When business owners suspect that an employee is stealing assets or manipulating financial results, it’s time to call a fraud expert to investigate. Although the complexity of the incident will determine the investigation’s scope, there are three basic steps forensic accountants generally follow to build a fraud case that can stand up in court.

1. Conducting interviews 

Fraud interviewers know how to spot warning signs, detect deception and pin down suspicions when talking with suspects and their coworkers. But they usually start with management interviews, by asking owners, executives and audit committee members what they know about:

  • Possible fraud ploys,
  • The company’s fraud risks, and
  • Internal controls that have been implemented to mitigate specific fraud risks or to generally help prevent, deter and detect fraud. 

An expert may interview not only your company’s management and audit committee, but also anyone who can provide information about financial fraud risks. These interviews might include employees involved in initiating, recording or processing complex or unusual transactions, as well as operating personnel not directly involved in the financial reporting process.

When interviewing suspects and potential witnesses, experts encourage interviewees to do most of the talking and use silence as a tool to elicit information. Before concluding the interview, they confirm the information they’ve gathered.

2. Gathering evidence

Fraud experts also collect physical and digital evidence of possible fraud from the company’s internal sources. Examples include personnel files, phone and email records, security camera recordings, and physical and IT system access records.

Locating this evidence may require computer forensic examinations. Expect your expert to ask to access your accounting system to search for suspicious journal entries, credits, reversals and overridden controls. Experts may also collect external sources of evidence, such as public records, customer and vendor information, media reports and private detective reports.

3. Analyzing facts

Fraud specialists have been trained to review and categorize internal and external evidence, conduct computer-assisted data analysis and test various hypotheses. Rather than rely on gut instinct, your expert will formally document every step in the investigation and follow formal procedures to ensure a comprehensive investigation.

When experts finish conducting interviews and gathering evidence, they report their findings. You and your attorney may determine the appropriate format for a report and how distribution will be affected by the need to protect legal privileges and avoid defamation.

Avoid a botched investigation

A proper investigation is essential to building a strong fraud case. Indeed, botched investigations could prevent your company from recouping losses and prosecuting the perpetrator. Contact us if you suspect fraud in your organization. 

© 2020 Covenant CPA

Like many sectors of the economy, the healthcare industry regularly suffers data breaches. Healthcare analytics company Protenus has found that nearly 32 million patient records were breached between January and June 2019 alone.

Alarmed? You should be. However, there are steps you can take to reduce the risk that thieves will get a hold of your medical records and use them for nefarious purposes.

Why they’re valuable

Unlike other types of personal data, healthcare records command a hefty premium on the black market. That’s at least partly because criminals can potentially use information about an individual’s health to blackmail him or her.

Also, stolen medical records include valuable details about people’s identities. In fact, there’s usually enough information in medical files to facilitate extensive identity theft. These schemes can involve health insurance-related fraud as well as financial account and tax fraud schemes.

What you can do

The following four steps can help you protect your personal medical and other data:

  1. Be careful what you share with providers. Healthcare providers typically ask for a lot of personal information, including your Social Security number. But you aren’t obligated to provide it. If in doubt regarding whether a piece of data is critical to receiving care, ask your provider. If the provider says the information is necessary, learn how it plans to use the data —and protect it from thieves.
  2. Read the small print. Apply the same caution to healthcare apps. Only provide access to data that’s critical for the service. Read the service provider’s terms and conditions and its privacy notice so that you understand how and where your data might be used.
  3. Closely review insurance statements. Sometimes the first sign of identity theft is an insurance company statement detailing medical services you didn’t receive. Go over every insurance document and contact your insurer and the medical provider immediately if you spot any discrepancies.
  4. Don’t assume privacy online. Revealing personal details online (for example, with a large group of “friends” on social media) may provide criminals with enough information to steal your identity. Keep in mind that a dedicated criminal could piece together a detailed profile of you simply by visiting multiple sites where you’re active.

If your data is compromised

If you fear your healthcare information was included in a data breach or has otherwise been compromised, consider contacting the three major credit bureaus to freeze your credit file. This prevents the unauthorized creation of new accounts. Also step up your monitoring of insurance statements to ensure no one is filling prescriptions or making office visits in your name.

© 2019 Covenant CPA