How the fraudsters fool the auditors · Bank balance 12,000,000 Cheque 230,000 Cheque 6,000 Cheque...

How the fraudsters fool the auditors

6 November 2012

Financial statement fraud

Sarbanes Oxley

perpetuates change

• higher standards for corporate governance

• independent regulatory framework

• quality and transparency of financial reports

• severe civil and criminal penalties

• protections for corporate whistleblowers

CLERP 9 impact

Establish ‘auditor obligations’ to guide financial

reporting. Requirements:

• auditor registration

• ASIC reporting requirements

• transaction specific disclosure relating to

securities, financial services and markets

• disclosure for the on-sale of securities and

other financial products

PCAOB established by

Sarbane’s Oxley

• registered public accounting firms

• establishing or adopting auditing, quality

control, ethics and independence

• investigating registered public accounting

firms

• enforcing compliance with the Sarbanes-

Oxley Act

PCAOB Model: Asia Pacific

Fraud still happens….

0% 10% 20% 30% 40% 50%

Deloitte & Touche

PricewaterhouseCoopers

KPMG

Ernst & Young

Big Four Total

19%

12%

22%

9%

15%

45%

39%

23%

21%

33%

2010

2009

Deficient audits

\Source: New York Times, The percentage of audits reviewed by the Public Company Accounting Oversight Board that were found to be

deficient by inspectors rose sharply in 2010 from 2009.

2007

2008

2009

2010

2011

163

209

157

174

191

Law suits filed per year

Shareholder class actions not declining

Source: Figure 1, Page 5, The ever-changing landscape of litigation comes full circle: 2011 Securities Litigation study , April

2012

Internal Controls

Revenue Recognition

Other

Overstatement of assets

Understatement of liabilities & expenses

Estimates

Purchase accounting

62%

32%

27%

26%

16%

14%

8%

Financial statement fraud has many hats

Source: Figure 5, Page 13, Percentage of accoutning cases citing specific issues, 2010-2011, April 2012

The auditor’s responsibility

“An auditor is responsible for

obtaining reasonable assurance

that the financial report taken as

a whole is free from material

misstatement, whether caused

by fraud or error.”

Source: Auditing Standard ASA 240 The Auditor's Responsibilities Relating to Fraud in an Audit of a Financial Report

What % of frauds do

auditors detect?

What % of fraud do

auditors prevent?

ACFE Report to the Nations on Occupational Fraud and Abuse, 2012

Tip

Management Review

Internal Audit

By Accident

Account Reconciliation

Document Examination

External Audit

Notified by Police

Surveillance/Monitoring

Confession

IT Controls

Other

43.3

14.6

14.4

7

4.8

4.1

3.3

3

1.9

1.5

1.1

1.1

Percent of Cases

What is a quality audit?

audit staff collects sufficient, competent, and

reliable evidence

auditor raises issues with the audit team

issues reported to management, board, and/or

audit committee

But, too often fraud slips through the cracks…

Causes of audit failures

overly complex structure

management bullying

restricted contact with staff

change in operations (acquisition)

artificial time pressure/deadline

reliance on junior staff

lack of sufficient fees v

Causes of audit failures

incompetence / poor judgment

greed

mis-aligned incentives

dependence on fees

Auditors have the best intentions

Stuff rolls downhill

Client

Stuff

Partner

Senior

Manager

Manager

Senior

Crest of Ignorance

Junior auditor

Senior

Cave of Unreported Exceptions

Junior

auditor

Fermented stuff

Analysts

Fermented stuff

Analysts

Actions have consequences…

Why commit financial

statement fraud?

conceal embezzlement

conceal true business wealth

preserve personal status and control

maintain personal income/wealth

achieve incentives

Bank reconciliation

manipulation…

Bank balance 12,000,000

Cheque 230,000

Cheque 6,000

Cheque 4,000

EFT 1,500,000

EFT 750,000

Cheque 510,000

General ledger bank balance 15,000,000

Auditors checked balance

to bank confirmation

Auditors agreed

subsequent cheque

and EFT deposits to an

online bank statement

printed from online by

employee

Auditors agreed balance

to general ledger

Employee produced a forged bank statement

Employee stole $2,250,000

Lessons learned

internal control audit identified cash controls

HIGH risk

auditors failed to consider HIGH risk

audit standards require more stringent

substantive procedures

Judgement & manipulation

Setting the scene…

AUDITORS

AUDIT COMMITTEE

BOARD OF DIRECTORS

CEO

CFO

GM GM GM GM GM

ACCOUNTING

TEAM

Aggressive accounting or fraud?

inventory provision

impairment of intangibles

accounts receivable provision

Judging management’s intention…

Judging management’s intention…

Lessons learned

Auditors detailed concerns but severity of the

issues was not properly communicated to the

Board of Directors.

Board relied on management to explain and

justify any issues raised by the auditors.

Loan fraud and a

questionable audit

Timeline of events

Bank discovered

red flag transaction

Missing computer equipment: offices

appeared closed down. Forensic

technologists recovered data

External auditor refused

access: power failure

Bank appointed receivers

and managers

Identified and documented

$20m fraud

Related-party transactions and

complex organisational structures

ADMINISTRATORS OWNERS

LOAN BOOK

Lessons learned

Auditors failed to understand complex

structure of entities and transactions resulting

in improper disclosure.

Requesting documents prior to arriving does

not represent good investigative skills.

Improper acquisition

accounting and co-opting

of auditors

Yellow Star Industries

2005

2006 2008

2009

2010

2007

Yellow Star IPO

Hope Electronics

Jenkins Manufacturing

Other Acquisitions

Key perpetrators

What was their strategy?

aggressive number of acquisitions

cut costs wherever possible

manipulated the financial statements of the

acquired companies pre consolidation

Financial statement fraud

defer revenue

overbook reserves

pre-pay expenses

write down inventory

REVERSE all entries on consolidation of

Yellow Star

Then, the “stuff” hit the fan

Former CEO turns Whistleblower

What % of frauds are detected by

whistleblowers/tips?

ACFE Report to the Nations on Occupational Fraud and Abuse, 2012

Tip

Management Review

Internal Audit

By Accident

Account Reconciliation

Document Examination

External Audit

Notified by Police

Surveillance/Monitoring

Confession

IT Controls

Other

43.3

14.6

14.4

7

4.8

4.1

3.3

3

1.9

1.5

1.1

1.1

Percent of Cases

Investigation commenced

financial statement analysis

document reviews

witness interviews - key to understanding

intent and circumstances behind the suspect

entries (intent to defraud?)

targeted former employees of the acquired

companies, including…

Bill “Papa” Thomas

nonsense inventory

adjustments!

deferred to judgment of

Yellowstar and outside

accountants

entries reversed after

consolidation

“they weren’t stupid, they

were crooks!!”

signed declaration and

assisted litigation

Karen Jillwater

experienced

accountant/former auditor

revenue deferrals and

expense pre-payments

“were crazy”

Cruz: “shut up and do as

you’re told!”

spreadsheets with evidence

(stoplight)

signed statement and

assisted litigation

Auditors Conspired with Cruz

Cruz was a former Partner at

the audit firm

Huge fees for the auditors

colluded with management

Cruz bullied and convinced

employees and auditors to

come along for the ride

audit teams led

consolidation and created

red, yellow, and green

coding system for entries

Financial statement fraud

Pre-

acquisition

Post-

acquisition

Impact for Yellowstar

Delayed revenue

recognition

Recognise

revenue Increase profits

Reserve/inventory

manipulation Write up inventory

Increase profits

Premature

recognition of

expenses

Expenses are

artificially low

Increase profits

Recap after stuff hits the fan

v

v

stock price plummeted

investors lost billions

indictments

litigation, investigation, and recovery

investors recovered billions from company

and auditors

Lessons learned

co-opted auditors (internal and external)

management and employees driven by stock options

internal auditors rewarded by increase in stock price

acquisitions increased work for external auditors

Cruz cherry picked his audit team

Overstated capital assets

Detection – data analytics

Allocated to COGS

NOT

a cash payment or creditors

Increase PP&E $926,361

Increase net assets $962,361

Decrease COGS ($926,361)

Increase net profit $962,361

BOTTLE

BOTTLE

BOTTLE

BOTTLE

Documentation to verify

the bottle mould purchase

Additional evidence provided

Lessons learned

auditors failed to understand severity of

debt

no review of bank covenants

audit fee too low

Recap Case How the financial statement fraud was

concealed from the auditors?

Employee

embezzlement

Forged documents

Reliance on junior staff

Molly’s Makeup Used complex models

Relied on management representation

Aussie Auto Loans Auditor requested documents in advance of visit –

forged documents

Complex related party transactions and low fees

resulted in missed disclosure requirements

Yellow Star Auditors colluded with management – high audit

fees and stock incentives

Bottle Corp Late journal entries

Management bullying

Audit Partner relied on junior staff

v

v

v

What’s the solution?

Mandatory auditor rotation?

Government intervention?

Insurers hire auditors?

ACFE’s involvement?

Angela Clancy

Senior Manager, Forensics

Melbourne, Australia

t: +61 3 9269 4123

e: aclancy@ppbadvisory.com

w: www.ppbadvisory.com