David Bell

In this article, David Bell, a managing director in Quantuma’s disputes, investigations & valuations team, looks at some examples of less obvious assets used when defrauding companies and some of the key steps and considerations the firm takes into account when carrying out investigations.

The not-so-obvious assets in fraudulent schemes

Not that long ago we found that a conservatory had been put through the expenses of someone in senior management within a company. The fact that two invoices, for approximately £10,000 each and both clearly stating that it was for an interim payment for a conservatory, could be processed through the monthly expenses system without challenge tells you all you need to know about the company’s internal controls and processes. To be fair, the individual had paid the first of three payments for the conservatory himself and it was only the second and final payment, just under £20,000 in total, that he let the company pick up on his behalf. Seriously.

Another example was in a dairy business that involved cheese being fraudulently classed as sub-standard during the production process (which it wasn’t, and we’re talking about many tonnes of cheese) and then the sale of this sub-standard cheese being dealt with off the books for cash to a customer who was part of the fraudulent scheme. This was a more complex scheme as it involved collusion; the person in the quality department who fraudulently categorised the cheese as sub-standard knowing it would then be disposed of, the production employee who ‘disposed’ of the cheese to a customer, and the customer who knew the cheese was good quality but paid cash to buy it at a discount. Each person fraudulently benefitting in the process and the dairy company losing out on a significant amount of money.

As for the campervan, well, I heard something about that recently but let’s just park that for now.

Things to consider in an investigation

How we as forensic accountants go about investigating a fraud will always depend on the circumstances of the case. But there are common steps in an investigation that are followed, including:

• Gathering and preserving the evidence – understanding what data, information and records exist, where it is, what format it’s in, and how we get control of it quickly is key. Preserving the evidence and stopping it from being destroyed or removed is crucial to understanding what has been going on and being able to present the facts.
• Use of eDiscovery to assist searches – whether it’s to search through a suspect’s e-mails, their hard drive or other large volumes of information, eDiscovery can play an essential role in trying to find the evidence within a mountain of information. And do it quickly.
• Financial records – often the bread and butter of an investigation, the analysis of certain financial records. Be it credit card statements, bank statements, expense claims or supplier payments; an analysis of the flow of funds and the financial impact of the fraud will be required to understand and quantify the allegations.
• What do the policies say? If certain things are covered by a specific policy within the organisation you need to know what that policy says. Employee expenses is a classic example where there is most likely a policy that covers what is, and what is not, allowed. That policy or framework needs to be used when analysing what expenses have been claimed to understand whether they are within policy or not.
• Business intelligence and open-source searches – researching public records and social media to identify relationships and connections between certain individuals, or between individuals and businesses can prove to be extremely useful if links can be identified between otherwise unconnected third parties.
• Interviews – carrying out fact-finding interviews is a very important part of the investigation process. Firstly, you have the basics of interviews with employees; to understand a range of things from basic processes and procedures, who had responsibility for certain processes in an organisation, what was the reporting chain of command and so on. But in addition to the basics of trying to understand how teams or organisations operate, you also have the ability to ask questions about such things as known altered invoices, expenses claims, e-mails between parties instructing certain payments or documentation or similar that might be the focus of the investigation.
• Presenting the findings – this is something that is often overlooked but needs to be carefully considered. How the findings of the investigation are presented can make the difference between stakeholders understanding the fraudulent scheme or getting lost in a mountain of detail. Fraud and financial crime cases can often have very complex patterns of transactions and significant movement of funds. If this is reported in a traditional ‘wordy’ report then it can be hard to get the key findings across easily. However, if the findings are presented using analytics, graphical tools, dashboards and charts then it becomes far easier for the user of the report to understand and visualise the fraud and flow of funds across time periods or in relation to the destination of the funds via various entities.
• Liaising with stakeholders – there will undoubtedly be many different people impacted by the fraud who will all need to understand what happened, but possibly not all from the same angle. Shareholders, management, external auditors, individuals, possibly HMRC and the police, not to mention independent third parties who may have been caught up in the fraud. Making sure that each stakeholder is managed in the appropriate way, at the appropriate time, is not easy but needs to be done.
• Recommendations – sometimes the most important point is understanding what needs to change to mitigate the risk of the fraud happening again. Implementing new controls can be relatively easy to do, but if there is a cultural problem within the company then this is not something that can be changed overnight.

The outlook

Fraud is not going to disappear. There will often be opportunities to commit fraud within an organisation, and having robust internal controls and procedures gives you the best chance of mitigating the risk of fraud. But having the right culture within an organisation, in addition to the right controls and procedures, will be worth its weight in cheese in deterring fraud.

This article constitutes general advice and should not be acted upon without taking specific advice. Neither the authors nor Quantuma Advisory Limited accept responsibility for any actions based upon this general advice.