When Congress authorized an additional $600 in monthly unemployment benefits as part of the CARES Act, out-of-work Americans weren’t the only ones it helped. Criminals have descended like locusts on state unemployment insurance agencies, using stolen identities to fraudulently claim both standard benefits and the additional funds administered by the Pandemic Unemployment Assistance (PUA) program. States have lost hundreds of millions of dollars. Individuals have also suffered, as government efforts to control fraud have clogged up benefit systems and delayed payments to the jobless.

States struggle

Washington state was the first to experience a COVID-19 outbreak and has since estimated losses of $650 million to unemployment insurance fraud. According to the Secret Service, a scam was detected when someone noticed that multiple direct deposits of benefits had been made to individuals residing out of state. These deposits were subsequently transferred overseas — likely by organized crime gangs.

But Washington is hardly alone. Many other states have discovered fraud. In May, Rhode Island’s labor agency reported that it had almost as many illegitimate unemployment insurance claims as legitimate ones. And widescale fraud in Michigan forced that state to stop payment on nearly 20% of unemployment claims pending review.

Fighting back

If you’re currently employed and receive an unemployment benefit check or debit card or a letter confirming an application for unemployment benefits, immediately contact your state. If you can’t get ahold of your state agency (a problem encountered by thousands of potential fraud victims), report your suspicions to police and the Federal Trade Commission (FTC) at identitytheft.gov. Your identity has likely been stolen and sold to criminals on the dark web. Be sure to request copies of your credit reports and review them for illegitimate activity.

Businesses can help fight unemployment insurance fraud, too. The FTC suggests that companies:

  • Ask employees to speak up if they suspect their identities are being used to perpetrate unemployment insurance fraud, 
  • Direct HR to flag state unemployment agency notices about currently employed workers,
  • Report suspected fraud to a state agency — preferably via its website,
  • Provide a copy of the documentation to affected employees and let them know if the state requires them to also make a report,
  • Bolster cybersecurity to prevent the loss of personal data that could be used to commit fraud.

This last tip is particularly important if your employees currently are working from home.

An easy target

The pandemic has probably unleashed more fraud activity than any other recent event. Even though PUA program payments were due to expire on July 25, state unemployment benefits are too easy and lucrative a target for fraudsters to pass up. But you can do your part to help disrupt these schemes.

© 2020 Covenant CPA

Skimming isn’t the biggest fraud threat for most businesses. The theft of cash receipts represents only 11% of asset appropriation schemes, according to the Association of Certified Fraud Examiners’ 2020 Report to the Nations. But with a median loss of $47,000, your business will likely feel the pain if it becomes a victim of skimming. Here’s what you need to know to prevent it.

Usual tactics

Skimming occurs when an employee steals an incoming payment before it’s recorded. In the most basic skimming scheme, a worker sells goods or services to a customer, collects payment and pockets the money without recording the sale. If the customer receives goods but no sale is recorded, skimming will cause a discrepancy between physical inventory counts and the company’s inventory ledger.

Crooked employees can also skim receivables. This generally is harder to pull off, because overdue accounts appear on the accounts receivable aging schedule. Perpetrators may try to cover their thefts by “lapping,” or borrowing money from one account to make up for a shortage in another.

What to look for

To detect skimming, look for infrequent bank deposits and consistent bank balance fluctuations as well as frequent shortages of cash on hand. If you suspect skimming, we can help you perform physical inventory counts to check if inventory levels match recorded sales. We can also review journal entries for false credits to inventory; irregular entries to cash accounts; and write-offs of lost, stolen, or obsolete inventory.

Your business can help prevent skimming by segregating employee duties. No one person should be responsible for collecting, recording, reconciling and depositing cash receipts. Instead, split up those duties among multiple employees.

Also consider implementing these other preventive measures:

  • Monitor spaces where employees handle cash with visible video cameras,
  • Require daily bank deposits,
  • Investigate no-sale and voided transactions,
  • Reconcile cash deposits to all cash and checks received,
  • Regularly reconcile inventory records to look for shrinkage, and
  • Provide an anonymous tip hotline for employees, customers and vendors.

Vulnerable industries

Certain organizations are more vulnerable to skimming. Small companies (those with less than 100 employees) and those in the education, real estate, and transportation and warehousing fields experience higher rates of skimming and may want to take extra precautions. Whatever your industry, contact us at the first sign of fraud.

© 2020 Covenant CPA

New technologies, including artificial intelligence and machine learning, increasingly are being applied to the old problem of occupational fraud. But in most circumstances, common accounting tools — “variance analysis” and “contribution margin” — remain effective in uncovering possible evidence of theft.

Gaps and absences

After your organization finalizes its annual budget, you may perform a variance analysis, reviewing differences between actual and budgeted performance. If, for example, actual wages significantly exceed budgeted wages, the difference could be due to such factors as wage increases, productivity declines or greater downtime. But it could also signal phantom employees on the payroll.

Fraud experts pay particular attention to variances related to inventory and purchase pricing. Supply-related variances could indicate the existence of kickbacks. Or they might suggest fictitious vendors — where payments go to the perpetrator and no inventory is received in exchange.

The absence of variances when they’re expected can also be cause for concern. If the cost of a critical production component has unexpectedly increased, then the actual numbers should show a variance. If no such variance is found, it could be a sign of financial reporting fraud.

Difference between price and costs

The term contribution margin generally refers to the difference between a unit’s sale price and its variable costs. It’s often used to make pricing decisions, calculate the breakeven point and evaluate profitability. But it can also be used to detect fraud.

In general, the contribution margin as a percentage of revenue should remain fairly consistent over time. If the contribution margin is dramatically lower than usual, skimming or inventory theft could be to blame. Just keep in mind that one discrepancy doesn’t equal solid evidence of fraud. It simply indicates that further investigation is warranted.

Discrepancies are just a start

You may have the in-house expertise to expose potential fraud schemes using common accounting tools. But you should take suspicious results to a financial expert. Contact us. We use everything from modern analytic techniques to old-school witness interviews to get to the bottom of financial irregularities.

© 2020 Covenant CPA

Machine learning increasingly is being used to discover fraud schemes. With this type of artificial intelligence (AI), the technology learns or improves in accuracy through experience, rather than through additional programming. If you already use AI in your business, you’re probably somewhat familiar with how machine learning works. But here’s a quick overview of its application in fraud detection.

New approaches needed

More and more, businesses rely on digitization to deliver the goods and services their customers want. Unfortunately, digitization also makes it easier both for cybercriminals and stakeholders, such as employees, vendors and customers, to steal. Preventing fraud in the digital age requires new approaches.

Machine learning is one such approach. Traditional rules-based fraud detection software flags transactions — such as purchase orders of a certain type or over a certain amount — that are suspicious according to static rules. On the other hand, fraud detection software that includes machine learning uses large sets of historical data to “learn,” or create algorithms about the patterns associated with new fraud schemes, enabling it to detect fraud in the future.

Step by step

For a machine to learn, its users must follow certain procedures. After the software is enabled to capture historical transaction data — and the more data, the better — the company using it reviews the data to ensure it presents an accurate picture of transactions. The software then applies algorithms to identify potentially suspicious items. This process creates the first fraud detection model. The software analyzes the same set of data repeatedly and produces new models for the company to review. The company provides feedback on each model to help the software develop better algorithms.

Through this process, the model learns what constitutes fraud and the number of false positives should drop significantly. In the end, the company selects the most accurate fraud detection model to put into production. 

Getting started

If you have the technical capabilities, you may be able to develop a customized machine learning program for fraud detection in-house. We can help if you don’t. Contact us.

© 2020 Covenant CPA

The recently released 2020 Association of Certified Fraud Examiner’s (ACFE’s) occupational fraud study, Report to the Nations, reveals that the most common behavioral red flag exhibited by fraud perpetrators is living beyond their means. Also high on the list are financial difficulties and unusually close relationships with vendors and customers.

Some of these signs may be tough to spot if you don’t work closely with an occupational thief. That’s why the ACFE report also looks at correlations between fraud and non-fraud offenses and human resources issues. When these issues are present, supervisors and HR managers may need to increase their scrutiny of an employee.

Recognize red flags

The vast majority (96%) of occupational fraud perpetrators have no previous criminal record and 86% have never been punished or fired by their employers for fraud. This may make identifying the thieves in your midst difficult, but not impossible. The ACFE has found that approximately 85% of perpetrators exhibit at least one behavioral red flag before they’re discovered.

Although a perpetrator may be the friendliest and most cooperative person in the office, many thieves come into conflict with colleagues or fail to follow rules. The survey participants (more than 2,500 defrauded organizations) were asked whether the perpetrator in their cases engaged in any non-fraud-related misconduct before or during the fraud incident. Close to half (45%) responded “yes.” Some of the most common offenses were:

  • Bullying or intimidation of others,
  • Excessive absenteeism, and
  • Excessive tardiness.

A small number also was investigated for sexual harassment and inappropriate Internet use.

In addition to misconduct, some fraud perpetrators exhibited work performance problems. Thirteen percent received poor performance evaluations, 12% feared the loss of their job and 10% were denied a raise or promotion.

Get involved

When misconduct or poor performance leads to disciplinary action, supervisors and HR managers have a golden opportunity to potentially stop fraud in progress. After all, the longer a scheme goes undetected, the more costly it is for the organization. Fraud schemes with a duration of less than six months have a median loss of $50,000, but those with a median duration of 14 months (the typical scheme in the ACFE report) experience losses of around $135,000. 

So if you detect smoke, look for fire. Of course, most underperforming employees aren’t thieves. But it probably pays to observe any worker who routinely flaunts the rules, antagonizes coworkers or lets job responsibilities slip. You may discover other red flags, such as family problems, addiction issues or a lifestyle that isn’t supported by the employee’s salary.

Limit opportunities

Knowing your employees is only part of the solution. You also need comprehensive internal controls to limit opportunities to commit fraud. Contact us for help.

© 2020 Covenant CPA

Several major companies have already filed for bankruptcy during the novel coronavirus (COVID-19) crisis and many more large and small businesses are expected to follow suit. If you’re a creditor of a company that’s liquidating, it may be challenging to get back what you’re owed. That’s where a solvency opinion can help. An expert determines whether the company could meet its long-term interest and repayment obligations when it made — or didn’t make — payments to creditors.

Examining the subject

Solvency experts consider many issues when examining a business. But ultimately, the outcome of three tests enable an expert to determine solvency:

1. Balance sheet. At the time of the transaction at issue, did the subject’s asset value exceed its liability value? Assets are generally valued at fair market value, rather than at book value. The latter is typically based on historic cost, and fixed assets (such as vehicles and equipment) may be reduced by annual depreciation expense. But the balance sheet is just a starting point. Adjustments may be needed to balance sheet items so that they more accurately reflect the fair market value of assets.

2. Cash flow. This test examines whether the subject incurred debts that were beyond its ability to pay as they matured. It involves analysis of a series of projections of future financial performance. Experts consider a range of scenarios. These include management’s growth expectations, lower-than-expected growth, and no growth — as well as past performance, current economic conditions and future prospects.

3. Adequate capital. The final test determines whether a company has adequate capital and is likely to survive in the normal course of business, bearing in mind reasonable fluctuations in the future. In addition to looking at the value of net equity and cash flow, experts consider factors such as asset volatility, debt repayment schedules and available credit.

Companies generally are considered solvent by solvency experts if they pass all three of these tests.

Presumed insolvent

Courts typically presume that a company is insolvent unless a party to litigation proves otherwise. You can bolster your position with a comprehensive solvency analysis performed by a qualified expert. Contact us for more information about obtaining one.

© 2020 Covenant CPA

The novel coronavirus (COVID-19) pandemic has opened the floodgates to scam artists attempting to profit from sick, anxious and financially vulnerable Americans. On the frontlines fighting fraud are the Federal Trade Commission (FTC), U.S. Justice Department (DOJ) and other government agencies. Here are some of the fraud schemes they’re actively investigating —  and the perpetrators they’ve rounded up.

Peddling false hope

The FTC has sent warning letters to almost 100 businesses for making scientifically unsubstantiated claims about their products. Companies from California to Virginia, Indiana to Florida have touted (mostly online or by phone) “treatments” for COVID-19, even though the federal government hasn’t approved any vaccines or cures for the disease.

Letter recipients must stop making deceptive claims immediately and notify the FTC within 48 hours about the actions they’ve taken. Noncompliance can result in a federal court injunction and an order to refund deceived customers. Just last week, the FTC took the seller of a “wellness booster” to court. Originally, the product — capsules containing Vitamin C and herbal extracts — had been marketed as a cancer cure. But the enterprising fraudster pivoted in March 2020 to exploit COVID-19 fears.

Technological accomplices

Producers and marketers of fake cures aren’t the only companies under scrutiny. The FTC, in joint letters with the Federal Communications Commission, has warned several Voice over Internet Protocol (VoIP) service providers for “assisting and facilitating” illegal telemarketing and robocalls related to COVID-19. This is a violation of the FTC’s Telemarketing Sales Rule.

The DOJ has also come down on several VoIP providers for knowingly transmitting robocalls from “government officials.” Although there’s uncertainty about whether VoIP and similar services can be considered liable for the actions of their users, law enforcement officials are clearly serious about taking down those who would exploit the pandemic for personal gain.

Opportunity knocks

Government agencies also have their sights on smaller, opportunistic scams. Recently, the FTC warned consumers to beware of fake COVID-19 testing sites set up in parking lots with realistic looking signs, tents and workers. Not only have these criminals obtained Social Security and credit card numbers from test-seekers, but they may have helped spread contagion through unsanitary contact with them.

And the DOJ is raising the alarm about the role cryptocurrency is playing in many COVID-19 schemes. Everyone from snake-oil sellers to bad-investment promoters are asking their victims to pay with cryptocurrency. Therefore, it should be recognized as a red flag.

How to stay safe

Many fraud schemes present since the start of the COVID-19 crisis in the United States — small business loan scams, charity fraud and attempts to steal stimulus payment checks — also continue apace. Your best defense, as always, is to hang up on suspicious calls, delete fake-looking emails and be wary of any claims that sound too good to be true. If you encounter fraud, report it to ftc.gov.

© 2020 Covenant CPA

Before the novel coronavirus (COVID-19) pandemic struck, employees who suspected occupational fraud in their organizations had multiple options for notifying their employers. For example, they could use interoffice mail to send information anonymously or meet with HR personnel in person.

Reporting options for employees working from home are more limited — particularly if they wish to remain anonymous. The current working environment only highlights the necessity for a fraud hotline or online portal that workers can access anywhere, anytime. If your business doesn’t already offer a confidential reporting mechanism, start thinking about how you can establish one.

Limiting damage

Confidential fraud hotlines are one of the best ways to nab workplace criminals. The Association of Certified Fraud Examiners has determined that the average organization with a hotline discovers fraud within 12 months, versus 18 months for those without hotlines. Hotlines also limit losses — $98,000 less in losses for employers that offer them.

One of the reasons hotlines are important is because, in most cases, subordinates or coworkers know or suspect fraud long before owners or members of upper management do. Yet they may not say anything for fear of reprisal. Anonymity, therefore, is essential.

Getting started

Establishing a hotline doesn’t have to be hard, but it does require some planning. Consider taking the following steps:

Identify an executive sponsor. Your hotline or portal will require a modest expenditure. If you aren’t the company’s owner or a financial decisionmaker, identify an executive sponsor to make the case for the investment.

Develop a project charter. A charter documents the business benefits of deploying a hotline or portal — for example, reducing financial losses and empowering employees.

Form a steering committee. In addition to executives and technology experts, include legal and HR representatives. They can help ensure that the processes you put in place don’t violate employee rights and applicable laws.
 
Review technology options. Determine your business’s needs and identify the vendors that can meet them. Learn which systems similar companies use or ask your financial and legal advisors for suggestions.

Up and running

Once you launch an anonymous reporting channel, make sure you position it so that all employees and other stakeholders can access it easily. If, for example, you company has overseas operations, work with local experts to overcome language, cultural and other barriers that might prevent workers from using a hotline.

And be sure to publicize your reporting mechanism at every appropriate opportunity. Executives might routinely mention it in all-company emails and in public speeches, and you should provide information (and links, if applicable) in your employee handbook and on your intranet. For help putting a hotline or portal in place, contact us.

© 2020 Covenant CPA

Many businesses were unprepared when the novel coronavirus (COVID-19) pandemic required them to close their physical offices and shift to remote operations. Your company, for example, may have had to scramble to set up a virtual private network (VPN) or move files to the cloud. And while adapting to working from home, employees may have let your usual security procedures slide.

From a cybercrime perspective, working from home generally isn’t as safe as working in the office. So you need to look for ways to protect your disbursed workforce and prevent criminals from gaining access to your digital assets.

Here are five ideas:

  1. Invest in education. Require remote employees to participate in security-related training that covers “old-school” phishing scams as well as new COVID-19 variations. As schemes emerge (check the Federal Trade Commission’s website at ftc.gov for the latest), notify employees and remind them what to do if they think they’ve fallen victim to a scam.
  1. Enable automatic updates. To keep the operating systems of employee computers safely patched, remind workers to enable automatic software updates. Also, double-check that every employee-assigned device is fortified with current malware and antivirus software. 
  1. Revisit access privileges. To maintain productivity, most employees need access to the same systems at home as they had in the office. However, consider reviewing which workers have access to certain files, network controls and cloud accounts — and whether they really need access now. Remember that when employees work from home, their partners, children and visitors may have easy access to their computers. To protect your company, ensure systems generate user audit trails that can be followed in the event of a breach.
  1. Protect WiFi connections. While working from home, employees use their personal WiFi connections to access your company’s IT environment. Unfortunately, many people use the default WiFi password or a simple password that hackers can easily break. To foil fraud perpetrators, employees should change it to a complex combination of letters and other characters. If possible, require them to use a VPN with two-factor authentication.
  1. Secure your videoconferences. Most videoconferencing services employ multiple layers of security. But some platforms offer greater protection than others. Before choosing one, perform a simple Google search to read user reviews and security bug reports. Once you’ve selected a service, communicate security protocols before allowing employees to use it for company business.

Finally, provide employees with access to a technical support desk so they can report problems — and get solutions — as quickly as possible. Working from home may be new for a lot of Americans, but fraud is a familiar foe for most. If can be defeated with appropriate knowledge and tools.

© 2020 Covenant CPA

Paying workers “under the table” or with cash can save businesses a bundle in taxes. But the potential consequences are grave. Not only is this practice illegal and could result in severe financial penalties, but it also shortchanges employees.

The novel coronavirus (COVID-19) pandemic has made this abundantly clear. As many laid-off workers who were paid under the table have learned, they don’t qualify for unemployment benefits if their state has no record of their employer contributing to the insurance pool. They may have trouble getting other financial assistance as well. You should protect your business and its workers by following the rules.

Paying the piper

In general, compensation is subject to federal income and employment taxes, as well as taxes that may be assessed on state and local levels. Employees are personally responsible for federal income tax on their wages, and both employees and employers are responsible for paying employment taxes.

The main employment tax, mandated by the Federal Insurance Contributions Act (FICA), comprises three elements:

1. A 6.2% OASDI, or Old-Age, Survivors and Disability Insurance (or Social Security tax),

2. A 1.45% Hospital Insurance (HI) tax on all wages (known as the Medicare tax), and

3. An additional 0.9% Medicare surtax on wages exceeding $200,000 for single filers and $250,000 for joint filers.

Employers must also pay unemployment tax under the Federal Unemployment Tax Act (FUTA). That tax is 6% on the first $7,000 of wages, but it may be effectively reduced to as little as 0.6% due to credits for state unemployment programs.

Other responsibilities

Employers’ responsibilities usually extend beyond taxes. You may be required to pay overtime and provide benefits to employees — ranging from qualified retirement plans to family medical leave time — all governed by federal laws. Employees without such benefits who become sick with COVID-19 don’t qualify for paid leave. They may be forced to work anyway to support their families and, thus, spread the infection further.

To support employees in the event they’re laid off, employers often must pay for different types of employee insurance, including Workers’ Compensation, unemployment insurance and, depending on the state, disability insurance. In addition, the Affordable Care Act imposes minimum health insurance coverage requirements on employers with 50 or more full-time employees (and full-time equivalent employees).

Note: These warnings don’t apply to workers who are legitimate independent contractors. Contractors, who work for themselves, are responsible for paying their own taxes and providing their own benefits. But you must properly handle these workers by meeting certain tests in order to have them classified as independent contractors.

Consider the real cost

Paying taxes and providing benefits to employees are necessary costs of doing business. While they take a chunk out of your bottom line, not paying them can cost you, your workers and, ultimately, the general economy, even more. Contact us for help managing expenses and reducing taxes legally.

© 2020 Covenant CPA