Clark Keeler, Director of Forensic Investigations, Corporate Governance, and Risk Management Practices, is a financial executive with broad experience in leading both finance and operations teams. He has proven his leadership capabilities in directing complex projects in diverse industries and organizational environments. His expertise is focused on identifying, mitigating and managing organizational and fraud risk, while improving existing infrastructure, systems and internal controls. He is a skilled strategist with a long track record of successfully helping clients assess risk, identify and implement cost and process improvements, and create new business opportunities.



Mr. Keeler’s practice emphasizes risk management through the integration of fraud prevention, strong internal controls with process improvements or design, and the optimization of internal financial systems.































Pages

Wednesday, August 25, 2010

Addressing Accounts Payable Fraud

According to the“2010 Report to the Nations” by the Association of Certified Fraud Examiners, the most common asset fraud involves purchasing and vendor billing schemes. These frauds make up more than a quarter of all reported occurrences. By the time these schemes are uncovered they have, on average, been operating for two years and resulted in losses exceeding $125,000….regardless of the size or type of organization!

What are the first corrective actions that most organizations do after discovering fraud? They strengthen their internal controls. Why? Because internal controls are the processes management relies on to provide them assurance that their business objectives are being achieved. In the case of fraud, they are the processes that management implements to ensure that fraudulent activities are either prevented, or detected in a timely manner.

In order for fraud to occur, the perpetrator has to perceive a need, and have a justification, for the fraud. More critically, the perpetrator needs to have the opportunity to commit the fraud. Accounts payable fraud is usually a crime committed by an employee or an employee working with a vendor. After all, he or she knows how the company functions. Opportunity comes when no one is watching. An employee has the time and knowledge to figure out where that lack of attention exists.

If you want to address the risk of fraud, where should you start?

You will want to start by identifying the processes in which individuals handle multiple aspects of a job themselves, then break them apart.

An Example of Asset Fraud

For instance, let’s say your warehouse manager negotiates agreements with your vendors. Once that’s done he sets up the vendor accounts in the computer so you can receive their invoices and pay them. Eventually he orders inventory items from them, receives the goods when they arrive, and approves the invoices for payment. Your accounting department prints the check, matches the invoice to it, and you sign the check.

When you sign the check, you could either question who the vendor is, or what the order was for….or you could trust the invoice since it has been properly received and approved. The key word is trust. In this situation you are relying solely on the word and actions of the manager. You are trusting that the vendor he set-up actually exists and provides products to the company. You are also trusting that the goods were, in fact, received by the company and that the pricing was appropriate. No controls have been implemented that would verify the accuracy of any of the actions above. If the manager knows this, he could set up a fictitious company in the computer, falsify invoices and receiving reports and approve the bogus invoices for payment. If the vendor and the materials ordered appeared reasonable to the check signer, the transactions are unlikely to be questioned.

When you identify situations like this, you want to provide yourself with some sort of oversight. Depending on the resources available to you and your assessment of the likelihood and magnitude of the potential risk, there are different methods of internal controls you can exercise. You can insert other individuals in the process (segregation of duties), or have someone independently evaluate the warehouse manager’s activities (a management review). Segregation of duties puts a second individual in the position of routinely reviewing the actions of the other, and therefore provides an ongoing and timely control. It takes more people, but it is the strongest anti-fraud control. Management review, on the other hand, is always done after the fact, so it may not catch a problem in as timely a fashion. However, when you have a limited number of people available, it may be the best monitoring control you have.

In our example above, if the manager makes arrangements with the vendor and order materials, you would ideally like to have another individual set up the vendor information in your computers, and verify that the vendor really exists and that the billing addresses, phone number and tax identification numbers are accurate. You’d also like someone, other than the individual who made the order, to receive the materials when they arrive. That way, when you receive the vendor’s invoice, you can verify with certainty that you have actually received what you are paying for. Finally, it would be good to have another individual, unrelated to the other activities, approve the invoices for payment.

If you cannot separate all the processes above, separate as many as you can. When segregation of duties is not possible or cost effective, establish a means of reviewing the transactions. If the warehouse manager is allowed to set up vendors, do a periodic review of all new vendors and their billing addresses to make sure you know who these vendors are and what you are buying from them.
If you have to let the manager receive materials, design analytical tests on inventory or job costs to insure that the materials were received into inventory or used on projects, and that the quantities and prices make sense. You might notice that you’re buying more than you need, paying more than you should, or be paying for products that weren’t delivered. If the manager is the vendor, or is working with the vendor, all of those things might occur. Don’t assume, verify.

The point is, when individuals know that others are observing their actions, they know their opportunities will be limited and, in many cases, they will be completely deterred. But, never assume that you can prevent fraud. If truly motivated, the fraudster will find an opportunity to exploit. Instead, you should devise ways to detect those actions in a timely fashion, and be able to react quickly. That requires oversight, review and verification.

A Quick Check-Up: Things You Can Do

Where are you likely to see fraud in accounts payable?
· Vendor with similar but different names (UPS Company, instead of UPS, Inc.), and shell companies that provide a front for the employee’s actual activities.
· Company addresses that are PO Boxes or that match employee addresses.
· Falsified purchase requisitions, and receiving documents.
· Overpricing on items shipped, and overbilling for unshipped items.
· Received items being diverted after receipt.
· Items shipped to alternative locations.
· Charges for unexplained and unauthorized (personal) items.
· Forged, altered or diverted checks.

What are some red flags?
· Can purchases be made without requisitions, or before requisitions are approved?
· Are purchasing, accounting, and shipping/receiving independent of each other?
· Does the company have an approved vendor list for the main products you purchase?
· Are receiving reports furnished to both accounting and purchasing, and kept on file in receiving?
· Is a log maintained of all receipts?
· Are procedures adequate for verifying receipt and rebilling of drop shipped items?
· Are records of goods returned to vendors matched to vendor credit memos?
· Are receipts under blanket PO’s monitored? Are quantities > authorized returned to vendor?
· Are procedures adequate for the proper accounting for partial and backordered deliveries?
· Are three way matches completed prior to payment?
· Are invoices verified as to price, extension, footing, freight, allowances and credit terms?
· Are purchases recorded in computer systems prior to payment?
· Are accounts reconciled timely?

What can you do?
· Document and adhere to procedures for PO’s invoicing and payments.
· Review additions to the AP vendor master file and periodically review AP Vendor list for strange vendors and addresses.
· Review payment codings for abnormal descriptions.
· Analyze vendor purchases for abnormal levels on both a monthly and yearly basis.
· Compare and analyze purchases and inventory levels.
· Implement system controls for identifying duplicate invoice and PO #’s.
· Establish segregation of duties among authorization, purchasing, receiving, accounting and shipping.
· Review shipping and receiving documents for completeness and accuracy.
· Review and compare payments, receiving documents and purchase orders.
· Scrutinize JE’s to inventory accounts.
· Conduct spot audits.
· Maintain purchase trails on assets.
· Review bank statements for out of place vendors and endorsements.
· Review credit card statements for irregularities.
· Verify validity of invoices that have remittance to PO Boxes.
· Install proper controls for the receipt and handling of return-to-sender checks.

Wherever there is money to be made, there is the risk of fraud. Individuals have been committing these acts for as long as records have been kept. So, although you cannot prevent the occurrence of fraud, you can reduce its risk and impact by implementing fraud controls.

Remember, every fraud programs starts with management oversight. If you aren’t paying attention, the fraudster knows, and will take advantage of the opportunity. If you are, the fraudster knows that, too, and will be more cautious, and maybe even deterred completely. Hope is not a strategy. If you want to protect yourself, you have to take action.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)