Transcript
Audit | Tax | Advisory | Financial Advice
False Invoices – Would you detect them? An Internal Auditor’s perspective
18 June 2014
Audit | Tax | Advisory | Financial Advice
Agenda: 1. Our current environment – increased risk of fraud?
2. Key types of procurement fraud
3. Case study 1: The “Tahitian Prince”
4. Warning signs for false invoices
5. Case study 2: The “Sugar Daddy”
6. Demonstration of falsifying invoices using freely available tools
7. Case study 3: Try your luck…
8. Controls to address fraud risk
9. Data analytics
Audit | Tax | Advisory | Financial Advice
Our current environment – increased risk of fraud? • Tightening economy and ‘Strong Choices’;
• High levels of redundancies and reduced employment security;
• Loss of promotion and new job opportunities creating financial pressures on
personnel;
• Departmental restructure leading to process breakdowns / oversights.
• Additional work pressures on those who remain, resulting in breakdowns in
checks and balances;
• ‘Non-essential’ departments (i.e. Internal Audit, Risk, Quality) are being
scaled back.
Audit | Tax | Advisory | Financial Advice
Key Types of Procurement Fraud
• Manipulation of the vendor master file;
• Cheque forgery;
• Collusion with suppliers;
• Conflicts of interest;
• Vendor kickbacks / bribery;
• Bid rigging; and
• False invoices.
Audit | Tax | Advisory | Financial Advice
Examples of common Invoice Fraud
• Membership Dues – An invoice is received for yearly dues from a phony business
association.
• Directory Listings – A bill is received for an ‘Internet Directory’ listing that wasn’t
needed or ordered.
• Office Supplies – Either the products were never delivered and the invoice is totally
false or unordered products were received and have been invoiced at exorbitant rates.
• Other Products and Services – Charges are received for repairs, labour or other
goods and services that were never provided.
Audit | Tax | Advisory | Financial Advice
Case study 1: The ‘Tahitian Prince’
“There appears to have been a loss of focus across the public sector on
maintaining basic financial controls with the number of agencies failing to
maintain these controls increasing.”
“Poor controls over vendor information can potentially expose departments to
significant losses if there is fraudulent manipulation of this information.”
Taken from the Criminal Misconduct Commission report to Parliament
Audit | Tax | Advisory | Financial Advice
Case study 1: The ‘Tahitian Prince’ • Had a history of fraudulent activity that was not detected through background checks;
• Used manual general purpose vouchers as they had lower levels of scrutiny (i.e.
bypassed the purchase requisition process);
• Used an elaborate cover story, gifts, friendly personality and seniority to cover erratic
attendance record and bypass appropriate review processes;
• Created multiple false vendors using forged documents;
“…it could easily have been found out and stopped…”
• Significant organisational changes (restructure) resulted in oversight of the cost centre
being controlled by the fraudster;
• 28 payments were for the value $137,592.40 to the same vendor; and
• Post balance adjustment to cover up $2.7M overspend on a $406K budget.
Audit | Tax | Advisory | Financial Advice
Warning Signs for False Invoices General signs:
• Weak controls over the review and payment of invoices;
• Discrepancies between contract or purchase order, receiving documents and
invoices;
• Discrepancies between contractor’s billings and supporting documents;
• Invoices in round dollar values;
• Total payments exceed approved contract value or purchase order value;
Audit | Tax | Advisory | Financial Advice
Warning Signs for False Invoices False invoice signs:
• No receiving report for goods or services;
• Invoiced goods or services can not be located or accounted for; and
• No purchase order for invoiced goods or services.
Inflated invoice signs:
• Invoice prices, quantities, item descriptions or terms exceed or do not match:
• Contract or purchase order terms;
• Receiving orders;
• Inventory usage records; and
• Discrepancies between invoice amounts and supporting documents.
Audit | Tax | Advisory | Financial Advice
Warning Signs for False Invoices Duplicate invoice signs:
• Multiple payments in the same time period;
• In the same or similar amount to the same or related vendors;
• On the same invoice or purchase order; and
• For the same or similar goods or services.
• Multiple invoices with the same:
• Description of the goods or services;
• Amount;
• Invoice number;
• Purchase order number; or
• Date.
Audit | Tax | Advisory | Financial Advice
Case study 2: The ‘Sugar Daddy’
“A psychologist hired by Leighton Contractors told O’Carrigan’s wife the fraud
had started with dissatisfaction at work. He believed that he had been
overworked and overlooked and resented the salaries of younger staff with less
experience.
“Once having experienced the lifestyle that accompanied the fraud it became
like an addiction”
Audit | Tax | Advisory | Financial Advice
Case study 2: The ‘Sugar Daddy’ • Created a company, of which he was a Director;
• Was able to approve and establish the company as a vendor without
segregation of duties;
• Created 308 false invoices from the company ranging from $10,000 to
$205,000 and totalling $20.7M. He was able to approve and process the
transactions himself;
• Directed a portion of project revenue into a corporate account which he used
to fund the fraud; and
• He was on a salary of about $200,000 and had worked for the company for
30 years when arrested in November.
Audit | Tax | Advisory | Financial Advice
Demonstration of falsifying invoices using freely available tools. • Free software tools are readily available and make invoice preparation simple
with a professional finish
• Editing of vendor invoices, approval documents and employment documents
is simple with the standard tools available in Adobe Acrobat
• We will do a quick demonstration now.
Audit | Tax | Advisory | Financial Advice
Case study 3: Try your luck…
“A phony media tycoon has relaunched a ficticious publishing empire and
fleeced Australian mining companies out of hundreds of thousands of dollars,
just months after he was convicted over the same scam.”
“The conman has been caught operating the same criminal enterprise, under a
different business name – Mining & Resource Media. After casting his net across
another 100 mining firms, more than $300,000 rolled in.”
Audit | Tax | Advisory | Financial Advice
Case study 3: Try your luck… • Created a false media organisation (Commerce and Resource Productions);
• Distributed hundreds of false invoices to mining companies claiming
advertising revenue associated with 20 fake publications;
• Prosecuted by only 5 affected organisations on 32 counts of “asserting right
for payment for unsolicited services” fined $40,000 and ordered to pay
$96,600 in compensation;
• Within 8 months of this he created another false media organisation (Mining &
Resource Media) and repeated the same fraud obtaining in excess of
$300,000 in payments.
Audit | Tax | Advisory | Financial Advice
Controls to address fraud risk • Tone at the Top – code of conduct, fraud awareness training and building a
culture of awareness across the organisation;
• Having procurement policies and procedures in place;
• Ensure that the risk of procurement fraud is recorded in your organisation’s
risk register and risk assessments are performed regularly;
• Whistleblower scheme to encourage reporting of suspected fraud;
• Ensure that staff that are involved in financial decision making for
procurement are trained in how to identify fraud;
• Ensure a three way match is carried out;
• Ensure that segregation of duties is in place and enforced;
Audit | Tax | Advisory | Financial Advice
Controls to address fraud risk cont. • Implement a variation limit on projects and contracts and require justification
for when these limits are exceeded;
• Pre-employment screening that is comprehensive and completed prior to
commencement of employment;
• Comprehensive Vendor and Customer vetting performed by an independent
individual to the procurement process;
• Strict processes around changes to vendor details, review of dormant
vendors
• Staff rotation for ‘at risk’ positions (e.g. procurement and finance). In the
banking industry this has lead to reduced insurance premiums where staff are
required to take 2 weeks of continuous leave;
Audit | Tax | Advisory | Financial Advice
Controls to address fraud risk cont. • Budget to actual and variance analysis;
• Data analytics and continuous monitoring; and
• Having strict processes around the payment of ‘emergency’ invoices or
changes to payment terms.
Audit | Tax | Advisory | Financial Advice
Data analytics • Data analytics can be useful in identifying transactions, trends or relationships
that could be an indicator of fraud.
• Irregular Transactions:
• Duplicate invoices, unusual invoice sequencing (Benford’s Law), inactive
vendors receiving payments, out of business hours transactions,
transactions exceeding approval limits / invoice splitting, invoices
received after payments made
• Trends and Summary Reporting:
• Top vendors by payments made, top vendors with quality issues, top
vendors for short shipments, vendors with consistent transaction values,
vendors with multiple transactions per period.
Audit | Tax | Advisory | Financial Advice
Data analytics cont. • Relationship indicators:
• Vendor address / phone number vs. payroll records, Vendor directors vs.
procurement personnel, multiple vendors with the same details (e.g.
address, phone number, PO box, etc.)
• Use tools that support fuzzy logic:
• (07) 3233 0000
• +61 7 3233 0000
• 0732330000
top related