October 2008

Forensic Insight – October 2008 This article first appeared in the September/October 2008 issue of Current Accounts, a Georgia Society of CPAs publication. It is reprinted here with both the author and the publication’s permission.

For 22 years “Bill Carter” had worked for “Cardinal Wholesalers,” a Fortune 500 company that manages a chain of hundreds of grocery stores nationwide. Having reached the level of purchasing department supervisor, Bill was fired for looking at inappropriate web sites on his company computer. Out of work, in need of money and mad at his former employer, Bill persuaded “Mike Smith,” who replaced Bill as purchasing department supervisor, to jointly perpetrate a fictitious vendor scheme against Cardinal (the purpose of a fictitious vendor scheme is to trick the victim company into paying vendor invoices for which it receives nothing in return). Five years into the scheme, Bill and Mike had each pocketed $900,000 from it, but then Bill drank to excess one night at a local bar and bragged about the scheme to a total stranger sitting next to him. Bill explained in detail how he and Mike had stolen $1.8 million from Cardinal, even divulging the name of the fictitious vendor, “Tri-State Trucking.”

The next morning the stranger called Cardinal and offered to sell “Debbie Roberts,” Cardinal’s chief loss prevention specialist, the incriminating information for $250,000. Debbie refused the stranger’s offer and hired a forensic accounting firm to ferret out the fictitious vendor. After two days, the forensic accountants identified Tri-State Trucking as a very suspicious vendor, and questioned Mike Smith, who was the only person to approve payment on the suspicious invoices. Mike admitted that Tri-State Trucking was a “bogus vendor” and that “the whole thing was Bill Carter’s idea.” The investigative report prepared by the forensic accountants was turned over to the FBI along with the documentary evidence collected. The FBI successfully charged and convicted both Mike Smith and Bill Carter for mail fraud, which is the fraud statute most commonly used to prosecute fraud cases. Bill Carter was sentenced to 54 months in prison and required to relinquish a $300,000 401K plan to Cardinal as restitution. In return for his guilty plea and testimony against Bill Carter, Mike Smith received a lesser sentence of 48 months in prison.

Questions

The fictitious vendor scheme perpetrated against Cardinal for five years was not discovered by its independent auditor, a Big Four accounting firm, during the annual audits of Cardinal’s financial statements. The auditor’s failure to detect the fraud understandably raises the following questions:

To answer these questions we must first: (1) define forensic accounting, (2) define two types of fraud, (3) understand the objectives of a financial statement audit and (4) understand the objectives of a forensic audit.

Forensic Accounting

The AICPA defines forensic accounting as “the application of accounting principles, theories and discipline to facts or hypotheses at issue in a legal dispute and encompasses every branch of accounting knowledge.” The AICPA further classifies forensic accounting into two broad categories: investigative services and litigation services (see Exhibit 1). U.S. News and World Report listed forensic accounting as one of the “20 hot job tracks for the future,” and described forensic accountants as “the bloodhounds of bookkeeping who sniff out fraud and criminal transactions in corporate financial records.”

Asset-Theft vs. Financial Statement Fraud

The Association of Certified Fraud Examiners offers the following definitions of two types of fraud. Asset-theft fraud is “the use of one’s occupation for personal gain through the deliberate misuse or theft of the employing organization’s resources or assets.” Asset-theft fraud typically involves dishonest employees who have figured out a way to divert some of their employer’s cash flow into their own pockets. The Cardinal Wholesaler case is a perfect example of asset-theft fraud.

Financial statement fraud is “the deliberate misrepresentation of the financial condition of an enterprise accomplished through the intentional misstatement or omission of amounts or disclosures in the financial statements in order to deceive financial statement users.” This type of fraud, commonly referred to as “cooking the books,” typically involves the overstatement of assets or revenues and the understatement of liabilities or expenses. Financial statement fraud is typically perpetrated by corporate executives whose compensation is closely tied to their employer’s financial performance. The WorldCom fraud perfectly exemplifies financial statement fraud. Under the direction of Bernie Ebbers (CEO) and Scott Sullivan (CFO), WorldCom’s accountants improperly recorded billion of dollars in expenditures as assets instead of expenses. Such improper accounting made WorldCom’s financial position look much better than it really was and influenced investors and creditors to make economic decisions that ultimately resulted in billions of dollars in losses.

Financial Statement Audits

The primary purpose of a financial statement audit is to determine if a company’s financial statements “present fairly” its financial position at a certain point in time. Investors, creditors, governments and other stakeholders rely on financial statements for making economic decisions about a company. Since management is responsible for preparing the financial statements, someone independent of the company’s management needs to vouch for the statements as being truthful and accurate. Such is the responsibility of the independent auditors, who provide assurance that the financial statements: (1) conform with generally accepted accounting principles, and (2) present fairly, in all material respects, the company’s financial position. If properly planned and conducted, a financial statement audit should uncover financial statement fraud. If the auditors issue an opinion that the financial statements present fairly, when in fact they do not, they can be held civilly liable for any losses incurred by those who relied upon the misrepresented financial statements. Such liability was the downfall of Arthur Andersen, the independent auditor for Enron, WorldCom, Sunbeam and Waste Management—all of which were involved in financial statement frauds that resulted in billions of dollars in stakeholder losses.

Forensic Audits

The primary objectives of a forensic audit include: (1) examine the system of internal controls in place for safeguarding assets, (2) identify any weaknesses in those controls, and (3) determine if anyone within the company has exploited the control weaknesses and misappropriated assets for personal gain. If properly planned and conducted, a forensic audit should uncover asset-theft fraud. However, it is highly unlikely that a financial statement audit will uncover asset-theft fraud. Why? Let us revisit the fictitious vendor scheme, an asset-theft fraud, perpetrated against Cardinal Wholesalers. The fraudulent payments made to Tri-State Trucking were recorded by reducing the cash account by $1.8 million and expensing the same amount on the income statement. Accordingly, the financial statements presented fairly Cardinal’s financial position since both cash and net income had been reduced by the amount of the fraud. The independent auditors correctly concluded that Cardinal’s financial statements presented fairly its financial condition.

Summary

In answer to the three questions posed earlier: The independent auditors did not discover the fraud because the fairness of the financial statements was not impaired by the fraud. The independent auditors should not have discovered the fraud since detecting asset-theft fraud falls outside the scope of a traditional financial statement audit, which is designed to uncover financial statement fraud. A forensic audit, which is designed to uncover asset-theft fraud, is a separate engagement from a financial statement audit and requires auditing professionals with specific anti-fraud training and experience. The ideal forensic accountant should be both a Certified Public Accountant (CPA) and a Certified Fraud Examiner (CFE). Unfortunately, many companies who engage independent auditors to conduct a financial statement audit mistakenly assume they are buying a forensic audit. If a client’s motivation for engaging auditors is because of concerns or suspicions involving asset-theft fraud, the accounting firm should recommend a forensic audit instead of, or in addition to, a financial statement audit.

Thomas Buckhoff, Ph.D., CPA, CFE is an associate professor at Georgia Southern University. He is also a partner with Forensic Solutions, LLC, a forensic accounting firm specializing in fraud detection, investigation, and prevention consulting services.