Fraud Examination

Fraud Examination


1)    You have just taken over as a branch bank manager of a large, regional bank and are getting to know your employees.  One of your credit managers has a reputation as a very hard worker.  He lives close to the branch and frequently works late into the evening.  He also hasn’t taken any vacations in three years in spite of the bank policy that all employees take a least a week’s vacation every year.  He also has a reputation for being conservative and demanding of loan applicants.  That is, he usually asks tough questions of applicants before he approves their applications.  You have met with him a couple times and he impresses you as being very hard working and dedicated to his job and the bank.
A credit manager has one main function, which is to review credit applications and approve or disapprove them.  Bank policy states that credit managers can approve loans up to $10,000 by themselves, but you, as branch manager, need to approve larger loans in addition to the credit manager.  However, the bank also has policies that set constraints on the credit manager.  For example, it requires that all credit managers run a credit check on the applicant and disapprove any application from someone whose credit score falls below a certain threshold.  The credit manager is required to document each application and the approval process to insure that they have followed all the bank’s policies in approving the loan.
Several years back, you completed your masters degree in accounting and finance from UMUC and took a course in fraud examination.  Thus, you are a little concerned about this credit manager’s behavior and want to do some follow-up research to determine if some of his behavior is signaling the possibility of fraud.  You don’t want to confront him yet because his behavior also could be that of a dedicated, hard-working employee and you don’t want to raise any suspicions until you have some evidence.
a)    Describe two fraud schemes that this examiner might be engaged in given your observations of his behavior and his job description.  Provide enough details so that you are clear about how he could benefit from the scheme.  To meet this requirement you need to cover all three elements of the Fraud Element Triangle.
Fraud Scheme 1 –

Fraud Scheme 2 –

b)    For each of your two schemes, describe two distinct sources of evidence you could gather to determine if he is committing the fraud you described.  Don’t duplicate sources for the two schemes even though some sources might help in the investigation of both of them.  Thus, you will need four distinct sources of information to answer this part of the question.  Provide enough detail so I can determine if the evidence you would gather would differentiate between a fraud and non-fraud explanation.
Fraud Scheme 1 –

Fraud Scheme 2 –

c)    Assuming that you did not find any direct evidence of fraud, should you take any action in this case?  If not, why not.  If so, what would you do and why?

2)    You recently took over as the warehouse worker for a large Walmart store.  You are not happy with the job because you felt you were qualified to be a supervisor.  You want to rip off the store to get even and to give you some extra cash to buy a new car you have been wanting for a while.  However, to conceal your thefts you will need to help of the store bookkeeper.  The bookkeeper reconciles receiving paperwork to include purchase orders, receiving reports, and shipping documents with invoices and oversees the maintenance of the store’s perpetual inventory system.  The store periodically compares the perpetual inventory to the physical inventory.  The bookkeeper reports directly to the store manager while you report to the assistant management in charge of the warehouse.
Review each of the five sources of power from the text and the six methods of persuasion covered in the article you reviewed and discuss whether or not each of these possible tools to influence the bookkeeper might be useful to you.  If you don’t think they would be useful, explain why.  If you think they would be useful, explain how you would use them.  Clearly label each tool so you are clear which one you are covering.

3)    Frauds can be perpetrated in a rich variety of ways.  Some frauds may involve a few, large transactions (i.e., infrequent or a needle in a haystack) and other may involve many small transactions over time (i.e., ongoing).  Thus, there isn’t one best analytical tool for detecting fraud.  For each of the following analytical techniques, discuss which basic type of fraud, infrequent or ongoing) that technique it would do the best job of detecting and explain why.
a)    Benford’s law

b)    Outlier Analysis

c)    Financial statement analysis to include vertical and horizontal analysis of financial statement line items and ratios.

4)    Review the following case and then fill out the Vulnerability Chart on the page following the case.
You have just been hired into a new internal audit department for an internet startup firm, ABC Inc., that was growing rapidly and was trying to develop a stronger control environment.  One of the largest problems for ABC, Inc. was developing the technological systems necessary to support a rapidly expanding user base.  Furthermore, due to the rapid expansion in recent years, many of its systems had been added hastily, resulting in poor integration and eroding data integrity.  As a result, the CEO of ABC, Inc. announced an initiative to integrate all systems and increase the quality of internal data.

In compliance with this initiative, ABC, Inc. purchased an expensive and complex billing system called Billme, which would automate the billing for thousands of Internet accounts via credit cards.  During the integration, Billme, in collaboration with Discover, created a phony credit card number that could be used by developers and programmers to test the functionality and integration of the Billme system.  Moreover, this credit card number was fully functional in “live” environments so testers and developers could ensure functionality without being required to use actual personal or company credit card numbers.  The card number could be used to make purchases outside the testing environment and a monthly bill would be sent to ABC’s accounts payable department.  Because the card could be used outside the testing environment, ABC, Inc. established testing protocols that covered when the card number was used for testing.  Test transactions were all to be for $1 exactly and were to be reversed as soon as the test results were confirmed.  Because of these limited use protocols, the activity on the card was not monitored by anyone outside the testing team.

While the implementation of Billme went relatively smoothly, the data integration and implementation needed to make the new system operational did corrupt the data for several on ABC, Inc. customer accounts.  Jamie, the manager of the Operations Department, was responsible for the resolution of all data integrity issues.  His team was tasked with fixing all corrupt accounts created by the launch and integration of the Billme system.  As a result, Jamie was given the phony credit card number, which was kept on a Post-it Note in his drawer.

One of the top performers on the Operations team was a 29-year-old named Sylvia.  Sylvia had worked in Operations for over a year and was making $15 per hour, the same salary at which she was hired.  She was introverted and hardworking.  She also was a single mom trying to support her two kids and put herself through school.  Sylvia was the most technologically savvy individual on the team, and her overall systems knowledge even exceeded that of her manager, Jamie.  Sylvia was very brilliant in creating more efficient tools and methods to repair corrupted accounts.  Therefore, Sylvia was tasked with conducting training for new employees and updating team members on new processes and tools that she had created.  As a result, Sylvia quickly became a trusted and valuable team member; thus, Jamie gave her and other team members the phony credit card number to increase the productivity of the team.

However, after six months of working at ABC, Inc., Sylvia received an official reprimand from the company for using the company system for personal use.  Some of the websites she accessed on company time contained pirated materials and were being investigated by the FBI.  However, the FBI cleared her of being a party to the piracy and she was quietly warned and placed on a short-term probation.  Jamie was asked to write a warning letter for the action; however, after a brief conversation with Sylvia, Jamie determined that Sylvia’s intentions were good and never officially submitted the letter because Sylvia was a trusted employee and elevated the overall performance of the team.

A few months after the piracy incident, Jamie noticed some changes in Sylvia’s behavior.  She had repositioned her computer monitor so that the screen was not visible to other coworkers.  She also seemed to have acquired some expensive technological tools like the latest smart phone and a new personal laptop that she occasionally brought to work.  She started going out to lunch instead of “brown bagging” it in the cafeteria.  Finally, when running tests, she started using a variety of fake user names and passwords instead of her own.

These changes in Sylvia’s behavior were reported to you over time from various employees in an informal manner.  You decided to try to get your “brain around” her situation by filling out a fraud vulnerability matrix to pull the various pieces of information together in one place.

Requirement – Determine one possible fraud that Sylvia might be perpetrating and fill in the following fraud vulnerability matrix for that fraud.

What could be taken?    Who might have the opportunity?    How could the assets moved?    How could the theft concealed?    How could the assets be converted?    Possible Red flag symptoms?    Possible Pressures    Possible Rationalizations    Internal controls that might prevent fraud

5)    You are an internal auditor for a dental insurance company.  The firm processes claims for dental services from dentists’ offices; determines their validity; and approves or disapproves the claims.  You have received a tip from one of the dentists that your company regularly does business with that some dentists may be submitting fraudulent claims to your firm.  You decided to review claims activity and had your IT department prepare the Dental Data.xlsx data file for you to review, which is attached to this assignment in LEO.  It contains three worksheets.  The Patient worksheet lists patients unique IDs and their addresses.  The Dentists worksheet lists the dental offices that have filed claims and their address.  The Dental Claims worksheet lists all the dental claims your firm approved for a three-month period in 2008.
You need to review the data in the file and see if you can detect any fraud symptoms.  I don’t expect you to be Excel experts and so limit your search to things that you can accomplish by merely sorting the data in the various worksheets in various ways.  However, if you have access to more powerful software like ACL, feel free to use it.

To help you in the task, here is a description of basic features of a typical dental office.

•    Dental offices must have a physical presence to treat patients.  Thus, a real dental office will always have a street address.
•    Each dentist office sequentially numbers their own claim forms.  However, dentist deal with a variety of insurance companies.  Thus, the claim numbers from a given dentist to one insurance company should not be sequential unless that dentist office only bills one insurance company, which is unusual.
•    There is a natural limit to how much dental work is normally done on a single patient within a three-month period.  Because of the discomfort involved with dental work, patients normally spread how multiple procedures over time.  Also, dentists spread the procedures out over time so that the patient can recover from one procedure before they start the next.  For example, a dentist would not fill two teeth on opposites of the mouth at the same time so that the patient can chew food on one side while the other recovers.  While multiple procedures can be done at once, the number is still limited.  Generally, very few patients would have more than a dozen dental procedures done in a three-month period.
•    Patients tend to use dental offices near their home.  I don’t want you to try to do a detailed analysis of the patient and dentists’ addresses because that would be too labor intensive, but you can scan the files for out-of-state patients.
Required – List any fraud symptoms your find and explain why they are a fraud symptom.  However, these are just symptoms and not evidence.  Therefore, I also want you to discuss how strong a symptom you think each one is and discuss non-fraud alternative explanation for the patterns you spot.  If you believe the symptom is so extreme that there couldn’t be a legitimate alternative explanation, explain this as well.

6)    How might you use Benford analysis in the case described in question 5 to search of possible fraud symptoms.  Your answer should be specific to the case and discuss things like which fields in the data you would use for your analysis and why.  In addition, it should discuss any potential shortcomings of using Benford analysis on that field in this case.