This week is International Fraud Awareness Week, November 14-20. In observance of this event, we hope that you take some time to reflect on ways to be proactive in f...
This week is International Fraud Awareness Week, November 14-20. In observance of this event, we hope that you take some time to reflect on ways to be proactive in fraud prevention. Thank you to the CLA Valuation, Forensics, Litigation, and Investigations team out of Boston, MA for providing this fraud case study. We look forward to hearing from you in the comments about your experience with fraud and lessons you’ve learned about fraud prevention.
Construction Case Study: Misplaced Trust
(The following circumstances are based upon a real life case study. Names were changed for confidentiality purposes.)
By: Frank Rudewicz, Principal, Luke Stahelski, Manager, SAS Valuation, Forensics, Litigation, Investigations (“VFLI”), Construction Industry
Jane Dosh was the comptroller and a trusted employee at Smith Construction Co. (SmithCo), a small and close-knit construction services firm, in business for almost 15 years. She has been employed with SmithCo for most of those 15 years. As the current comptroller, she managed many aspects of SmithCo’s financials—such as paying bills, managing payroll, and purchasing supplies for the company and clients—with oversight from Robert Smith, the company’s co-founder. Smith was responsible for monitoring the company’s finances.
When he passed away in 2018, his financial responsibilities were added to Dosh’s workload, which meant she handled every aspect of the company’s finances with no oversight. She continued in that role for the next few years until she unexpectedly resigned. Shortly thereafter, SmithCo identified several unsupported and unexplained transactions. A search of the company file room for the records proved unsuccessful.
SmithCo management agreed to a forensic review. It was found that Dosh had access to another employee’s company credit card’s information and used it over the span of several years for purchases unrelated to SmithCo. She also forged the signature of the second company co-founder on multiple fraudulent checks to purchase personal goods and services, including payments to family-owned businesses. The Forensic reviews went through years of company financial documents to find that she had embezzled more than $4 million from the company in just five years.
As a result, SmithCo implemented several policies and procedures to prevent the company from getting defrauded again, including:
Disbursing cash only after appropriate management authorization and only with dual approvals over certain threshold amounts to determine company funds were being spent for approved business purposes.
Reviewing all cash receipts and disbursements as part of a monthly bank reconciliation.
Separating financial duties so no one person would handle all of the responsibilities.
Backing up all financial transaction source documents to multiple locations so the documents would not be lost if any one location was compromised.
Developing a risk assessment process to allow management to review, assess, and identify weaknesses in the internal controls and point out areas of high risk concerning fraud.
Lessons Learned
No company is immune to fraud. Management needs to help the organization prevent fraud risks. Small companies that are reluctant to invest the money to provide more internal audit oversight should consider the return on investment in comparison to a $4 million embezzlement. No matter how small, it is imperative for companies to set up internal policies and procedures that separate duties, promote accurate documentation, and systematically evaluate and counter all potential risks.
Management should perform a fraud risk assessment to help leadership in small companies understand the extent of their vulnerability to fraud. Significant procedural or segregation of duties gaps can be identified during the process without requiring substantial investment in audit resources. Many of the control weaknesses in this case would have been uncovered during the assessment process.
Management should include a fraud risk assessment as a standard for their work plans. It applies to every company and is the most compelling method of educating management about fraud vulnerabilities. The act of communicating this tool throughout management is sometimes enough to prevent fraud.
Management needs to know when to involve a forensic investigator. Forensic professionals can provide different tools, such as recovering erased hard drives and surveillance, and preserve the chain of evidence in a fraud case.
Want to learn more? Complete the form below and we'll be in touch. If you are unable to see the form below, please complete your submission here.Contact us