How smart software can help you find fraud

Machine learning increasingly is being used to discover fraud schemes. With this type of artificial intelligence (AI), the technology learns or improves in accuracy through experience, rather than through additional programming. If you already use AI in your business, you’re probably somewhat familiar with how machine learning works. But here’s a quick overview of its application in fraud detection.

New approaches needed

More and more, businesses rely on digitization to deliver the goods and services their customers want. Unfortunately, digitization also makes it easier both for cybercriminals and stakeholders, such as employees, vendors and customers, to steal. Preventing fraud in the digital age requires new approaches.

Machine learning is one such approach. Traditional rules-based fraud detection software flags transactions — such as purchase orders of a certain type or over a certain amount — that are suspicious according to static rules. On the other hand, fraud detection software that includes machine learning uses large sets of historical data to “learn,” or create algorithms about the patterns associated with new fraud schemes, enabling it to detect fraud in the future.

Step by step

For a machine to learn, its users must follow certain procedures. After the software is enabled to capture historical transaction data — and the more data, the better — the company using it reviews the data to ensure it presents an accurate picture of transactions. The software then applies algorithms to identify potentially suspicious items. This process creates the first fraud detection model. The software analyzes the same set of data repeatedly and produces new models for the company to review. The company provides feedback on each model to help the software develop better algorithms.

Through this process, the model learns what constitutes fraud and the number of false positives should drop significantly. In the end, the company selects the most accurate fraud detection model to put into production. 

Getting started

If you have the technical capabilities, you may be able to develop a customized machine learning program for fraud detection in-house. We can help if you don’t. Contact us.

© 2020 Covenant CPA

Is there a fraud perpetrator behind those behavioral issues?

The recently released 2020 Association of Certified Fraud Examiner’s (ACFE’s) occupational fraud study, Report to the Nations, reveals that the most common behavioral red flag exhibited by fraud perpetrators is living beyond their means. Also high on the list are financial difficulties and unusually close relationships with vendors and customers.

Some of these signs may be tough to spot if you don’t work closely with an occupational thief. That’s why the ACFE report also looks at correlations between fraud and non-fraud offenses and human resources issues. When these issues are present, supervisors and HR managers may need to increase their scrutiny of an employee.

Recognize red flags

The vast majority (96%) of occupational fraud perpetrators have no previous criminal record and 86% have never been punished or fired by their employers for fraud. This may make identifying the thieves in your midst difficult, but not impossible. The ACFE has found that approximately 85% of perpetrators exhibit at least one behavioral red flag before they’re discovered.

Although a perpetrator may be the friendliest and most cooperative person in the office, many thieves come into conflict with colleagues or fail to follow rules. The survey participants (more than 2,500 defrauded organizations) were asked whether the perpetrator in their cases engaged in any non-fraud-related misconduct before or during the fraud incident. Close to half (45%) responded “yes.” Some of the most common offenses were:

  • Bullying or intimidation of others,
  • Excessive absenteeism, and
  • Excessive tardiness.

A small number also was investigated for sexual harassment and inappropriate Internet use.

In addition to misconduct, some fraud perpetrators exhibited work performance problems. Thirteen percent received poor performance evaluations, 12% feared the loss of their job and 10% were denied a raise or promotion.

Get involved

When misconduct or poor performance leads to disciplinary action, supervisors and HR managers have a golden opportunity to potentially stop fraud in progress. After all, the longer a scheme goes undetected, the more costly it is for the organization. Fraud schemes with a duration of less than six months have a median loss of $50,000, but those with a median duration of 14 months (the typical scheme in the ACFE report) experience losses of around $135,000. 

So if you detect smoke, look for fire. Of course, most underperforming employees aren’t thieves. But it probably pays to observe any worker who routinely flaunts the rules, antagonizes coworkers or lets job responsibilities slip. You may discover other red flags, such as family problems, addiction issues or a lifestyle that isn’t supported by the employee’s salary.

Limit opportunities

Knowing your employees is only part of the solution. You also need comprehensive internal controls to limit opportunities to commit fraud. Contact us for help.

© 2020 Covenant CPA

Don’t get shortchanged by a liquidating business

Several major companies have already filed for bankruptcy during the novel coronavirus (COVID-19) crisis and many more large and small businesses are expected to follow suit. If you’re a creditor of a company that’s liquidating, it may be challenging to get back what you’re owed. That’s where a solvency opinion can help. An expert determines whether the company could meet its long-term interest and repayment obligations when it made — or didn’t make — payments to creditors.

Examining the subject

Solvency experts consider many issues when examining a business. But ultimately, the outcome of three tests enable an expert to determine solvency:

1. Balance sheet. At the time of the transaction at issue, did the subject’s asset value exceed its liability value? Assets are generally valued at fair market value, rather than at book value. The latter is typically based on historic cost, and fixed assets (such as vehicles and equipment) may be reduced by annual depreciation expense. But the balance sheet is just a starting point. Adjustments may be needed to balance sheet items so that they more accurately reflect the fair market value of assets.

2. Cash flow. This test examines whether the subject incurred debts that were beyond its ability to pay as they matured. It involves analysis of a series of projections of future financial performance. Experts consider a range of scenarios. These include management’s growth expectations, lower-than-expected growth, and no growth — as well as past performance, current economic conditions and future prospects.

3. Adequate capital. The final test determines whether a company has adequate capital and is likely to survive in the normal course of business, bearing in mind reasonable fluctuations in the future. In addition to looking at the value of net equity and cash flow, experts consider factors such as asset volatility, debt repayment schedules and available credit.

Companies generally are considered solvent by solvency experts if they pass all three of these tests.

Presumed insolvent

Courts typically presume that a company is insolvent unless a party to litigation proves otherwise. You can bolster your position with a comprehensive solvency analysis performed by a qualified expert. Contact us for more information about obtaining one.

© 2020 Covenant CPA

Recent efforts to corral COVID-19 fraudsters

The novel coronavirus (COVID-19) pandemic has opened the floodgates to scam artists attempting to profit from sick, anxious and financially vulnerable Americans. On the frontlines fighting fraud are the Federal Trade Commission (FTC), U.S. Justice Department (DOJ) and other government agencies. Here are some of the fraud schemes they’re actively investigating —  and the perpetrators they’ve rounded up.

Peddling false hope

The FTC has sent warning letters to almost 100 businesses for making scientifically unsubstantiated claims about their products. Companies from California to Virginia, Indiana to Florida have touted (mostly online or by phone) “treatments” for COVID-19, even though the federal government hasn’t approved any vaccines or cures for the disease.

Letter recipients must stop making deceptive claims immediately and notify the FTC within 48 hours about the actions they’ve taken. Noncompliance can result in a federal court injunction and an order to refund deceived customers. Just last week, the FTC took the seller of a “wellness booster” to court. Originally, the product — capsules containing Vitamin C and herbal extracts — had been marketed as a cancer cure. But the enterprising fraudster pivoted in March 2020 to exploit COVID-19 fears.

Technological accomplices

Producers and marketers of fake cures aren’t the only companies under scrutiny. The FTC, in joint letters with the Federal Communications Commission, has warned several Voice over Internet Protocol (VoIP) service providers for “assisting and facilitating” illegal telemarketing and robocalls related to COVID-19. This is a violation of the FTC’s Telemarketing Sales Rule.

The DOJ has also come down on several VoIP providers for knowingly transmitting robocalls from “government officials.” Although there’s uncertainty about whether VoIP and similar services can be considered liable for the actions of their users, law enforcement officials are clearly serious about taking down those who would exploit the pandemic for personal gain.

Opportunity knocks

Government agencies also have their sights on smaller, opportunistic scams. Recently, the FTC warned consumers to beware of fake COVID-19 testing sites set up in parking lots with realistic looking signs, tents and workers. Not only have these criminals obtained Social Security and credit card numbers from test-seekers, but they may have helped spread contagion through unsanitary contact with them.

And the DOJ is raising the alarm about the role cryptocurrency is playing in many COVID-19 schemes. Everyone from snake-oil sellers to bad-investment promoters are asking their victims to pay with cryptocurrency. Therefore, it should be recognized as a red flag.

How to stay safe

Many fraud schemes present since the start of the COVID-19 crisis in the United States — small business loan scams, charity fraud and attempts to steal stimulus payment checks — also continue apace. Your best defense, as always, is to hang up on suspicious calls, delete fake-looking emails and be wary of any claims that sound too good to be true. If you encounter fraud, report it to ftc.gov.

© 2020 Covenant CPA

Give employees a voice to report fraud

Before the novel coronavirus (COVID-19) pandemic struck, employees who suspected occupational fraud in their organizations had multiple options for notifying their employers. For example, they could use interoffice mail to send information anonymously or meet with HR personnel in person.

Reporting options for employees working from home are more limited — particularly if they wish to remain anonymous. The current working environment only highlights the necessity for a fraud hotline or online portal that workers can access anywhere, anytime. If your business doesn’t already offer a confidential reporting mechanism, start thinking about how you can establish one.

Limiting damage

Confidential fraud hotlines are one of the best ways to nab workplace criminals. The Association of Certified Fraud Examiners has determined that the average organization with a hotline discovers fraud within 12 months, versus 18 months for those without hotlines. Hotlines also limit losses — $98,000 less in losses for employers that offer them.

One of the reasons hotlines are important is because, in most cases, subordinates or coworkers know or suspect fraud long before owners or members of upper management do. Yet they may not say anything for fear of reprisal. Anonymity, therefore, is essential.

Getting started

Establishing a hotline doesn’t have to be hard, but it does require some planning. Consider taking the following steps:

Identify an executive sponsor. Your hotline or portal will require a modest expenditure. If you aren’t the company’s owner or a financial decisionmaker, identify an executive sponsor to make the case for the investment.

Develop a project charter. A charter documents the business benefits of deploying a hotline or portal — for example, reducing financial losses and empowering employees.

Form a steering committee. In addition to executives and technology experts, include legal and HR representatives. They can help ensure that the processes you put in place don’t violate employee rights and applicable laws.
 
Review technology options. Determine your business’s needs and identify the vendors that can meet them. Learn which systems similar companies use or ask your financial and legal advisors for suggestions.

Up and running

Once you launch an anonymous reporting channel, make sure you position it so that all employees and other stakeholders can access it easily. If, for example, you company has overseas operations, work with local experts to overcome language, cultural and other barriers that might prevent workers from using a hotline.

And be sure to publicize your reporting mechanism at every appropriate opportunity. Executives might routinely mention it in all-company emails and in public speeches, and you should provide information (and links, if applicable) in your employee handbook and on your intranet. For help putting a hotline or portal in place, contact us.

© 2020 Covenant CPA

5 ways to protect remote workers — and your business — from cyberattacks

Many businesses were unprepared when the novel coronavirus (COVID-19) pandemic required them to close their physical offices and shift to remote operations. Your company, for example, may have had to scramble to set up a virtual private network (VPN) or move files to the cloud. And while adapting to working from home, employees may have let your usual security procedures slide.

From a cybercrime perspective, working from home generally isn’t as safe as working in the office. So you need to look for ways to protect your disbursed workforce and prevent criminals from gaining access to your digital assets.

Here are five ideas:

  1. Invest in education. Require remote employees to participate in security-related training that covers “old-school” phishing scams as well as new COVID-19 variations. As schemes emerge (check the Federal Trade Commission’s website at ftc.gov for the latest), notify employees and remind them what to do if they think they’ve fallen victim to a scam.
  1. Enable automatic updates. To keep the operating systems of employee computers safely patched, remind workers to enable automatic software updates. Also, double-check that every employee-assigned device is fortified with current malware and antivirus software. 
  1. Revisit access privileges. To maintain productivity, most employees need access to the same systems at home as they had in the office. However, consider reviewing which workers have access to certain files, network controls and cloud accounts — and whether they really need access now. Remember that when employees work from home, their partners, children and visitors may have easy access to their computers. To protect your company, ensure systems generate user audit trails that can be followed in the event of a breach.
  1. Protect WiFi connections. While working from home, employees use their personal WiFi connections to access your company’s IT environment. Unfortunately, many people use the default WiFi password or a simple password that hackers can easily break. To foil fraud perpetrators, employees should change it to a complex combination of letters and other characters. If possible, require them to use a VPN with two-factor authentication.
  1. Secure your videoconferences. Most videoconferencing services employ multiple layers of security. But some platforms offer greater protection than others. Before choosing one, perform a simple Google search to read user reviews and security bug reports. Once you’ve selected a service, communicate security protocols before allowing employees to use it for company business.

Finally, provide employees with access to a technical support desk so they can report problems — and get solutions — as quickly as possible. Working from home may be new for a lot of Americans, but fraud is a familiar foe for most. If can be defeated with appropriate knowledge and tools.

© 2020 Covenant CPA

Everyone loses when workers are paid “under the table”

Paying workers “under the table” or with cash can save businesses a bundle in taxes. But the potential consequences are grave. Not only is this practice illegal and could result in severe financial penalties, but it also shortchanges employees.

The novel coronavirus (COVID-19) pandemic has made this abundantly clear. As many laid-off workers who were paid under the table have learned, they don’t qualify for unemployment benefits if their state has no record of their employer contributing to the insurance pool. They may have trouble getting other financial assistance as well. You should protect your business and its workers by following the rules.

Paying the piper

In general, compensation is subject to federal income and employment taxes, as well as taxes that may be assessed on state and local levels. Employees are personally responsible for federal income tax on their wages, and both employees and employers are responsible for paying employment taxes.

The main employment tax, mandated by the Federal Insurance Contributions Act (FICA), comprises three elements:

1. A 6.2% OASDI, or Old-Age, Survivors and Disability Insurance (or Social Security tax),

2. A 1.45% Hospital Insurance (HI) tax on all wages (known as the Medicare tax), and

3. An additional 0.9% Medicare surtax on wages exceeding $200,000 for single filers and $250,000 for joint filers.

Employers must also pay unemployment tax under the Federal Unemployment Tax Act (FUTA). That tax is 6% on the first $7,000 of wages, but it may be effectively reduced to as little as 0.6% due to credits for state unemployment programs.

Other responsibilities

Employers’ responsibilities usually extend beyond taxes. You may be required to pay overtime and provide benefits to employees — ranging from qualified retirement plans to family medical leave time — all governed by federal laws. Employees without such benefits who become sick with COVID-19 don’t qualify for paid leave. They may be forced to work anyway to support their families and, thus, spread the infection further.

To support employees in the event they’re laid off, employers often must pay for different types of employee insurance, including Workers’ Compensation, unemployment insurance and, depending on the state, disability insurance. In addition, the Affordable Care Act imposes minimum health insurance coverage requirements on employers with 50 or more full-time employees (and full-time equivalent employees).

Note: These warnings don’t apply to workers who are legitimate independent contractors. Contractors, who work for themselves, are responsible for paying their own taxes and providing their own benefits. But you must properly handle these workers by meeting certain tests in order to have them classified as independent contractors.

Consider the real cost

Paying taxes and providing benefits to employees are necessary costs of doing business. While they take a chunk out of your bottom line, not paying them can cost you, your workers and, ultimately, the general economy, even more. Contact us for help managing expenses and reducing taxes legally.

© 2020 Covenant CPA

Seniors face a double threat with COVID-19

The coronavirus (COVID-19) pandemic may pose a double whammy for seniors. The elderly are considered the most vulnerable population for medical complications associated with the virus. They’re also prime targets for COVID-19 scams. If you’re a senior — or have elderly relatives and friends — read and share the following information.

Everyone a potential victim

There’s nothing new about fraud perpetrators attacking seniors, who may be less savvy about phishing emails and online scams and more trusting of strangers. As a study conducted by the FINRA Investor Education Foundation and several other groups found, a major risk factor for losing money to scams is social or physical isolation, which is more common among the elderly.

Of course, during the current crisis, everyone’s a potential fraud victim. As with all consumers, seniors should watch out for:

  • Emails promoting vaccines and cures that contain malware-laced attachments,
  • Fake charities soliciting donations,
  • Scams that promise high returns for investing in COVID-19-related stocks, and
  • Requests for personal information or a fee to receive an economic impact payment from the federal government.

Senior benefit scams

Some scams are tailor-made for older Americans. For example, the nonprofit Senior Medicare Patrol warns that perpetrators are contacting Medicare recipients and offered sham COVID-19 tests and treatments in exchange for Medicare numbers or money. It’s important to remember that actual government agencies will never call and ask for personal or payment information. As Medicare.gov instructs, “if someone calls asking for your Medicare Number, hang up!”

With local Social Security Administration (SSA) offices temporarily closed, scammers are also trying their luck with benefit payment recipients. The SSA states emphatically that, “any communication that says SSA will suspend or decrease your benefits due to COVID-19 is a scam, whether you receive it by letter, text, email, or phone call.” You can report suspicious contacts at oig.ssa.gov.

Other threats

Fraud perpetrators have also updated several old frauds for the COVID-19 age — including the classic “grandchild” scam. You could receive a phone call claiming that a grandchild is sick or in trouble and needs your help. Fraudsters usually ask for payment via a gift card and instruct you to act fast. Gather facts from the caller, then hang up and verify the information with other relatives. Chances are, your grandchild is just fine.

Also be wary of anyone using the virus to pitch home services. If someone offers to clean and sanitize your home, check the business’s reputation online or with the Better Business Bureau and make sure you don’t pay the service provider until the job is complete. As an extra precaution, you might invite a friend or relative to be with you when cleaners are in your home.

Reporting crime

This is an anxious time for everyone, but elderly Americans need to be on guard even more than other segments of the population right now. If someone attempts to scam you or a family member, contact law enforcement and, if applicable, the proper government agency. Reporting these crimes is essential to stemming senior-targeted fraud.

© 2020 Covenant CPA

Fake COVID-19 treatments and other new fraud schemes

Like the coronavirus (COVID-19) pathogen itself, incidents of COVID-19 fraud are surging and financial losses are piling up. The Federal Trade Commission (FTC) reports that the number of 2020 COVID-19-related complaints doubled in just one recent week. As of March 31, losses attributed to the outbreak stood at $5.9 million. Here are some of the scams criminals are perpetrating.

Bad medicine

Although travel and vacation company disputes top the FTC’s most recent list of COVID-19 complaints, most of these relate to cancellations and refunds, not fraud. Much more worrying for American consumers are the many online vendors hawking suspect treatments and tests. On March 9, the FTC sent warning letters to seven companies advertising everything from virus-fighting tea to essential oils. The Commission has informed companies that don’t immediately cease making such false claims that they face legal action.

For the record, the Food and Drug Administration hasn’t approved any vaccines, drugs or at-home tests as effective in the fight against the virus. Fortunately, it’s relatively easy to protect yourself from ineffective and potentially dangerous products. Simply ignore pitches that sound too good to be true.

If you want to get tested for COVID-19, visit the Centers for Disease Control and Prevention’s (CDC’s) website  at cdc.gov for information. Contact your healthcare provider directly if you’re experiencing symptoms of the disease.

Law enforcement on the case

The FBI and U.S. Attorney’s office are also closely tracking COVID-19 fraud. A recently assembled task force warns consumers and businesses about several novel scams, including:

App malware. Fraudsters are creating new — and hacking existing — mobile apps that supposedly provide COVID-19 data. In fact, the apps are infected with malware that gathers financial and personal information.

Healthcare provider scams. Some people have received calls from a “doctor” or “hospital” that claims it treated a family member and demands payment. Know that recent federal legislation makes most COVID-19 testing and treatment free.

Hot stocks. There’s nothing new about investment scams, but con artists are using the pandemic to promote dubious stocks. You might hear, for example, that a pharmaceutical company’s stock will soon go through the roof because it has a miracle drug in the pipeline. Bottom line: Check with a trusted advisor before investing your money.

Exercise skepticism

As always, exercise caution when answering the phone, opening email and reading texts. These days, scammers may claim to represent the CDC or another government agency to try to con you out of money or personal information. When in doubt, be skeptical. And if you believe you’ve fallen for a scam or are worried about protecting your assets or your business from fraud, contact us.

© 2020 Covenant CPA

How COVID-19 poses new fraud threats to vulnerable businesses

Scam artists know how anxious business owners are during the current coronavirus (COVID-19) crisis. They know that as you struggle to meet customer demands, pay employees and stay solvent, you’re more likely to drop your guard and fall for a fraud scheme. The last thing your business needs right now is to suffer additional financial losses. So keep an eye out for the following scams:

Fake suppliers. Whether you’re a manufacturer seeking raw materials or a grocer desperate to keep shelves stocked, you may have trouble getting your usual supplies. If a regular supplier is temporarily — or permanently — shut down, be careful about doing business with unknown vendors. Many authentic-looking websites are, in fact, fronts for criminal operations, and if you place an order with them, you may never receive the goods. Also be wary of cold callers promising to source hard-to-get items. If it sounds too good to be true, it probably is.

Defective goods. Even if you do receive your supply order, there’s a chance its contents will be defective. In early March, an international team of law-enforcement agents arrested 121 criminals around the world who were selling counterfeit surgical masks, hand sanitizer and other in-demand products. Depending on your business, buying defective goods could be an expensive mistake — or a public health emergency.

Payment fraud. Online payment fraud was already growing aggressively. But COVID-19 is expected to throw fuel on the fire as more people turn to home services apps, such as those for food delivery and online learning. Consumers usually don’t pay when their stolen credit cards are used to make purchases. But businesses generally do. You’re likely to be held responsible for fraudulent transactions, as well as possible chargeback fees. So be vigilant about maintaining IT security. Retailers might consider adding an Address Verification Service, which confirms a cardholder’s billing address with the card company.

Google scam. Fake robocalls claiming to come from Google have circulated for several years. Now there’s a COVID-19 twist. The recorded message tells businesses “affected by the coronavirus” that they need to ensure their Google listing is correct so that customers can locate them during the pandemic. If you speak to someone, he or she may ask for payment to list your business or try to gain confidential information. Know that Google never makes unsolicited sales calls. If someone tries to convince you otherwise, hang up.

Unfortunately, these schemes represent only the tip of the iceberg. For the latest on COVID-19-related fraud, visit the Federal Trade Commission’s “Business Center” at ftc.gov/tips-advice/business-center. Or contact us.

© 2020 Covenant CPA