Uncovering Business Fraud: Look Beyond Pronouncements and Acts

March 2009

The best at finding fraud are those who look far beyond the advice established by acts and accounting pronouncements to seek and pursue compelling symptoms of wrongdoing.

by Scott Langlinais
Langlinais Fraud and Audit Advisory Services

Following is a short list of pronouncements and acts issued by the U.S. government and accounting bodies in response to various forms of business fraud.

Sherman Antitrust Act (1890)—Designed to prohibit attempts to monopolize trade by entities such as Standard Oil Trust.
Federal Trade Commission Act (1914)—Established the Federal Trade Commission to prohibit unfair practices and deceptive acts in or affecting commerce.
The Securities Exchange Act of 1934—Stipulated audits of publicly traded companies, including procedures "designed to provide reasonable assurance of detecting illegal acts that would have a direct and material effect on the determination of financial statement amounts."
The Foreign Corrupt Practices Act of 1977—Enacted in response to the admission by 400 U.S. corporations that they paid "in excess of $300 million in corporate funds to foreign government officials, politicians, and political parties," including bribes to foreign officials to secure favorable action for the companies by the foreign governments.
The Committee of Sponsoring Organizations of the Treadway Commission (COSO)—A private sector assembly formed in 1985 by five national accounting and audit organizations to study the factors that can lead to fraudulent financial reporting.
Statement on Auditing Standards (SAS) 82—Published in 1997 by the Auditing Standards Board of the American Institute of Certified Public Accountants to establish standards for auditors related to considering fraud in a financials statement audit.
Statement on Auditing Standards (SAS) 99—Published in 2002 to supercede SAS 82 and establish standards for auditors related to considering fraud in a financials statement audit.
Sarbanes-Oxley Act of 2002—Established the Public Company Accounting Oversight Board; established standards for auditor independence, corporate responsibility, and management accountability; and enhanced definitions of fraud relative to fraudulent financial reporting.

And yet, despite all of these acts and pronouncements (this is a very abbreviated list), men like Kenneth Lay, Bernie Ebbers, and most recently, Bernard Madoff are able to oversee publicly audited companies which perpetrate massive frauds on the American public. How is this possible?

Obvious to you, no doubt, is that this question is rhetorical and based on the false premise that laws and pronouncements stop bad behavior. Yet, in a typical book or article on fraud deterrence, more often than not the author refers to the historic merits of SAS 99 or COSO or any of these other pronouncements and their role in fraud prevention.

Compelling Indicators of Fraud from the Madoff Case

On December 11, 2008, the U.S. Attorney's Office filed a criminal action against Bernard Madoff, who is alleged to have lost $50 billion in investor money in history's largest documented Ponzi scheme. Of the more than $50 billion invested in Mr. Madoff's firm, it is reported that as of December only $200-300 million remained.

It does not matter that Mr. Madoff violated many of the acts and standards above. What matters is there are no reports of anyone (including the SEC which was tipped off to the Ponzi scheme several years ago) seeking symptoms of fraud within Madoff Investment Securities, LLC.

Three different factors can elevate a fraud from an annoyance to a disaster: amount, duration, and nature. What makes Mr. Madoff's fraud so uniquely troubling, likely the reason it is receiving so much press, is that his fraud presents a rare case which falls under all three factors: $50 billion in losses over nearly 2 decades in a scheme victimizing, among others, at least 148 charities which are in aggregate exposed for over $2 billion.

If you were to research this case, you would come across some questions such as how the SEC could miss such an enormous theft, especially when they were tipped off and actually investigated Mr. Madoff's hedge funds on at least three occasions. How could so many sophisticated investors, from British Bank HSBC ($1 billion exposed) to Carl Shapiro ($545 million exposed) fail to heed the concerns raised by many that Mr. Madoff's reported strategy could not possibly have resulted in the type of consistent returns he was delivering? How could the auditors fail to notice?

Symptoms of fraud are often simple and obvious, discoverable by anyone: cash missing from the vault or someone's photocopied receipts for their expense report. In complex entities such as Mr. Madoff's investment firm, professionals must recognize and understand symptoms which are more subtle and indirect.

Two compelling indicators of fraud emerging from the Madoff case are quite instructive to the manager or auditor who seeks to arm themselves with better tools for finding fraud.

Lack of Transparency

One of the symptoms was lack of transparency. Denial of access to reasonable records, and aggressive behavior toward those who seek access, constitute a compelling indicator of fraud. Mr. Madoff's hedge fund was not registered with the SEC until late 2006, and the firm's auditor was an accounting firm owned by his brother-in-law. He openly resisted outside audits, ostensibly protecting his proprietary trading strategy.

One of my professional colleagues has a rule of thumb: if an auditor is denied information because of "trade secrets" or "proprietary information," 100 percent of the time they are hiding a fraud. If there is some sensitive data in the audit sample, fine. In that case, the client can conceal the trade secrets while revealing pertinent financial data. Money being transferred from an operating account into an offshore bank account is not a trade secret. An invoice or cash transfer demonstrating the purchase of a third jet for the president is not a trade secret.

One person close to Mr. Madoff claimed, "He could be gruff to the people who gave him money to invest, threatening to expel those who asked too many questions." Andy Fastow, former chief financial officer of Enron, was notoriously similar in his behavior. He would threaten Wall Street investment banks with loss of future business if their analysts openly questioned Enron's mark-to-market accounting practices that ultimately turned out to be a sham. It is the last—and quite effective—defense of the guilty to discredit anyone who questions them.

Unrealistic Performance

The second compelling indicator of fraud within the Madoff scenario is unrealistic performance. Within your own company, this concept may manifest itself in one of your salespeople who always hits their quota exactly, or your financial executives who always report earnings which nail analysts' earnings per share projections to the exact penny.

One of Mr. Madoff's hedge funds designed to invest in the S&P 100 claimed to increase in 2008 by 5.6 percent during a period when the S&P 500 was down 37.65 percent. Since inception, one fund heavily invested with Mr. Madoff has averaged a rather pedestrian 10.5 percent annual return. But what was unique about the fund's returns was that it almost never had a down month. When everyone else was losing money, funds invested with Mr. Madoff continued to tick up or at least remain flat.

A New York trader familiar with Mr. Madoff's reported trading style wrote a detailed letter to the SEC demonstrating his analysis of 174 months of data of a fund heavily invested with Mr. Madoff's firm. In only 7 of those months did that fund lose money: the greatest monthly loss was -0.55 percent, and there were no consecutive losing months. The lowest rolling 12-month return from 1990 to 2005 was 6.23 percent, and most shocking were his returns in the market bust years of 2000, 2001, and 2002, in which the fund returned 11.55, 10.68, and 9.33 percent, respectively. Such performance over the long-term is not only remarkable, it is impossible.

Even Mr. Madoff's golf scores reflected abnormal consistency. The Wall Street Journal recently reported he never shot below an 80 or above an 89 in 2 years; inside Tiger Woods's book, How I Play Golf, is a photograph of his handicap card at his home course, Isleworth Country Club. Over 20 rounds, Mr. Woods's scores ranged from 61 to 72. Tiger Woods was not nearly as consistent at his home course as Bernie Madoff.

Auditors and Managers Must Understand Compelling Symptoms of Fraud

Professionals reviewing frauds learn to check outliers, meaning unusually high or low figures outside of a couple standard deviations from the norm. But an equally improbable, if not impossible, situation is consistent performance over the long-term with little or no standard deviation.

Seek and follow-up on all symptoms of fraud—and not just the textbook symptoms. Try charting long-term performance of your company's rainmakers—salespeople, investors, branch managers—and seek unusual levels of consistency. Map their performance against independent data, such as their colleagues' or competitors' performance, results of other companies in the industry, or relevant macroeconomic indicators. It is a compelling symptom of fraud to see a steady, upward line on the chart when all others are swinging wildly.

Finally, take particular care in areas where a manager or executive is behaving aggressively toward questioning or is apparently concealing data. If the manager or executive is well connected in the organization or is one of the ranking members of the company, then you may have to seek air-cover from the board or the chief executive, and you must be prepared to seek their assistance. What you cannot do is submit to the intimidation or stonewalling, because as uncomfortable as the initial confrontation is, it could be far worse if you are seen as negligent in your duties to find fraud. Auditors and finance/accounting professionals are now being held liable, and in some instances jailed, for demonstrating gross negligence in their duties or enabling fraud to persist.

Sources

Securities and Exchange Commission, "Testimony Concerning Investigations and Examinations by the Securities and Exchange Commission and Issues Raised by the Bernard L. Madoff Investment Securities Matter," January 27, 2009.

Harry Markopolos, "The World's Largest Hedge Fund is a Fraud: November 7, 2005 Submission to the SEC."

Wall Street Journal, various articles from December 2008 through February 2009.

Benefit Technology, "Private Foundations: Preliminary Estimates of Madoff Exposure," compiled for Nicholas Kristof, New York Times.

Opinions expressed in Expert Commentary articles are those of the author and are not necessarily held by the author's employer or IRMI. Expert Commentary articles and other IRMI Online content do not purport to provide legal, accounting, or other professional advice or opinion. If such advice is needed, consult with your attorney, accountant, or other qualified adviser.

More Risk Management Information from IRMI
Books, Manuals, Newsletters	IRMI Online	Sage/ ReferenceConnect
Practical Risk Management
The Risk Report
Construction Risk Management
Contractual Risk Transfer
Risk Financing
Exposure Survey Questionnaire
Guidelines for Insurance Specifications
How To Draft and Interpret Insurance Policies
IRMI Insurance Checklists
Claims Operations: A Practical Guide
Free Risk Management Articles in IRMI.com
25 Risk-Conquering Ideas
Risk Management
Effective Contractual Risk Transfer in Construction
Risk Management - Why and How
Insurance Continuing Education Courses from IRMI
Litigation Management (CE)
Contractual Risk Transfer in Construction (CRIS CE)