The interview before the fraud interview

When Anna, the CEO of a small manufacturing company, received an anonymous report about fraud in the accounting department, she wasn’t sure how to act. After all, the complaint could be accurate, but there was also a chance that it wasn’t. She called her company’s attorney, who recommended a forensic accountant to investigate. He also suggested that she perform some preliminary interviews to gather facts — but to be careful not to interrogate employees.

If you’re in a position similar to Anna’s, here’s how to conduct interviews before a fraud expert comes on the case. 

Investigation prep

In advance of requesting any interviews, decide what information you’re looking for. Knowing what you want helps you get to the truth of the matter quickly and avoid getting sidetracked by extraneous information. Then, identify who’s best able to supply that information.

Say, for example, you suspect an accounts receivable employee of siphoning money. You may want to talk to that person’s supervisor and a member of your IT department to get information on work habits, unusual behavior or signs of file tampering. Remember, though, that people may be reluctant to share information if they feel it reflects poorly on them or if it might land someone else in hot water.

Restraint is critical

When you sit down for an interview, set the tone with some introductory questions and ask the interviewee to agree to cooperate. In most cases, you’ll be looking for information that helps prove or disprove your suspicions, and the interview will be fact-finding in nature. It should last long enough for you to obtain all the information the subject has to offer. But don’t prolong sessions unnecessarily.

Aim for an informal, relaxed conversation and be sure to remain professional, calm and nonthreatening. Don’t interrupt unnecessarily, suggest that you have preconceived ideas about who did what, or assert your authority unnecessarily. If you suspect someone is withholding information, try asking more detailed questions. And if someone says something you believe is untrue, ask for clarification. You might suggest that your question was misunderstood or that the employee didn’t give it enough thought before answering.

Finally, never make threats or promises to encourage an employee to change a statement or confess. If the case ends up in court, such tactics could make the evidence you collect inadmissible. If someone persists in lying, ask them to put their statement in writing and sign it. Then turn the statement — and your suspicions — over to fraud experts.  

Give it to the experts

If you decide there’s evidence that fraud has occurred, engage a forensic accountant to investigate further. This expert will interview potential suspects and witnesses to get to the bottom of the matter while gathering critical evidence of a crime. Contact us for help and more information.

© 2021 Covenant CPA

Deepfakes: The newest frontier in fraud

Fraud perpetrators are constantly altering their methods to evade detection. Nimble cybercriminals, for example, are why IT security companies update their software so frequently. The use of deepfakes (a word derived from “deep learning” and “fake”) is one of the latest threats to emerge. Deepfakes are enabled by artificial intelligence (AI) and they’re something your company needs to have on its radar because if you haven’t seen a deepfake yet, you will.

Spotting an imposter

A deepfake involves the use of AI to create video, audio or static images that seem real. You may have seen them in viral videos of famous people, such as one in which Facebook’s Mark Zuckerberg is shown saying he has “total control of billions of people’s stolen data.” As realistic as it looked and sounded, the video depicted something that never happened.

Aside from manipulating public opinion and generating outrage, deepfakes can be used to steal. Employing an expertly altered audio file, someone can trick a bank’s voice authentication tools to grant access to funds. Or a deepfake using audio and video files could convince a company to open a customer account to buy goods on credit. In such cases, the nonpaying customers are untraceable.

Proving what’s real

Since deepfakes use emerging technology, detecting them can be challenging. But depending on a deepfake’s format, some third-party detection solutions are available.

Software designed to detect video deepfakes can use a “liveness” detector, which analyzes a person’s face for natural movements. Computers also can analyze images at the pixel level for manipulation. Deepfake audio software is capable of discerning almost-imperceptible sounds that aren’t human generated.

Keeping current

You can protect your business from deepfake-related fraud by updating your current internal controls. For example, if your company operates a call center, make sure you have procedures that prevent audio deepfakes from gaining unauthorized account access. In addition, keep current on deepfake developments. You might, for example, establish a Google Alert to provide you with articles relevant to your industry and particular vulnerabilities.

Contact us for more information about emerging fraud schemes and for help updating your internal controls.

© 2021 Covenant CPA

The COVID-19 pandemic has often made the due diligence process for business acquisitions more complex and time-consuming. But if you’re buying a company, it’s critical to dedicate your full attention to this part of the M&A process — not only to confirm that the selling business is as valuable as you believe it to be, but to protect against fraud. Plan early to engage a fraud expert to review financial statements and other documents for signs that you could be dealing with a dishonest seller.

Subtle warning signs

When reviewing a seller’s financial statements, forensic experts look for subtle warning signs of fraud. These include excess inventory, a large number of write-offs, an unusually high number of voided discounts for returns, insufficient documentation of sales and increased purchases from new vendors. Another suspicious sign is increased accounts payable and receivable combined with dropping or stagnant revenues and income.

Fishy revenue, cash flow and expense numbers and unreasonable-seeming growth projections warrant further investigation to determine whether financial statements represent fraud or they’re evidence of unintentional errors or mismanagement. The latter is common in smaller companies that don’t have their statements audited by outside experts or that may not have adequate internal financial expertise.

Systematic manipulation

To determine whether unusual income numbers indicate systematic manipulation, experts often consider whether owners or executives had the opportunity to commit fraud. A lack of solid internal controls makes financial statement fraud more likely. Regulatory disapproval, customer complaints and suspicious supplier relationships can also raise red flags. If warranted, a forensic expert may perform background checks on your target company’s principals.

It’s important to note that some accounting practices adopted to present a business in the best light may be perfectly legal. However, if your expert finds evidence of intentional fraud — particularly at the executive level — you’ll probably want to rescind your acquisition offer. In less serious cases, you may simply need to make purchase price adjustments or even change the deal’s structure.

Negotiating protection

An indemnification clause written into the purchase agreement can protect you if a seller lies about matters that affect your acquisition, such as fraud. But negotiating these clauses can be tricky since sellers tend to push for a narrow definition of “fraud” and for limits on liability. The fact remains that if a seller has committed fraud, it’s better to uncover it before the M&A transaction goes through.

Contact us with your questions about M&A fraud and for help evaluating your potential business acquisition.

© 2021 Covenant CPA

If you have an estate plan and also have creditors, you could be a fraud perpetrator — without knowing it or intending to defraud anyone. In some circumstances, creditors can challenge gifts, trusts and other strategies for leaving assets to heirs as fraudulent transfers. Here’s how to keep your estate plan from running into trouble.

2 types

Most states have adopted the Uniform Fraudulent Transfer Act (UFTA). The law allows creditors to challenge transfers involving two types of fraud:

  1. Actual fraud. This means making a transfer or incurring an obligation “with actual intent to hinder, delay or defraud any creditor,” including current creditors and probable future creditors.
  2. Constructive fraud. This is a more significant threat for most people because it doesn’t involve intent to defraud. Under UFTA, a transfer or obligation is constructively fraudulent if you made it without receiving a reasonably equivalent value in exchange for the transfer or obligation and you either were insolvent at the time or became insolvent as a result of the transfer or obligation.

“Insolvent” means that the sum of your debts is greater than all of your assets, at a fair valuation. You’re presumed to be insolvent if you’re not paying debts as they become due. Generally, constructive fraud rules protect only present creditors or those whose claims arose before the transfer was made or obligation incurred.

Know your net worth

When it comes to actual fraud, you may not be safe just because you weren’t purposefully trying to defraud creditors. A court can’t read your mind, and it will consider the surrounding facts and circumstances to determine whether a transfer involves fraudulent intent. So before you make gifts or place assets in a trust, consider how a court might view the transfer.

Constructive fraud is a greater risk because of how insolvency is defined and gifts are made. When you make a gift, either outright or in trust, you don’t receive reasonably equivalent value in exchange. If you’re insolvent at the time, or the gift you make renders you insolvent, you’ve made a constructively fraudulent transfer. This means a creditor could potentially undo the transfer.

To avoid this risk, calculate your net worth carefully before making substantial gifts. Even if you’re not having trouble paying your debts, it’s possible you might meet the technical definition of insolvency. Also keep in mind that fraudulent transfer laws vary from state to state. Therefore, you should consult an attorney about the law where you live.

Build a better plan

Besides knowing the law, you can protect your estate plan in several ways. Work with a professional estate planner and be sure to reveal everything about your financial situation that might be relevant to building a creditor-resistant plan. Also manage any debts by working with creditors to negotiate reasonable repayment plans. We can help if you’re still having trouble balancing your budget or managing your assets.

© 2021 Covenant CPA

Over the past year, most businesses have been forced to contend with multiple crises, including COVID-19, social unrest and financial challenges. The last thing you need right now is a fraud incident. But if your company is defrauded, you can help mitigate the damage with a fraud contingency plan.

Identifying likely scenarios

No contingency plan can cover every possibility, but yours should be as wide-ranging as possible. Work with your senior management team and financial advisors to devise as many fraud scenarios as you can dream up. Consider how your internal controls could be breached — whether the perpetrator is a relatively new hire, an experienced department manager, a high-ranking executive or an outside party.

Next, decide which scenarios are most likely to occur given such factors as your industry and size. For example, retailers are particularly vulnerable to skimming. And small businesses without adequate segregation of duties may be at greater risk for theft in accounts payable. Also identify the schemes that would be most damaging to your business. Consider this from both a financial and a public relations standpoint.

Assigning responsibility

As you write your plan, assign responsibilities to specific individuals. When fraud is suspected, one person should lead the investigation and coordinate with staff and any third-party investigators. Put other employees to work where they can be most effective. For example, your IT manager may be tasked with preventing loss of electronic records and your head of human resources may be responsible for maintaining employee morale.

You’ll also want to define the objectives of any fraud investigation. Some companies want only to fire the person responsible, mitigate the damage and keep news of the incident from leaking. Others may want to seek prosecution of offenders as examples to others or to recover stolen funds. Your fraud contingency plan should include information on who will work with law enforcement and how they will do so.

Releasing information

Employee communications are particularly important during a fraud investigation. Staff members who don’t know what’s going on will speculate. Although you should consult legal and financial advisors before releasing any information, aim to be as honest with your employees as you can. It’s equally important to make your response visible so that employees know you take fraud seriously.

Also designate someone to manage external communications. This person should be prepared to deflect criticism and defend your company’s stability, as well as control the flow of information to the outside world.

Taking swift action 

A fraud contingency plan isn’t designed to prevent fraud. Instead, it’s a blueprint for taking swift and effective action should fraud occur. To reduce the risk of theft, you’ll need to ensure that you have strong internal controls. Contact us for help with both plans.

© 2021 Covenant CPA

New year, new fraud to watch out for

Whew, you made it through 2020! But don’t rest easy yet. Unfortunately, fraud perpetrators enjoyed a profitable year, and there are signs they may continue to feed off Americans as long as the pandemic is active. Here are several scams to watch for in 2021.

PPP fraud

Struggling small-business owners have welcomed last month’s 11th hour extension of the Paycheck Protection Program (PPP). They aren’t alone: Fraudsters skilled at falsifying loan applications are also likely rubbing their hands in anticipation.

The Justice Department has brought charges against at least 80 individuals for stealing $127 million from the first PPP. Law enforcement expects to charge more (likely many more) con artists as evidence is uncovered. Indeed, the House Select Subcommittee on the Coronavirus Crisis claims that at least $14 billion in PPP loans were improper. Not all of these cases were outright fraud, but there’s evidence that some business owners and lenders ignored PPP guidelines.

To help prevent further misuse of these loans, $50 million has been allocated to the Small Business Administration for PPP fraud prevention and audits. To avoid unnecessary scrutiny or legal trouble, business borrowers should make sure they understand all eligibility requirements for PPP loans and are qualified before applying.

Vaccine cons 

Consumer scams related to the pandemic also are still going strong. Even before COVID-19 vaccinations gained FDA approval, fraudsters conned many Americans (primarily via email and online ads) into paying for nonexistent cures and preventive treatments.

This past month, the FBI and several other federal agencies warned that perpetrators are now advertising COVID-19 vaccine “early access” for those willing to pay a fee or submit medical and other personal information. Make no mistake: These are fraud schemes. To receive a vaccine, visit the Food and Drug Administration (fda.gov) or Centers for Disease Control and Prevention (cdc.gov) websites or consult your physician to learn when you will be eligible.

Pet scams

Fraudsters took note when many Americans adopted pets to provide companionship during the pandemic. The Federal Trade Commission is warning about fake ads picturing puppies, kittens and other pets for sale or adoption. The fraudsters typically first request an amount that sounds reasonable up front. Once they receive that, they ask for more and more … for vet bills, health certificates, shipping and anything else they can come up with. Needless to say, there are no actual pets.

You can avoid falling for such scams by performing extensive due diligence. For example, get the name and address of the seller (and verify them) and arrange for a videoconference to see the pet in the possession of the seller. Even better, adopt an animal from a shelter you can visit in person.

Staying safe 

There are a lot of fraud threats out there these days. For help combating consumer and business fraud, contact us.

© 2021 Covenant CPA

For most retailers, this is the most profitable season of the year. However, customer returns in January can cut deeply into December revenues — particularly if the returns are fraudulent. U.S. retailers suffer annual losses of $18.4 billion from fraudulent returns, according to data analytics company Appriss and the National Retail Federation (NRF). And as antifraud technology company Signifyd has found, the pandemic is encouraging higher retail return rates — as much as 80% higher than before COVID-19 hit. Such a shift is likely to mean even more fraud.

Old dog, new tricks

Return fraud isn’t new. Dishonest customers have long “returned” items they stole or purchased elsewhere for less to stores willing to issue full cash refunds. But growth in online sales has magnified return fraud risk for retailers. The NRF reports that 38% of retailers have observed an increase in the number of buy online, return in-store transactions. And of these retailers, 29% reported an increase in fraudulent returns.

However, retailers that allow shipped returns face even greater risk of losses. In one common scheme, customers buy expensive items, then ship back cheap knockoffs or random objects that approximate the size and weight of the original merchandise. If a retailer issues a refund before its employees open and inspect the returned item, the business probably will end up out-of-pocket.

Entire networks dedicated to return fraud have sprung up on the Web. Many offer to help consumers profit off real purchases by making phony returns. In times of financial insecurity, such siren calls may convince ordinarily honest people to become fraud perpetrators. 

How to act

It’s critical that you use up-to-date return and inventory management systems designed to prevent fraud and shrinkage. But perhaps the most important way to fight return fraud is with a formal merchandise return policy that specifies:

  • A timeframe for returns — for example, 30 or 60 days from the purchase,
  • Any required documentation, such as the original receipt,
  • Whether returns are eligible for a cash refund or only store credit,
  • Whether the return must include the original packaging,
  • Whether returns must be made in person, even if merchandise was purchased online,
  • The condition of the returned goods (most retailers prefer “as new” or “as sold”),
  • What customer information you need, such as address and phone number, and
  • A reason for the return.

You may only want to accept returns if the merchandise is defective. But of course, many customers expect flexible return policies and may take their business elsewhere if yours is too rigid.

Post your return policy at registers, on receipts and on your website. Require that a manager approves any exception made to this return policy.

You can’t afford it

Depending on the size of your business, return fraud could cost you thousands or millions of dollars, an amount you can’t afford during this uncertain time — or anytime. Make sure your return policy is airtight and that employees consistently apply it. Contact us for help with fraud or unusual financial losses.

© 2020 Covenant CPA

Americans generally feel generous during the holidays and usually are eager to donate to worthy charitable causes. At the same time, they’re so busy and rushed with holiday activities they don’t necessarily vet charities that ask for support. Fraud perpetrators masquerading as nonprofits usually find easy pickings.

Charity scammers use every available channel to defraud charitable donors — door-to-door appeals, telemarketing campaigns, email messages, slick looking websites and even through social media “friends.” To ensure your donations reach the genuinely needy, exercise healthy skepticism and take precautions.

Know your nonprofit

The best and easiest way to avoid becoming a charity scam victim is to donate only to charities you already know and trust. However, by doing this, it’s possible you could exclude new or lesser-known charities from consideration. So if you want to donate to an unknown group, ask the organization to provide as much information as possible — including its tax ID number. Then verify the charity’s status with the IRS and its activities and financials on watchdog sites such as charitynavigator.com and charitywatch.com.

Also make sure you understand how the charity intends to use your donation. This is just as true for established nonprofits. If it isn’t clear where your donation will go or if the charity’s representative seems to dodge the question, walk away.

Best practices

Here are some other tips to help you avoid becoming a charity fraud victim:

Don’t answer suspicious calls. Caller ID makes it easy to ignore calls from numbers you don’t recognize. Unfortunately, perpetrators may mask their phone numbers with the names and numbers of legitimate charities. The simple solution: Tell the caller you don’t donate money over the phone and hang up.

Ignore suspicious emails. Don’t open unfamiliar and unsolicited emails or click on any links they include.

Avoid in-person sales pitches. Place a “No Solicitors” sign at your front door to discourage con artists. If you inadvertently open the door to a stranger, inform the person that you don’t donate to charities unless they send information in the mail. Fake charities usually won’t.

Don’t bend to pressure. No matter how compelling the sales pitch, or how “urgent” the charity’s need, take time to review and research it. Tell solicitors that you’ll get back to them later. Be particularly wary about pitches in the aftermath of natural disasters and other emergencies.

Donate with credit cards. Using credit cards to make charitable donations provides a level of protection because you usually can dispute fraudulent charges. If you discover a discrepancy when reviewing monthly statements, contact the charity and your credit card company immediately. Debit cards generally offer less protection against unauthorized charges. And paper checks are easy to counterfeit.

Heinous crime

Charity fraud is a particularly heinous crime because it hurts both the charitably inclined and those in need of help. If you suspect someone is perpetrating a scheme, stay away from the fraudster and report the person to law enforcement.

© 2020 Covenant CPA

Not all shell companies are dishonest. Despite their often-sinister reputation, these paper-only companies may be used legitimately to hold another business’s assets. Or they may be the “empty container” left after a company downsizes or is acquired. That said, some fraud perpetrators use shell companies to embezzle funds, evade taxes, dodge debts and commit other illegal acts.

For many businesses, the biggest threat posed by illegitimate shell companies is that unscrupulous employees will use them to perpetrate billing fraud. Here’s how to spot a shell scheme in your midst.

Under cover

Employee-perpetrated shell company schemes take one of two forms. In the first, an employee sets up a shell company to send out — and collect on — fictitious bills. Perpetrators don’t have to send the bills for nonexistent goods and services to the company for which they work. But it’s easier, and can help them evade detection, if they do.

Consider, for example, an accounting staffer who knows that his company rarely scrutinizes invoices for less than $3,000. He applies for a “doing business as” (DBA) certificate from his state for a fictitious business and opens a business account at a local bank. Now he can bill his employer for services that cost less than $3,000 per invoice.

In the second type of scheme, an employee sets up a shell company to sell products to his or her employer at a marked-up price. Because the employee’s shell company has no overhead or expenses, the employee can pocket the proceeds.

Invoices contain clues

Shell company schemes can go undetected for a long time, particularly if the fraudsters are savvy enough to attempt to cover their tracks and don’t get too greedy. Most perpetrators, however, leave a paper trail of invoices that, when scrutinized, is suspicious.

For example, invoices may vaguely define their products or services, arrive more than once a month and show an increased number of purchases over time. Addresses are important. Fake companies usually use a post office box as a return address. But less clever (or more arrogant) thieves may use their actual home address.

Shell company scams work only if the crooked employee can pay the invoices or get the shell company authorized as a legitimate vendor. A quick credit check on a new vendor will reveal whether it has an operating history and deserves greater scrutiny. Job rotation, mandatory vacations and a strict separation of duties in critical areas, such as your accounting department, can help prevent financial losses from shell company schemes. 

Investigating suspicions

Contact us if you think an employee is committing fraud with a shell company. We can examine invoices and other records, interview suspects and witnesses, and review your internal controls to get to the bottom of any suspicions.

© 2020 Covenant CPA

Reports started trickling into state agricultural agencies in July: Consumers were worried about strange seed packets they had received in the mail. The unsolicited goods weren’t labeled and appeared to be sent from China. In a year already fraught with anxiety and paranoia, the story quickly made headlines.

Perhaps this was the first you’d heard of a scam known as “brushing,” in which some third-party e-commerce sellers set up fake buyer accounts and ship unordered goods (in this case, seeds) to “customers.” Why would they do this? Read on. 

A growing fraud 

Brushing scammers set up fake accounts with Amazon, eBay and other online platforms so that they can order their own merchandise, ship it to a real address and then post glowing reviews that bolster their ratings. The ultimate objective, of course, is to attract more buyers for their goods.

According to the U.S. Department of Agriculture (USDA), the seeds people received this summer seem to be part of a brushing scheme. (The USDA is continuing to investigate, but at this time, the seeds don’t appear to be dangerous or capable of producing invasive plants.) However, this isn’t the first time Americans have received unordered merchandise from unknown companies. Over the past couple of years, consumers have been surprised by gifts of everything from flashlights to hand warmers to Bluetooth speakers.

Considering that you aren’t obliged to pay for or send back merchandise you didn’t order, this may not seem like a big deal. However, it suggests that personal information has been disclosed or compromised. So if you receive one of their packages, brushers have — at the very least — your name and home address and may also have your phone number and email address. And, as the Federal Trade Commission (FTC) warns, these fraudsters may have set up fake accounts in your name on multiple websites — or even hacked your legitimate accounts.

Nip it in the bud

How can you prevent dishonest businesses from burnishing their own reputations at the possible expense of yours?

  • Report a suspicious package to the online retailer or platform (if you know what it is).
  • Check your accounts for suspicious activity and change your passwords.
  • If it appears accounts have been compromised, review your bank and credit card statements and credit reports. Consider freezing them to prevent fraud perpetrators from opening new accounts in your name.
  • File a report with the FTC at ftc.gov/complaint. 

Remember that it’s always possible a seller simply sent you something by mistake. Or a friend may have ordered a gift and forgotten to enclose a message to you. So do a little snooping before jumping to conclusions. But if it still seems your mystery package is part of a brushing scam, don’t just brush it off. Report the “gift” and make sure your accounts are secure.

© 2020 Covenant CPA