Compliance and loss prevention professionals must be somewhat suspicious by nature. This is a big advantage when trying to stop disbursement fraud. On the other hand, the company management and employees as a whole want to trust one another and view procedures taken by compliance to deter fraud as unnecessary. Management could save a lot of money and frustration by adapting a healthy portion of distrust. To avoid theft of assets it is not unusual for businesses to look outward to stop strangers from getting into their facilities and stealing the company’s property. However, the brutal reality is that disbursement fraud is far more dangerous than outsiders breaking into a business.
Definition and Examples of Disbursement Fraud
Disbursement fraud occurs when an employee uses their position in the company to either
- steal property
- make the company pay for property it never receives
- pay an unreasonably high price, or
- for a false purpose.
This can be done without the dishonest employee ever touching the property, checks, or cash in the company.
How is it Done?
Like a magician who gains the trust of the audience and distracts them, instead of pulling a rabbit out of his hat, the fraudster makes company property disappear and then re-appear in their possession somewhere else. The dishonest employee distracts his co-workers and supervisors with friendly smiles and apparent hard work so as to gain the confidence of those they work with, once this is done, the stealing starts.
According to the Association of Certified Fraud Examiners over 85% of frauds committed in a company are accomplished through disbursement fraud. There are a great many schemes used in this kind of fraud, but the most common methods of disbursement fraud (often called Bogus Schemes) can be placed in three categories:
- Billing Schemes
- Payroll Schemes
- Employee Expense Reimbursement Schemes
Billing Schemes
The most common of Bogus Schemes, the Billing Scheme, require the fraudster to target the purchasing function of the company. These types of schemes account for 54% of all disbursement schemes. Over time when a fraudster has gained the trust of colleagues and discovered the weaknesses in the company purchasing practices, diverting money and company property becomes easy, with little chance of being detected. Although there are many billing scheme methods The Shell Company Scheme is very popular due to its simplicity.
Shell Company
A shell company is often created by fraudsters for no other purpose but a fake business entity to steal money in billing schemes. Although establishing a shell company is not illegal, they are easy vehicles to drive a billing fraud. Depending on the country in which the shell company is formed, it is relatively easy, requiring only an address (Post office box, home of a friend, etc.), a bank account, and invoices in the name of the shell company. The most difficult part of the billing scheme with a shell company is passing the phony invoices through the company’s purchasing system. In situations where the employee thief has the authority to approve purchases the employee needs only to make bogus orders and process the payment to the shell company. In instances where the fraudster is not authorized to approve purchases, they need only forge the signatures of the authorized person, find an authorized person that will sign anything when under stress, or someone that is gullible. Purchasing non-existent services is preferred over non-existent goods; purchased services are hard to track because they do not create inventory.
Case in point
In Manchester, England, an employee responsible for administration and invoice payments replaced the bank information on vendor invoices with the bank account of a relative so that the company would make payments to their relative. To cover the theft, the employee would later submit a correct invoice so that the vendor would be paid. This made the company pay twice for goods and services. Over a period of time the fraudster stole roughly $75,000.00 before being discovered.
Payroll Schemes
Payroll schemes are a bit difficult compared to billing schemes, but easy to manage if the dishonest employee works in the personnel or finance department. In this form of scheme the company is tricked into paying salary and benefits to so called “Ghost Employees”, a non-existent person created by the fraudster. Often the identity of a former employee is used, or the ghost employee is hired through a phony hiring process. The key is that the fraudster must ensure that the ghost’s pay is sent to a bank account that they have access to.
Case in point
Dishonest employees in the personnel department set up a system to pay employees who conspired with them by paying double monthly salaries. The stolen money was then equally shared amongst the employees taking part in the crime.
Employee Expense Reimbursement Schemes
- Independent Payroll Distribution
- Analysis of Payee Address or Accounts
- Segregation of Duties for payroll preparation, disbursement, human resources
- Periodic Payroll Review and Analysis
- Review and Analysis of Expense Accounts
- Detailed Review of Expense Reimbursements
- Written Policies to Deter Disbursement Fraud
Conclusion
Disbursement fraud is both common and simple. Yet the harm it causes to the bottom line cannot be understated. It is natural to want to trust everyone that one works with. In fact, being able to trust one another in the work place is one of the factors that make a pleasant work environment. However, compliance must protect the company assets from those few employees that actually cannot be trusted. To protect the company compliance must have the resources needed, a cooperative fraud awareness program, and the undisputable support of the company management.
German Summary
Auszahlungsbetrug: Der ultimative Vertrauensmissbrauch
Unternehmen suchen den Fehler oft außerhalb ihres Betriebes und haben Angst vor „Eindringlingen“. Die große Gefahr kommt meistens allerdings von intern. Laut der Association of Certified Fraud Examiners 85% werden Diebstähle in Unternehmen durch innerbetriebliche Auszahlungen verursacht. Daher sollte das Motto gelten: „Vertrauen ist gut, Kontrolle ist besser“. Auszahlungsbetrug kann grundsätzlich in folgenden drei Varianten auftreten: Rechnungs-, Lohn, und Mitarbeiter Spesen-Betrug.
Wie funktioniert Auszahlungsbetrug?
Ein Mitarbeiter missbraucht seine Position, indem das „Unternehmen“ z.B. für nicht vorhandene Produkte und Dienstleistungen Auszahlungen tätigt.
Welche Vorsichtsmaßnahmen können eingeleitet werden?
Gegenmaßnahmen:
- Adress-, Bargeld- und Spesenkontoanalysen aller Empfänger
- Klare Aufgabentrennung bei Bezahlung, Buchführung, und Personalverwaltung
- Dokumentation, d.h. schriftliche Protokolle aller Auszahlungen
Auszahlungsbetrug ist leider sehr weit verbreitet und einfach durchzuführen. Ein dementsprechendes CMS mit sicheren Kontrollschritten ist unabdingbar.