligence that helped us improve our work and life relationships. ■ FM
Mandy Moody, CFE, is the ACFE’s communications manager. Contact her at mmoody@ACFE.com.

DUSTINGyourDATA
forFRAUD'S FINGERPRINTS
SIX NUMBER PATTERNS THAT FRAUDSTERS USE
Fraudsters tend to steal in similar ways.

Here are six number patterns you can
search for and possibly find hidden fraud.
Learn from the acclaimed authority on
Benford’s Law on how numbers can
become your best friends.
By Mark J. Nigrini, Ph.D.

C
ynthia Mills diverted $14.8 ROUND NUMBERS
million from her employer, Round numbers such as 10-year anniversaries or 100-degree days act as key refer-
Matthews International, ence points. Fraudsters also tend to favor round numbers even in situations where
for her own use. Her em- round numbers should be rare or nonexistent.
bezzlement scheme began Michelle Higson was the part-time bookkeeper of a company that manufac-
in 1999. At first, she took possession of tured high-tech electronic equipment for the semiconductor, energy and medical
the company’s customer payments, but industries. Her fraud scheme involved preparing company checks made payable
from 2013 onward she used a fictitious to cash or petty cash. She then cashed the checks and used the funds to pay for
vendor, “Designs By Cindy.” The com- personal expenses. See the check amounts in Figure 1 below.
pany estimated that the losses for 2013,
2014 and 2015 were $1.2 million, $1.7 Check date Amount Payee
million and $2.2 million, respectively. Dec. 19, 2013 $ 3,000.00 cash
Legitimate vendors are unlikely to have
Jan. 16, 2014 1,000.00 petty cash
high percentage increases in companies
that are growing in line with the increase Feb. 27, 2014 3,000.00 petty cash
in the economy. Mar. 14, 2014 4,730.00 petty cash
RAPIDLY RISING NUMBERS is one Apr. 18, 2014 4,730.00 petty cash
of six common number patterns that
May 2, 2014 4,730.00 petty cash
fraudsters unknowingly use in their
thefts. The others are: June 4, 2014 4,730.00 petty cash
 ROUND NUMBERS July 1, 2014 4,730.00 petty cash
 THRESHOLD NUMBERS Aug. 1, 2014 4,730.00 petty cash
 NON-BENFORD NUMBERS Aug. 13, 2014 2,250.00 petty cash

 DUPLICATE NUMBERS Aug. 26, 2014 3,500.00 petty cash
 OUTLIER NUMBERS Oct. 2, 2014 3,550.00 petty cash
We can identify these patterns with Oct. 29, 2014 3,550.00 petty cash
software, such as spreadsheets, IDEA, Nov. 19, 2014 3,755.00 petty cash
database queries and R (a program). The Dec. 4, 2014 4,730.00 petty cash
fraud types I consider here are asset mis-
Jan. 6, 2015 3,575.25 petty cash
appropriation schemes in which a fraud-
ster (internal or external) uses deception Figure 1: Michelle Higson’s fraudulent checks
to divert resources or assets for their
personal gain, and corruption in which The dollar amounts are at odds with the way that a petty cash imprest sys-
a fraudster gives something valuable to tem works. Under an imprest system a check is drawn every week that equals the
a person in a position of trust to influ- amount of the cash disbursements. The replenishment check brings the balance
ence their judgment or conduct. Asset back up to, say, $500.
misappropriation schemes orchestrated In bygone days a surprise count of petty cash was a routine and required audit
by an outsider have some attributes of procedure. The chances of a round-number replenishment check ($3,000, $1,000,
a cyberattack in that they’re intrusions $3,000 and $3,500) were minimal and would only occur if all the disbursements
into computer systems with the objec- were round amounts or by some rare coincidence.
tive of achieving a monetary gain. The dollar amounts are also way too high for petty cash because these bal-
ances are usually kept low to avoid a large loss in the event of a theft of these
funds. Finally, there were six consecutive checks for $4,730, followed by five other
amounts, followed by a repeat of the familiar $4,730. These number duplications
are anomalies for petty cash because the dollar amounts of the cash disbursements
are unlikely to be equal (and high) period after period.

Six number patterns
In September 2017, Higson was sen- This is an example of a round-number then rerun them in iterative processes to
tenced to prison for three months plus bribe, and the case also shows that inter- reduce the number of audit targets.
nine months of home confinement. The mediaries are used to make the payments, With each iteration, fraud examin-
judge allowed her to go to work during and the disbursement is usually disguised ers can eliminate round numbers that
the months of home confinement. An in the financial records of the payee. have an inherently lower risk of being
extract from her court documents notes The court documents related to the a part of a fraud scheme or a bribe. For
that, “Ms. Higson has been working at an parents charged in the recent university example, when searching for bribes, the
event planning company called The Art of admissions scandal (actor Lori Loughlin first query could identify round-dollar
the Event since March 2017. She has pro- payments. The next query could iden-
and many others) show SAT score manipu-
vided undersigned counsel with paychecks tify cases in which the payment date was
lation payments of $2,000, $4,000, $5,000,
verifying her employment. Ms. Higson has within five days of the payment request
$10,000, $13,000, $15,000, $15,600,
told undersigned counsel that her duties date (urgent payments), and the descrip-
$18,000, $20,000, $25,000, $35,000, tion field included high-risk keywords
in this position do not involve any contact
$40,000, $50,000 and $75,000, with many such as “expedite,” “facilitation pay” or
with money, checks, paying vendors, or
amounts used multiple times. “special payment.” The next query could
bookkeeping.”
The bribe payments were $100,000, filter on locations based on a company’s
In November 2018 (one year later),
$125,000, $160,000, $170,000, compliance investigation database (in-
Higson was indicted on fraud charges re-
$200,000, $244,000 (a series of install- cluding whistle-blowing data) so the re-
lating to a fraud scheme that began in Feb-
ruary 2015 while she was the bookkeeper ments), $250,000, $300,000, $400,000, sults are the highest risk transactions.
of “an event planning and design com- $500,000, $950,000 and
pany [The Art of the Event].” That fraud $1,200,000 with many
started one month after the date of the amounts used multiple
January 2015 check. The new indictment times. The only precise
shows that the annual totals for that four- bribe amounts were RAPIDLY RISING NUMBERS
year fraud were $76,368 (2015), $148,992 $24,443.50, $101,272, Rapidly rising numbers refer to transaction totals that
(2016), $146,772 (2017), and $41,735 (2018). $249,420 and $251,249, increase at an abnormally high rate over time. These in-
At publication, Higson was to have been and these were all relat- creases come about because, loosely speaking, fraudsters
sentenced Oct. 13 for her most recent ed to the parents making “don’t know when to stop.”
fraud scheme. (Her sentencing had been (fraudulent) tax-deduct- We revisit the opening scheme of Cynthia Mills who
postponed several times because of the ible charitable contri- diverted $14.8 million for her own use. Her employer,
pandemic.) butions of appreciated Matthews International, filed a form 8-K with the U.S.
Bribes in corruption cases are most stock to William Rick Securities and Exchange Commission on July 30, 2015, in
often round numbers. In 2016, the presi- Singer’s foundation to which it reported her embezzlement scheme that began
dent of the Correction Officers’ Benevolent make the payments tax in 1999. Real vendors are unlikely to have high percentage
Association (COBA) and a manager of a
deductible by the par- increases (losses for 2013, 2014 and 2015 were $1.2 million,
Manhattan hedge fund were charged with
ents. (Singer was the $1.7 million and $2.2 million, respectively) in companies
honest services fraud.
scheme’s organizer.) that are growing in line with the economy’s increases.
The hedge fund manager paid the
Tests that iden- Salvadore Galvan was one of two deputy city treasur-
COBA president, Norman Seabrook, a
tif y round numbers ers for the City of Compton, California. The treasurer’s
kickback of $60,000 in cash in exchange
will generate many office had three window cashiers that collected payments
for Seabrook channeling investment funds
false positives because for water bills, business licenses, building permits and
to the hedge fund. An intermediary paid
round numbers are parking tickets from residents who paid via cash, checks
the kickback, and the hedge fund manager
agreed to reimburse the intermediary for also overused in valid and credit cards.
the disbursement. transactions. Fraud ex- At the end of each day, cashiers reconciled their cash
The hedge fund manager approved an aminers should assess and checks with the receipts that they’d issued. The ac-
invoice for payment that showed the inter- whether they’ve care- counting system prepared a bank deposit slip for the con-
mediary had sold the hedge fund “8 Knicks fully planned and per- tents of their till. The till’s metal boxes were then locked
Games @7500 per game” for two seats. formed their tests and in a safe in the vault of the treasurer’s office until the next

morning when Galvan counted the cash at his desk (unsupervised) and then
prepared a bank deposit slip. He sealed the entire deposit, which included
checks, cash and other forms of payment, and gave it to an armored service Months, 2010 Amount
that drove it to the bank.
January-April $0
In 2010, after only a few months in that position, Galvan added two
extra steps to his banking-related tasks. Each day, he’d remove a portion of May 1,400.00
the cash, prepare a new deposit slip for the reduced cash amount and send June 500.00
the system’s deposit slip for the correct amount along with the accurate July 1,950.00
daily cash reports to the controller’s office.
August 1,560.00
On Dec. 6, 2016, the other deputy city treasurer, Ralph Salgado, by
chance, compared Galvan’s deposit slip to the deposit slip prepared by the September 800.00
accounting system, and he noticed a $7,000 shortfall. He asked Galvan for October 263.00
an explanation.
November 12,383.17
The next morning Galvan was at work especially early. When Sal-
gado went to the vault to get the money to count that day, he noticed a December 17,931.83
bank bag with a deposit slip in Galvan’s handwriting for the unaccounted
$7,000. Galvan told Salgado that he found
the money in his desk drawer and that he’d
put the money in his drawer when he went
to the bathroom and had forgotten about Dollars embezzled per year
it. Salgado then audited the cash deposits $1,000,000
going back just two weeks and found other
$900,000
discrepancies. An audit showed that Galvan
$800,000
had embezzled $3,721,924.42 from 2010 to
2016. Galvan’s month-by-month totals for $700,000
▲
Total dollars
SCHEME
2010 are shown in Figure 2 (at right). $600,000 DISCOVERED
IN 2016
The monthly totals show an amount $500,000
in May that could be blamed on a small ac-
$400,000
counting error. After that, he was cautious.
$300,000
He then took even larger amounts followed
by some caution. That was followed by an $200,000
amount he stole in excess of everything he $100,000

previously pilfered, and by an even larger $0
2010 2011 2012 2013 2014 2015 2016
amount in December. Figure 3 (at right) show
the embezzlement totals by years. Year
The graph of the annual totals shows
rapidly rising totals from 2010 to 2015.
There’s a decrease in 2016 because that’s when Salgado discovered the scheme ▲ ABOVE, FROM TOP
in early December 2016.
Figure 2: Salvadore Galvan’s embezzlements by
To run this test in Excel we could use pivot tables, in IDEA we could use month for the first year of his fraud scheme
Summarization and in the software, R, we could use aggregate and sum.
A programming issue arises when the audit unit (a vendor or loyalty pro- Figure 3: Salvadore Galvan’s embezzlements
gram member) has zero activity in the prior period because we can’t calculate per year
a percentage increase when going from $0 to a positive number. Also, a large
percentage increase might not be a red flag if the prior and current amounts
are small. For example, a $51 total that increases to $1,805 is a large percentage
increase, but it’s an increase from a small base. As before, run these tests in
an iterative process.

Six number patterns
THRESHOLD NUMBERS for the miles driven for each passenger. In almost every case, CW Transport
Threshold numbers (also called hurdles) are For example, the fixed fee could be $300 billed the agency for 99 miles of transport
numbers that are a level, point or numeric with a rate per mile of $1.50. Prior autho- (exactly one mile under the threshold of
value at which something is true, such as rization from AHCCCS was required for 100 miles) regardless of the actual distance
transaction limits on corporate purchasing all trips that were more than 100 miles in traveled. The indictment lists nine invoices
cards and the per diem rates that can be length. From July 2011 to July 2013, Werito together with the relevant 2012 invoice
reimbursed to federal employees while on billed the agency for false claims for medi- dates, the payment details and amounts.
official travel. Internal-control thresholds cal transports that never occurred. To settle (See Figure 4 at left.)
AHCCCS settled three or four days
after the invoice date, which suggests it
Invoice Payment automatically paid the claims without
Invoice No. Date Payment Date Amount manually reviewing them. This is consis-
A12210 July 28 165926 July 31 $33,956.00 tent with the agency’s website that states
that it uses more than 60,000 service pro-
A12217 Aug. 4 166599 Aug. 7 30,358.00
viders, and in 2012, total payments to pro-
A12231 Aug. 18 168249 Aug. 21 21,208.00 viders amounted to $9.5 billion. AHCCCS’
A12245 Sept. 1 169934 Sept. 5 34,414.00 Office of Inspector General announced in
2016 that it had a special task force devoted
A12273 Sept. 29 173218 Oct. 2 34,527.00
to non-emergency medical transportation
A12287 Oct. 13 174962 Oct. 16 29,587.00 that would, among other things, moni-
A12344 Dec. 8 180576 Dec. 11 24,788.00 tor the use of these services for various
provider types. Fraud examiners could’ve
A12357 Dec. 22 182272 Dec. 26 33,170.00
A12364 Dec. 29 183085 Jan. 2 (2013) 18,859.00
Figure 4: CW Transport’s invoice numbers and dates shown in indictment
are values at which additional checks or these claims AHCCCS paid him $1,959,405.
procedures will take place. Thresholds An audit showed that more than 90
have consequences, which give people a percent of Werito’s transportation claims
disposition to act in a certain way. were defective. In many cases CW Trans- Threshold numbers
In June 2011, Cory Werito founded port claimed to have provided medical
CW Transport, which he registered as
transport for patients that received no Prior authorization from
a medical transportation provider with
Arizona Health Care Cost Containment
medical services on that day. The company AHCCCS was required for
made claims for transport on weekends or
System (AHCCCS). AHCCCS is Arizona’s
holidays when the clinic or the doctor’s of-
all trips that were more
Medicaid agency that offers health care
programs to serve Arizona residents. The
fice, where the patient was supposedly get- than 100 MILES in length.
ting treatment, was closed.
agency paid for non-emergency transpor-
tation for indigent residents for scheduled Patients received medical services at
medical and dental appointments. the facilities in fewer than 10 percent of In almost every case,
The first red flag should’ve been that the cases. CW Transport often claimed to
CW Transport was based in a town that have provided transports on a day in which
CW Transport billed the
was in New Mexico — 50 miles from the other transportation companies operated agency for 99 MILES
by Werito and his relatives also claimed to
Arizona border. AHCCCS paid the com- of transport.
pany a fixed fee plus a variable amount have transported the same patients.

0.05
detected this scheme using analytics tests
that identified those providers with the
highest percentages of their trips that were 0.04
for or exceeded 90 miles.
NON-BENFORD NUMBERS 0.03
Proportion
Fraudulent numbers have the potential
to distort the frequencies of the digits in
0.02
accounting data. Benford’s Law gives us
the expected frequencies of the digits in
accounting and finance-related data sets. 0.01
The first two digits of a number are the
two left-most digits, and we ignore minus
signs, decimal points and leading zeros 0.00
10 20 30 40 50 60 70 80 90
(such as 0.0046).
In 2004, internal auditors, using First two digits
Benford’s Law in an analysis of an elec-
Figure 5: Using Benford’s Law to find a kickback scheme
tric utility’s kilowatt-hour (kWh) debits
and credits, discovered a kickback scheme
perpetrated by the company’s collections
personnel. In the first step of their inves-
tigation, the auditors sought to identify kWh. (A kWh is worth about 10 cents.)
customers with large decreases in the The investigation found that collections
amounts billed. This was essentially the The curved line in personnel were giving customers large
opposite of a rising numbers test because
with revenues the company was concerned
Figure 5 shows the kWh credits (that reduced the amounts
billed to the customers by $3.8 million) in
with decreasing revenues. This test gen- expected first-two- exchange for kickbacks.
erated too many false positives to be of
much practical use. The auditors then digit proportions of A Benford analysis is a useful tech-
nique to identify fraud numbers that are
ran a series of analytics tests on the kWh Benford’s Law. just below control thresholds. In these cas-
numbers credited to customer accounts.
The fact that these credits even existed es, we might see spikes at, say, 99, 49, or 24
was an anomaly. The Benford’s Law graph When a bar protrudes above (perhaps where a receipt is only required
is shown in Figure 5 (at right). the Benford’s Law line it for expenses of $25 and above).
The curved line in Figure 5 shows The follow-up work would drill
means that the actual
the expected first-two-digit proportions down into the data and extract the actual
of Benford’s Law, and the bars show the
proportion for that
first-two-digit combination amounts that were most “responsible” for
actual first-two-digit proportions. When
exceeds the expected the spike or spikes. Auditing journal en-
a bar protrudes above the Benford’s Law
line it means that the actual proportion for tries using Benford would be effective if
Benford’s Law proportion.
that first-two-digit combination exceeds the fraudulent journal entries were a large
the expected Benford’s Law proportion. portion of the population and contained
For the customer credits, the actual some systematic attribute, such as being
proportion for the 99s (the right-most bar) from $2,000 to $5,000. The auditors would
was about twice as large as the Benford examine the attributes of the fraudulent
proportion. The next step identified all the
amounts (such as the dates, the ledger ac-
first two digit 99 credits and then sorted
counts affected, the creators, the approv-
the credits from largest to smallest. There
were eight credits averaging 998,000 kWh ers, the descriptions, etc.) to identify all
and about 200 credits equal to 99,999 the fictitious transactions.

Six number patterns
DUPLICATE NUMBERS OUTLIER NUMBERS

Fraudsters with accounting authority can use intentional dupli- Fraudsters would presumably want their numbers to look
cate payments in occupational fraud schemes. (They can also use “normal.” However, from time to time, fraud numbers are
duplicate payments to generate funds for bribery schemes.) An outliers. Michelle Higson (see “Round numbers” above) used
accountant, for example, would request a refund from a vendor and petty cash checks that were just too large for that type of outlay.
then divert that refund for their own use. The employee might also In this scheme, programming steps would identify the
conspire with a vendor to make the fraud even easier to execute. largest amounts, and fraud examiners could run tests to find,
If the fraudster wasn’t greedy or careless, they could blame the for example, employees earning the most overtime pay, the
duplicates on innocent errors. employees claiming the most for travel and expense reim-
Ryan King was an accounting manager at Carrier Corporation bursements, employees voiding the largest number of sales
in Indianapolis, Indiana. In 2013, he opened a personal checking ac- at the cash register or the customer credit cards receiving the
count in the name of “Carrier Services.” He then purposely made du- most in sales refunds.
plicate payments to four vendors. He instructed two of the vendors In another outlier-numbers scheme, Harriette Walters,
to refund overpayments by check, and two of the vendors to wire who was the tax assessments manager for the District of Colum-
overpayment refunds directly to his Carrier Services bank account. bia, worked with others to approve 143 fraudulent property tax
King embezzled $1,233,343.80 from June 2013 to February refunds from $2,300 to $248,800 and 96 fraudulent property
2015. His attorneys blamed the ease with which he executed his tax refunds ranging from $250,000 to $543,000 for a total loss
scheme on the director of finance’s “lax supervision.” These over- of $49.3 million. Walters was arrested in 2007.
payments weren’t detected during the annual internal audit, the In yet another outlier-numbers case, Charlene Corely,
annual external audit or the controller’s group audit. King’s re- a former defense supplier, received $20.6 million from the
placement discovered his predecessor’s fraud by inspecting the U.S. Department of Defense (DOD) for fraudulent shipping
regular monthly account reconciliations, which King had altered charges. In one example, the DOD paid her $998,798 for ship-
to conceal his scheme. ping two 19-cent washers and locks. Her fraud scheme began
Brantley Thomas was the CFO of the Berkeley County (South in November 1997 and ended in September 2006.
Carolina) School District (BCSD). Over 16 years, ending in early 2017,
Thomas enriched himself from embezzlements and kickbacks to COMBINING NUMBER
the tune of $1.23 million. The first leg of his embezzlement scheme PATTERNS TO FIND FRAUD
was to intentionally overpay certain vendors and then deposit those In 2013, the Oregon Audits Division (OAD) set out to proactively
refunds to his Bank of America credit card for his personal use. detect fraud in the state’s Supplemental Nutritional Assistance
The second leg of Thomas’ embezzlement scheme was to divert Program (SNAP). Households in the program could use their
vendor rebates or refunds (not because of overpayments) for his own benefit cards to buy food or seeds and plants that produce food.
use. For example, the Berkeley Electric Cooperative issues regular Households couldn’t use their cards to buy certain prepared
rebates to its customers for various reasons. An insurance broker foods, beer, wine, liquor, cigarettes, tobacco or non-food items.
also gave Thomas $32,000 in kickbacks for steering school-related OAD’s objective was to identify cases in which a SNAP
insurance purchases to the broker. recipient had a merchant run their benefit card as if they were
The sentencing memorandum noted that Thomas was intelli- paying for food, but the merchant gave the recipient cash instead
gent and charismatic, and he could be kind and faithful to his family, — 50 cents on the dollar. The SNAP recipient would then pocket
friends, coworkers and peers. Before his scheme was discovered the cash, and the merchant would be reimbursed for the “sale.”
(through a tip) he was respected at work and in the community. The OAD auditors analyzed store claims for conformity
At his sentencing the judge said Thomas “had no respect for the to Benford’s Law. They also looked at the percent of even dol-
law, since after he got out on bond in this court, he went around and lar (round dollars such as $20) transactions (round numbers)
stole $36,000 from his next employer. … Mr. Thomas has what they and the trend over time of the even-dollar percentages (rap-
used to say in State Court, an OPM [other people’s money] addiction.” idly rising numbers). They looked at the average transaction
This test often gives many duplicates to manually review. amounts and the trend over time of these averages (rapidly
Fraud examiners should focus on the higher-dollar items and on rising numbers). The auditors also identified cards with a high
vendors that received multiple regular high-dollar duplicate pay- count of same-card, same-dollar and same-day transactions
(duplicate numbers).
ments in a period.

OAD, using Geographic Information System software,
Bibliography
also identified stores with high proportions of customers
that traveled more than 10 miles to stores (threshold num- “Fraudulent Tax Refunds: The Notorious Career of Harriette Walters,”
bers) and those stores where this proportion was increasing by Phillip F. Jacoby, Sebastian Lorigo and Brent T. McCallum, Current
Issues in Auditing, volume 5, issue 1, 2011, tinyurl.com/y4vu7wog.
(rapidly rising numbers).
OAD’s success highlights the value of using multiple, “Forensic Analytics: Methods and Techniques for Forensic Account-
ing Investigations,” by Mark Nigrini, Wiley, 2020, tinyurl.com/
well-planned, relevant tests. yyrba3sw.
“The Guide to Corporate Compliance,” June 2020, chapter 9, “Embrac-
UN-RANDOM RANDOMNESS ing Technology,” by Matthew Galvin and Vincent Walden, tinyurl.
com/y4p4ss8f.
All fraudsters think they’re unique. That assumption is
incorrect because they generally use similar methods that “Round numbers: A fingerprint of fraud,” by Mark Nigrini, Journal of
Accountancy, May 1, 2018, tinyurl.com/yxv3bubr.
range from using numbers designed to “fit in with the
crowd” to those that are blatant outliers. Running analytics Matthews International’s Form 8-K, filed on July 30, 2015, tinyurl.
com/yym2pto9.
tests to find the patterns reviewed in this article, at a mini-
mum, should give you some interesting discoveries. ■ FM Oregon Audits Division, YouTube presentation of “Fraud Analysis
and Detection: Using Benford’s Law and Other Effective Techniques,”
at National Association of State Auditors, Comptrollers and Treasur-
ers, tinyurl.com/y6m6c8rv.
Mark J. Nigrini, Ph.D., is an associate professor of
“Secretary of State Oregon Audits Division Advisory Report, Supple-
accounting at West Virginia University and author of mental Nutrition Assistance Program (SNAP) Fraud Investigations,”
“Forensic Analytics: Methods and Techniques for Foren- June 2018, tinyurl.com/y5trunl9.
sic Accounting Applications” and “Benford’s Law: Ap-
plications for Forensic Accounting, Auditing, and Fraud
Find source materials for the cases in this
Detection.” Contact him at mark_nigrini@msn.com. article at tinyurl.com/y9jeo5m3. – ed.
March 10-12, 2021 | Online Virtual Conference
The 2021 ACFE Fraud Conference Europe will be online

March 10-12, 2021. Learn anti-fraud best practices from leading
experts, plus network online with fellow fraud fighters.
Watch sessions
online or
on-demand.
Earn CPE.
Learn more at FraudConference.com/Europe.
Predication or not?
Discerning when it’s time to begin a
fraud examination
By Dick Carozza, CFE
CFEs discuss how they know The net revenue for a textile plant was significantly lower
when they should devote than projected even though sales had increased. The com-
resources to launch fraud pany couldn’t find evidence of fraud and didn’t detect unusual
examinations or at least trends in financial data, so it attributed the cause to accounting
preliminary investigations. errors. There were some minor inconsistencies in procurement
of plant supplies, but the plant manager enforced strict con-
trols, and validated purchases and requisitions each month. He
hadn’t found any outliers. Though nobody discovered evidence
on the surface, Charles Washington, CFE, wasn’t convinced. His
continued investigation into the small procurement inconsis-
tency led to the identification of a major vendor fraud commit-
ted by the supply supervisor who maintained duplicate ledgers
to conceal his crimes from the plant manager and other execu-
tives. (Washington is now the senior director, global fraud and
asset protection at Pfizer.)
According to the ACFE Fraud Examiners Manual (FEM),
“predication” is the totality of circumstances that would lead
a reasonable, professionally trained and prudent individual
to believe that a fraud has occurred, is occurring or will occur.
(See the FEM, “Act of Predication,” tinyurl.com/y4djjcen.)
40
Predication
In other words, predication is the ba- Cynthia Hetherington, CFE, says her
What you look for when
sis upon which a fraud examination — and team spends hours reviewing internet
establishing predication companies to discern the real from the fake
each step taken during the examination
— is commenced. The CFE of Professional Your resources are limited. And you surely for clients. Predication, for her, is based on
Standards reads, “Certified Fraud Examin- don’t want to waste them burrowing down years of online and open-source discern-
ers shall establish predication and scope rabbit holes. What do you pursue and what ment. “We see companies propping up
priorities at the outset of a fraud examina- do you leave alone? COVID cures and PPE for sale, investment
“My rule of thumb [for determining opportunities too good to be true and, of
tion and continuously reevaluate them as
predication], most simply put is ‘one of course, the big global business magnate
the examination proceeds.”
these things is not like the other,’ ” says who really is just a guy operating a scam
However, the basis for predication
Regent Bethmara Kessler, CFE. “Whether from his mother’s basement,” Hetherington
can vary. In the opening case, despite no says. (She’s president of the Hetherington
a potential fraud is identified by a tip, proac-
apparent evidence, Washington felt that Group.)
tive data analytics or some other method,
something was amiss. And he was correct. “One client was desperate to believe
it is important to understand the ‘usual’ to
There’s nothing magic about the word the sales pitch of a new investment group,”
be able to spot or identify the ‘unusual.’ ” she says. “New investments are always
“predication”; fraud examiners worldwide
(Kessler is a lecturer and consultant and a promising, yet very risky. We ran a thor-
go through similar processes even if they
member of the ACFE Faculty.) ough background check on the group to
don’t call it that.
“The source of an allegation in estab- include criminal and civil history, concerns
“In Europe, we tend to talk about ‘sus-
picion’ of fraud and ‘justification’ for our lishing predication is very critical,” says about past litigation matters and predict-
actions,” says Regent Victoria Meyer, CFE, Francis Njiru, CFE, CPA. “Allegation sources ability of future engagements. We always
range from media reports, whistleblower ask in risk scenarios if we can predict be-
FCAA, director of financial crime consult-
reports, data analytics, audit reports, man- havior based on our findings of how this
ing at the Swiss International Business
agement review, exception reports, among new investor or partner will behave. We
Academy.
look strongly at a group that overreaches
John Gill, J.D., CFE, ACFE’s vice presi- many others,” he says.
and demonstrates greed.
dent – education, says that when he teach- Njiru says that when we’re tasked with
“The overreach is a predictable tell
es the CFE Exam Review Course, he tells stu- conducting a preliminary investigation to
that you are desperate, hungry or too risk-
dents, “Predication is just a fancy word for offer insights on whether to proceed to a tolerant,” Hetherington says. “It’s okay to
having a justifiable, business reason for full investigation, it’s crucial to first deter- be ‘young and hungry,’ and if you are trans-
doing what you are doing.” mine how close the alleging party is to the parent to the client that you are ready to
Fraud Magazine recently consulted alleged misconduct. “Second, the ability of go for gold, then they understand their
with CFEs who work for diverse organi- the party alleging to corroborate evidence investment. But if you are saying you are
zations — public and private — to under- is critical,” he says. “Anonymous sources, old money, blue chip, with historical value
for example, who may not be willing to at the same time, you are behaving like a
stand how they determine when it’s time
provide more specific information raise 1999 tech stock bubble company,” she says.
to begin fraud examinations or at least
“We see your fraud and raise you more due
preliminary investigations. the level of doubt on the authenticity of
diligence. Or in other words, yes, these
We asked what they normally look their claims. The veracity of data sources
companies are predictably and obviously
for to determine if a fraud “has occurred, used in an allegation or the data integrity
behaving fraudulently.”
is occurring or will occur.” We also asked of data sources analyzed is also important Regent Ken Dieffenbach, CFE, says he
if they sometimes determined predication in establishing predication.” (Njiru is an looks at the scope and scale of an issue,
via informed “gut checks” or methodical anti-fraud and compliance consultant. He the quality of evidence (for example, one
fact finding, about cases in which they had previously worked as a manager – forensic anonymous source versus multiple inde-
to reevaluate predication as they discov- & integrity services at EY.) pendent reports), known areas of risk that
ered more evidence and determining if
cases were prosecutable. Here are their
Depending on the strength of the evidence, tip, etc. that we
answers. Agree or disagree, but please of-
are provided at the outset, our assessment may be a mere
fer your views on Fraud-Magazine.com.
formality, or it may be extensive.” KELLY TODD, CFE, CPA

could increase likelihood the reporting is Regent Emeritus Jonathan Turner, CFE, Most of the huge fraud cases I’ve
accurate and if anyone has audited and says fraud examinations have always been a investigated had few red flags.
closely inspected this program recently. blend of art and science. “CFEs should have And too many have had lots of
(Dieffenbach is the special agent in charge a good-faith basis to begin an examination, red flags and no fraud.”
of the Fraud Detection Office in the U.S. so there needs to be clear and objective ele- TIFFANY COUCH, CFE, CPA/CFF
Department of Justice Office of the Inspec- ments that can be demonstrated,” Turner
tor General.) says. “For example, are there objective ac-
“We begin each engagement as an as- tions or inactions that implicate a policy?
sessment,” says Kelly Todd, CFE, CPA. “De-
Do those activities present an opportunity Gut check, methodical
pending on the strength of the evidence,
to personal gain? If these actions could be fact-finding or both?
tip, etc. that we are provided at the outset,
fraudulent, who else would you expect to
our assessment may be a mere formality, Sometimes predication for cases can seem
or it may be extensive,” she says. “The as- see or not see? Do those elements appear?”
to go either way. Fraud examiners might
sessment is designed to move from the Turner says we should consider an al- depend on experienced intuition based on
general to the specific, including the evalu- legation worthy of further investigation previous cases or depend solely on the hard
ation of the initial evidence provided and if it’s specific, credible and testable. (He’s facts in front of them. Or a combination
the identification of fraud exposures and the global head of compliance, privacy and of both.
symptoms.” (Todd is a managing member governance at Zoll Medical Corporation and “I have had a few cases in my career
of Forensic Strategic Solutions LLC.) a member of the ACFE Faculty.) where the fraudsters were very careful in
Todd says predication processes in- Washington says we must look for the covering tracks such that the evidence of
cludes identifying:
loss and the corresponding lie supporting the activity related to the fraud mirrored
• Exposures through an understanding the loss. “But then there are times when activity that could have happened in the
of processes and procedures. you might identify the lie first, and the loss normal course of business,” Kessler says.
• Exposures and trends through the won’t be too far away. Opportunity sets the “In those cases, I trusted my gut and dug
analysis of the financial statements stage for the fraud to occur, so the discov- just a bit deeper. It is important in those
and transactional data from the finan- ery of weak or lax controls will be a lead to situations to really allow yourself to think
cial reporting systems. identifying the loss,” he says. like a fraudster to creatively think about
• Susceptibility of assets to fraud, waste Jeff Matthews, CFE, CPA, says fraud the direction to look towards.”
and abuse. examiners should maintain an attitude of Turner says gut checks are helpful to
• Evaluation of fraud symptoms in the skepticism and objectivity when looking fraud examiners, but we can’t rely on them.
areas where exposures are identified. at any situation. “We are trained to under- “So, if you feel there is something in your
Todd’s teams also consider pressures gut, find the factual and objective informa-
stand the specific frauds that are perpetrat-
and motivations of possible subjects to tion to open the case, then begin the inves-
ed and how each fraud scheme is usually
commit fraud, she says. tigation. There is a reason the alphabet goes
committed,” he says.
“When we’re considering the totality a, b, c. The order of things matters,” he says.
“We will look for signs of the fraud
of the circumstances to determine if suf- Dieffenbach says our guts are terrible
and carefully examine evidence that sug-
ficient predication exists to commence a predictors of most things. “We see many
gests the situation is more than an error or
fraud examination, we generally classify issues on the line and might do some ini-
mistake. These include failure to cooper-
fraud symptoms in several categories, in- tial work to further develop the facts,” he
ate with an investigation, destruction of
cluding analytical, accounting and em- says. “The decision to investigate is not an
evidence immediately before or after a re- all-or-nothing endeavor. We can generally
ployee symptoms; internal control devia-
quest, an abrupt resignation when difficult stop anytime we think it’s prudent. We also
tions; tips; and complaints,” Todd says.
“Our methodology allows us to create questions arise or other unusual personal must consider the opportunity cost: If I in-
decision points — specific to the totality of behavior. Red flags can also stem from ab- vestigate this thing what am I not going to
the facts and circumstances moving from normal trends in financial data, such as investigate?”
general to specific — as to whether we unusual journal entries or unsupported Regent Emeritus Tiffany Couch, CFE,
should recommend carrying the develop- transactions.” (Matthews is a partner of CPA/CFF, says we should pay attention to
ment of our work and evidence further,” StoneTurn and adjunct accounting profes- our gut feelings but not rely solely on them
she says. sor at The University of Texas at Arlington.) in sum. “Most of the huge fraud cases I’ve

Predication
Chelsea Binns recommends ways to improve investigated had few red flags. And too
many have had lots of red flags and no
forming of predication in financial institutions fraud,” she says. (Couch is founder, CEO
and principal of Acuity Forensics.)
Suzette Stevenson, CFE, says she saw
CHELSEA BINNS, PH.D., CFE, who that showed employees who didn’t
a situation in which gift card transactions
worked as a fraud examiner in the take vacations or data that showed were increasing in a specific location. “Dur-
financial industry from 2007 through employees who accessed their of- ing that same time frame, there was a sales
2014, says she learned that some fices at odd hours,” Binns says. contest going on,” she says. “Although I
institutions were particularly con- Specific indicators included the knew that the sales contest could have at-
cerned about forming predication to known behaviors of past fraud- tributed to the gift cards sales increase, I
determine insider fraud and crime. sters partially gleaned from social also knew the increase in this specific loca-
“In the early 2000s, internal media data, she says. “Social media tion was not because of the contest.” Her
frauds became especially problemat- examinations of employees sus- experienced gut told her that fraud was
ic, which resulted in many instances pected of internal fraud revealed occurring even though red flags weren’t
of fraud that were widely reported in suspicious behavior on social media necessarily flying. (Stevenson is manager
the public domain,” she says. (Binns such as regularly ‘checking in’ to of compliance and ethics at Giant Food.)
is now an assistant professor at John casinos or flaunting photos of cash, “We often start a private-sector inves-
Jay College of Criminal Justice at expensive luxury goods, time spent tigation without knowing exactly what we
The City University of New York.) on luxury vacations and dinners are investigating,” Meyer says. “We keep
Her analysis of some of the at fancy restaurants, among other an open mind as to whether the root cause
cases in the financial industry sug- behaviors.” could be fraud, incompetence or systems
gests the frauds were quite simple in Technology provided endless failure. We’d likely start out calling it a
their design and execution. “In some opportunities for large-scale analy- ‘review’ rather than an investigation. The
cases, there were cues and indica- exact point at which it becomes an inves-
ses, she says, but this organization
tors based on what they knew from tigation is not clear cut because we will be
found it difficult to gain cooperation
the anti-fraud literature,” she says. gathering evidence of any fraud alongside
from other internal departments to
“Had the organization been looking ruling out other causes.”
form predications. “Some depart-
at them proactively and with an anti- Meyer says it’s important to maintain
ments didn’t routinely provide data.
fraud mindset, perhaps these frauds evidence-handling protocols even before
And they typically didn’t receive
could have been thwarted while in you’re sure you’re investigating fraud so
requests very well.
progress.” that a possible prosecution isn’t compro-
“And although social-media
Binns says after one organiza- mised when you’ve ruled out non-fraud
data is technically public, using it for
tion discovered the crimes, it cre- reasons.
anti-fraud purposes was controver-
ated a specialized anti-fraud unit to
sial. Even though an organization
determine the potential of monitor-
might be legally able to inspect
Reevaluating predication
ing fraud indicators with big data
social-media data, it still might not Few fraud examinations are simple en-
and predictive analytics.
think it’s a good idea optics-wise,” deavors. Many are projects complicated
The organization conducted
she says. by conflicting or vague testimonies, and
research to determine the best in-
Binns says the movement to- inconclusive evidence. Sometimes fraud
ternal fraud indicators it could use as
ward the creation of “fusion cen- examiners must change direction mid-
fraud predictors. “Some data points
ters” and similar intelligence centers stream or cease an investigation.
were known to be generally indica-
might assist in opening communi- “We were hired by a municipality to
tive of fraud, while others were
cations channels and prevent- investigate allegations by a bookkeeper
more specific to past inci-
ing siloed organizational that the head of a department was cooking
dents,” she says.
structures from impeding the books,” says Todd. “Numerous hard
“Some of the gen-
establishing predication drives were imaged and held to preserve
eral indicators included
and other anti-fraud goals. evidence while we sought to identify
human resources data
and understand numerous suspicious

transactions. As our analysis of the ques- look further back in time. No fraud found intention of filing a fraud claim with its
tionable transactions was understood in at all,” Couch says. insurance carrier.
the larger context of supporting transac- Walt Manning, CFE, says he worked an “However, our review of the company’s
tions and business operations, we quickly investigation, which involved allegations fixed inventory identified rigs with simi-
reevaluated predication and recommend- that an employee was using his company lar descriptions of those believed missing,
ed to our client that they cease further computer to send a tremendous volume of located in other countries,” Matthews
investigation.” spam to a person in Australia. “The accuser says. “Therefore, we could not determine
Initial sources of allegations can even- contacted the company’s chief legal offi- with reasonable certainty that fraud had
tually prove unreliable. Matthews says he cer to complain and threaten legal action occurred without obtaining further de-
was recently engaged to investigate poten- against the employee and the company,” tails, such as VIN numbers, dates of pur-
tial FCPA violations involving a project in Manning says. “Our digital forensics analy- chase, receipts, and source vendors. We
China. “The initial predication was based sis found no evidence of this type of activ- also needed a better understanding of how
on a lawsuit sent to an inspector general ity. Further investigation revealed other fixed-asset transfers were documented be-
by a former, disgruntled employee, who occasions where the accuser had made tween countries or if shipping addresses
alleged bribery,” he says. “The company false allegations against other people who were occasionally altered. Unfortunately,
took the allegations seriously and allowed had upset him with comments on social the relevant fixed asset log was outdated
us to expand the scope to include other media in order to cause problems for his and incomplete. The procurement and
potential related parties and projects. targets with their employer.” (Manning transfer process was largely undefined and
“We identified certain emails and is president of Techno-Crime Institute.) very inconsistent.”
documents that were puzzling. However, Matthews says that when they sought
after reviewing thousands of email corre- Prosecutable cases? additional information, some locations
spondence, journal entries, contracts and A CFE’s job is to discover facts for their orga- weren’t cooperative; others were complete-
extensive interviews, it became clear that nization or client, regardless of where they ly non-responsive. “Despite having initial
the company never made payments to the predication, we determined that the cost
might lead. According to the ACFE FEM,
Chinese business partner that it was sup- of conducting a full investigation through
“If fraud is discovered, the fraud examiner
posedly bribing or any other contractor in- obtaining third-party documentation and
will also have to discuss it with the relevant
volved in the particular project,” Matthew various vendor records — and the situa-
individuals and determine whether the case
says. “A closer inspection of the complaint tion could simply be sloppy accounting
should be presented to criminal prosecu-
also proved other allegations false. If we and paperwork error — far outweighed the
tors.” (In the FEM, see “Presenting the Case
had only considered the complaint, and potential for proving fraud and obtaining
for Prosecution,” tinyurl.com/y4ecy92u.)
a few out-of-context emails, any opinion recovery for the company,” he says.
Fraud Magazine asked the CFEs if they
reached would have been incomplete and Kessler says she never gave up on an
hadn’t proceeded on a possible case because
premature.” investigation based on whether it was pros-
an organization or client didn’t believe it
Couch says that she and her team ecutable or not. “If there is predication, I
was prosecutable.
often have to reevaluate predications. “I believe that we have the responsibility to
once combed over the books of a medical Matthews recalls when a large global
follow the threads wherever they lead,”
practice where we had all red flags,” she organization suspected it was the victim of
she says. “In the end, there should always
says. “One employee, who had access to ev- a vendor kickback scheme. “The company
be consequences for fraudsters even if the
erything, wouldn’t turn over basic reports had purchased 10 semi-trucks and trailers,
fraud isn’t big enough to warrant a criminal
and got mad when we asked her questions. yet, claimed the rigs were never shipped,”
action. Consequences can include, but not
Everyone loved her, but one doctor was he says. “There were no signed receipts
be limited to, paying the organization back
convinced she was stealing. or bills of lading indicating the compa-
or some other clawing back of the ill-gotten
“I was concerned, but all patient funds ny-specific location had received them,
gains. Termination options should also be
made it to the bank, all checks were for which happened to be in a foreign country.
considered.”
business purposes, and her payroll was When questioned, the general manager of
Turner says private-sector entities sim-
pristine. No fake vendors or employees. the location abruptly resigned. The com-
ply don’t know if a case is prosecutable until
The doctor was so convinced he had me pany launched an investigation with the
CONTINUED ON PG. 73

Best defense is
by Sophia Carlton, CFE;
and James Ruotolo, CFE
X
X X
X
Use the new ANTI-FRAUD PLAYBOOK,

produced by the ACFE and Grant Thornton,
to operationalize leading guidance from the
ACFE/COSO FRAUD RISK MANAGEMENT
GUIDE to help your organization move from
theory to practice.
a good offense
Anti-Fraud Playbook provides practical, actionable guidance
F
raud is happening all the time and at every Why we developed the Playbook
organization. In our experience, many
The ACFE/Committee of Sponsoring Organizations of the
organizations think they’re immune to
Treadway Commission (COSO) Fraud Risk Management
fraud. They might say, “We’ve hired good people
Guide (ACFE.com/fraudrisktools) is a tremendous resource
and have very strong internal controls, so fraud for helping organizations establish a strong fraud risk
isn’t a problem here.” It’s probably not news to framework. The 2016 guide is designed to serve as best-
you, but the fraud problem is normally bigger practice guidance for organizations to follow in address-
than organizations think. One organization ing COSO’s 2013 Internal Control – Integrated Framework
we worked with found this out the hard way. A (tinyurl.com/y7yd9h3h) fraud risk assessment Principle
well-respected senior leader had been caught 8. However, implementing all the best practices in the
embezzling in excess of $1 million over more guide can be daunting.
than 10 years. It started with his perceived need The ACFE and Grant Thornton published the Anti-Fraud
for extra money to pay bills that were piling up, Playbook (also see ACFE.com/fraudrisktools) to provide the
but once he started, he couldn’t stop. Through fraud-fighting community and organizations across the
the investigation, the organization found that globe with practical, actionable guidance. The Playbook
many employees had seen behavioral red flags draws on insights from the Fraud Risk Management Guide
— like living beyond his means — for years but and seeks to clarify and operationalize its concepts.
hadn’t reported it because they believed it was The Anti-Fraud Playbook provides easy-to-use tools
impossible that this well-respected leader was and templates to help your organization no matter your
doing anything nefarious. This example and efforts. Whether your organization is just beginning its
many others like it showcase the bottom line: anti-fraud journey or if you’re looking to enhance your
Good people do bad things, and controls fail. fraud risk management (FRM) practices, the Anti-Fraud
Playbook can help.
Fraud is like the proverbial iceberg. The
bulk of fraud risk is unidentified and lurking
beneath the surface. Organizations can and Phases and Plays
should take steps to proactively reduce their The Anti-Fraud Playbook includes 10 Plays, organized into
risk and minimize the impact when fraud does five phases that align to the ACFE/COSO guide’s five key
slip through the cracks. An effective fraud risk principles, detailed in Figure 1 on page 48. This article
management (FRM) program enables organiza- explores those Plays and how you can use them to improve
tions to know where they are vulnerable and an FRM program. We begin each section with the under-
how to take control. lying principle from the Fraud Risk Management Guide.

Anti-Fraud Playbook
an organization will hastily create Create a culture

a program as a response to a major
Promoting fraud awareness throughout
FRAUD RISK fraud event. Or it will decentralize your organization from the top down is vi-
GOVERNANCE FRM efforts so it doesn’t have broad tal to creating a strong anti-fraud culture,
“enterprise view” decision making. enhancing fraud awareness and encourag-
Just this year, an organization ing employees to discuss fraud risks openly
we worked with experienced a mul- and thoughtfully. We’ve all seen and heard
timillion-dollar fraud event and then of scandals resulting from bad cultures. A
The organization establishes and 2015 independent investigation (see tinyurl.
called for help to conduct a fraud risk
communicates an FRM program that com/ouzbk73) discovered Toshiba had been
demonstrates the expectations of the assessment and build a more com-
inflating profits over a number of years. “A
board of directors and senior manage- prehensive FRM program. It could’ve
corporate culture existed at Toshiba whereby
ment and their commitment to high avoided this fraud event or caught it
employees could not act contrary to the intent
integrity and ethical values regarding sooner if it had taken these actions
of their superiors,” the investigation report
managing fraud risk. proactively.
stated.
The first step in this process
Fortunately, you have many ways to
is to conduct a “maturity assessment” to
promote and enhance fraud awareness and
Understand where you are understand where your program is today.
an anti-fraud culture at your organization.
and where you want to be Once you understand your current state, you
At a minimum, organizations should:
The vital backbone of an effective FRM can identify your long-term vision and goal
• Develop a comprehensive fraud risk
program is a strong strategic plan that will state. This process will allow you to develop
policy.
help you make the correct decisions and a road map for the future and focus on gaps
ensure you focus your resources on your you need to address to propel efforts from • Construct an enterprisewide, anti-fraud
areas of highest impact and priority. Many the current to the goal state and ensure re- training program, including staff and
organizations don’t take the time to develop sources are effectively used in areas of high third parties.
strategies for their FRM programs. Often, impact and high priority. • Conduct a culture assessment.
Figure 1: Anti-Fraud Playbook Phases and Plays

Figure 2: Enterprise Anti-Fraud Maturity Assessment Model©
Stakeholder Value
AD HOC INITIAL REPEATABLE MANAGED LEADERSHIP

LEVEL ONE LEVEL TWO LEVEL THREE LEVEL FOUR LEVEL FIVE
We place a heavy emphasis on con- • The stated and unstated values that • Rate of reporting of misconduct, recipi-
ducting culture assessments because govern daily decision-making. ents of reports and perceptions of the
they help organizations understand how • Tone heard from the top and percep- reporting process.
their current efforts are lacking, identify tions of senior leaders’ integrity. Like most things in FRM, a one-size-
potential vulnerabilities that might lead
• Perception that supervisors set good fits-all model for promoting fraud aware-
to internal pressures to commit fraud and
examples and encourage ethical ness doesn’t exist. Tailor your efforts to
highlight areas where fraud might be slip-
ping through the cracks. Some of the most behavior. be relevant to your organization’s fraud
important areas to explore during a culture • The extent to which peers support each risks and the strategic goals of your FRM
assessment include: other in “doing the right thing.” program.
FRAUD RISK
ASSESSMENT
My supervisor and I both
need fast cash. I will add overtime
hours to my time sheet and we will
split the profits.
The organization performs comprehensive

fraud risk assessments to identify specific Janet always leaves her
fraud schemes and risks, assess their likeli- computer unlocked.
The company owes me, and
hood and significance, evaluate existing When she steps away, I can hack into it won’t hurt anyone if I steal
fraud control activities and implement ac- customer account information to sell on one small check, right?
the dark web or change payee
tions to mitigate residual fraud risks. information to my bank account.
Think like a fraudster

Organizations, without consistent fraud taxono-
mies, struggle to speak the same language, which
makes oversight, aggregation of underlying data
and reporting difficult or impossible. Many times,
organizations focus only on schemes they already
know about without considering unknown or
emerging schemes. And often, organizations fail
to think through their specific controls and how a Figure 3: Think like a fraudster

Anti-Fraud Playbook
motivated fraudster might circumvent or of how the organization was using the in- After we educated stakeholders and
take advantage. formation, which resulted in erroneous facilitated meaningful dialogue on how
Put on your “fraudster hat” to ensure scores. Unfortunately, senior management fraud risks and specific controls and pro-
an effective risk identification process. relied on that misleading data to make its cesses at the organization interrelate, we
(See Figure 3 on page 49.) Brainstorm decisions. conducted in-depth fraud risk workshops.
fraud scenarios that are specific to your The risk scoring and prioritizations ended
processes and controls to identify your up looking very different, including the
key risks, gaps and vulnerabilities. We re- identification of new key risks and a clear
iterate: Good people do bad things, and con- picture on gaps and vulnerabilities in cur-
trols fail. Don’t get stuck focusing only on rent processes.
Interviews
what you’ve seen. Think outside the box. If To achieve an effective risk assess-
someone was motivated to commit fraud, Appropriate for senior ment, develop a mix of quantitative and
how would they do it? What processes or management or when
qualitative risk assessment techniques,
controls would they circumvent? Who’d you need to solicit input
including interviews, surveys and work-
be most likely to perpetrate the fraud and in a targeted session
shops. (See Figure 4 at left.) It’s important
why? Thinking like a fraudster will help
to understand when to use each technique
you in your risk-identification process,
so you can garner the most actionable
which will serve as a key insight in your
information and use stakeholder time
fraud risk assessment. Don’t forget to con-
efficiently.
sider both internal and external fraud, and
Study your documentation and inter-
think beyond just financial losses.
view stakeholders to identify anti-fraud
Discover what you don’t know controls, assess their effectiveness and
Surveys
understand how your organization car-
A fraud risk assessment should be dynamic Appropriate in early stages ries out these controls in practice. You also
and iterative, aimed at identifying and as- of risk assessment and are can look at current and past findings from
sessing fraud risks relevant to an organiza- then followed on by inter- either internal or external audit, or other
tion. A best-in-class fraud risk assessment views or workshops for oversight functions.
is a comprehensive program with a con- deeper analysis You should then map controls iden-
stant pulse on current and emerging risks,
tified to your identified risks. This will
and a clear path to mitigation, monitoring
showcase areas that are well-controlled
and reporting across the enterprise.
and highlight key gaps, which will help
Ineffective risk assessments might
meaningfully determine likelihood, and
rely solely on surveys to assess likelihood
impact scores and inform risk response.
and impact rather than a mix of qualita-
tive risk assessment techniques, which With risk scoring and prioritization, re-
member that understanding what’s rela-
is ineffective and puts the emphasis on Workshops
perceptions tively more likely to occur is more impor-
Appropriate when gathering
TIP of risk. For
example, we
cross-functional groups to
tant than perfecting a numerical score.
If you already have a fraud risk as-
A mature risk assessment break down silos and sessment in place, dive deep to determine
worked with
process should employ discuss how process and where you might be able to improve cur-
multiple techniques. an organiza-
risks interrelate
tion who’d pre- rent processes to increase effectiveness
viously relied and usefulness. If you’re starting from the
solely on surveys to ascertain the likeli- beginning, pick one area to focus on first.
hood and impact of fraud risks. We found Figure 4: Qualitative risk Then leverage best practices and leading
that most people took little time to respond assessment techniques guidance to build a methodology that’s
to the survey and had little understanding tailored for your organization. 

FRAUD RISK ASSESSMENT
Rule-based Anomaly detection Predictive Network / link Text analytics

analytics analytics analytics analytics

 a-z
O
Known patterns Unknown patterns Complex patterns Linked patterns Text patterns
Common fraud Criminal fraud Organized fraud
Figure 5: Examples of analytic techniques
insights. However, not all analytic red-flag lists or job aids. Include interactive
FRAUD CONTROL techniques are equal; certain tech- sessions, such as role-playing exercises, to
ACTIVITIES niques are better suited for certain keep participants engaged and help them
objectives or analyses than others. practice thoughts and behaviors demon-
Figure 5 (above) outlines analytic
strated in the training materials. Employees
techniques ranging from simple to
who’ve practiced their fraud prevention and
more advanced. Of course, this isn’t
The organization selects, develops, and detection skills and behaviors in a simulated
a comprehensive listing.
deploys preventive and detective fraud environment will be more likely to use them
Data analytics is critical for
control activities to mitigate the risk
elevating your organization’s FRM effectively in their daily work.
of fraud events occurring or not being Still not convinced that you need this
program. When in doubt, start
detected in a timely manner.
small with a pilot approach to re- type of training? Consistently, one of the
duce initial investment and gain top ways organizations identify fraud is via
Use data to uncover fraud quick wins. tips. The Report to the Nations found that
It’s probably not news to you that data ana- organizations with fraud awareness training
Knowledge is power for employees were more likely to get tips
lytics is a powerful tool. The ACFE’s 2020 Re-
port to the Nations (ACFE.com/RTTN) found Earlier, we covered the need to develop and through formal reporting mechanisms —
that organizations that implemented proac- deploy mandatory enterprisewide anti-fraud 56% compared to 37%. That translates to
tive data monitoring and analysis experi- training. However, training shouldn’t stop more effective hotlines and the potential to
enced a 33% reduction in the median loss there. Implementing targeted role-based
catch fraud sooner, which reduces the loss
and duration of fraud schemes compared training helps employees better connect
and impact to your organization.
to organizations that didn’t. You can easily the message of the training to their daily
Don’t know where to start imple-
implement many anti-fraud analytics tests responsibilities.
menting role-based training? Leverage
with basic spreadsheet software or — on the This type of anti-fraud training also
other end of the spectrum — use robotics, helps your employees identify suspicious the results of your fraud risk assessment.
machine learning and artificial intelligence activity and feel empowered to act against Focus on areas where your risks are higher
to combat fraud. Each of the many analyt- potential fraud. Focus on real-life exam- or where you’ve identified major gaps or
ic techniques brings unique benefits and ples and provide on-the-job tools, such as vulnerabilities. 

Anti-Fraud Playbook
experiences or perceptions. This Conduct investigations

would be detrimental because, as
FRAUD INVESTIGATION we highlighted above, tips are one
Investigations are a critical component of
uncovering not only fraud within your or-
AND CORRECTIVE ACTION of the most common ways that ganization, but also other corporate crimes,
fraud is detected. Those tips will such as money laundering, corruption and
stop coming in if employees lose bribery. Investigations also act as an effective
faith in the system. fraud deterrence practice that showcases the
The organization establishes a communica- If you already have a fraud organization’s commitment to high ethical
tion process to obtain information about investigation function in place, standards and creating the perception of
potential fraud and deploys a coordinated dive deep to determine where you detection.
approach to investigation and corrective If you have a solid foundation, as high-
might be able to improve processes
action to address fraud appropriately and lighted in the previous Play, then this should
to increase effectiveness. If you’re
in a timely manner. be a well-defined process. Key steps you
starting from the beginning, use should perform following the conclusion
the Anti-Fraud Playbook, the ACFE/ of an investigation include communicat-
COSO guide and other leading guid- ing investigation results, taking corrective
Lay the groundwork ance to build a solid foundation for action and, finally, evaluating investigation
your fraud investigations function. performance. 
for investigations
You must have mechanisms in place to
conduct thorough investigations. This
should include a plan for determining and
understanding the root causes of fraud and
the process for implementing corrective
actions to address them.
Most sizable organizations have
some type of fraud investigation func- Enterprisewide fraud
tion in place. However, they vary greatly investigation and
response protocols
in effectiveness. For example, you might
have many investigative bodies spread
throughout your organization. This lack of
centralization leads to missed opportuni-
Mechanisms
ties for synergies, trend identification and Eﬀective
to assess
reporting
aggregate reporting, and departments are investigation
mechanisms
handling investigations differently across performance
the board.
Another common pitfall is a lack of
mechanisms to assess investigative perfor-
Communication
mance. As Figure 6 (at right) shows, that’s channels and
one of the key elements in a solid investi- procedures
gation foundation. Without it, your team
won’t understand how investigations are
perceived. If stakeholders feel the organi-
zation isn’t managing their concerns or
not handling their complaints appropri-
ately, they’ll be less likely to report similar Figure 6: Key elements to lay the groundwork for investigations
concerns in the future. They might also
tell colleagues not to share their negative

Report on your progress Next steps
FRM MONITORING Communicate the outcomes of your The fraud risk journey looks different for
ACTIVITIES FRM program to all levels of your every organization. One size doesn’t fit all.
organization to increase awareness As the first Play suggests, customize fraud
and showcase your accomplish- risk management to meet the unique needs
of your organization. A strong fraud risk
ments. You should be communi-
management program has relevance and
The organization selects, develops and cating informally to all parties along
context to match the culture and broader
performs ongoing evaluations to ascertain the way, but periodically report out-
whether each of the five principles of FRM objectives of the enterprise. And fraud risk
comes, insights and lessons learned.
is present and functioning and communi- management is not a set-and-forget exercise.
Tailor the information for each audi-
cates FRM program deficiencies in a timely Plan continuous improvement to your fraud
manner to parties responsible for taking ence. Senior executives and board risk program as you face a constantly evolv-
corrective action, including senior manage- members might be most interested ing fraud risk landscape.
ment and the board of directors. in key performance indicators and Use this Anti-Fraud Playbook as the
executive summaries while front- foundation to develop a custom fraud risk
line management might be most management approach for your organization
interested in detailed feedback on and move from theory into practice. ■ FM
Monitor your progress processes and controls.
Monitoring almost always comes last when As part of your report development, Sophia Carlton, CFE, is manager, fraud
organizations build FRM programs — some- consider all factors, such as the results of risk mitigation & analytics, at Grant
times even as an afterthought. However, your fraud risk assessment and anti-fraud Thornton LLP. Contact her at sophia.
monitoring and periodic evaluations pro- training — both individually and together. carlton@us.gt.com.
vide vital insight into the effectiveness of
You might be surprised to see new insights
FRM activities and help identify areas for James Ruotolo, CFE, is senior manager,
when you look at the information as a whole fraud risk mitigation & analytics, at Grant
improvement. Monitoring should cover
rather than only looking at the individual Thornton LLP. Contact him at james.
the full spectrum of an FRM program and
factors.  ruotolo@us.gt.com.
should focus on the effectiveness of activi-
ties in place. For example, focus on mea-
suring outcomes instead of outputs. When
looking at a fraud risk assessment, instead
of focusing on the number of fraud risk as-
sessments performed (output), measure the
change in likelihood and impact scores from Use this Anti-Fraud Playbook
one assessment to the next to measure how
as the foundation to develop a
custom fraud risk management
awareness and understanding has improved approach for your organization
since the previous assessment (outcome). and move from theory into
Finally, use the results to drive continu- practice.
ous improvement. For example, let’s say you
were evaluating the level of fraud awareness ACFE members: Visit
within a particular area after conducting ACFE.com/fraudrisktools
targeted anti-fraud training using a survey, to download the playbook.
and the results were lower than expected.
This would indicate that the outcome of the
training wasn’t adequately achieved, and
you should improve the training to achieve
the desired outcome.

CAREER CONNECTION Building your professional future
‘Moneyball’ leadership
Developing leaders from within to help deter fraud
Leadership is part art, part science and perhaps a bit of alchemy.
Selecting individuals to lead companies has become more complex for
boards of directors. CEOs must address the interests of all stakeholders
— not just shareholders. Organizations should consider grooming honest
and proven managers from within to help prevent and deter fraud.
O ld-school, C-suite executive re-

cruitment failures have been
in the headlines a lot in 2020:
• “Former Bumble Bee CEO Lischewski
COLUMNIST
DONN LEVIE JR.,
CFE
can use this bias as a self-preservation
mechanism to strengthen their resolve if
they choose to stand by failing C-suiters.
Board members can selectively recall
LEADERSHIP positive accomplishments of CEOs’
Sentenced to 40 Months in Prison,” CONSULTANT
tenures while hoping the fires in the
by Jason Smith, undercurrent news,
boardrooms extinguish themselves.
tinyurl.com/y8glbdtu.
• “Ex-Pharma CEO Gets Over 2 Years in
From my lifelong We’d all like to think that opposing
hard facts would adjust our thinking and
Prison for Bribery Scheme,” by Philip interest in the sport, challenge us to change our strong beliefs
Marcelo, U.S. News & World Report,
tinyurl.com/y7wodwqq.
I’ve found that and opinions. Apparently, not so. Con-
tradictory evidence tends to strengthen
• “San Rafael Biotech Firm’s Former
baseball players our deepest convictions — not reverse
CEO Convicted of Fraud, Money mature in structured them. This suggests our brains prefer
Laundering,” KPIX, tinyurl.com/ to set aside critical thinking in favor
ybl5kjc8.
environments. Their of faulty positions or beliefs. (See “The
As some executives climb corpo- organizations mentor backfire effect,” by David McRaney,
tinyurl.com/jtcdda3.)
rate ladders, the harder it might be
for them to maintain an ethical grip.
them to handle fame, Organizations compound their
Boards invest time and money recruit- fortune and distrac- problems when they hire outside CEOs
and other C-suite executives without
ing leaders with the hope they can set
visions, increase revenues and boost
tions of the big-league appropriate due diligence.
shareholder value. bright lights. Risks from hiring outside

Sometimes those hires backfire. the organization
The U.S. 2002 Sarbanes-Oxley Act In Richard Steinberg’s seminal book,
tightened corporate governance by “Governance, Risk Management, and
prohibiting CEOs from loading boards Bias in board decision-making Compliance” (John Wiley & Sons, 2011,
with friends and associates. But legisla- “Choice-supportive bias” is the tendency pages 195-196), he writes that S&P 500
tion and corporate policy can’t pre- (see tinyurl.com/vq6ey2u) to stick to non-financial companies, in a 20-year
vent human behavior subtleties from bad choices, such as hiring flawed study, appointed internal candidates
intervening. CEOs, even as situations worsen. Boards to CEO positions who “significantly

outperformed those that bring
outsiders to the job.” The study OLD-SCHOOL MONEYBALL
also showed that the cost of C-suite leader vs. C-suite leader
attracting external candidates recruitment recruitment
was much higher — by as
much as 65 percent — than for
NEW SUPERSTAR EXECUTIVE/LEADER THE LEADER EMERGES FROM THE SYSTEM
internal CEO hires. Four in 10 HIRED FROM OUTSIDE THE ORGANIZATION THAT DEVELOPED THEIR TALENT
CEOs recruited from the out-
side leave their companies after
two years and nearly two-thirds
exit by their fourth year with
expensive golden parachutes
easing the descent.
People People
Organizations still debate and and
the pros and cons of promoting tribes tribes
managers to CEO positions or om r om r
e
C
hiring externally. But if an or-

e
p a n y c ult u p a n y c ult u
In In
ter es te r es
ganization needs a turnaround n a l p ro c e s s n a l p ro c e s s
specialist or crisis management
expert at the helm, the board
might search the open market
for likely candidates with those
whom they might have enjoyed positive read Michael Lewis’ 2003 book, “Mon-
unique skills and experiences.
working relationships. An incoming eyball” (W.W. Norton & Company) or see
A major challenge for outsiders is
insider needs to be sensitive to how col- the Brad Pitt movie of the same name.
building credibility, trust and rapport
leagues might perceive these employ- This is the story of the Oakland Athlet-
with board members. They probably
ment decisions, convey the importance ics’ baseball team that exploited — dis-
haven’t worked together, so they need
of having the right team and get align- rupted is a better descriptor — industry
to take time to engage and become
ment from the rest of the executive team market inefficiencies to experience one
comfortable with each other — a process
and/or board. (See “CEO 1000: Insiders of the best seven-year runs in franchise
that can take months or years.
vs Outsiders,” by RHR International, Oct.
Incoming outsiders must be history.
11, 2018, tinyurl.com/y4pxy2d3.)
sensitive to how boards and others will Instead of traditionally loading the
If one day you were a member of the
scrutinize their early decisions or initia- team with superstar athletes, the Athlet-
team and the next you were its manager,
tives. However, it’s easier for an incom- ics focused on developing the existing
you remember how your former peers
ing outsider to overhaul or reverse prior roster of lesser-known talent that could
had to adjust their perceptions of you
decisions or move those who might have play more than one position well, and
in your new role. You might have had
had a hand in implementing them. (See had overall position-by-position balance
to have one-to-one conversations with
“CEO 1000: Insiders vs. outsiders,” Chief some so they could perceive you as a and depth off the bench — so all players
Executive, Oct. 11, 2018, tinyurl.com/ highly capable leader, recalibrate their at one specific position had equal tal-
y4pxy2d3.) relationships with you, and so they ent. The Boston Red Sox and Houston
and you could communicate mutual Astros followed the same strategy, and
Risks from promoting inside expectations. each won World Series championships.
the organization (However, unfortunately, both teams
Incoming insiders have their own set of Let’s talk baseball for a minute were later caught cheating.)
challenges, especially when they change Board members who opt to hire CEOs (See “MLB reveals Red Sox’ cheat-
members of the management team with from outside their organizations should ing scandal, tainting yet another

CAREER CONNECTION Building your professional future
championship team,” by Tom Verducci, spending on leadership training because • Teach them your systems.
SI.com., tinyurl.com/y93kw88g.) it’s more cost-effective for organizations • Grow them into leaders who under-
to fill senior positions from within their
stand your people, culture and pro-
Bringing talent up hierarchies rather than hire external
cesses, and then let them shine.
through the ranks resources. (See “Global Corporate
Baseball teams have learned to develop Leadership Training Market 2020-2024,” • Share the why behind the how and
talent by bringing players through tinyurl.com/vvekwnn.) vice-versa to help others receive the
minor league teams. They learn systems, That’s what I call Moneyball leader- clarity of vision for moving forward.
work with teammates and team coaches, ship, which is about building depth,
• Keep asking others, “Are there any
creating engaging relationships at all
improve technical skills and increase obstacles that might prevent you from
levels over time and strengthening posi-
knowledge of the game. achieving your objectives?”
tive influence throughout organizations.
From my lifelong interest in the • Listen and pay attention to the sights
Organizations are quickly recognizing
sport, I’ve found that baseball players
leadership succession training is essen- and sounds that will help prevent and
mature in structured environments. tial to efficient functioning and financial deter threats to the enterprise, such as
Their organizations mentor them to health. (See the figure on page 55.) fraud.
handle fame, fortune and distractions of However, all’s not rosy for succes- Ensure managers understand that
the big-league bright lights. Individual sion planning because organizations
building connections with others takes
players function better as a cohesive might not always find their managers
precedence over claiming authority over
team rather than relying on the one or are willing to move into top positions. In
them. They can’t have faith in your orga-
two home-run sluggers or the pitching 2019, DDI, a global leadership consult-
ing firm, developed its Frontline Leader nization without believing and trusting
ace throwing physics-defying sliders
Project. The endeavor, which surveyed in who you are. Take the time to nurture
and curve balls at helpless hitters.
more than 1,000 leaders and executives, your own Triple-A talent so they can
The baseball analogy parallels
found that only one in 10 wants a seat more easily put together consecutive
what happens when some organiza-
in the C-suite, 34% of managers would winning fiscal seasons rather than using
tions go outside their corporate walls to
like to move up just one level into an the Wall Street scorecard of quarter-by-
reel in superstar C-suite executives by
operational leadership position and 11 quarter (the equivalent of inning-by-
dangling excessive compensation. In percent had no interest in steering the
inning) results.
“Moneyball,” author Lewis tells of the ship in a CEO position. (See tinyurl.com/
After all, it doesn’t matter who’s
relationship of insiders versus outsiders qmhspdb.)
ahead at the seventh-inning stretch; what
(organizations pay groomed insiders less Organizations must recognize
than those they hire from outside) and matters is who’s winning and warding off
high-potential managers earlier in their
the ever-increasing capitalist demands leadership development processes, such fraud at the end of the game. n FM
of market efficiencies — to which pro- as a first-base coach who shows prom-

fessional baseball isn’t immune. ise as a manager. They must prioritize Donn LeVie Jr., CFE, a Fraud Magazine
player growth into those ever-expanding staff writer, has been a presenter and a
Global leadership development roles and identify select candidates for
leadership positioning/influence strate-
is using Moneyball principles higher leadership succession over their
gist at ACFE Global Fraud Conferences
According to a TechNavio market careers as team leaders, coaches, manag-
since 2010. He’s president of Donn LeVie
research report summary, the global cor- ers and perhaps even in positions in the
organization’s front office. Jr. STRATEGIES, LLC, and the creator of
porate leadership training market from
several virtual strategic mentoring pro-
2020 through 2024 is expected to post a
compound annual growth rate of 14% or Batter up! grams for high-performing professionals.
about US$26.7 billion. Apply the Moneyball leadership model His website is donnleviejrstrategies.com.
TechNavio’s research also shows within your organization to: Contact him at donn@donnleviejrstrate-
that organizations are increasingly • Identify internal talent. gies.com.

Same Great Conference.
Convenient Online Format.
Virtual | June 21-23, 2021
Network Online Earn more than Choose from

30 CPE 90+
with more than ACFE always plans and executes the best
conferences I have ever attended. Between
4,000 from live and educational

the speakers, topics and networking, there
is not a better conference available.
attendees on-demand sessions sessions
Virtual 31st Annual ACFE Global Fraud Conference Attendee
Register now at
FraudConference.com
FRAUD SPOTLIGHT Lesser-known frauds and anti-fraud methods
Keeping tax-supported officials

around the globe accountable
National agencies are adopting income-asset disclosure management
systems to help ensure transparency and accountability among high-level
political and governmental officials.
N icholas, a citizen of an Eastern

European nation and a highly
respected scientist, worked
as the director of a public institution in
his country. He had the power to grant
funds to research institutions in his
country from international organiza-
tions, such as the Global Fund, the
United Nations, the European Com-
mission and the United States Agency
for International Development (which
included U.S. taxpayers’ money).
The country’s state civil service
bureau, which receives and reviews of-
ficials’ income-asset disclosures (IAD),
selected his declaration to inspect. The
bureau’s staff noticed some red flags
when they matched his information
on the declaration to the external data
sets, such as public land ownership,
salaried employees by public resources
and police records. Then the board sent
the suspected case to the state audit
office for further review. Helen, a smart
oversight professional from the office,
discovered Nicholas had committed a
him for COI. Similar organizations in the Public wants transparency
fraud via a conflict of interest (COI) by
country blacklisted him for the rest of and accountability
granting funds under his signature to an
his career despite his highly respected
institution that, in exchange, had hired Organizations are now using a relatively
his daughter. scientific bonafides. His ethical breach
new tool, IAD management systems, to
Because Nicholas had failed to obviously was more important for him
declare income for relatives under his than his good name. (This story is an detect fraud and corruption by those in
custody in his IAD, his employer fired amalgamation of several cases.) high-level political, governmental and

civil servant positions who could receive risk assessment (FRA) thus employed
remuneration from tax dollars. COLUMNIST to determine leaders’ possible illicit
The public, which is eager for trans- HALUK FERDEN enrichment and COI. (For examples, see
parency and accountability, is asking for GURSEL, PH.D., the ACFE/Grant Thornton Anti-Fraud
clear disclosures in changes in income, CFE, CPA Playbook and the ACFE/COSO Fraud Risk
TRAINING
assets and fortunes of top officials in CONSULTANT Management Guide, tinyurl.com/uo4f-
community service. Mere income moni- wfm; and ACFE’s Fraud Risk Assessment
toring doesn’t work anymore. Citizens Tool, tinyurl.com/y6pnzwfq.) Public-
won’t tolerate the illicit enrichment and The public, which is sector organizations review high-risk
conflicts of interest of these high-rank-
ing leaders while on duty.
eager for transpar- officials’ performances.
World governments are debating
IADs can increase public confi- ency and account- how to provide public access to data in
dence in accountability and perception
of good governance. Organizations can
ability, is asking for countries that lack serious verification
or where anti-fraud laws are weak and
use them to discover illicit enrichments clear disclosures in often ineffective. Therefore, some coun-
and COI. In recent years, private-sector
entities — multinationals and other
changes in income, tries grant tiered access. In other words,
some of the information is publicly
large firms — are also using systems assets and fortunes available, whereas disclosure of more
similar to IADs to vet their top execu-
tives, and enhance accountability and
of top officials in sensitive and detailed information is re-
served for the use of specific authorities,
transparency. community service. such as during court cases. The idea is
“The potential for IAD systems to
to preserve sensitive personally identifi-
contribute to broader anticorruption
efforts, such as national international able information from public consump-
are high. An IAD can assist in combating
financial investigations and prosecution thus preventing possible abuse.
the underlying issues and behaviors that
tions, international recovery efforts, the A jurisdiction’s thorough IAD system
contribute to these perceptions.
prosecution of illicit enrichment, and will:
Governments might prefer to
the identification of politically exposed • Be “anchored” in a code of ethics and/
adopt a model that concentrates on
persons is as yet largely untapped,” or criminal code.
monitoring officials’ wealth to detect the
according to “Public Office, Private In- • Establish credibility among stakehold-
concealment or theft of assets, and sanc-
terests: Accountability through Income ers as it releases results to the public.
tioning violators through administrative
and Asset Disclosure,” Stolen Asset
or criminal means. • Include proportionate, enforceable
Recovery Initiative, The World Bank,
sanctions for noncompliance.
UNODC, 2012, tinyurl.com/yyenwery.
Conflict of interest
An IAD isn’t a magic bullet. Public
officials can still find ways to hide their Rather than focusing on the detection of Anchoring IAD systems
crimes. But an IAD is an important wrongdoing, COI models concentrate on Disclosures in IAD systems need to be
weapon in a country’s anti-corruption avoiding situations that might lead to un- anchored in sets of norms that obligate
arsenal. ethical behavior. These models can provide income and asset declarants to behave
ethics frameworks to avoid COI situations in ethical ways. Such norms are com-
Primary concerns that might lead to corrupt behavior. monly set out in criminal laws and/or
IADs deal with two major accountability in ethics codes and codes of conduct.
issues: illicit enrichment and COI. Approach The codes can broaden the categories of
Public-sector organizations review unacceptable behavior that wouldn’t be
Illicit enrichment high-risk officials’ performances based covered under criminal statutes, such as
Fraud examiners can focus on this when on fraud and corruption risk inher- awarding contracts to brothers, cousins
perceptions of corruption and impunity ent in such groups’ behavior. A fraud or close friends. These codes must gibe

FRAUD SPOTLIGHT Lesser-known frauds and anti-fraud methods
with internal cultures, so employees find Transparency demonstrates account- appearance or perception of COI. Public
them relevant. ability of governments, agencies and officials can’t be too careful.
This anchoring provides filers with officials. They should make laws and
additional motivation to fill in IAD guidelines publicly available for scrutiny
forms completely, accurately and timely. and ongoing education. A system focused on
Linking an IAD system with an ethics/ Organizations must maintain the identifying and
conduct or criminal code also provides same principles in their IAD systems
parameters to evaluate disclosure through the years so they’re as forceful
preventing potential
documents. and coherent on day 3,000 as they were COI will tend to rely
on day one. And they must clearly com- on a collaborative
Credibility of IAD systems municate the purposes of their systems
Manage expectations to internal parties and citizens.
approach among
The public won’t trust inflated expecta- Most officials, of course, initially the administering
tions of achievements. Exaggerated negatively react to IAD systems. They agencies and the
campaign statements about “wiping often view the processes as cumbersome
out corruption” can extinguish good- and unnecessary. Management’s chal-
declarants.
will because the public seen past failed, lenge, over time, is to persuade public
unsustainable attempts. officials that IAD systems are beneficial
Designs of sanctions need to fit to
for them and their organizations. It can
specific objectives within political and
Leadership emphasize to officials that their lack of
economic contexts of a country. The em-
Politicians’ and legislators’ visionary transparency and accountability can
phasis, for example, might need to be on
leadership must drive the introduction cause non-governmental organizations
guaranteeing that all covered individu-
and development of IAD systems. At a to produce incorrect reports and conclu-
als submit their declarations completely
minimum, they should show account- sions and weaken systems’ reliability.
and on time.
ability, consistency and transparency.
Once an agency has largely verified
So, good tone at the top will increase a Sanctions for IAD violators the content of officials’ declarations, it
system’s credibility. Organizations, in constructing their IAD can expand its IAD system to focus on
Accountability must begin with legal plans, must determine those offenses accuracy and veracity. A country can
frameworks written in organizations’ that warrant punishment. They gener- gradually increase the credibility of its
statutes and bylaws. Organizations must ally impose sanctions to ensure com- system by including sanctions that are
require their officials to demonstrate pliance with requirements to declare enforceable and proportionate.
their accountability by participating in in a timely fashion and veracity of Sanctions might range from fines
all minor and major internal and exter- submissions. to administrative penalties (such as
nal systems without requesting special In practice, offenses are: (1) late fil- reprimands, demotions, suspensions
treatment. Organizations also must en- ing (2) non-filing (3) incomplete declara- from office and dismissal) to criminal
force accountability by swiftly penaliz- tions (4) false declarations. The first two penalties. Those who lie on IAD forms to
ing officials to send the message it won’t are focused on the submission process elude illicit enrichment detection can be
tolerate contravention of standards. while the second two on the content of subject to criminal penalties.
Consistency includes harmoniza- declaration. The unique U.S. Ethics in Govern-
tion with, and no contradictions from, A system focused on identifying ment Act of 1978 (tinyurl.com/y2nedz-
countries’ anti-fraud legislation. IAD and preventing potential COI will tend vb), passed in the wake of Watergate,
documents should reflect all laws and to rely on a collaborative approach created mandatory public disclosure
penalties and not supersede them. And among the administering agencies and of financial and employment history
definitions, such as COI and gifts that the declarants. The individuals subject of public officials and their immedi-
officials can accept, should be consistent to declaration are expected to disclose ate families. (The U.S. Congress passed
within a jurisdiction’s various IADs. anything that could even give the the Ethics Reform Act in 1989, tinyurl.

com/y6796dbs.) The act created the U.S. StAR Initiative, November 2009, page • Third tier: computer-assisted logic
Office of Government Ethics. Criminal 14, tinyurl.com/yxure85s.) checks (AI, data-mining software,
penalties for falsifying information Administrative sanctions, which looking for red flags).
can include imprisonment of up to a appear to hold the greatest promise of For example, Argentina performs
year plus civil penalties not exceeding ensuring compliance, consist of fines electronic reviews while in Mongolia
$50,000. (See tinyurl.com/y4ytqjpx.) or suspension of salaries for late filing. ethics officers manually review the top
Italian public officials and members Some administrative sanctions, such as 256 officials. Reviews by some other
of government can be criminally liable publishing names of non-compliant offi- counties emphasize compliance rather
than content verification. Staffing per
The severity of sanctions needs to be calibrated both number of officials’ disclosures vary
to its enforceability and to its potential for deterring widely. Mongolia uses 10 staff members
in its Independent Authority Against
noncompliance. The possibility of a prison term could
Corruption per 256 disclosures — a ratio
be as ineffective as a small fine if an organization 1 to 25. Kyrgyzstan allocates four staff
doesn’t enforce sanctions. for 17,000 disclosures — a ratio of 1 to
4,250. Argentina has 12 staff for 34,000
for not submitting declarations of inter- cials, might carry personal reputational, IAD — a ratio 1 to 2,833. And Croatia has
ests and for providing false information. political, career and earnings costs that 27 staff for 1,800 disclosures — a ratio
In the U.K., criminal sanctions can be can effectively compel compliance. And of 1 to 66. (See “Asset Declarations for
applied to some categories of public of- linking officials’ compliance to perfor- Public Officials: A Tool to Prevent Cor-
ficials. (See tinyurl.com/y2vnupeb.) mance evaluations can pressure them to ruption,” OECD, 2011, Part II, Chapter 6,
In Poland, local public officials can buy into the system.
“Processing of the Declarations,” tinyurl.
be sentenced up to three years in prison Serious administrative sanctions,
com/y62nd57o.)
for false declaration of interests. (See such as suspension and/or dismissal,
“Asset Declarations for Public Officials: might apply in cases of failure to file.
‘Doveryay, no proveryay’
A Tool to Prevent Corruption,” OECD, Different categories of officials might re-
Accountability and transparency require
2011, Part II, Chapter 7, “Liability and quire varying administrative sanctions.
each person controlling public funds to
Sanctions,” tinyurl.com/y62nd57o.) Members of parliament, judiciary, minis-
be clear of suspicion of corruption and
The severity of sanctions needs to ters and heads of state, of course, can’t
fraud. As the old Russian adage says,
be calibrated both to its enforceability generally be immediately dismissed
“Doveryay, no proveryay” — “trust but
and to its potential for deterring non- from office, reprimanded or suspended
from duty like civil servants without verify.” The way to prove the absence of
compliance. The possibility of a prison
formal procedures. corruption is via a system of verifica-
term could be as ineffective as a small
tions and to sanction those not comply-
fine if an organization doesn’t enforce
Reviewing results ing with sets of rules. Income and asset
sanctions.
of declarations disclosure frameworks can help ensure
The trend is leaning toward impos-
Review of participants’ declarations can compliance and combat corruption and
ing fines and administrative sanctions in
be grouped into three levels: fraud in any jurisdiction. n FM
cases of late and non-filing, and criminal
sanctions for false statements. Organiza- • First tier: simple checks for consis-
tions who incompletely file might get tency and completeness. Haluk Ferden Gursel, Ph.D., CFE,
a second chance to submit additional • Second tier: cross-checking data with CPA, is a training/coaching consultant
information. (See “Stolen Asset Recov- other available sources (land regis- and content provider for policy docu-
ery,” by Ruxandra Burdescu, Gary J. Reid, tries, tax declarations, bank informa- ments and e-learning training. Contact
Stuart Gilman and Stephanie Trapnell, tion etc.). him at hgursel@gmail.com.

FRAUD BASICS Fundamentals for all
Dealing with narcissistic

interviewees
Interviewing narcissists during a fraud examination demand special
skills. Here are some practical ways to interview those who have inflated
self-perceptions and are missing solid self-esteem fundamentals.
A s fraud examiners, many of us

are familiar with the cognitive
interview technique, mainly
developed by R. Edward Geiselman,
Ph.D., as a core method to interview
victims, witnesses or accused. (See the
ACFE Fraud Examiners Manual, The Cog-
nitive Interview Technique, tinyurl.com/
y2rpq8qm.)
However, during interviews we
often focus on questions and method-
ological steps and less on interviewees’
characteristics. Awareness of interview-
ees’ psychological functioning can help
us prevent conflicts and glean needed
information. Here we focus on inter-
viewees with narcissistic tendencies:
how to spot them, how they think and
how to best cooperate with them.
Narcissistic interviewees
According to “Diagnostic Statistical
Manual of Mental Disorders,” 5th Edition,
approximately .5% to 1 % of the popula-
tion suffer from narcissistic personality
disorder (NPD). Science indicates that Researchers from the Ohio State (See “Leader Emergence: The Case of the
people with strong narcissistic tenden- University and the University of Georgia Narcissistic Leader,” by Amy B. Brunell,
cies are more prevalent in manage- discovered in an experimental study William A. Gentry, W. Keith Campbell
ment positions. (See “The Prevalence of that narcissism predicted emergent and Brian James Hoffman, October
narcissist CEOs,” by Patrick Wright, HR leadership, regardless of whether it was 2008, tinyurl.com/y4jeoa3u.)
magazine, April 13, 2017, tinyurl.com/ self-reported, reported by others in the Further research indicates that
y9fde87r.) group or assessed by expert observers. narcissistic behavior is linked to fraud.

(See “Some Personality Correlates hiding their ambitions. If you listen to
of Business White-Collar Crime,” by COLUMNIST their stories you’ll eventually notice,
Gerhard Blickle, Alexander Schlegel, BENJAMIN predictably, that narcissists tend to use
Panataleon Fassbender and Uwe Klein,
SCHORN, CFE the word “I” more often than those with
FORENSIC
Feb. 28, 2006, tinyurl.com/y2ypdsq9.) INVESTIGATOR, KPMG moderate personality traits. Their inner
Therefore, it’s not unlikely that fraud need for higher self-worth is also often
examiners are confronted with people of it’s not unlikely that reflected in their appearance: designer
high narcissistic personality traits dur- clothes and shoes, expensive purses,
ing interviews. fraud examiners fine handkerchiefs, signet rings, cuff-
are confronted with links with their initials, luxury cars and
What motivates people with personalized high-brand — in short, a
strong narcissistic tendencies? people of high narcis- “valuable” look.
The media often portrays narcissism as a sistic personality
horrible trait of arrogant and manipula- How do we deal with these
tive people. On closer inspection, how-
traits during forensic people in interviews?
ever, narcissism isn’t necessarily always interviews. According to Geiselman, we should
bad. All of us have moderate narcissistic divide the cognitive interview into the
aspects in our personalities that make us narrative phase and the specific-detail
love ourselves and believe we’ll be able to recognize and identify with the needs phase. (See the ACFE Fraud Examiners
to achieve our goals and that protect us and feelings of others keep their rela- Manual, The Cognitive Interview Tech-
from inappropriate criticism. tionships largely superficial. nique, tinyurl.com/y2rpq8qm.)
However, some have pathologic Narcissists usually have fantasies However, an interview is a social
narcissism with strong self-centeredness of grandiosity and a heightened sense interaction between two or more indi-
that they use as an over-compensating viduals that begin with a get-acquainted
of uniqueness and self-importance, and
talk. Also, before we move from the
survival strategy to excessively protect perceive themselves as more special
first “Hello” to “Tell us everything” we
their self-worth — sometimes to the det- than others. They can express this “red-
usually give the interviewee an overview
riment of others. We assume that overly carpet-mentality” in rule-disregarding of the interview proceedings, such as
narcissistic people have either experi- behavior: “I’m a top manager in this who we are, intended topics, protocol of
enced strong debasements and humili- firm. The rules don’t apply to me.” those taking notes, admissions, reason
ation or have been seated on thrones Status seeking and self-worthiness for our meeting, etc. For these reasons,
without boundaries or consequences drives those with narcissistic tenden- I added “warming-up” and “overview”
for bad behavior in their childhood and cies, which they often express by their phases to the interview process.
adolescence. Both scenarios usually re- high performances at work. And the link
sult in an inflated self-perception with a between status and wealth further drives Warming-up phase
missing solid self-esteem fundamental. high-performing narcissists as their In social interactions with those whom
Those individuals with strong careers become more successful. we haven’t met before, the first ques-
narcissistic traits have inner needs to tions we unconsciously ask ourselves
be recognized and admired. And their How do we identify narcissists is “Can I trust this person? Am I able to
need to sustain their public images drive in interviews? feel safe here?” Or in other words, “Am I
them. They work hard to have others A self-centered person’s need to be encountering a friend or foe?”
perceive them as “recognized persons.” recognized and admired often manifests A narcissistic person often uncon-
They’re attuned mostly to the reactions in their attention-seeking behavior. sciously assumes that other people are
of others that increase their self-esteem. Usually they openly sell their visions, better than they are. To protect them-
Their impaired ability and willingness dreams and competencies instead of selves from the corresponding feelings

FRAUD BASICS Fundamentals for all
of inferiority they use a psychological show interest by actively listening and Narrative phase
trick. Instead of thinking, “This person nodding in agreement. You’ll probably gather most of the
is better — in any terms — than me” However, avoid asking seemingly interview’s information in the narrative
neutral questions that the narcissistic phase. It’s highly important that you
they’ll think, “This person is bad.” Thus,
interviewee can’t answer, such as, “Wow, give the narcissistic interviewee enough
it’s important, that we don’t go into an
this is an incredible picture here of you time and space to tell their story and
interview with an attitude of “I’ll teach
and the northern lights. Last winter, I avoid interrupting them.
this person a lesson.” took my holiday at Cape Horn. Do you As you ask them to remember inci-
We should keep in mind that a know where that is?” A narcissistic dents or conversations that might have
fraud examination inherently isn’t a person could interpret that as a chal-
happened months or years ago, they’ll
social situation between two equal part- lenge to play the “mine is better than
need to dig into their brain’s long-term
ners but one-sided skewed toward the yours” game and then hold back with
episodic memory. This long process can
interviewee. We usually determine the important information to your substan-
be exhausting for them. Patiently wait
tive questions.
meeting date and location, and the topic during these moments of silence until
of conversation. We ask questions and they answer.
Overview phase
therefore lead the conversation. The narcissist equates their spoken
Interviewees, including narcissists, gen-
erally are more willing to share informa- words as their very essence, value and
Narcissists are usually more tion with us if we’re transparent and
importance. Interrupting them is an
attack on their self-worth. TV political
interested in telling their show our readiness to share information
talk shows exhibit narcissists’ extremely
with them first. However, narcissists
stories instead of listening defensive behavior when they’re inter-
are usually more interested in telling
to us talk about our careers, their stories instead of listening to us
rupted. “Excuse me,” they’ll say. “If you
don’t let me finish speaking, I can leave
the interview processes, talk about our careers, the interview
right know. You invited me to hear my
processes, protocols and so on.
protocols and so on. opinion, didn’t you? So, let me finish.”
In contrast, people with high ac-
centuations of conscientiousness or Specific-detail phase
All of this can make an interviewee vigilance explicitly want to know as
Here are three essential rules when you
feel, especially if they’re narcissis- much as they can about the interviewer interact with narcissists in this phase:
tic, that they’re subordinate, and the in front of them, what the interview Begin with simple questions that
interviewer is superior, even before the will be about, how you’re going to use the narcissist will be able to answer
interview starts. And an interview can their statements, if the interview will instead of tough questions that require
reveal an interviewee’s shameful, sensi- be legally in line with data protection expert knowledge. Any of us feels good
tive information. guidelines, etc. supplying helpful information, but a
Therefore, try to dissuade an inter- By dealing with narcissistic inter- narcissist’s self-esteem will especially
viewee from feeling you’re the enemy by viewees, instead of excessively explain- grow if they can answer your first ques-
first asking them general non-threaten- ing the processes etc., you can use the tions, which could spur them to think
ing questions about their wellbeing, city, overview phase to explicitly state that longer for your eventual more difficult
office, company and family, among other you’re reliant on their help and explain interrogatives. But if you ask the hard
innocuous subjects. how they’re able to support us in this questions first, a narcissist could give
Gaining sympathy is of higher value case: “You’ve worked at this company wrong answers because they might not
than showing that you’re an experienced for 10 years, so you probably have more safe enough to say, “I don’t know. Let me
professional with whom your coun- expertise than most other employees think about it.”
terpart better not mess with. Let the around here, don’t you? Because of this, Generally, don’t begin questions
interviewee lead the small talk as you we’re very happy to have the opportu- with “why,” such as, “Why didn’t you
nity to talk to you today about …” follow the prescriptive rules of your

company regarding vendor selections?” explain the reason behind …” This im- saying things like, “I would expect that
All of us usually link “why” questions plies that you understand the interview- you know this” or asking, “Wasn’t this
with feelings of inferiority and our ee’s position, you’re honestly interested your responsibility?” Narcissists won’t
parents’ age-old demands, such as, in them and won’t judge their actions. accept even constructive criticism, and
will be angry or refuse to give further
“Why did you get a D in math again? Therefore, we reduce the interviewee’s
information. n FM
Learn more the next time!” A narcissist feelings of shame and add more space
translates those questions as, “You’re a for them to openly and freely explain the
failure. As a person, you’re not worthy!” situation. Benjamin Schorn, CFE, is a forensic
investigator at KPMG and self-employed
Instead of asking the interviewee, Don’t criticize. You might be
profiling specialist, systemic coach
“Why?” we should say, “I’m sure there tempted to point out the interviewee’s and behavior analyst. Contact him at
was a plausible reason you did this and mistakes, because it might give you a bschorn@kpmg.com and benjamin-
that. It would really help us if you would feeling of superiority. However, avoid schorn.de.
Statement of Ownership, Management, and Circulation 13. Publication Title 14. Issue Date for Circulation Data Below
(All Periodicals Publications Except Requester Publications) Fraud Magazine Sept/Oct 2020
1. Publication Title 2. Publication Number 3. Filing Date
15. Extent and Nature of Circulation Average No. Copies No. Copies of Single
Fraud Magazine 0 2 2 _ 2 2 2 10/1/2020 Each Issue During Issue Published
Preceding 12 Months Nearest to Filing Date
4. Issue Frequency 5. Number of Issues Published Annually 6. Annual Subscription Price
$45 a. Total Number of Copies (Net press run) 69821 71292

Bi-monthly 6
7. Complete Mailing Address of Known Office of Publication (Not printer) (Street, city, county, state, and ZIP+4 ®) Contact Person (1) Mailed Outside-County Paid Subscriptions Stated on PS Form 3541 (Include paid
Aimee Jost distribution above nominal rate, advertiser’s proof copies, and exchange copies) 50225 51029
Telephone (Include area code) b. Paid
716 West Ave., Austin, Travis County, TX 78701-2727 Circulation Mailed In-County Paid Subscriptions Stated on PS Form 3541 (Include paid
(512) 478-9000 (By Mail
(2)
distribution above nominal rate, advertiser’s proof copies, and exchange copies) 0 0
8. Complete Mailing Address of Headquarters or General Business Office of Publisher (Not printer) and
Outside Paid Distribution Outside the Mails Including Sales Through Dealers and Carriers,
the Mail) (3)
716 West Ave., Austin, Travis County, TX 78701-2727
Street Vendors, Counter Sales, and Other Paid Distribution Outside USPS® 17240 18094
Paid Distribution by Other Classes of Mail Through the USPS

9. Full Names and Complete Mailing Addresses of Publisher, Editor, and Managing Editor (Do not leave blank) (4)
(e.g., First-Class Mail®) 43 4
Publisher (Name and complete mailing address)
c. Total Paid Distribution [Sum of 15b (1), (2), (3), and (4)]
John Gill
67508 69127
716 West Ave., Austin, TX 78701-2727
d. Free or (1) Free or Nominal Rate Outside-County Copies included on PS Form 3541
Editor (Name and complete mailing address) Nominal 1567 1663
Rate
Distribution (2) Free or Nominal Rate In-County Copies Included on PS Form 3541 0
Dick Carozza (By Mail
0
716 West Ave., Austin, TX 78701-2727 and
Free or Nominal Rate Copies Mailed at Other Classes Through the USPS
Outside (3)
(e.g., First-Class Mail)
Managing Editor (Name and complete mailing address) the Mail) 159 110
(4) Free or Nominal Rate Distribution Outside the Mail (Carriers or other means)
Dick Carozza 349 146
716 West Ave., Austin, TX 78701-2727
e. Total Free or Nominal Rate Distribution (Sum of 15d (1), (2), (3) and (4))
10. Owner (Do not leave blank. If the publication is owned by a corporation, give the name and address of the corporation immediately followed by the 2075 1919
names and addresses of all stockholders owning or holding 1 percent or more of the total amount of stock. If not owned by a corporation, give the
names and addresses of the individual owners. If owned by a partnership or other unincorporated firm, give its name and address as well as those of f. Total Distribution (Sum of 15c and 15e)
each individual owner. If the publication is published by a nonprofit organization, give its name and address.)
69583 71046
Full Name Complete Mailing Address
g. Copies not Distributed (See Instructions to Publishers #4 (page #3)) 238 246
Association of Certified Fraud Examiners 716 West Ave., Austin, TX 78701-2727
h. Total (Sum of 15f and g)
69821 71292
i. Percent Paid
(15c divided by 15f times 100)
Statement of Ownership, and Circulation
97.3% 97.0%
Management,
(All Periodicals Publications Except Requester Publications)
* If you are claiming electronic copies, go to line 16 on page 3. If you are not claiming electronic copies, skip to line 17 on page 3.
16. Electronic Copy Circulation Average No. Copies No. Copies of Single
Each Issue During Issue Published
Preceding 12 Months Nearest to Filing Date
11. Known Bondholders, Mortgagees, and Other Security Holders Owning or Holding 1 Percent or More of Total Amount of Bonds, Mortgages, or
Other Securities. If none, check box � None
a. Paid Electronic Copies 19938 22098
Full Name Complete Mailing Address
b. Total Paid Print Copies (Line 15c) + Paid Electronic Copies (Line 16a) 87446 91255
c. Total Print Distribution (Line 15f) + Paid Electronic Copies (Line 16a)
89521 93144
d. Percent Paid (Both Print & Electronic Copies) (16b divided by 16c Í 100) 97.7% 97.9%
� I certify that 50% of all my distributed copies (electronic and print) are paid above a nominal price.
17. Form 3526,

PS Publication of July 2014 (Page
Statement 2 of 4)
of Ownership
12. Tax Status (For completion by nonprofit organizations authorized to mail at nonprofit rates) (Check one)
The purpose, function, and nonprofit status of this organization and the exempt status for federal income tax purposes: If the publication is a general publication, publication of this statement is required. Will be printed Publication not required.
� Has Not Changed During Preceding 12 Months
�
Nov/Dec 2020
in the ________________________ issue of this publication.
Has Changed During Preceding 12 Months (Publisher must submit explanation of change with this statement)
PS Form 3526, July 2014 [Page 1 of 4 (see instructions page 4)] PSN: 7530-01-000-9931 PRIVACY NOTICE: See our privacy policy on www.usps.com. 18. Signature and Title of Editor, Publisher, Business Manager, or Owner Date
9/18/2020
I certify that all information furnished on this form is true and complete. I understand that anyone who furnishes false or misleading information on this form
or who omits material or information requested on the form may be subject to criminal sanctions (including fines and imprisonment) and/or civil sanctions
(including civil penalties).

Calendar of Virtual Events
ADVANCE YOUR CAREER WITH

VIRTUAL TRAINING FROM THE GLOBAL
LEADER IN ANTI-FRAUD EDUCATION.
ACFE.COM/TRAINING
NOVEMBER 2020 NOV 2020 ACFE GOVERNMENT DEC ADVANCED FRAUD

17 ANTI-FRAUD SUMMIT 10 EXAMINATION TECHNIQUES
NOV 2020 ACFE FRAUD CONFERENCE Virtual Conference Virtual Seminar
1 CANADA November 17, 2020 | CPE: 8 December 14-16, 2020 | CPE: 12
Virtual Conference
November 1-4, 2020 | CPE: 24
DEC CONVERSATION WITH A
17 FRAUDSTER
Online Webinar
December 17-18, 2020 | CPE: 2
NOV AUDITING FOR INTERNAL

19 FRAUD
NOV PROFILES OF FRAUDSTER CASE Virtual Seminar
10 STUDIES November 19-20, 2020 | CPE: 16
Virtual Seminar
November 10, 2020 | CPE: 4
DECEMBER 2020
NOV SCAM PROOF YOUR LIFE, DEC FRAUD PREVENTION
12 PSYCHOLOGY OF FRAUD AND 1 Virtual Seminar
SCAMMER TACTICS December 1, 2020 | CPE: 8
Online Webinar
November 12, 2020 | CPE: 2
NOV VIRTUAL CFE EXAM REVIEW

16 COURSE
Virtual Seminar
November 16-19, 2020 | CPE: 32
DEC INVESTIGATING CONFLICTS

10 OF INTEREST
Virtual Seminar
December 10-11, 2020 | CPE: 8
Calendar subject to change.
For information or to register, visit ACFE.com/training

Which Online Event is
the Best Fit For You?
It is our top priority to keep you up-to-date on the latest in fraud by providing cutting-edge, relevant training.
We also understand that the in-person benefit of networking with other attendees is an important element
to staying up-to-date on the latest in anti-fraud trends and best practices. We are adding new online events
every day keeping these goals in mind.
We now offer a wide selection of different types of online events.

Below you’ll find a guide for choosing which type of online event best suits your training needs.
Online Webinar Virtual Seminar

Online webinars are typically 100 minutes and offer up to We are offering several different types of virtual seminars
2 CPE. We offer a wide range of topics ranging from lead- ranging in length and number of CPE credits. Virtual
ership skills to data analytics. This is the perfect option if seminars vary in length ranging from 4-16 hours. In ad-
you are looking for a shorter, more specialized training. dition, many of the in-person seminars we typically offer
have been converted into a virtual format. We are adding
new virtual seminars every day, so keep an eye on the
calendar for updates. This is the perfect choice if you are
looking for in-depth training on a specific topic and need-
ing to earn more CPE.
Virtual Seminar Workshop Virtual Conference

The virtual seminar workshops are longer and offer Virtual conferences are a great way to get the many
more CPE. Most importantly, these workshops are very benefits of attending a live conference, from the com-
interactive. You will interact with other attendees and forts of your own home. You should attend the virtual
the instructor in these workshops. This is the perfect conferences for many sessions which offer a large
choice if you are looking to receive the benefits of net- range of topics, often specific to the region in which the
working with other attendees and the instructor while conference is held. Many conferences offer ways to get
learning in a hands-on environment. the added benefit of virtual networking, more CPE and
on-demand session recordings after the conference.
Free Members-Only Webinar Virtual CFE Exam Review Course

Free webinars are only available for ACFE Members. Virtual CFE Exam Review Courses are a great opportu-
This is a benefit for ACFE members to receive CPE, free nity to get the many benefits of attending the CFE Exam
of charge. These are 50-minute webinars, that cover a Review Course, virtually. This live course allows you to ask
specialized topic. This is a great option for an on-the-go the instructors questions, and interact directly with other
ACFE member who wants to attend a webinar and learn attendees. This is a great choice for you if you’re looking
the latest, without having to cut into your work schedule to earn your CFE credential, and need hands-on training to
too much. help you pass the exam on your first try.
I’M A CFE
Priti Amin, CFE

Vodafone Business fraud
manager at Vodafone Group
When Priti Amin, CFE, was

young she knew she wanted
to do something that helped
others because honesty, trust
and personal integrity were When I was little, I wanted to be managing stakeholders at operational
a nurse but discovered early on and executive levels.
important to her. Those values
that I didn’t really get on with sci- We support local markets and
compelled Amin in her journey ences! At the very basic level, I knew business functions across the globe
to fight fraud. Within Vodafone I wanted to do something that helped in managing all significant fraud
Group, a global technology others. Honesty, trust and personal incidents affecting our business cus-
integrity are values I have held in high tomers, and we work closely with our
communications organization, regard from a young age. investigations team.
Amin is the Vodafone Business
fraud manager. She’s responsi- Previously, I worked in consulting My interest in fraud was sparked
for around 14 years, initially pro- at a very early stage in my career.
ble for managing fraud risks for
gressing through the internal audit As a junior internal audit assistant in a
the entity, its products, services profession and subsequently branch- local government body, I was regu-
and customers. ing off into fraud investigations and larly asked to help with the legwork
management. I managed and led on of investigations. My first involvement
Interview by Dick Carozza, CFE a portfolio of clients delivering both really opened my eyes to how cre-
proactive and reactive fraud services, ative some people can get when they
I was born in the city of Mbarara in reporting to the CFOs and, ultimately,
put their minds to it!
the western region of Uganda. My the audit and risk committees.
family came to the U.K. when I was The more I became involved,
about two or three years old as part the more I wanted to know. I was
In my current role, within a global
of the expulsion of British Asians by intrigued about different types of
technology communications orga-
the then President Idi Amin (no rela- frauds, what had allowed the frauds
nization, I lead on delivering fraud
tion, I might add!) and settled in the management activities, specifically to happen, what motivated people to
city of Leicester where I grew up. for the enterprise part of the busi- commit fraud and how they avoided
ness. I am responsible for managing detection.
I spent a lot of time outdoors when the fraud risks to this entity, its prod- When I moved to consulting, I
growing up, playing with other kids ucts, services and customers. I have was keen to develop myself further in
usually on our bikes or tennis. I also led on developing and driving a fraud the fraud field and was lucky enough
enjoyed reading and was always — management program. My team and to join the fraud investigations team,
and still am — into crime and thriller I deliver fraud risk assessments across even though my primary role was in
books. the entity, which inevitably means internal audit.

One of my earlier cases, upon win-
ning a new health client, involved a I believe all feedback is a gift; it allows us the
member of the public using fraudu-
lent identities to register at various opportunity to improve ourselves further but
medical practices to obtain prescrip- can also provide recognition of any positive
tion painkillers — controlled drugs contribution, which can drive encouragement
— fraudulently.
and motivation.
The individual had been doing
this for several years. Previous inves-
tigations through other third parties
had not been successful. I worked
wealth of information and resources. — be tenacious and keep asking for
extensively with the local controlled-
It offered an opportunity to expand clarification if you don’t understand
drugs liaison officer, the U.K. border
my network and connect with like- the information being communicated.
agency and several medical practic-
minded individuals across the globe. I Never underestimate the impor-
es in the region where the individual
also joined the ACFE UK Chapter and tance of effective internal controls in
had registered, to gather evidence
attended various conferences and fraud prevention.
of the timeline of the fraud, the
training events. In 2015, I committed Learn from each case and expe-
types of controlled drugs they were
to achieving the CFE credential by rience whether that means enhancing
obtaining and following various lines
that summer, which I did. or honing a particular strength or
of enquiries.
learning what may have worked bet-
A pattern started to emerge
concerning their behavior and the The CFE has broadened my knowl- ter. I believe all feedback is a gift; it
methods utilized. While they had edge and built upon my experience allows us the opportunity to improve
used various identities, they had used in the fraud arena. It has provided ourselves further but can also provide
the same address. The case involved me with new tools and methodol- recognition of any positive contribu-
accessing medical records through ogy for conducting proactive fraud tion, which can drive encouragement
the correct protocols, plus obtaining management activities such as fraud and motivation.
witness interviews from the medical risk assessments, using data to detect
practices, doctors and pharmacists to financial statement fraud, enhanc- My family is my greatest achieve-
piece together the quantity that had ing my interview skills and using the ment. Without their support and
been obtained and the cost to the correct inflection during interviews. It understanding, I most definitely
health authority. has made a difference because of its would not have been able to progress
My client took the decision international context and being able in my career. Fraud investigations are
to prosecute and was successful. In to connect with fraud professionals demanding and time-consuming at
court, I felt sorry for the individual. who share the same passion to fight the best of times. Balancing this with
Even though they came from a large fraud. professional studies, travel and three
family, not one of them was in court. kids needs special people to support
The individual had become depen- My advice for fraud examiners is and stand by you.
dent on drugs and committed the you must think like a fraudster to
fraud for personal usage; desperation prevent and investigate frauds. I enjoy long walks; they give me
had led to creativity in how they got Trust your instincts and intuition time to switch off and take in the
hold of them. in investigations. To focus on the natural surroundings, which we don’t
evidence and the facts, and always, always appreciate. I also like to so-
I first heard of the ACFE back in always follow the money. In inter- cialize with friends and family. n FM
2007. I became an associate mem- views, listen more than you speak and
ber because I wanted to broaden just as importantly, observe. Dick Carozza, CFE, is editor-in-chief of
my knowledge and skill set in fraud, In non-investigative interviews Fraud Magazine. Contact him at dcaro-
and I took advantage of the ACFE’s — such as fraud process reviews zza@ACFE.com.

ACFE NEWS
Second ACFE COVID-19 report finds 77% have seen overall fraud increase
Of the anti-fraud professionals sur- expected increases, are: (1) cyberfraud • 56% expect their level of anti-fraud
veyed for the ACFE “Fraud in the Wake (2) unemployment fraud (3) payment staffing to remain about the same;
of COVID-19 Benchmarking Report, fraud (4) fraud by vendors and sellers. 30% expect an increase and 14%
September 2020 Edition,” 77% have seen Thirty-eight percent expect an expect staffing reductions.
an increase in the overall level of fraud increase in their overall anti-fraud A majority — 68% to 76% — say
as of August, compared to 68% who’d budgets over the next year, while 14% that preventing, detecting and investi-
observed an increase when the ACFE expect a decrease. Here are notable gating fraud are more difficult now than
published the first COVID-19 report in changes to specific budget areas: before COVID-19.
May. An inability to travel is still the
• 42% expect a decrease in budget for
Ninety-two percent of the survey No. 1 challenge in combating fraud.
travel for anti-fraud staff; 23% expect
participants expect the overall level of But more people are citing conducting
fraud to continue increasing over the a significant decrease. remote interviews as a current top chal-
next 12 months. Forty-eight percent • 33% expect an increase in budget for lenge for them, moving this up to the
expect this increase to be significant. training/professional development No. 2 spot.
Participants said the top fraud for anti-fraud staff. However, 28% Download the report at ACFE.com/
risks, based on current observations and expect a decrease in this budget item. covidreport.
IN MEMORIAM
Timothy Alan Pearson
Timothy Alan Pearson, a former Virginia University. “When I arrived at WVU as a newly mint-
executive director of the Institute for ed Ph.D. and WVU faculty member, and became frustrated
Fraud Prevention, and a colleague and with my dissertation, Tim jumped in to help get it published,”
friend of many ACFE members, passed Dr. Riley said. “It’s hard to imagine that I’ll never be able to
away July 28 in Savannah, Georgia, talk with him again.”
from complications of COVID-19. He “Tim was a very special person,” said Patricia Johnson,
was 63. MBA, CFE, CPA, visiting assistant professor at Daemen Col-
Dr. Pearson was born on June 13, lege. “He was kind, knowledgeable, a true professional who
1957, in Madison, Wisconsin. A lifelong always had time to talk. His quiet sense of humor and genuine
academic and educator, he earned his Bachelor of Science,
concern for people stand out in my memory. It was a privilege
Master of Professional Accountancy and doctorate from the
to know him. I will miss him.”
University of Wisconsin-Madison.
“Tim Pearson was charitable and kind in his interactions
He worked as a professor of accounting and in college ad-
with everyone, and an unassuming, self-effacing leader,” said
ministration for more than 30 years — first at the University
Dr. Sridhar Ramamoorti, CFE, CPA, CIA, associate professor of
of Wisconsin-Eau Claire, then at West Virginia University and
accounting at the University of Dayton. “A quintessential fam-
finally at Georgia Southern University.
ily man, we need more ‘gentle giants’ like him in this world. I
At the time of his death, Dr. Pearson was director of
the School of Accountancy and Professor of Accounting at was fortunate and blessed to know him.”
Georgia Southern University. He was an expert in forensic ac- “Tim was a friend to everyone,” said Dr. George R. Young,
counting and served as editor for multiple academic journals, CFE, CPA, director of the Florida Atlantic University School of
published numerous peer-reviewed articles and secured mil- Accounting. “He had an easygoing manner that made all who
lions in grant funding, according to his colleagues. encountered him feel very fortunate. I will miss him.”
“Tim was a dear friend, gentle as a teddy bear, always Dr. Pearson is survived by his wife of 35 years, Lori; and
positive, hard to rattle, a person who never said ‘no,’ ” said a his four children, Nathan, Joshua, Skylar and Samuel; plus his
former colleague, Dr. Richard A. Riley Jr., CFE, CPA, Louis F. granddaughter Violette; Samuel’s partner, Cassidy; his broth-
Tanner Distinguished Professor of Public Accounting at West ers, Dave and Bill; and his sisters, Pegge and Judith.

Fraud Magazine associate editor leaves ACFE Pacific NW Chapter
After 6½ years with the ACFE, endeavors and find new profes-
honors Dervaes by
Fraud Magazine Associate sional challenges. naming student
Editor Emily Primeaux, CFE, “I’ve met hundreds of CFEs scholarship after him
has moved on to other creative from around the world over the
opportunities. years. Your passion for rooting The ACFE Pacific
“I couldn’t have asked for out fraud and corruption has Northwest Chap-
a better associate editor,” says made my time with the ACFE so ter Board recently
honored Regent
Fraud Magazine Editor-in-chief fulfilling,” Primeaux says to the members.
Emeritus Joseph
Dick Carozza, CFE. “She showed tremen- “I’ll miss talking to you in person at ACFE
R. Dervaes, CFE,
dous enterprise in reporting for her cover- Annual Global Fraud Conferences and other CIA, by naming its
story articles, and her editing skills were events, and I thank you for allowing me higher-education
excellent,” he says. “She transformed the opportunity to help in your dogged student scholar-
Fraud-Magazine.com and developed a pursuit of truth and justice.” ship after him in recognition of his
great FM app. Emily contributed podcasts Primeaux began her career as a 7th service to the chapter. Dervaes was the
and was a fastidious project manager for grade English teacher and athletic coach chapter’s founding president in 1993.
He served in that position and as presi-
other ACFE endeavors. We’re going to in 2008. In 2010, she moved to Dublin,
dent emeritus on the chapter board for
miss her greatly.” Ireland, and worked as the volunteer
25 years.
Primeaux says working on the maga- programme officer at Suas Educational
“Joe Dervaes is a true legend in the
zine and with the ACFE has been a high- Development, a nonprofit with a goal of fraud-fighting world,” says Mike Nurse,
light of her career. “Under the mentorship tackling educational disadvantage in In- CFE, president of the Northwest Chap-
of Dick Carozza, I was granted opportuni- dia, Kenya and Ireland. ter. “He has left a legacy that continues
ties to interview headline-makers, hone In 2011, she moved to Gibraltar to to touch people’s lives every single day. I
my skills as a writer and editor, and help work as the news and onsite marketing couldn’t imagine a more appropriate
contribute to the global fight against coordinator at Tradimo, a company that honor for Joe because the scholarship
fraud,” she says. “It wasn’t easy deciding to teaches laypersons how to trade in finan- represents the continuance of every-
leave the ACFE — and certainly not during cial markets. At the beginning of 2014, thing he has dedicated his life to —
a worldwide pandemic — but after learn- Primeaux moved to Austin, Texas, and education and the fight against fraud.”
ing so much, I was ready to tackle new began with the ACFE shortly after. Dervaes was chair of the ACFE
Board of Regents for three years. In
1999, he became the first ACFE Fellow.
The ACFE presented him with its highest
Nigrini questions calculations in Benford’s honor, the Cressey Award, in 2003. In
Law article; author responds 2004, he joined the ACFE Foundation
Board of Directors. In 2007, he received
Mark J. Nigrini, Ph.D., a well-known Benford’s Law advocate, contends that in the ACFE Outstanding Achievement
the May/June 2020 Fraud Magazine article, “Benford’s Law still works: Practical in Community Service and Outreach
applications for finding fraud in a business scenario, by Venkat Kesha Pillai, CFE, Award. He was a longtime author of the
“Fraud’s Finer Points” column in Fraud
ACA, that the chi-square test statistic wasn’t calculated correctly. Nigrini says in
Magazine.
the page 39 table, the observed frequency and the expected frequency columns should
“I was so pleased to be notified by
show the actual and the expected counts, and not the actual and expected percent-
the ACFE Pacific Northwest Chapter that
ages. See Nigrini’s Excel file showing his calculations in the online version of this the board had changed the official name
article at Fraud-Magazine.com. of its student scholarship program to
Pillai responds, “With respect to the method of working out the chi-square test the ‘Joseph R. Dervaes Scholarship,’ ”
statistic, as you [Nigrini] have observed, I went by the difference in frequencies (not
CONTINUED ON PG. 73
CONTINUED ON PG. 73

CPE QUIZ No. 153 (November/December 2020, Vol. 35, No. 6)
The Fraud Magazine CPE quizzes are now available 6. According to the article, “Dusting your data for fraud’s
online only. Please visit ACFE.com/FMQuiz or view fingerprints,” fraudsters with accounting authority can
use intentional duplicate payments in occupational fraud
the CPE Quiz form on the next page for more schemes.
information on how to earn your 10 CPE. A. True.
B. False.
1. According to the opening case in the article, “Fraudulent 7. According to the article, “Predication or not?” Regent
T&E reports can indicate greater ethical lapses,” the author: Victoria Meyer, CFE, FCCA, said:
A. Was investigating a manager’s hotel receipts only. A. “Predication is just a fancy word for having a justifiable,
business reason for doing what you are doing.”
B. Noticed a trend that all figures in the manager’s meal re-
ceipts were round numbers. B. “The source of an allegation in establishing predication is
very critical,”
C. The author determined that the manager had forged the taxi
receipts to the tune of a couple thousand dollars. C. “Most of the huge fraud cases I’ve investigated had few
red flags.”
D. Recommended that the manager be given a reprimand only.
D. “In Europe, we tend to talk about ‘suspicion’ of fraud and
2. According to the article, “Fraudulent T&E reports can ‘justification’ for our actions.”
indicate greater ethical lapses, be sure to flag”:
A. Expenses that are submitted as out of pocket. 8. According to the article, “Predication or not?” Kelly Todd,
B. Spending that’s right above the receipt threshold. CFE, CPA, said:
C. Expense reports approved within a long time of submission. A. “We begin each engagement as an assessment.”
D. Expenses with Disapproved Merchant Codes. B. “The decision to investigate is not an all-or-nothing
endeavor.”
3. According to the section, “Samantha’s story,” in the article, C. “We often start a private-sector investigation without
“Set fire to your ‘emotional intelligence,’ ” Samantha: knowing exactly what we are investigating.”
A. Worked graciously with her coworkers without any friction. D. “If there is predication, I believe that we have the respon-
sibility to follow the threads wherever they lead.”
B. Rejected critiques from her colleagues and quit.
C. Had to be willing to ask and answer some really tough
questions about herself. 9. According to the article, “Best defense is a good offense”:
D. Over time, ultimately didn’t change and became a bad A. The Anti-Fraud Playbook includes 20 Plays, organized into
example to her people. 10 phases.
B. The vital backbone of an effective FRM program is a matu-
4. According to the article, “Set fire to your ‘emotional intel-
rity assessment.
ligence,” perfectionism can be our biggest strength, but, in
the blink of an eye, can become our biggest weakness. C. The bulk of fraud risk is unidentified and lurking beneath
the surface.
A. True.
D. Identify all the suspicious employees in your organizations.
B. False.
10. According to the article, “Best defense is a good offense,”
5. According to the article, “Dusting your data for fraud’s like most things in FRM, a one-size-fits-all model for pro-
fingerprints”: moting fraud awareness doesn’t exist.
A. Fraudsters tend to steal in dissimilar ways. A. True.
B. All of the fraud types considered in the article are B. False.
financial statement frauds.
C. One of the six common number patterns considered is
“Odd and even numbers.”
D. Rapidly rising numbers refer to transaction totals that
increase at an abnormally high rate over time.
DO NOT SUBMIT THIS FORM. Log in to your My Transactions page after purchasing the Fraud Magazine Quiz
! set to submit your answers or record your answers on the answer sheet and submit online when you are ready.
72 FRAUD MAGAZINE MAY/JUNE 2019 FRAUD-MAGAZINE.COM

CPE QUIZ
PREDICATION, CONTINUED FROM PG. 45
the investigation is complete. He agrees with Kessler

The Fraud Magazine CPE Quiz has moved to an online self-
that the private sector can have more objectives than
study format, making it easier for CFEs to earn 10 ACFE
just prosecution.
(non-NASBA) CPE. CFEs can earn 10 CPE by taking quizzes
Predication to establish truth online after reading featured articles in Fraud Magazine.
The CFEs agree that they must establish predication
or strong suspicion of fraud and justification for their
actions. But, above all, as Njiru says, they don’t solely Visit ACFE.com/FMQuiz and follow the steps below:
conduct fraud examinations just to confirm existence
of fraud but to establish the truth. “Demonstrating
1. Select the Online Fraud Magazine CPE Quizzes by year
facts as a fraud examiner, whether fraud exists or
not, is critical in addressing various parties’ concerns,
from the dropdown*.
saving organizations from reputational damage and
creating high-performing teams,” he says. n FM 2. Click the “Add to Cart” button and complete the
checkout process.
Dick Carozza, CFE, is editor-in-chief of Fraud
3. Read featured articles in Fraud Magazine that corre-
Magazine. Contact him at dcarozza@AFCE.com.
spond to the year of the quiz set you purchased.
NIGRINI, CONTINUED FROM PG. 71 4. Access your quiz set by logging into your ACFE.com
count) between the observed (actual) and those ex- account, clicking on the “My Transactions” tab and
pected (advocated by principle of Benford’s Law) and clicking on the quiz set you purchased.
correspondingly worked out the degrees of freedom
at 1% and 5% level of statistical significance for the 5. Pass 5 of 6 quizzes with a score of 70% or higher and
acceptance or otherwise of the null hypothesis,” Pillai receive your CPE certificate instantly via email.
says. “I contend there is no real difference between
count and frequencies. So long as the percentages
total to 100, mathematically, it should not matter. It is For more information, please review the “CPE Info”
bound to give the same eventual results.” See Pillai’s
and “FAQs” tabs or contact a representative:
further Excel chi-square test calculations in response
to Nigrini’s contentions in the online version of this MemberServices@ACFE.com
article at Fraud-Magazine.com. n FM
(800) 245-3321 / +1 (512) 478-9000
Secure online chat service
PACIFIC NW, CONTINUED FROM PG. 71
Dervaes said. “I have always known that the future of

the ACFE rested with future generations of university
students who pursue fraud studies. And, that is why
supporting student scholarship programs would be- *Quizzes will be added to the current year’s set as issues of Fraud Magazine are published.
CPE can only be obtained from the current year’s quizzes after the fifth quiz is made available
come an important part of my professional life. While in September.
on the chapter board, I was pleased to lead the effort
Please Note: The Fraud Magazine CPE Service CPE credits apply only to the CFE status and
to launch our scholarship program for students who
not to any other professional designations. Fraud Magazine CPE is not registered with the
were studying fraud examination at universities in National Association of State Board of Accountancy (NASBA).
Washington state.”
The ACFE collects and stores your personal data in the U.S. to provide member services and
Dervaes retired in 2006 after 42½ years of fed- fulfill transactions requested by you. For a full explanation of your rights regarding how we
eral, state and local government audit service. At his store and use your data, visit ACFE.com/privacy-policy.aspx.
retirement, he was the audit manager for special in-
vestigations at the Washington State Auditor’s Office
where he was responsible for managing the agency’s
fraud program. n FM
BOOKS AND MANUALS
Build your anti-fraud library with books and manuals written by
anti-fraud experts. Visit ACFE.com/books.
FRAUD EXAMINERS MANUAL

Your Essential Resource as an Anti-Fraud Professional. The Fraud Examiners
Manual is the definitive body of knowledge for the anti-fraud profession, providing
comprehensive guidance for anti-fraud professionals that no other work can match.
The Fraud Examiners Manual is now available online. With online access,
the Fraud Examiners Manual is more accessible and useful than ever.
Benefits of Online Access Include:
• Real-Time, Ongoing Content Updates — Access the most up-to-date
anti-fraud information available.
• Exclusive Supplemental Information — Access an expanding collection of country- and region-specific information.
• Optimized for Multiple Devices — Access the Fraud Examiners Manual on all your internet-connected devices.
The Fraud Examiners Manual:

• Describes hundreds of fraud schemes
• Reviews legal principles involved with prosecuting fraudsters
• Provides tools and techniques for gathering information and evidence when investigating fraud
• Explores why people commit fraud and what can be done to prevent it
• Contains a sample fraud examination report, a fraud examination checklist, and sample engagement and advisory letters
$ 119.20 - $ 239.20
$149-$299 Non-Members
NEW!
Fraud Risk Management Guide Crisis of Conscience: Cybercrime Investigators
Research commissioned by the Committee of Whistleblowing in an Age of Fraud Handbook
Sponsoring Organizations of the Treadway Com- By Tom Mueller By Graeme Edwards
mission (COSO) and Co-Sponsored by the ACFE Hardcover, 608 pages Paperback, 160 pages
Paperback, 130 pages In this book by 2020 ACFE Global Fraud Con- In this book, you will learn how to locate, lawfully
The Fraud Risk Management Guide details ference keynote speaker Tom Mueller, you will seize, preserve, examine, interpret and manage
how to create a comprehensive fraud risk learn about the rise of whistleblowing through the technical evidence that is vital for effective
management program for your organization that a series of riveting cases from the worlds of cybercrime investigation from the perspective of
establishes a visible and rigorous fraud gover- health care and other businesses, Wall Street a field practitioner.
/$65 Non-Members
nance process, creates a transparent and sound and Washington.
anti-fraud culture and more.
$ 20. 00 /$25 Non-Members $ 52.00
$ 59.20 /$74 Non-Members
ACFE.com/books
SELF-STUDY COURSES
Expand your anti-fraud knowledge with our comprehensive,
NASBA-compliant self-study CPE courses. Visit ACFE.com/selfstudy.
WORKBOOK SELF-STUDY Anti-fraud training in digital or print editions
BEST SELLER!
Fighting Fraud in the Inside the Fraudster’s Making Crime Pay: How to
Government Mind Locate Hidden Assets
Government entities fall victim In this course, you will gain insight to In this course, you will learn how to
to every conceivable kind of the fraudster’s mind, exploring psy- locate hidden assets and how to
scheme, and everyone pays, chological information that is key to identify and trace hidden payments
directly or indirectly. This course the successful development of a fraud and sources of income. You will
focuses on strategies to prevent, prevention and detection program. hear from fraudsters about how
CPE CPE CPE
detect and investigate govern- to hide assets and from anti-fraud
20 8 20
ment fraud schemes. $ 151. 20 experts on how to find them.
$ 199. 20 $189 Non-Members

$ 199.20
$249 Non-Members $249 Non-Members
ONLINE SELF-STUDY Get immediate, 24/7 access to premier anti-fraud training
CPE CPE CPE

2 2 2
NEW! NEW! NEW!

Fraud in Higher Education Social Engineering Shell Companies
In this course, you will learn how higher educa- In this course, you will learn about how and why In this course, you will learn how shell companies
tion institutions in the United States operate, how social engineering scams work, from the psycho- work, how they are used to commit fraud and how to
those operations can be manipulated by people logical aspects to the nuts and bolts of common investigate shell companies.
to defraud those institutions and how technology methods and schemes.
affects fraud in higher education.
$ 71.20 /$89 Non-Members $ 71.20 /$89 Non-Members
$ 71. 20 /$89 Non-Members
NANO LEARNING 10-minute explorations of anti-fraud topics
CPE CPE CPE

0.2 0.2 0.2
NEW! NEW! NEW!

COVID-19 and Business Email COVID-19 and Investment COVID-19 and Consumer Fraud
Compromise Schemes Schemes
In this course, you will learn how to identify In this course, you will learn about investment This course will address some of the COVID-19
COVID-19 business email compromise schemes fraud schemes that fraudsters will likely pursue to consumer fraud schemes that have been report-
and methods to prevent them from succeeding. exploit global concern, misinformation, product ed and provide you with guidance to help pre-
shortages and more for personal gain. vent yourself and others from becoming victims.
$ 8.80 /$11 Non-Members $ 8.80 /$11 Non-Members $ 8.80 /$11 Non-Members
= This course fulfills the annual ethics CPE requirement for CFEs. For more information on ACFE self-study courses including refund and ordering policies,
fields of study, learning objectives and course levels visit ACFE.com/selfstudy.

Fraud'S Ingerprints: Dusting Data

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Fraud'S Ingerprints: Dusting Data

Uploaded by

Copyright:

Available Formats

prevent procurement fraudulent T&E reports, firing your emotional discerning predication best defense?

‘leakages’ P. 12 ethical lapses P. 20 intelligence P. 26 to examine P. 40 a good offense P. 46

VOL. 35 | NO. 6 | NOVEMBER/DECEMBER 2020

Are you prepared for what’s next?

Number-pattern tests, like

Benford’s, are still valuable FM

W e’ve all been there in a fraud examination.

FRAUD-MAGAZINE.COM NOVEMBER/DECEMBER 2020 FRAUD MAGAZINE 3

Fraudsters tend to steal in similar ways.

20 Fraudulent t&E ReportS 26 Emotional Intelligence 40 Predication

Fraudulent T&E reports can Predication or not? Discerning when

4 FRAUD MAGAZINE NOVEMBER/DECEMBER 2020 FRAUD-MAGAZINE.COM

COLUMNS AND DEPARTMENTS Legal Editor Ron Cresswell, J.D., CFE

interviewees 2020-2021 Board of Regents

Fraud Magazine (ISSN 1553-6645) is published bimonthly

Postmaster — Please send address changes to:

FRAUD-MAGAZINE.COM NOVEMBER/DECEMBER 2020 FRAUD MAGAZINE 5

Defense contractor Singapore charges businessman

6 FRAUD MAGAZINE JULY/AUGUST 2019 FRAUD-MAGAZINE.COM

One-day and multi-day course topics include Bribery and Corruption,

CONVENIENT DYNAMIC NASBA COMPLIANT

On-Site CFE Exam virtual formats

Bring the ACFE’s premier anti-fraud training to your organization.

Doctoring the books

8 FRAUD MAGAZINE NOVEMBER/DECEMBER 2020 FRAUD-MAGAZINE.COM

FRAUD-MAGAZINE.COM NOVEMBER/DECEMBER 2020 FRAUD MAGAZINE 9

nephew to follow in his footsteps and

Helping you manage robust anti-fraud or anti-bribery programs from

Ready to focus with HighBond?

See how FraudBond can work for you: wegalvanize.com/fraud-risk-management/

Prevent procurement ‘leakages’

C hief financial officers (CFO) are

12 FRAUD MAGAZINE NOVEMBER/DECEMBER 2020 FRAUD-MAGAZINE.COM

Source Determination Vendor Selection

Buying Procurement an employee normally commits this fraud.

Requirements buying definition Invoice verification

FRAUD-MAGAZINE.COM NOVEMBER/DECEMBER 2020 FRAUD MAGAZINE 13

14 FRAUD MAGAZINE NOVEMBER/DECEMBER 2020 FRAUD-MAGAZINE.COM

Business Email Compromise (BEC)

Define Detect Defend

IRS telephone scams,

H as this happened to you? A

16 FRAUD MAGAZINE NOVEMBER/DECEMBER 2020 FRAUD-MAGAZINE.COM

FRAUD-MAGAZINE.COM NOVEMBER/DECEMBER 2020 FRAUD MAGAZINE 17

18 FRAUD MAGAZINE NOVEMBER/DECEMBER 2020 FRAUD-MAGAZINE.COM

BY Matt Molchany, CFE

FRAUD-MAGAZINE.COM NOVEMBER/DECEMBER 2020 FRAUD MAGAZINE 21

Some companies don’t want

22 FRAUD MAGAZINE NOVEMBER/DECEMBER 2020 FRAUD-MAGAZINE.COM

FRAUD-MAGAZINE.COM NOVEMBER/DECEMBER 2020 FRAUD MAGAZINE 23

INTERVIEW OF EMPLOYEE The steps you and the company

24 FRAUD MAGAZINE NOVEMBER/DECEMBER 2020 FRAUD-MAGAZINE.COM

Includes a two-year subscription to the

1,400+ STUDY QUESTIONS PRACTICE EXAMS FRAUD EXAMINERS MANUAL

Visit ACFE.com/CFEPrep to learn more.

As a child, teenager, young woman, parent and now manager, I’ve

FRAUD-MAGAZINE.COM NOVEMBER/DECEMBER 2020 FRAUD MAGAZINE 27

28 FRAUD MAGAZINE NOVEMBER/DECEMBER 2020 FRAUD-MAGAZINE.COM

“the ability to identify

and manage one’s own

FRAUD-MAGAZINE.COM NOVEMBER/DECEMBER 2020 FRAUD MAGAZINE 29

HERE ARE THE THREE HABITS, AS DESCRIBED IN HELGESEN

SHARE SUCCESSES AND BUILD RELATIONSHIPS AND