payroll fraud by andrew firth, forensic accountant

Payroll News Networking

Conference

Payroll Fraud

Andrew Firth, Director

Rushmore Forensic

What is Fraud?

“Obtaining a

financial

advantage by

deception”.

• Timesheet fraud

• Ghost employees

• False expense claims

What are the Major Types of Payroll Fraud?

• Data mining tests – More than 2 pay rises in a year

– Greater than 30% difference in wages between 2 employees who

have the same Position description.

– Multiple employees with the same bank account number

– Overtime charged during a slow period

– Compare security gate records with timesheet submitted

• Random checks to source data

How do we prevent & detect timesheet frauds?

• Cross reference list of employees from

payroll reports to other sources eg.

– Building access cards

– Windows Log On

– Company phone book

– Budgets.

• Review HR records for anomalies

• Data Mining Routines

– Identify employees with missing, or

duplicate master file information

How do we detect ghost employees?

Other payroll data mining tests

(# 4) Multiple employee records with same mobile phone number

(# 1) Multiple employee records with same bank account

(# 1) Multiple employee records with same bank account

(# 4) Multiple employee records with same mobile phone number

(# 5) Multiple employee records with same TFN

(# 8) Multiple employee records with same date of birth and some other common

characteristic e.g. same Suburb

(# 9) Multiple employees with the same Super fund account number

(# 14) Identify employees who have not taken any annual leave during the year

(# 22) Identify employees that have an algorithmically incorrect TFN

(e.g. 111 222 333)

How do we detect false employee expense

claims?

100% review of all supporting

documentation within a set period

Keywords database linked to Amex data feed

How do we detect false expense

reimbursements?

How do we detect false expense

reimbursements?

FRAUD

What are the most common red flags that

fraudsters exhibit?

1) Living beyond their means / Unexplained

wealth / Wheeler-dealer attitude

2) Financial distress including debts to loan

sharks

2) Financial distress including debts to loan

sharks

3) Divorce or family problems

4) Unusually close association with supplier,

customer (or other member of staff)

5) Addiction to drugs

6) Gambling and gambling related debts are

common precursors to payroll fraud

“They treated me like a queen.

They reserved my favourite

machine for me. I was like a

zombie.”

“Everyone thought she was

an extremely loyal

employee always looking

after the books.”

Patterns to look out for include:

• Absenteeism

• Regular ill health or “shaky” appearance

• Easily making and breaking promises and

commitments

• Series of creative “explanations”

• High level of self absorption

• Inconsistent or illogical behaviour

• Forgetfulness or memory loss

• Family problems

• Evidence of deceit (small or large)

Addiction problems

High risk or hot air? How vulnerable is your company to payroll fraud?

Constant errors, inaccuracies, or adjustments by Payroll Department

Large numbers of casual, itinerant or non salaried employees

Variable payment types: LAFHA’s, per diems,

Kilometres travelled

25% of people, if given the opportunity will commit fraud against their employer (Source: ACFE)

1. Consolidate multiple payroll systems

2. Document process and identify vulnerabilities e.g. access to electronic bank transfer file, number of cheque signatories

3. Ad-hoc audits and random checks to source documents

4. Reconciliation of headcount from month to month (ons and offs). Also sub ledgers to main ledgers and bank reconciliations.

5. Open communication channel for Tip offs (e.g. new staff being asked to manipulate timesheet) fraud hotline, email etc

6. Segregation of duties – don’t give any one employee too much control

7. Make employee background and criminal record checks part of the standard hiring process.

8. Regular Data Mining reviews

9. Monitor access to Payroll system at suspicious times e.g. late at night, or on weekends

10. Limit IT access, including read-only access, to the payroll system to only those individuals that need it.

10 key steps to beat payroll fraud

Example Fraud Risk Assessment - Payroll

Source: DOCS

Case Study 1: Clive Peeters, Victoria

Case Study 1: Clive Peeters, Victoria

Case Study 1: Clive Peeters, Victoria

Sonya Causer

photographed by The

Age after successfully

bidding for a new car at

a charity auction prior to

coming clean over the

missing $19.3m.

Background

• Payroll manager admitted to embezzling $19m over 18 months. Used the funds to buy more than 40 properties & luxury cars. She was jailed for 8 years with a non parole period of 2 years.

Personal details

• 39 year old female from Victoria.

How was the ‘fraud’ conducted?

• Used a loophole in the company’s Internet Banking with NAB.

• Falsified payroll records

• Transferred cash to her bank account

• Signatory to the company’s bank account

• Covered her trail by changing financial records.

How was it detected?

• An accountant noticed a $2m variation between 2 company ledgers.

• Auditors then discovered that the amount was closer to $20m.

Case Study 1: Sonya Causer, Clive Peeters

Case Study 2: SCEGGS Redlands, NSW

Background

• Payroll clerk admitted to stealing $1m over 6 years.

• Money lost through mortgage payments and possibly through poker machines.

Personal details

• 42 year old female from Sydney, NSW.

• The fraud started shortly after the woman separated from her husband.

How was the ‘fraud’ conducted?

• Used employee codes of five past staff members

• Created fake teachers (ghost employees)

• Remitted PAYG tax to the ATO

• Transferred cash to her bank account

How was it detected?

• Money was directed into joint bank account with ex-husband.

• Husband discovered the fraud and made her confess to the school.

Case Study 2: SCEGGS Redlands, NSW

Case Study 3: Cable Beach Club, WA

Background

• Payroll clerk accused of stealing $120,000 over 2 years.

Personal details

• 29 year old female from Broome, WA.

How was the ‘fraud’ conducted?

• Appears that either used ghost employees or overpaid herself

• Remitted PAYG tax to the ATO

• Transferred cash to her bank account

How was it detected?

• It’s unknown at this stage how the fraud was detected.

Case Study 3: Cable Beach Club, WA

• St George Fraud

Case Study 4: St George Bank, NSW Case Study 4: St George Bank, NSW

Background

• Senior Lending Officer admitted to stealing $1.4m over 8 years.

Personal details

• 46 year old female from Sydney, NSW.

• No trace of the money has been found.

How was the ‘fraud’ conducted?

• Used her employee number and password to approve overdraft loans in her name, and those of her father and former husband. This was in breach of company policy.

How was it detected?

• The Bank discovered the fraud.

Case Study 4: St George Bank, NSW

Case Study 5: Railcorp, NSW

Background

• Extensive and systemic corruption over a number of years.

Organisation details

1. The very structure of the organisation and the way it operated allows and encourages corruption;

- Reporting arrangements

- Management competence

- Culture; and

- Oversight arrangements.

All contributed to endemic corruption.

How was the ‘fraud’ conducted?

1. Falsified timesheets

2. Sharing of passwords

3. Creation of false vendors

4. Changing of master data by administrator.

Case Study 5: Railcorp, NSW

• Cross check payroll master data to AP data • Name

• Address

• BSB and Bank account number

• Phone

• ASIC Personal extract searches on key

employees, cross reference to Vendor records

• Cross reference to other data sources (Banned

directors, Court records)

How payroll can be used to find other frauds in

your organisation?

• 90 percent of occupational fraud cases go undetected. And of the remaining 10 percent, only 20 percent of those are detected by internal controls.

• 66% of perpetrators acted alone.

• Over 35% of frauds were conducted by those aged between 41 and 50

• Males accounted for almost 60% of perpetrators

• Over 87% of perpetrators had no past criminal history

• Source: ACFE 2008 Report to the Nation

Key facts and figures

• Mediocrity –People

–Processes

–Systems

What is the #1 Risk factor for Payroll Fraud in

your organisation?

People

• Culture of “excellence” - from the top down

• People are made accountable

Processes

• Documented and kept up to date

• Segregation of key duties

• Vulnerabilities identified and fixed

Systems

• The system can handle the complexity without manual

workarounds

• Passwords are regularly changed and not shared

• User accounts are terminated when employees exit

• Master data change logs are functioning & regularly reviewed

How do we avoid mediocre behaviour?

Andrew Firth

Director, Rushmore Forensic

(02) 9954 6200

afirth@rushmore-forensic.com.au

www.rushmore-forensic.com.au

Questions?