Over the past year, most businesses have been forced to contend with multiple crises, including COVID-19, social unrest and financial challenges. The last thing you need right now is a fraud incident. But if your company is defrauded, you can help mitigate the damage with a fraud contingency plan.

Identifying likely scenarios

No contingency plan can cover every possibility, but yours should be as wide-ranging as possible. Work with your senior management team and financial advisors to devise as many fraud scenarios as you can dream up. Consider how your internal controls could be breached — whether the perpetrator is a relatively new hire, an experienced department manager, a high-ranking executive or an outside party.

Next, decide which scenarios are most likely to occur given such factors as your industry and size. For example, retailers are particularly vulnerable to skimming. And small businesses without adequate segregation of duties may be at greater risk for theft in accounts payable. Also identify the schemes that would be most damaging to your business. Consider this from both a financial and a public relations standpoint.

Assigning responsibility

As you write your plan, assign responsibilities to specific individuals. When fraud is suspected, one person should lead the investigation and coordinate with staff and any third-party investigators. Put other employees to work where they can be most effective. For example, your IT manager may be tasked with preventing loss of electronic records and your head of human resources may be responsible for maintaining employee morale.

You’ll also want to define the objectives of any fraud investigation. Some companies want only to fire the person responsible, mitigate the damage and keep news of the incident from leaking. Others may want to seek prosecution of offenders as examples to others or to recover stolen funds. Your fraud contingency plan should include information on who will work with law enforcement and how they will do so.

Releasing information

Employee communications are particularly important during a fraud investigation. Staff members who don’t know what’s going on will speculate. Although you should consult legal and financial advisors before releasing any information, aim to be as honest with your employees as you can. It’s equally important to make your response visible so that employees know you take fraud seriously.

Also designate someone to manage external communications. This person should be prepared to deflect criticism and defend your company’s stability, as well as control the flow of information to the outside world.

Taking swift action 

A fraud contingency plan isn’t designed to prevent fraud. Instead, it’s a blueprint for taking swift and effective action should fraud occur. To reduce the risk of theft, you’ll need to ensure that you have strong internal controls. Contact us for help with both plans.

© 2021 Covenant CPA

New year, new fraud to watch out for

Whew, you made it through 2020! But don’t rest easy yet. Unfortunately, fraud perpetrators enjoyed a profitable year, and there are signs they may continue to feed off Americans as long as the pandemic is active. Here are several scams to watch for in 2021.

PPP fraud

Struggling small-business owners have welcomed last month’s 11th hour extension of the Paycheck Protection Program (PPP). They aren’t alone: Fraudsters skilled at falsifying loan applications are also likely rubbing their hands in anticipation.

The Justice Department has brought charges against at least 80 individuals for stealing $127 million from the first PPP. Law enforcement expects to charge more (likely many more) con artists as evidence is uncovered. Indeed, the House Select Subcommittee on the Coronavirus Crisis claims that at least $14 billion in PPP loans were improper. Not all of these cases were outright fraud, but there’s evidence that some business owners and lenders ignored PPP guidelines.

To help prevent further misuse of these loans, $50 million has been allocated to the Small Business Administration for PPP fraud prevention and audits. To avoid unnecessary scrutiny or legal trouble, business borrowers should make sure they understand all eligibility requirements for PPP loans and are qualified before applying.

Vaccine cons 

Consumer scams related to the pandemic also are still going strong. Even before COVID-19 vaccinations gained FDA approval, fraudsters conned many Americans (primarily via email and online ads) into paying for nonexistent cures and preventive treatments.

This past month, the FBI and several other federal agencies warned that perpetrators are now advertising COVID-19 vaccine “early access” for those willing to pay a fee or submit medical and other personal information. Make no mistake: These are fraud schemes. To receive a vaccine, visit the Food and Drug Administration (fda.gov) or Centers for Disease Control and Prevention (cdc.gov) websites or consult your physician to learn when you will be eligible.

Pet scams

Fraudsters took note when many Americans adopted pets to provide companionship during the pandemic. The Federal Trade Commission is warning about fake ads picturing puppies, kittens and other pets for sale or adoption. The fraudsters typically first request an amount that sounds reasonable up front. Once they receive that, they ask for more and more … for vet bills, health certificates, shipping and anything else they can come up with. Needless to say, there are no actual pets.

You can avoid falling for such scams by performing extensive due diligence. For example, get the name and address of the seller (and verify them) and arrange for a videoconference to see the pet in the possession of the seller. Even better, adopt an animal from a shelter you can visit in person.

Staying safe 

There are a lot of fraud threats out there these days. For help combating consumer and business fraud, contact us.

© 2021 Covenant CPA

For most retailers, this is the most profitable season of the year. However, customer returns in January can cut deeply into December revenues — particularly if the returns are fraudulent. U.S. retailers suffer annual losses of $18.4 billion from fraudulent returns, according to data analytics company Appriss and the National Retail Federation (NRF). And as antifraud technology company Signifyd has found, the pandemic is encouraging higher retail return rates — as much as 80% higher than before COVID-19 hit. Such a shift is likely to mean even more fraud.

Old dog, new tricks

Return fraud isn’t new. Dishonest customers have long “returned” items they stole or purchased elsewhere for less to stores willing to issue full cash refunds. But growth in online sales has magnified return fraud risk for retailers. The NRF reports that 38% of retailers have observed an increase in the number of buy online, return in-store transactions. And of these retailers, 29% reported an increase in fraudulent returns.

However, retailers that allow shipped returns face even greater risk of losses. In one common scheme, customers buy expensive items, then ship back cheap knockoffs or random objects that approximate the size and weight of the original merchandise. If a retailer issues a refund before its employees open and inspect the returned item, the business probably will end up out-of-pocket.

Entire networks dedicated to return fraud have sprung up on the Web. Many offer to help consumers profit off real purchases by making phony returns. In times of financial insecurity, such siren calls may convince ordinarily honest people to become fraud perpetrators. 

How to act

It’s critical that you use up-to-date return and inventory management systems designed to prevent fraud and shrinkage. But perhaps the most important way to fight return fraud is with a formal merchandise return policy that specifies:

  • A timeframe for returns — for example, 30 or 60 days from the purchase,
  • Any required documentation, such as the original receipt,
  • Whether returns are eligible for a cash refund or only store credit,
  • Whether the return must include the original packaging,
  • Whether returns must be made in person, even if merchandise was purchased online,
  • The condition of the returned goods (most retailers prefer “as new” or “as sold”),
  • What customer information you need, such as address and phone number, and
  • A reason for the return.

You may only want to accept returns if the merchandise is defective. But of course, many customers expect flexible return policies and may take their business elsewhere if yours is too rigid.

Post your return policy at registers, on receipts and on your website. Require that a manager approves any exception made to this return policy.

You can’t afford it

Depending on the size of your business, return fraud could cost you thousands or millions of dollars, an amount you can’t afford during this uncertain time — or anytime. Make sure your return policy is airtight and that employees consistently apply it. Contact us for help with fraud or unusual financial losses.

© 2020 Covenant CPA

Americans generally feel generous during the holidays and usually are eager to donate to worthy charitable causes. At the same time, they’re so busy and rushed with holiday activities they don’t necessarily vet charities that ask for support. Fraud perpetrators masquerading as nonprofits usually find easy pickings.

Charity scammers use every available channel to defraud charitable donors — door-to-door appeals, telemarketing campaigns, email messages, slick looking websites and even through social media “friends.” To ensure your donations reach the genuinely needy, exercise healthy skepticism and take precautions.

Know your nonprofit

The best and easiest way to avoid becoming a charity scam victim is to donate only to charities you already know and trust. However, by doing this, it’s possible you could exclude new or lesser-known charities from consideration. So if you want to donate to an unknown group, ask the organization to provide as much information as possible — including its tax ID number. Then verify the charity’s status with the IRS and its activities and financials on watchdog sites such as charitynavigator.com and charitywatch.com.

Also make sure you understand how the charity intends to use your donation. This is just as true for established nonprofits. If it isn’t clear where your donation will go or if the charity’s representative seems to dodge the question, walk away.

Best practices

Here are some other tips to help you avoid becoming a charity fraud victim:

Don’t answer suspicious calls. Caller ID makes it easy to ignore calls from numbers you don’t recognize. Unfortunately, perpetrators may mask their phone numbers with the names and numbers of legitimate charities. The simple solution: Tell the caller you don’t donate money over the phone and hang up.

Ignore suspicious emails. Don’t open unfamiliar and unsolicited emails or click on any links they include.

Avoid in-person sales pitches. Place a “No Solicitors” sign at your front door to discourage con artists. If you inadvertently open the door to a stranger, inform the person that you don’t donate to charities unless they send information in the mail. Fake charities usually won’t.

Don’t bend to pressure. No matter how compelling the sales pitch, or how “urgent” the charity’s need, take time to review and research it. Tell solicitors that you’ll get back to them later. Be particularly wary about pitches in the aftermath of natural disasters and other emergencies.

Donate with credit cards. Using credit cards to make charitable donations provides a level of protection because you usually can dispute fraudulent charges. If you discover a discrepancy when reviewing monthly statements, contact the charity and your credit card company immediately. Debit cards generally offer less protection against unauthorized charges. And paper checks are easy to counterfeit.

Heinous crime

Charity fraud is a particularly heinous crime because it hurts both the charitably inclined and those in need of help. If you suspect someone is perpetrating a scheme, stay away from the fraudster and report the person to law enforcement.

© 2020 Covenant CPA

Not all shell companies are dishonest. Despite their often-sinister reputation, these paper-only companies may be used legitimately to hold another business’s assets. Or they may be the “empty container” left after a company downsizes or is acquired. That said, some fraud perpetrators use shell companies to embezzle funds, evade taxes, dodge debts and commit other illegal acts.

For many businesses, the biggest threat posed by illegitimate shell companies is that unscrupulous employees will use them to perpetrate billing fraud. Here’s how to spot a shell scheme in your midst.

Under cover

Employee-perpetrated shell company schemes take one of two forms. In the first, an employee sets up a shell company to send out — and collect on — fictitious bills. Perpetrators don’t have to send the bills for nonexistent goods and services to the company for which they work. But it’s easier, and can help them evade detection, if they do.

Consider, for example, an accounting staffer who knows that his company rarely scrutinizes invoices for less than $3,000. He applies for a “doing business as” (DBA) certificate from his state for a fictitious business and opens a business account at a local bank. Now he can bill his employer for services that cost less than $3,000 per invoice.

In the second type of scheme, an employee sets up a shell company to sell products to his or her employer at a marked-up price. Because the employee’s shell company has no overhead or expenses, the employee can pocket the proceeds.

Invoices contain clues

Shell company schemes can go undetected for a long time, particularly if the fraudsters are savvy enough to attempt to cover their tracks and don’t get too greedy. Most perpetrators, however, leave a paper trail of invoices that, when scrutinized, is suspicious.

For example, invoices may vaguely define their products or services, arrive more than once a month and show an increased number of purchases over time. Addresses are important. Fake companies usually use a post office box as a return address. But less clever (or more arrogant) thieves may use their actual home address.

Shell company scams work only if the crooked employee can pay the invoices or get the shell company authorized as a legitimate vendor. A quick credit check on a new vendor will reveal whether it has an operating history and deserves greater scrutiny. Job rotation, mandatory vacations and a strict separation of duties in critical areas, such as your accounting department, can help prevent financial losses from shell company schemes. 

Investigating suspicions

Contact us if you think an employee is committing fraud with a shell company. We can examine invoices and other records, interview suspects and witnesses, and review your internal controls to get to the bottom of any suspicions.

© 2020 Covenant CPA

Reports started trickling into state agricultural agencies in July: Consumers were worried about strange seed packets they had received in the mail. The unsolicited goods weren’t labeled and appeared to be sent from China. In a year already fraught with anxiety and paranoia, the story quickly made headlines.

Perhaps this was the first you’d heard of a scam known as “brushing,” in which some third-party e-commerce sellers set up fake buyer accounts and ship unordered goods (in this case, seeds) to “customers.” Why would they do this? Read on. 

A growing fraud 

Brushing scammers set up fake accounts with Amazon, eBay and other online platforms so that they can order their own merchandise, ship it to a real address and then post glowing reviews that bolster their ratings. The ultimate objective, of course, is to attract more buyers for their goods.

According to the U.S. Department of Agriculture (USDA), the seeds people received this summer seem to be part of a brushing scheme. (The USDA is continuing to investigate, but at this time, the seeds don’t appear to be dangerous or capable of producing invasive plants.) However, this isn’t the first time Americans have received unordered merchandise from unknown companies. Over the past couple of years, consumers have been surprised by gifts of everything from flashlights to hand warmers to Bluetooth speakers.

Considering that you aren’t obliged to pay for or send back merchandise you didn’t order, this may not seem like a big deal. However, it suggests that personal information has been disclosed or compromised. So if you receive one of their packages, brushers have — at the very least — your name and home address and may also have your phone number and email address. And, as the Federal Trade Commission (FTC) warns, these fraudsters may have set up fake accounts in your name on multiple websites — or even hacked your legitimate accounts.

Nip it in the bud

How can you prevent dishonest businesses from burnishing their own reputations at the possible expense of yours?

  • Report a suspicious package to the online retailer or platform (if you know what it is).
  • Check your accounts for suspicious activity and change your passwords.
  • If it appears accounts have been compromised, review your bank and credit card statements and credit reports. Consider freezing them to prevent fraud perpetrators from opening new accounts in your name.
  • File a report with the FTC at ftc.gov/complaint. 

Remember that it’s always possible a seller simply sent you something by mistake. Or a friend may have ordered a gift and forgotten to enclose a message to you. So do a little snooping before jumping to conclusions. But if it still seems your mystery package is part of a brushing scam, don’t just brush it off. Report the “gift” and make sure your accounts are secure.

© 2020 Covenant CPA

Skimming isn’t the biggest fraud threat for most businesses. The theft of cash receipts represents only 11% of asset appropriation schemes, according to the Association of Certified Fraud Examiners’ 2020 Report to the Nations. But with a median loss of $47,000, your business will likely feel the pain if it becomes a victim of skimming. Here’s what you need to know to prevent it.

Usual tactics

Skimming occurs when an employee steals an incoming payment before it’s recorded. In the most basic skimming scheme, a worker sells goods or services to a customer, collects payment and pockets the money without recording the sale. If the customer receives goods but no sale is recorded, skimming will cause a discrepancy between physical inventory counts and the company’s inventory ledger.

Crooked employees can also skim receivables. This generally is harder to pull off, because overdue accounts appear on the accounts receivable aging schedule. Perpetrators may try to cover their thefts by “lapping,” or borrowing money from one account to make up for a shortage in another.

What to look for

To detect skimming, look for infrequent bank deposits and consistent bank balance fluctuations as well as frequent shortages of cash on hand. If you suspect skimming, we can help you perform physical inventory counts to check if inventory levels match recorded sales. We can also review journal entries for false credits to inventory; irregular entries to cash accounts; and write-offs of lost, stolen, or obsolete inventory.

Your business can help prevent skimming by segregating employee duties. No one person should be responsible for collecting, recording, reconciling and depositing cash receipts. Instead, split up those duties among multiple employees.

Also consider implementing these other preventive measures:

  • Monitor spaces where employees handle cash with visible video cameras,
  • Require daily bank deposits,
  • Investigate no-sale and voided transactions,
  • Reconcile cash deposits to all cash and checks received,
  • Regularly reconcile inventory records to look for shrinkage, and
  • Provide an anonymous tip hotline for employees, customers and vendors.

Vulnerable industries

Certain organizations are more vulnerable to skimming. Small companies (those with less than 100 employees) and those in the education, real estate, and transportation and warehousing fields experience higher rates of skimming and may want to take extra precautions. Whatever your industry, contact us at the first sign of fraud.

© 2020 Covenant CPA

New technologies, including artificial intelligence and machine learning, increasingly are being applied to the old problem of occupational fraud. But in most circumstances, common accounting tools — “variance analysis” and “contribution margin” — remain effective in uncovering possible evidence of theft.

Gaps and absences

After your organization finalizes its annual budget, you may perform a variance analysis, reviewing differences between actual and budgeted performance. If, for example, actual wages significantly exceed budgeted wages, the difference could be due to such factors as wage increases, productivity declines or greater downtime. But it could also signal phantom employees on the payroll.

Fraud experts pay particular attention to variances related to inventory and purchase pricing. Supply-related variances could indicate the existence of kickbacks. Or they might suggest fictitious vendors — where payments go to the perpetrator and no inventory is received in exchange.

The absence of variances when they’re expected can also be cause for concern. If the cost of a critical production component has unexpectedly increased, then the actual numbers should show a variance. If no such variance is found, it could be a sign of financial reporting fraud.

Difference between price and costs

The term contribution margin generally refers to the difference between a unit’s sale price and its variable costs. It’s often used to make pricing decisions, calculate the breakeven point and evaluate profitability. But it can also be used to detect fraud.

In general, the contribution margin as a percentage of revenue should remain fairly consistent over time. If the contribution margin is dramatically lower than usual, skimming or inventory theft could be to blame. Just keep in mind that one discrepancy doesn’t equal solid evidence of fraud. It simply indicates that further investigation is warranted.

Discrepancies are just a start

You may have the in-house expertise to expose potential fraud schemes using common accounting tools. But you should take suspicious results to a financial expert. Contact us. We use everything from modern analytic techniques to old-school witness interviews to get to the bottom of financial irregularities.

© 2020 Covenant CPA

The recently released 2020 Association of Certified Fraud Examiner’s (ACFE’s) occupational fraud study, Report to the Nations, reveals that the most common behavioral red flag exhibited by fraud perpetrators is living beyond their means. Also high on the list are financial difficulties and unusually close relationships with vendors and customers.

Some of these signs may be tough to spot if you don’t work closely with an occupational thief. That’s why the ACFE report also looks at correlations between fraud and non-fraud offenses and human resources issues. When these issues are present, supervisors and HR managers may need to increase their scrutiny of an employee.

Recognize red flags

The vast majority (96%) of occupational fraud perpetrators have no previous criminal record and 86% have never been punished or fired by their employers for fraud. This may make identifying the thieves in your midst difficult, but not impossible. The ACFE has found that approximately 85% of perpetrators exhibit at least one behavioral red flag before they’re discovered.

Although a perpetrator may be the friendliest and most cooperative person in the office, many thieves come into conflict with colleagues or fail to follow rules. The survey participants (more than 2,500 defrauded organizations) were asked whether the perpetrator in their cases engaged in any non-fraud-related misconduct before or during the fraud incident. Close to half (45%) responded “yes.” Some of the most common offenses were:

  • Bullying or intimidation of others,
  • Excessive absenteeism, and
  • Excessive tardiness.

A small number also was investigated for sexual harassment and inappropriate Internet use.

In addition to misconduct, some fraud perpetrators exhibited work performance problems. Thirteen percent received poor performance evaluations, 12% feared the loss of their job and 10% were denied a raise or promotion.

Get involved

When misconduct or poor performance leads to disciplinary action, supervisors and HR managers have a golden opportunity to potentially stop fraud in progress. After all, the longer a scheme goes undetected, the more costly it is for the organization. Fraud schemes with a duration of less than six months have a median loss of $50,000, but those with a median duration of 14 months (the typical scheme in the ACFE report) experience losses of around $135,000. 

So if you detect smoke, look for fire. Of course, most underperforming employees aren’t thieves. But it probably pays to observe any worker who routinely flaunts the rules, antagonizes coworkers or lets job responsibilities slip. You may discover other red flags, such as family problems, addiction issues or a lifestyle that isn’t supported by the employee’s salary.

Limit opportunities

Knowing your employees is only part of the solution. You also need comprehensive internal controls to limit opportunities to commit fraud. Contact us for help.

© 2020 Covenant CPA

The novel coronavirus (COVID-19) pandemic has opened the floodgates to scam artists attempting to profit from sick, anxious and financially vulnerable Americans. On the frontlines fighting fraud are the Federal Trade Commission (FTC), U.S. Justice Department (DOJ) and other government agencies. Here are some of the fraud schemes they’re actively investigating —  and the perpetrators they’ve rounded up.

Peddling false hope

The FTC has sent warning letters to almost 100 businesses for making scientifically unsubstantiated claims about their products. Companies from California to Virginia, Indiana to Florida have touted (mostly online or by phone) “treatments” for COVID-19, even though the federal government hasn’t approved any vaccines or cures for the disease.

Letter recipients must stop making deceptive claims immediately and notify the FTC within 48 hours about the actions they’ve taken. Noncompliance can result in a federal court injunction and an order to refund deceived customers. Just last week, the FTC took the seller of a “wellness booster” to court. Originally, the product — capsules containing Vitamin C and herbal extracts — had been marketed as a cancer cure. But the enterprising fraudster pivoted in March 2020 to exploit COVID-19 fears.

Technological accomplices

Producers and marketers of fake cures aren’t the only companies under scrutiny. The FTC, in joint letters with the Federal Communications Commission, has warned several Voice over Internet Protocol (VoIP) service providers for “assisting and facilitating” illegal telemarketing and robocalls related to COVID-19. This is a violation of the FTC’s Telemarketing Sales Rule.

The DOJ has also come down on several VoIP providers for knowingly transmitting robocalls from “government officials.” Although there’s uncertainty about whether VoIP and similar services can be considered liable for the actions of their users, law enforcement officials are clearly serious about taking down those who would exploit the pandemic for personal gain.

Opportunity knocks

Government agencies also have their sights on smaller, opportunistic scams. Recently, the FTC warned consumers to beware of fake COVID-19 testing sites set up in parking lots with realistic looking signs, tents and workers. Not only have these criminals obtained Social Security and credit card numbers from test-seekers, but they may have helped spread contagion through unsanitary contact with them.

And the DOJ is raising the alarm about the role cryptocurrency is playing in many COVID-19 schemes. Everyone from snake-oil sellers to bad-investment promoters are asking their victims to pay with cryptocurrency. Therefore, it should be recognized as a red flag.

How to stay safe

Many fraud schemes present since the start of the COVID-19 crisis in the United States — small business loan scams, charity fraud and attempts to steal stimulus payment checks — also continue apace. Your best defense, as always, is to hang up on suspicious calls, delete fake-looking emails and be wary of any claims that sound too good to be true. If you encounter fraud, report it to ftc.gov.

© 2020 Covenant CPA