Hidden Costs
The true cost of fraud is more than the total of the financial losses. Stockholder confidence, employee morale and other intangible factors must be added to the monetary losses. Most managers agree with this assessment; however management often encourages fraud by placing unrealistic goals on employees, or by disregarding the rules themselves. Auditors must be aware of the pressures placed upon employees that may lead them to commit fraudulent activities. In addition, the controls, to be effective, must apply to all employees and must be uniformly enforced. Performance goals and objective should be attainable and adequately reviewed and monitored.
ACL, and other software, are powerful and flexible and can be used to run analyses to detect and even deter fraud. However, no tool is more powerful than it users. Auditors and fraud investigators, trained in the use of auditor software, innovative in their approach to the combating of fraud can make a difference. The cost of fraud demands that we devote time, energy and resources to the battle.
Money Laundering Scheme
Regulations around anti-money laundering have increase, but it still happens. Some of the larger schemes include the following:
Back in 2012, HSBC forfeited £1.2 billion for having inadequate money laundering controls. This followed a report published by the US Senate which alleged, amongst other things, that HSBC had:
- supplied banking services and American dollars to some banks in Saudi Arabia in spite of their connections to terrorist financing
- dodged restrictions created to prevent transactions involving Iran, North Korea and other countries subject to international sanctions
- HSBC US didn’t treat its Mexican counterpart as high risk even though it has a problem with drug trafficking and money laundering.
In 2010 Wachovia paid federal authorities a total of £123.7 million for willingly failing to establish an adequate AML programme and subsequently allowing, from 2004 to 2007, the transfer of an estimated £292.5 billion into dollar accounts from money exchangers in Mexico that the bank did business with. This included nearly £10 million that went through correspondent banking accounts at Wachovia to buy aeroplanes to be used in the drugs trade – more than 20,000 kg of cocaine was seized from these planes.
Audit example:
Bill was suddenly a top salesman for the XYZ Insurance Company, selling more policies in a single month than had ever been achieved by a salesman in the company’s 20 year history. In addition, few claims were being made against the policies he generated. He easily met his targets and received the maximum bonuses, plus incentives such as trips and merchandise. Until the story broke in the national newspaper, management had no idea that Bill’s policyholders were using the insurance company to launder ‘dirty’ money.
The requirement for companies conducting illegal activities to launder their illegal gains has generated many different schemes. An increasingly used method to launder money is one where the money earned from criminal activity is used to purchase insurance policies with a ‘cash out’ clause. Such a policy may pay the holder up to 80% of the policy value if cashed out within one year. The purchase of millions of dollars in insurance policies and the subsequent cashing out of these policies can covert 80% of the dirty money into ‘clean’ money – a good return for the criminal element, and a good deal for the insurance agent, and even profitable for the insurance company. However, the negative publicity that may be incurred might outweigh the cash benefits to the insurance company.
The audit director of another insurance company read the newspaper headlines with concern – was this happening at his company? The next day he initiated an audit of all insurance policies to look specifically for this problem. He met with the team leader, and explained what had happened at XYZ Insurance. The team leader had also read the newspaper article and thought that this would be a perfect application for the new CAATTs software he had purchased recently. He explained that the AGE command could be used to examine the length of time between the opening and closing of a policy.
The team obtained access to the policy file, and used the Age() function to calculated the time between the policy start and closing dates. Further, by combining the results of the AGE() function with the CLASSIFY command, they were able to determine the number of policies, total length in years and the average policy life (in years) by salesman.
This quickly highlighted possible anomalies in sales practices, and assisted the team leader in checking for potential money laundering activities – whether knowingly abetted by the salesperson, or unknowingly.
The auditors reviewed the insurance claims raised by Paul, and found that many of them were made in the name of only a few individuals. One person had opened 32 different policies, all of which had been canceled within two weeks. Paul admitted that he was helping to launder money, and was fired. Since the company had been proactive in finding the fraud, it was able to correct the problem and keep the incident out of the media, and avoided the adverse publicity. The audit director smiled as he remembered what his first audit director had told him ‘Your job is to keep the company off the front page of the newspaper’. This time, that was exactly what he had done.