Fraude Magazine PDF

A P U B L I C AT I O N O F T H E A S S O C I AT I O N O F C E R T I F I E D F R A U D E X A M I N E R S
Vol. 27, No. 1, January/February 2012
THE
Tell-Tale Signs of Deception

PLUS
Fraud in Houses of Worship,
PG. 18
Collegiate Athletics Fraud,
PG. 24
Overachieving Fraud,
PG. 36
Data Breaches, Part 3,
PG. 40
If Every Employee and Supplier

Displayed Model Behavior
In a perfect business world, every employee and third-party supplier would display model business behavior, and there
would be little need for anti-fraud programs. But, in the real business world, occupational fraud and abuse are prevalent.
So, businesses must implement anti-fraud programs to protect themselves from financial, legal and reputational harm.
Tips are the leading source of fraud detection and fraud hotlines are a leading source of tips. So, turn to EthicsLine,
the official hotline of the ACFE.
The EthicsLine package includes:
Hotline (telephone, web, mobile) for report intake
Case Management (web and mobile) for online
investigation management
Analytics for tracking and trending
Communications Campaign Materials to communicate
when and how to report observed business misconduct
Where a fraud hotline was in

place, the average duration of
a fraud scheme was reduced by
7 months, and the median loss
was reduced by 59%.*
* 2010 ACFE Report to the Nations on Occupational Fraud and Abuse
EthicsLine is now powered by Global Compliance
888-782-4769 info@ethicsline.com www.EthicsLine.com
ACFE 2010. All Rights Reserved
JANUARY/FEBRUARY 2012 | VOLUME 27 | NO. 1
COVER STORY
30
The 10 Tell-Tale Signs of Deception

The Words Reveal
By Paul M. Clikeman, Ph.D., CFE
Suspects and witnesses often reveal more than they
intend through their choices of words. Here are ways
to detect possible deception in written and oral
statements.
FEATURED ARTICLES
18
Fraud in Houses of Worship

What Believers Do Not Want to Believe
By Robert M. Cornell, Ph.D., CMA, Educator
Associate; Carol B. Johnson, Ph.D., Educator
Associate; and Janelle Rogers Hutchinson
Houses of worship are particularly vulnerable to fraud,
but most feel they are impervious. The authors provide
reasons why churches feel so bulletproof and seven
practical steps fraud examiners can use to help
churches stop fraud in its tracks.
24
Fraud in Collegiate Athletics

When Major League Money
Meets Little League Controls
By Herbert W. Snyder, Ph.D., CFE; and
David OBryan, Ph.D., CFE, CPA, CMA
A major, multimillion sports ticket fraud at the
University of Kansas highlights how CFEs can help
convince administrators and boards to reassert control
over their athletics departments. The answer could be
independent oversight.
36
Overachieving Fraud Wolves

in Sheeps Clothing
Targeting Top-Performing Employees
Gaming the Bonus System
By Jeffrey Horner, CFE, CRCMP
Follow this CFE consultant as he uncovers top collection
reps at a business call center who inflated their
performances for more money and job advancement.
40
Breaking Breach Secrecy, Part 3

Analysis Shows Entities Lack
Strong Data Protection Programs
By Robert E. Holtfreter, Ph.D., CFE, CICA; and
Adrian Harrington
The authors analysis of data-breach statistics shows
that organizations poorly protect personal data. Possible solution: U.S. federal rules for guidance in developing comprehensive data protection programs.
COLUMNS & DEPARTMENTS

4
From the President & CEO
52
Supporting Our International Chapters
He Milked it For All it Was Worth:

A Dairy Farm Bankruptcy Fraud
By James D. Ratley, CFE
Digital Fingerprints
Anything You Say Can and
Will be Used Against You!
By Roger W. Stone, CFE
56
Frauds Finer Points

Using an Organizations Credit
to Commit Fraud, Part 1
12
58
Global Fraud Focus

Chinese Stock Investment Fraud?
Separating Fact from Fiction
Fraud EDge
By Tim Harvey, CFE, JP; and Richard Hurley, Ph.D.,

J.D., CFE, CPA
By Gerhard Barone, Ph.D.; Sara Melendy, Ph.D.,

CFE, CPA; and Gary Weber, Ph.D. Edited by Richard
Dick A. Riley, Ph.D., CFE, CPA
FraudBasics
Check 21 Can Make Fraud Easier:
Be Alert to Changes in Technology
By Linda Lee Larson, DBA, CFE, CPA, CISA
By Robert E. Holtfreter, Ph.D., CFE, CICA
By Joseph R. Dervaes, CFE, ACFE Fellow, CIA
Get Involved in Higher Education:

Opportunities for CFEs in Educating
Future Fraud Fighters
16
Taking Back the ID

Fraudsters Claiming Victims Via
Payday Loan and LinkedIn Scams
By Jean-Franois Legault
Case in Point
60
Meet the Staff

Improving Members Lives
By Cora Bullock; Photo by Christi ThorntonHranicky, CFE
62
ACFE News
70
CPE Quiz
Earn CPE Toward Renewing Your CFE Credential.
Fraud-Magazine.com
Journal of the Association of Certified Fraud Examiners
Volume 27, No. 1, January/February 2012
TRAINING
EVENTS
Register at ACFE.com/Training
John D. Gill, J.D., CFE

Publisher
Dick Carozza
Editor-in-chief
Helen Pryor
Art Director
Cora Bullock
Assistant Editor
Aimee Jost
Circulation Manager
Katie Ford
Contributing Editor
Mark Scott, J.D., CFE

Legal Editor
EDITORIAL ADVISORY COMMITTEE

Jonathan E. Turner, CFE, CII, chair; Larry Adams,
CFE, CPA, CIA, CISA, CQA, CSP, CCP; Emmanuel
A. Appiah, MBA, CPA, CFE; Richard Brody, Ph.D.,
CFE, CPA; Jean-Pierre Bruderer, Ph.D., CFE; Jeimy
J. Cano, Ph.D., CFE, CAS; Linda Chase, CPA, CFE;
Franklin Davenport, CFE; David J. Clements, CFE;
Craig Ehlen, Ph.D., CFE, CPA; Ellen Fischer, CFE,
CIA; Peter D. Goldmann; Allan F. Greggo, CFE, CPP;
Robert Holtfreter, Ph.D., CFE; Peter Hughes, Ph.D.,
MBA, CFE, CIA, CPA; Cheryl Hyder, CFE, CPA,
CVA; Robert Kardell, CFE, CPA; Thomas Cheney
Lawson, CFE, CIA; Philip C. Levi, CFE, CPA, FCA;
Larry Marks, CFE, CISA, PMP, CISSP, CSTE; Michael
A. Pearson, D.B.A., CFE, CPA, CMA; Marilyn
Peterson, CFE, CCA; Laura M. Preston, CFE; Herbert
Snyder, Ph.D., CFE; Scott Strain, CFE; Karen Forrest
Turner, Ph.D., Educator Associate
2011-2012 BOARD OF REGENTS
Johnnie R. Bejarano, DBA, CFE, CPA; Lt. Col. Robert
J. Blair, CFE, CGFM; Cynthia Cooper, CFE, CISA;
Bruce Dorris, J.D., CFE, CVA, CPA; Joseph L. Ford,
CFE; John Warren, J.D., CFE
Fraud Magazine (ISSN 1553-6645) is published bimonthly
by the Association of Certified Fraud Examiners, 716 West
Avenue, Austin, TX 78701-2727, USA 2012 All rights
reserved. Periodical Postage Paid at Austin, TX 78701
and at additional mailing offices.
POSTMASTER: Please send address changes to:
Fraud Magazine
ACFE World Headquarters The Gregor Building
716 West Avenue Austin, TX 78701-2727, USA
(800) 245-3321 +1 (512) 478-9000
Fax: +1 (512) 478-9297
Subscriptions: ACFE members: annual membership dues
include $20 for a one-year subscription. Non-members in
U.S.: one year, $55. All others: one year, $75. Membership information can be obtained by visiting ACFE.com
or by calling (800) 245-3321, or +1(512) 478-9000.
Change of address notices and subscriptions should be
directed to Fraud Magazine. Although Fraud Magazine
may be quoted with proper attribution, no portion of
this publication may be reproduced unless written permission has been obtained from the editor. The views
expressed in Fraud Magazine are those of the authors
and might not reflect the official policies of the Association of Certified Fraud Examiners. The editors assume
no responsibility for unsolicited manuscripts but will
consider all submissions. Contributors guidelines are
available at Fraud-Magazine.com. Fraud Magazine is a
double-blind, peer-reviewed publication.
To order printed or electronic reprints, visit
fraud-magazine.com/reprint-request.aspx or
email reprints@fraud-magazine.com.
ADVERTISING COORDINATOR
Ross Pry
(800) 245-3321 rpry@ACFE.com
Association of Certified Fraud Examiners, ACFE, Certified Fraud
Examiner (CFE), the ACFE Seal and Fraud Magazine are trademarks owned by the Association of Certified Fraud Examiners Inc.
January/February 2012
UPCOMING CONFERENCES
23rd Annual Fraud & Exhibition
+VOF t0SMBOEP '-
2012 ACFE European

Fraud Conference
.BSDIt-POEPO
UPCOMING COURSES
Advanced Fraud Examination
Techniques
4FQUFNCFS t"VTUJO 59
Auditing for Internal Fraud
"VHVTU t/FX:PSL /:
CFE Exam Review Course
4FFQHGPSDPVSTFEBUFT
Healthcare Fraud
.BSDI t-PVJTWJMMF ,:
Interviewing Techniques for Auditors
'FCSVBSZ t'U-BVEFSEBMF '+VMZ t%FOWFS $0
4FQUFNCFSt"UMBOUB ("
Introduction to Digital Forensics
'FCSVBSZ t/FX0SMFBOT -"
Conducting Internal Investigation

'FCSVBSZ t$IBSMPUUF /$
+VMZt8BTIJOHUPO %$
Investigating Conicts of Interest

'FCSVBSZ t-PT"OHFMFT $"
Contract and Procurement Fraud

+BOVBSZ t1IPFOJY ";
Investigating on the Internet

.BSDI t/FX:PSL /:
Data Analytics
.BSDI t/FX:PSL /:
Legal Elements of a Fraud

Examination
'FCSVBSZ t$IBSMPUUF /$
NEW!
Digital Forensics Tools &

Techniques
.BZ t$IJDBHP *Financial Institution Fraud
"VHVTUt-BT7FHBT /7
Financial Statement Fraud
"QSJM t$PMVNCJB 4$
Fraud Prevention
'FCSVBSZ t#BMUJNPSF .%
Fraud Related Compliance
.BSDI t-PVJTWJMMF ,:
"VHVTU t/FX:PSL /:
Fraud Risk Management
'FCSVBSZt-PT"OHFMFT $"
"VHVTU t1IJMBEFMQIJB 1"
NEW!
Money Laundering: Tracing Illicit

Funds
.BSDI t#BMUJNPSF .%
Mortgage Fraud
.BZ t4BO%JFHP $"
Principles of Fraud Examination
"QSJM.BZ t"VTUJO 59
Professional Interviewing Skills
.BZ t1SPWJEFODF 3*
"VHVTU t4BO'SBODJTDP $"
COMBO EVENT
SAVE $100 by registering for both events!
&WFOUTTVCKFDUUPDIBOHF
From the PRESIDENT
AND CEO
By James D. Ratley, CFE
Supporting Our
International Chapters
t the end of October and beginning of November, I

spent a whirlwind two weeks attending our AsiaPac Conference in Singapore and meeting with
our chapters in Singapore, Jakarta, Hong Kong,
Shanghai, Beijing and Mexico City. I thoroughly enjoyed getting to know many of you and learning about
your unique fraud-related issues.
HOPPING CONTINENTS
International chapter members put Southern hospitality to

shame. Everywhere I went I met extremely gracious people who
did everything they could for us. My job was to listen carefully
to their suggestions for improving our services.
The first stop was to vibrant and beautiful Singapore my
first visit and also the first time the city has hosted our 2011
Asia-Pacific Fraud Conference (formerly known as the ACFE
Pacific-Rim Fraud Conference). Nearly 200 attendees networked and attended workshops and panel discussions. (Please
see page 68 for more on this exciting conference.)
I enjoyed meeting Gatot Trihargo, CFE, president of the Indonesia Chapter (established in 2002), who provided the same
generous hospitality I encountered with other chapters. He was
appreciative of the ACFEs effort to send me there. I presented
to nearly 80 members and public- and private-sector guests.
Chapter activity has become very intense since 2010, by
us conducting monthly discussions/workshops for the members
and other practitioners, Trihargo said. The chapter also successfully conducted two annual congresses and seminars in 2010
and 2011, which gathered more than 200 participants for each
session, with both domestic and international speakers.
After Jakarta, I jetted off to Hong Kong, with its exotic mix
of the old and new., Were excited that the ACFE is turning its
attention to Asia, said Hong Kong chapter president Penny SuiPing Fung, CFE. Jims visit to Hong Kong no doubt has helped
to reinforce this message and reminded people of the role of professional fraud examiners in a robust and sustainable economy.
Prof. Yiu Wai Andy Kwok, CFE, vice president of the Shanghai Chapter and also president of the Beijing Chapter, called my
visit a stunning pleasure. He had this to say about Chinas growing pains: Chinas high growth rates have encouraged foreign
investment, which have in turn helped fund Chinas incredible
4
growth, he said. However, such large capital inflows are bound

to give way to sector imbalances and fraudulent behavior.
I told the attendees at the first Corporate Anti-Fraud Seminar in China, how fraud can occur in any industry and at any
level. I also gave suggestions on how CFEs can advise their clients in their battles against fraud, including setting the proper
tone at the top. Mr. Ratley mentioned that anti-fraud measures
do not get proper attention since they cost money while the
benefits cannot be seen in a short-term period, Kwok said. As
a consequence, most companies are not willing to make any
expenditure regarding this issue. However, establishing efficient
and effective anti-fraud mechanisms will generate huge benefits
from the long-term perspective.
The ACFE is striving to do all it can to help our international chapters grow and thrive. We are excited to announce our
plan to open a regional call center in Singapore and host a CFE
Exam Review Course there March 26 - 29. Chapters, acting as
local ACFE representatives, provide continued support for members worldwide through networking opportunities, CPE training,
leadership development and promoting local fraud awareness.
As always, please let me know how we can help you
support our all-important mission. (And please check out
Fraud-Magazine.com/LetterFromthePresident for more photos.)
James D. Ratley, CFE, President and CEO of the Association of
Certified Fraud Examiners, can be reached at: jratley@ACFE.com.
Fraud-Magazine.com
A Closer Look at Technology and Fraud
By Jean-Franois
Legault
Anything You Say Can and

Will Be Used Against You!
uring an investigation, we scour the web and

social networks for employment backgrounds,
contacts, education history, past behavior
and so on. However, we should be concerned
about information we are posting that the bad
guys can use against us.
Arthur Hulnick, a former CIA officer, estimates that opensource intelligence (a form of intelligence collection management that involves finding, selecting and acquiring information
from publicly available sources) accounts for as much as 80
percent of the entire intelligence database. (See Sailing the
Sea of OSINT in the Information Age, by Stephen C. Mercado, http://tinyurl.com/2sj5vy.) This is possible, in part, because
organizations and their employees freely publish information
online they probably should keep to themselves. And those
loose lips can lead to outright fraud. (Also see NATO Open
Source Intelligence Reader, http://tinyurl.com/7crt7ug.)
JOB POSTINGS
Before you continue reading this, look at your organizations job postings and ask, What are we telling the
competition about us?
Imagine a software company with a strong presence in
Asia Pacific that posts a public job offer for a sales manager
in North America. What are they telling the competition?
Think of the recruiting process in your organization and how
long it can take to staff a position. Is that enough time for the
competition to adjust to the arrival of this new sales manager?
Your competitors find or infer from your job postings
the technologies your organization uses, expansion into new
areas and territories, market growth, change in structure,
structural growth, etc.
What does this mean for fraud examiners? Make sure
you run proper background checks on potential hires! Why?
Because some job descriptions are so detailed that someone
wishing to be hired for fraudulent purposes can customize
his or her rsum. I just worked a case in which a candidate
found a company he believed would be a good target and

redesigned his rsum to boost his employment chances. The
company hired him, and he then proceeded to steal intellectual property during his employment.
WEB 2.0 AND SOCIAL NETWORKS
Employees are likely to reveal valuable information to the

competition on professional or personal networking sites.
Fraudsters can make conclusions about a companys expansion by studying comments about new connections and
relationships plus repeated trips to a city or country.
Through investigations, I have found nurses sharing
concerns about care in neo-natal intensive care units, law enforcement personnel sharing sensitive assignments and sales
managers claiming their stakes on new territories. Professional social networking sites tell the world about new hires
and those who are leaving employers.
Employees posting information online is nothing new.
In one case I worked nearly 12 years ago, a call-center
employee leaked sensitive information on a web forum. This
employee, who was privy to upcoming promotions offered
by a telecommunication provider, would repost information
online prior to a promotion launch. The companys call center then would be flooded with requests for promotions and
packages that did not exist yet.
Did this employee access highly sensitive documents?
Did he gain access to someones email account? No. He simply reposted information he learned in training sessions. We
had a difficult time tracking him down because back then we
did not log everything. Even today, we find organizations that
do not store online access information, which would allow
them to adequately investigate leaks.
MARKETING DOCUMENTATION
Documents that an organization provides its clients to market

its services often end up in competitors hands. Find ways to
Fraud-Magazine.com
A Closer Look at Technology and Fraud
securely communicate information that you

do not want the competition obtaining.
I was involved in a recent case in
which a competitor was able to reverseengineer a product (take it apart and
analyze it) by simply using the information
in product brochures and documentation. Imagine your competition not only
knowing your products but how you are
manufacturing them. That is a serious loss
of competitive advantage!
I have also been involved in cases in
which individuals used marketing information to create fake companies to try to
defraud possible clients. The schemes were
simple: reuse information to make the companies look legitimate, solicit clients, get
paid and then never deliver anything.
AS AN EXPERT WITNESS
Whatever you write, post and/or communicate may allow you to build eminence
as an expert. However, opposing counsel
could also use that public information to try
to disqualify you as an expert or to crossexamine you in court.
AS AN INVESTIGATOR
Open-source intelligence can help you

discover valuable information about players in an investigation. In one case, I found
some undocumented aliens involved in
a fraud scheme because they gave some
prime evidence via their social media profiles, including their geographic locations.
In another example, we tracked down
vehicles purchased with embezzled funds
simply based on suspects photos that had
been posted online.
When I begin a background investigation into a company, one of the first things I
do is seek information through press releases
and trade publications. Companies love to
tell the world about what they are doing
right. However, the competition will always
seek out this valuable market intelligence.
If you want to know more about

leveraging business intelligence techniques
in your fraud examinations, I strongly
encourage you to check out anything
fellow ACFE faculty member Cynthia
Hetherington teaches.
I was involved in a recent

case in which a competitor
was able to reverse-engineer
a product (take it apart and
WHAT TO DO
So do you cut yourself off from the world

and go off grid? Absolutely not. But make
sure your organizations policies strictly
control information that its employees can
release through all open-source channels
but especially online. When it comes to
social media, establish a think before you
post mentality.
Jean-Franois Legault is a senior manager
with Deloittes Forensic & Dispute Services
practice in Montreal. Canada. His email
address is: jlegault@deloitte.ca.
analyze it) by simply using

the information in product
brochures and documentation. Imagine your competition not only knowing your
products but how you are
manufacturing them. That is
a serious loss of competitive
advantage!
Use These Queries to Examine Your Online Exposure

Google search directives will add
power to your searches.
Searching for a specic phrase
using quotations:
nd this specic phrase
Searching a specic domain or
website:
site:targetdomain.com or
site:www.targetdomain.com
Searching for specic le type:
letype:extension
You can use the minus sign (-) as an
exclusion operator. For example, you
can use this search directive to exclude
a specic website from your search:
-site:www.excludeddomain.com
Here are some Google searches

that you can run against yourself to see
what could be available to fraudster.
Finding PowerPoint documents on
your site:
site:www.yoursite.com letype:ppt
site:www.yoursite.com letype:pptx
Finding Word documents on your
site:
site:www.yoursite.com letype:doc
site:www.yoursite.com letype:docx
Finding condential documents on
your site:
site:www.yoursite.com condential
site:www.yoursite.com not for
distribution
Frauds Finer Points

Case History Applications
By Joseph R. Dervaes,
CFE, ACFE Fellow, CIA
Using an Organizations
Credit to Commit Fraud
Part 1
raud by using an organizations credit is a type of

fictitious expense scheme. In the ACFEs fraud tree,
the crime is a subset of fraudulent disbursements,
which is a subset of cash schemes.
There are many types of fraud involving an employees
use of the organizations credit to purchase assets (i.e., goods
and services) for personal benefit. Unauthorized use of the
organizations general credit cards, purchasing credit cards,
travel credit cards or business charge accounts are some of the
most common fraud schemes I have encountered during my
career. Unscrupulous employees cause victim organizations
to order and pay for assets they do not really need. Obviously,
the damage to a victim organization is the money lost in
purchasing these unnecessary items.
The individuals who commit these crimes are usually
responsible for approving and processing transactions for payment. They may rely on the inexperience of their supervisors
(or their organizations governing bodies) to unknowingly
process their fraudulent transactions in the disbursement
cycle. Victimized organizations then issue checks for unauthorized business purposes, and the wayward employees
receive personal benefits.
We begin this three-part series with employee abuses of
general organization credit cards.
GENERAL ORGANIZATION CREDIT CARDS
Commercial banks issue credit cards to organizations (and

individuals) to aid them in conducting official business.
Banks and organizations enter into agreements specifying the
terms of use for the credit cards. Some banks charge an annual fee; others do not. Banks make their money for processing your transactions by charging a fee to vendors who accept
the cards and by charging you an interest rate on the unpaid
account balance when the full amount due is not paid each
month. The primary responsibility for charges on these credit
cards rests with the organizations.
THE BUSINESS OF CREDIT CARDS
An organization that authorizes company credit cards for its

employees use should maintain formal logs of all cards issued
and require all employees to sign agreements stating that they
have received a copy of the organizations usage policies and
have been trained on the proper procedures for using the cards.
These agreements provide the foundation that employees understand that they can use the cards for official business only.
Written company policies should require employee
training, prohibit cash advances, restrict purchases of unauthorized items (such as alcohol), require receipts for all
charge transactions and specify disciplinary actions for any
unauthorized or personal use of the cards. Organizations
never should pay for employee charges shown on the banks
monthly statement without accompanying receipts. It is the
descriptions of the items shown on the receipts that determine if the expenses are for official business purposes.
UNAUTHORIZED CARDS
Employees who have stolen company credit cards or who

have obtained unauthorized company credit cards through
other means (such as ordering them directly from banks
without approval) will circumvent organizations incoming
mail to snag the monthly credit card statements. They usually
make personal payments on the credit card account balances
to conceal their unauthorized purchases.
However, if employees submit unauthorized expenses
for payment by their companies, management and auditors will have at least some documents they can review to
Fraud-Magazine.com
Frauds Finer Points

detect fraud. While the supporting documents for credit card

payments should include the statement and all purchase receipts, fraudsters who choose this latter process usually only
submit statements for payment purposes. In many cases, their
supervisors or the governing bodies of the organizations may
unknowingly approve these fraudulent payments.
Employees may periodically use an organizations credit
card for unauthorized purposes or personal benefit, but managers who are assigned to monitor the credit card program
can resolve these minor infractions promptly according to
policies and procedures.
Companies should publicize employee disciplinary actions in their internal publications to deter future problems.
Unfortunately, even this method is not fraud-proof because
often the very managers who are charged with monitoring the system are the ones who abuse it. These individuals
may be able to hide their unauthorized activities from other
employees and their supervisors, but most of the time they
should not be able to conceal their actions from organizations governing bodies and their internal or external
auditors. However, when their misdeeds are detected, the
fraudsters usually attempt to get organizations to pay from
monthly credit card statements by indicating that receipts for
individual transactions were not available or were inadvertently misplaced or lost.
Case No. 1 Personal use of an authorized
general organization credit card
In the November/December 2009 Frauds Finer Points, I

discussed a credit card case that involved missing supporting documents. This concept emphasized why organizations
should never pay the balance due on monthly credit card
statements without seeing the supporting receipts for the
purchases first.
Sarah was the clerk-treasurer responsible for processing
all of the citys disbursement transactions, including all purchases on its credit card. The city first detected irregularities
in accounts receivable and contacted its external auditor to
investigate the case.
The subsequent audit detected multiple fraud schemes,
which totaled $49,894.88 in losses over 2 years. These
schemes included payroll fraud, accounts receivable fraud,
municipal court revenue fraud, unauthorized use of the citys
business charge account and overpayments to a cleaning
contractor. The clerk-treasurer performed many tasks in a
variety of functions at the city, and no one monitored her
work to ensure the citys expectations were being met.
The clerk-treasurer purchased $5,319.16 in assets for
personal benefit using the citys credit card. I detected this
scheme by scanning the citys disbursement files to determine other risks. I quickly noted that the city was making
its monthly credit card payments using only the statements.
There were very few purchase receipts available for review
and audit. For example, credit card purchases from a local
computer store were almost always missing from the files. I
contacted the citys computer consultant who was responsible for all information technology issues. However, he wasnt
aware of any official purchases from the computer store.
A computer store representative faxed documents to
me that showed Sarah had signed for a computer, monitor,
software and games on many occasions through the period of
this loss. City staff members conducted a search of city hall
but were unable to locate any of these assets.
Sarah had made all credit card payments on time, but
she had destroyed all the supporting documents that listed
the details of the purchases from the computer store. She
hoped that retaining only the monthly credit card statements
on file for the citys governing body and its external auditors
would be sufficient to conceal her irregular activities. She
was wrong. The governing body did not notice this irregularity, but her fraud did not escape the watchful eye of the
external auditors. In my experience dealing with fraud cases
in state agencies and local governments in the state of Washington, governing bodies rarely detect fraud in the transactions they are reviewing and approving, primarily because no
one took the time to properly train them for this task.
The clerk-treasurer demanded a trial to resolve the issues in this case. She hired a prominent regional lawyer for
her defense and agreed to a bench trial. (There was no jury.)
After all the evidence was heard during a week of testimony,
the judge rendered a guilty verdict in the case and ordered
Sarah to make restitution of the loss amount, plus audit
costs. He also sentenced her to three months in a workrelease program.
Case No. 2 Personal use of an unauthorized
general organization credit card
A small water district in the state of Washington had three

employees, operated on an annual budget of $466,000 and
served approximately 1,000 customers. Jackson, the office
manager, was responsible for practically all financial operations; his supervisor, the district superintendent, did not
monitor his work. These are the two most common internal
control weaknesses I have found in small organizations.
While Jackson had no prior criminal history, he apparently came to work for the district with ill intentions. He
sent a memorandum on official letterhead to the districts
bank shortly after being hired requesting that the bank issue
Frauds Finer Points

a credit card in the districts name and assign it to him. The

credit limit on the card was initially set at $5,000, but Jackson subsequently sent a facsimile to the bank one month later
requesting an increase to $20,000. Of course, the districts
governing body did not authorize either of these requests.
Later, when the case was under investigation, the district
stated that someone had forged the authorizing signatures on
the documents.
As the office manager, Jackson was responsible for opening the mail and processing invoices for payment. Thus, he
was able to remove the monthly bank credit card statements
from the incoming mail before anyone else saw them. One of
the interesting facts of this case is that Jackson did not submit
any of the credit card statements to the district superintendent or the governing body for approval or payment. Perhaps
Jackson was not quite bold enough. While it would have
been prudent to do so, Jackson did not make any personal
payments to the bank on the card balance either. Because
neither the organization nor Jackson made any payments on
the credit card balance, the monthly expenses and interest
charges continually increased until the balance became delinquent and approached the credit limit on the card.
Jackson misappropriated $19,454.84 from the district
in 3 months, with $18,284.03 of this amount representing
his unauthorized use of the districts credit card for personal
benefit. Personal charges included the purchase of a used
pickup truck, frequent stays at a motel while traveling to his
favorite casino, thousands of dollars in cash advances at the
casino, Internet and telephone use and other miscellaneous
purchases. Jackson also misappropriated $1,170.81 in utility
revenue from the district.
The district first detected irregularities in its checking
account and petty cash fund and requested an external audit.
Jackson was placed on administrative leave and subsequently
terminated for a wide variety of managerial shortcomings.
Shortly thereafter, the district received a monthly statement
for the unauthorized credit card. In a plea-bargaining agreement, the court ordered Jackson to make restitution for the
loss amount plus audit costs. It also sentenced him to less
than one year in county jail for this crime.
Case No. 3 More personal use via an unauthorized
credit card
James, the chief of a small fire district in the state of Washington, obtained an unauthorized credit card in the districts
name. He circumvented the districts internal controls by
10
intercepting the mail, removing the monthly credit card

statement and making personal payments on the account to
conceal his unauthorized purchases. He basically used the
districts credit card as his own by charging $7,797 in personal
purchases for more than a year. He used the card to make
unauthorized cash advances and also incurred finance charges
when he did not make monthly payments on time.
When the district finally discovered the unauthorized
card, there was a $1,599 unpaid balance on the account.
The district found out about the card while making a change
in signatories on all of its bank accounts after the fire chief
resigned for unrelated personal reasons. The chief reimbursed
the district for this amount when questioned about the
unauthorized purchases on the credit card. The district paid
the balance due on the account and canceled the credit card.
The county prosecutor declined to criminally prosecute the
case because the district had been made whole.
LESSONS LEARNED
Let us review some of the finer points of fraud detection from

these general organization credit card fraud schemes.
Organizations should:
Establish written policies and procedures for credit card use
and train their employees to ensure they use the cards only
for official business purposes.
Always obtain purchase receipts from employees and never
pay bills using only the monthly credit card statements.
Properly train employees and governing bodies on the
authorization and approval procedures for all
disbursements.
Appropriately segregate employee duties and periodically
monitor the work of key employees to ensure its
expectations are being met.
Once fraud examiners detect fraud, they should assess
what else is at risk of loss within an organization.
MORE CREDIT CARD MISUSE
In part two of this series, we will discuss the use of purchasing

credit cards and travel credit cards. Stay tuned.
Regent Emeritus Joseph R. Dervaes, CFE, CIA, ACFE
Fellow, is retired after more than 42 years of government service.
He is the president of the ACFEs Pacific Northwest Chapter. His
email address is: joeandpeggydervaes@centurytel.net.
Fraud-Magazine.com
2012 CFE Exam Prep Course

Arm yourself with the most effective tool
available to help you pass the CFE Exam.
How the course works:
The program provides typical exam questions, informs you whether your answer is correct, provides a
detailed explanation of the correct answer and offers
an alternative study reference where you can learn
more about the topic.
The CFE Exam Prep Course focuses on the four
testing areas of the CFE Exam:
t Legal Elements
t Fraud Prevention and Deterrence
t Financial Transactions
t Fraud Investigation
The CFE Exam Prep Course Allows You To:
t Create a personalized study plan tailored to your individual strengths

and weaknesses with an optional 100 question Pre-Assessment
t Pick the sections and topics most relevant to your exam preparation
by creating custom review sessions
t Learn more from your Practice Exam sessions by reviewing the questions you missed, anything your results by subsection and tracking
your progress over time
t Focus on the areas where you need the most work with enhanced
review of results and progress by exam section, subsection and topic
t Stay on track to earning your CFE credential by measuring your
progress towards your target dates for certication and using helpful
checklists within the Prep Course software
Visit ACFE.com/Prep to order your copy today

The 2012 CFE Exam Prep Toolkit is Also Available
Including the CFE Exam Prep Course, Fraud Examiners Manual
(Printed Edition), Corporate Fraud Handbook and the Encyclopedia
of Fraud (CD-ROM), the CFE Exam Prep Toolkit includes valuable
materials to aid in your CFE Exam preparation.
Fraud EDge
A Forum for Fraud-Fighting Faculty in Higher Ed
By Gerhard Barone, Ph.D.; Sara Melendy, Ph.D., CFE, CPA; and Gary
Weber, Ph.D. Edited by Richard Dick A. Riley, Ph.D., CFE, CPA
Get Involved in Higher Education

Opportunities for CFEs in Educating
Future Fraud Fighters
tudents at the collegiate level learn best about

business through a combination of theory and
practice. College professors are well equipped to
present the theory side of a particular topic, but
they frequently look to business professionals
who have hands-on, practical experience to help apply
those theories to real-world situations. This teaching method
works especially well in anti-fraud education, in which fraud
cases, whether real or fictitious, can help bring to life the
fraud theories and procedures introduced in the classroom.
However, it is not quite so clear exactly how to structure the interactions between CFEs and higher education to
encourage this method of learning. Many CFEs, for example,
believe that the only way to participate in collegiate fraud
education is to lead a class lecture based on their fraud experiences, which could not be further from the truth.
In this column, we identify and explain a variety of ways
in which CFEs can foster and develop mutually beneficial relationships with college faculty and students to help educate and
prepare future anti-fraud and forensic accounting professionals.
INVITE FACULTY AND STUDENTS TO LOCAL FRAUD CONFERENCES
One of the easiest and least time-consuming ways for CFEs to

get involved with higher education is to invite college faculty
and students to attend local fraud conferences. Spokane
ACFE Chapter member Lenore Romney, CPA, CFE, CVA,
has invited both students and faculty to attend the local
ACFE conference for the past few years.
The chapter leaders recognize that more can be accomplished in the fight against fraud if professionals from different disciplines network with each other. We see the chapter
as being an ideal facilitator for such a network, Romney said.
Conferences typically provide numerous and varied
opportunities through which students and faculty can learn
12
about both actual instances of fraud, as well as the work of

CFE professionals. Kris Ryan, a student at Gonzaga University who has attended the local ACFE conference for the past
two years, can attest to this.
Both years that I attended the conference, a wide range
of topics was offered, including health care fraud, a critique
of software that helps businesses protect themselves against
fraud, gang activity (which is surprisingly more correlated
to the fraud problem than I would have thought), mortgage
fraud and different fraud topics covered by local law enforcement and the FBI, Ryan said.
I found all of the topics interesting and also learned
fraud detection and investigation skills that I could put to use
immediately, she said.
Since graduation, Ryan has gone on to earn her CFE
credential and has joined the fraud-fighter ranks.
BECOME A PROFESSIONAL MENTOR TO STUDENTS
Professors at Gonzaga University frequently refer students

who have an interest in forensic accounting to local CFEs for
advice on potential career paths, professional certifications, interviewing and networking. Students benefit directly from the
wisdom and experience these mentors have gained from many
years of work in fraud and forensic accounting. Mentors also
share their knowledge of the skills and abilities necessary to be
successful in the forensic accounting profession. These interactions also are great networking opportunities for students.
Many universities also have formal mentoring programs
through which students are matched with professional mentors based on factors such as field of study, geographic preference and gender. These more formal relationships span the
majority of a students time in college, which allow mentors to
help identify curriculum paths, internship opportunities and
employment opportunities when the student nears graduation.
Fraud-Magazine.com
Fraud EDge
A more interactive albeit more time-intensive

method of mentoring students is for CFEs to arrange and
coordinate student internships with their employers. Students participating in these internships benefit not only from
professional workplace mentoring but also from working in
actual forensic accounting situations.
ASSIST WITH CASE STUDIES AND RESEARCH PAPERS
Higher-education faculty are always searching for case studies with the richness of detail, ambiguity and issues that are
similar to those that students will encounter in their professional careers. Faculty and highly experienced CFEs jointly
produce the most detailed, complex cases.
Cindy Durtschi, Ph.D., associate professor at DePaul
University, invites CFEs to help in the classroom in several
ways. She recently had a full-time forensic accountant help
her judge student case presentations.
The students presented their work from the view of the
prosecution, and then the CFE showed them how someone working for the defense would have responded to their
cases, Durtschi says. It was a wonderfully enriching experience for the students.
Durtschi also had a local CFE help her with a fraud case
she developed. The CFE provided her with encouragement,
valuable feedback and suggestions that improved the case.
CFEs also frequently partner with faculty on forensic
accounting research papers. Frank Perri, J.D., CFE, CPA, has
co-authored several research papers with Rich Brody, Ph.D.,
CFE, an associate professor at the University of New Mexico.
They have written on topics ranging from the relationship
between workplace violence and fraud to identification of
organizational weaknesses at the Securities and Exchange
Commission. These partnerships between academics and
professionals foster balanced approaches to research and
ensure that publications are valuable not only for academics,
but also for practitioners who can use the results in the field.
COORDINATE FORENSIC ACCOUNTING INVESTIGATIONS
Romney and Marie Rice, CFE, CIA, CICA, president of the

Spokane ACFE Chapter, assist students at Gonzaga University as part of their Justice for Fraud Victims Project. (See
the July/August 2011 Fraud EDge.) Through a cooperative
partnership with law enforcement and local CFEs, Gonzaga
students provide free fraud examination services to small
businesses or nonprofit organizations that have been victims
of fraud. The students gain experience while simultaneously
giving back to their communities.
Last year, Romney worked with students on a case that
eventually led to the projects first conviction.
Working all semester with my student team was

personally rewarding, she says. My team of students was
incredibly bright and diligent and really took ownership in
our investigation. They were like sponges soaking up the
practical knowledge I was trying to share with them in only
one semesters time together. I was proud of my teams effort
the day they gave their final class presentation, the day I
submitted our report to law enforcement and especially the
day I was notified that charges were filed.
Obtaining a guilty plea and restitution within a year of
submitting our case was the icing on the cake, she says.
Romney and Rice play a number of critical roles in this
class by:
1. Assisting the students in developing theories of how the
fraud may have occurred.
2. Helping the students develop a plan for determining how
to test those theories.
3. Providing weekly guidance to students as their
investigations progress.
4. Reviewing the final report that students complete at the
end of the term and that law enforcement may use to
prosecute the fraud.
5. Serving as expert witnesses if a case goes to trial.
Reaching out to help local organizations with potentially fraudulent situations is a noble idea with obvious
benefits, but usually the largest obstacle is that college faculty
members often lack required specific training for competent
forensic accounting investigations. Faculty also often lack
contacts with those in communities who are most likely to
refer cases, such as law enforcement and prosecuting attorneys. CFEs often have such connections and, thus, can refer
cases and supervise the investigations.
SERVE AS AN ADJUNCT INSTRUCTOR OR GUEST SPEAKER
CFEs who want a more substantive role in higher education

can pursue teaching courses as adjunct instructors. Adjunct
instructors typically teach one or two courses during a semester, but they do not have other academic commitments, such
as research or service, to the institution. Colleges frequently
seek professionals, like CFEs, to teach more specialized
courses, such as forensic accounting, because full-time faculty
often do not have this expertise.
Not long after she began mentoring, Gonzaga University
approached CFE mentor Rice to see if she was interested in
teaching a fraud examination class as an adjunct instructor.
She jumped at the chance.
It had been my long-term goal to adjunct, and I was
thrilled by the prospect, Rice said.
13
Fraud EDge
She has taught three courses over the past two years and
has enjoyed the experience. She sees many benefits to having
professionals, like CFEs, in the classroom.
As a student, I always appreciated the professors who
had both real-world and research experience. CFEs are fortunate in that we have so many stories and experiences that
can help shape our future anti-fraud professionals.
CFEs considering this option should be aware that the
weekly time commitment is somewhat greater than the time
teaching in the classroom. Adjunct instructors also will spend
several hours each week planning lectures, grading student
work and answering emails from students. In addition, most
colleges expect adjunct instructors to be available on campus for an hour or two each week to meet with students and
answer questions.
CFEs who cannot commit to teach an entire course can
serve as guest speakers. This may involve preparing a short
case study or other relevant topical material and leading a
class in a discussion of the material. Departments and
instructors are generally receptive to such arrangements,
provided there is a good match between the course goals
and the proposed topic.
Guest speaking opportunities for CFEs are not limited to
forensic accounting courses. For example, CFEs could present
internal control cases to an accounting information systems
class. They also could discuss evidentiary or legal aspects of
CFE work in criminal justice or psychology classes. Given
the diversity and complexity of fraudulent activities and the
motivations of those who commit fraud, there are many other
disciplines in which CFEs could provide valuable insights
and enrich the classroom experience.
FOSTERING STUDENT INTEREST
The ACFE Handbook and Guidelines for Local Chapters encourages close relationships with schools and universities to
foster student interest in the fraud-fighting profession. CFEs
unique skill sets and training create multiple opportunities
across college campuses. We have described a number of
ways that CFEs have participated in higher education. Interested CFEs should contact program directors or chairpersons
at nearby colleges. Universities, and especially business
schools, are always looking for adjunct instructors and guest
speakers with practical experience. Students love to hear
from professionals who can describe their field experiences
and how they can pursue careers in specialty fields, such as
forensic accounting.
14
Given the diversity and complexity of fraudulent

activities and the motivations of those who commit
fraud, there are many other disciplines in which
CFEs could provide valuable insights and enrich
the classroom experience.
Rice wants to see more CFEs in college classrooms.
As professionals, we need to strive to make the antifraud movement more real for students, who often believe
they will never encounter a fraudster or become a victim of
fraud, Rice said.
Matching the expertise and interest of CFEs with the
needs of higher education can result in relationships that are
enriching and rewarding for all parties involved.
Gerhard Barone, Ph.D., is an assistant professor of accounting
at Gonzaga University. He teaches classes in financial
accounting and accounting information systems. His email
address is: barone@jepson.gonzaga.edu.
Sara Melendy, Ph.D., CFE, CPA, is an associate professor of
accounting at Gonzaga University. She teaches auditing and fraud
examination, including a hands-on laboratory called the Justice
for Fraud Victims Project. Her email address is:
melendy@jepson.gonzaga.edu.
Gary Weber, Ph.D., is an associate professor of accounting and
coordinator of accounting programs/director of the master of
accountancy program at Gonzaga University. His email address
is: weber@gonzaga.edu.
Richard Dick A. Riley Jr., Ph.D., CFE, CPA, is a
Louis F. Tanner distinguished professor of public accounting in
the College of Business and Economics at West Virginia
University in Morgantown. He is chair of the ACFE Higher
Education Advisory Committee and the vice president of
operations and research for the Institute for Fraud Prevention.
His email address is: richard.riley@mail.wvu.edu. Riley
served as editor on this column.
Fraud-Magazine.com
REGISTER NOW
2012 ACFE European

Fraud Conference
The Cumberland Hotel
London 25-27 March 2012
Fraudsters are continually creating, perfecting and

executing new schemes. Gain the knowledge you
need to stay one step ahead.
Join anti-fraud professionals in London for the

2012 ACFE European Fraud Conference to
exchange insights and develop cutting-edge skills
in the global ght against fraud. In addition to
informative sessions offering practical techniques
and tips, youll network with leaders of Europes
anti-fraud community and earn up 23 CPE
credits.
FEATURED KEYNOTE SPEAKERS
James D. Ratley, CFE
Stephen Harrison
President and CEO,

Association of Certied
Fraud Examiners
Chief Executive
National Fraud Authority
Register online at ACFE.com/European

by 24 February to SAVE GBP 100!
FraudBasics
By Linda Lee Larson,
DBA, CFE, CPA,
CISA
Check 21 Can Make Fraud Easier

Be Alert to Changes in Check-Imaging Technology
ob, an internal auditor for ABC Company, is conducting a routine cash receipts controls review.
The procedure calls for the days checks to be
deposited remotely in a company bank account
daily. Susan, the clerk who processes customer
checks, had gone home sick on Monday. Before she left, she
completed the remote deposit procedure, which involves
scanning each check and electronically sending those scans
to the bank. Then she put the checks she had just scanned in
her work-in-process file and went home, intending to properly file them away the next day. Unfortunately, when Betty
who had done Susans job years ago was assigned to cover
Susans desk on Tuesday, she came across the previous days
checks. Without asking anyone, Betty prepared a deposit
slip as she had done in the past and took the checks to
the nearby bank branch and made the deposit. When Susan
came in on Wednesday, she noticed that the stack of checks
she had processed on Monday were not where she had put
them and immediately asked Betty where they were. Oops ...
The checks had been deposited twice. They immediately contacted the bank. The bank manager explained that the banks
duplicate check detecting software had caught the error and
that all was well. If the bank had not had the duplicate check
software working properly or if Susan and Betty had conspired
to modify the original paper checks before re-depositing them,
the bank could have been liable for some big bucks. This fictitious example could easily have happened.
Banking industry experts report that check processing
is moving rapidly away from the traditional paper methods
and toward the processing of electronic images of checks. As
of August 2011, almost 70 percent of all institutions are now
receiving check images, according to CheckImage Central.
(See www.checkimagecentral.org.) With the implementation
in 2004 of the Check Clearing for the 21st Century Act, or
Check 21, auditors and CFEs cannot afford to ignore the new
16
risks and challenges associated with processing of increasingly

larger volumes of electronic check images.
Even with so many more consumers and businesses paying their bills electronically, checks are still the standard for
many. The major impetus for banks moving to check images
is that electronic processing costs much less than paper check
processing. Historically, paper processing had been a cumbersome procedure that required physically moving millions of
paper checks through the banking system.
Before Check 21 processing, when a person deposited
a paper check in his bank, that person would be credited
for the amount of the deposit. Then, at the end of the day,
the bank would sort that days processed paper checks and
forward them to the Federal Reserve or another checkclearing entity where the checks would be cleared. The
paper checks then would be sorted and sent back to the banks
the checks were drawn on (and in some cases returned to the
check writer). Grounded planes following the terrorist attacks
of 9/11 caused major delays in check processing and brought
increased awareness to antiquated paper-check procedures.
A number of electronic payment processing technologies are
now in wide use, including Check 21 technology.
Under Check 21 processing, paper checks are scanned,
and the images are used to process the checks. Alternatively,
banks that desire to continue receiving and processing paper
checks may print and process copies of the images, called substitute checks. The substitute checks are the legal equivalent
of the original checks and can be used to document payments
in the same way that cancelled scanned checks would.
Although compliance with Check 21 is not mandatory, most banks are expected to invest in check imaging
technology eventually to take advantage of the projected
costs savings. So far, the adoption from paper to digital has
been slower than expected as the banking world upgrades its
Fraud-Magazine.com
FraudBasics
technology for image processing. The underlying cause of
the delay has been the significant investment in the technology required to both create and process check images and
substitute checks. Sources in the banking world in 2004
estimated a cost of $1.5 billion to $2.5 billion to fully implement Check 21 technology in the U.S. [See The Domino
Effect of Check 21, by J.D. (Denny) Carreker, http://tinyurl.
com/7yuxjrc.] The Federal Reserve expects that the use of
substitute checks should decline as more banks have the
technological capability to process check images directly.
THE CRUX OF THE PROBLEM
Check truncation the process of digitally scanning paper

checks greatly increases the chances of a check being
processed twice, either accidentally or fraudulently. Duplicate check processing occurs when a business uses remote
processing to scan incoming checks and also drops the paper
checks off at a bank branch. The branch then forwards the
paper check to the Federal Reserve to be processed. Thus, as
in the opening case, checks can be processed twice.
Before Check 21, duplicate check processing rarely happened. However, American Banker magazine now estimates
that duplicate check processing is a $500 million problem,
which accounts for about half of the total check fraud in the
U.S. (See Seeing Double, by Glen Fest in American Banker,
Nov. 1, 2010, http://tinyurl.com/7dkt8jx.)
Whether done by accident or fraudulently, duplicate
check processing is becoming increasingly more expensive
to weed out. Many believe that the new technology creates
a unique opportunity for fraudsters. The problem is expected
to increase as the remote deposit capture continues, especially as consumers are using smartphones to capture deposits.
(That has to be the subject of another column.)
The banking industry, recognizing this problem, has
developed software to identify checks that are deposited
twice, but it is not foolproof. It tends to create false positives
because the software only identifies checks that are identical
in amount and payee. Complicating the situation further is
when fraudsters get involved and change the payee and/or
the amount of the check. The duplicate identification software is not designed to identify this type of fraudulent check.
Reformed con man Frank Abagnale has said that banks
are generally liable for ordinary care, according to U.S.
Uniform Commercial Code (UCC) 4-103, and the bank that
accepts a fraudulent check paper or electronic image is
liable for any losses. Therefore, the banking industry has a
real stake in doing what it can to reduce these losses. (See
UCC provisions at http://tinyurl.com/725p8zv and Check
Fraud: A National Epidemic, by Frank Abagnale, New Jersey CPA, May/June 2010.) This is where CFEs can help.
Before Check 21, duplicate check processing

rarely happened. However, American Banker
magazine now estimates that duplicate check processing is a $500 million problem, which accounts
for about half of the total check fraud in the U.S.
High-tech fraudsters are always looking for new ways
to access and manipulate digitized information. Basically,
substitute checks may be altered, counterfeited, duplicated
and/or created from scratch. If a payment is in question, only
the substitute check image can be accessed. The result is that
proving alterations and forgeries becomes even more difficult
because many of the traditional security features so evident
on paper checks are lost when the originals are scanned in
the clearing process. In addition, with no actual cancelled
paper checks to examine, evidence of counterfeiting, forgery
and alterations (such as fingerprints) are not available for the
auditor or CFE.
Systems controls need to be in place and working properly to prevent unauthorized persons from accessing electronic check processing data and to protect private customer
information. CFEs can help implement these controls. Also,
CFEs must keep current on changes in check-imaging technology and auditing electronic payment controls. Multiple lines of
defense are needed to prevent problems. CFEs need to monitor
controls to prevent/detect duplicate check processing.
VIGILANT WATCHDOGS
Electronic check processing technologies may make check

fraud crimes harder to prove, especially if a jury is involved.
It is important that consumers, businesses and banks are
aware of the possible risks and take appropriate steps to
protect themselves and their sensitive data. Electronic check
processing is here to stay, and auditors and CFEs need to
be ready to meet the challenges. Unless the watchdogs are
vigilant, the community has to deal with increasingly more
sophisticated fraudsters trying to commit electronic check
fraud using altered substitute checks or check images.
Linda Lee Larson, DBA, CFE, CPA, CISA, is
an associate professor of accounting at Central Washington
University Lynnwood Center in Lynnwood, Wash. Her
email address is: LarsonL@cwu.edu.
17
Fraud In
Houses Of Worship
What Believers
DO NOT
Want to
BELIEVE
By Robert M. Cornell, Ph.D., CMA, Educator Associate; Carol B. Johnson,
Ph.D., Educator Associate; and Janelle Rogers Hutchinson
Cara Bresette-Yates/iStockphoto
18
Fraud-Magazine.com
Houses of worship are particularly vulnerable to

fraud, but most feel they are impervious. The authors
provide reasons why churches feel so bulletproof and
seven practical steps fraud examiners can use to help
churches stop fraud in its tracks.
n accounting professor who teaches a fraud investigation class recently told a story about a student in her class who approached
her for help on a personal project. The students church had
asked the student to attempt to determine the dollar amount of damages
in a recent embezzlement. The perpetrator, a former church secretary, had
been defrauding the 200-member church for 18 months by writing herself
duplicate paychecks, stealing cash from donation deposits and taking out
credit card accounts in the church name, among other schemes.
The church discovered the fraud when the secretary was called away
for a family emergency, and the previously inattentive manager received
a phone call about an unpaid credit card bill. The manager did not know
the credit card existed. Because the church had not segregated employee
duties, the secretary had free rein over all aspects of church finances: she
kept the books, paid all the bills, handled cash receipts, managed the payroll, issued paychecks and reconciled the bank account. The sky was the
limit for her fraud. A simple search of public records would have revealed
that the secretary was in financial trouble a serious red flag for fraud.
But the church did not conduct that search until it was too late.
The professor was not surprised by such a common scheme. However,
she was taken aback when she opened the students work file to review
the case. She recognized the name of the perpetrator as a secretary in her
church and confirmed this identity by questioning the student investigator. Internal controls in the professors church were a bit better it had
segregated some accounting duties but were still insufficient. In fact,
internal controls were bad enough that no one could ever know if the
secretary stole from the professors church.
It was quite common for people to drop cash and checks by the
church office during the week and leave them with the secretary for use
in special funds, such as one to aid local homeless people. It would have
been easy for the secretary to simply pocket some of the funds, and no
one would have been the wiser. The secretary eventually resigned; it is
unknown if she stole from the professors church during her tenure there.
She was replaced with another secretary who had her own financial problems her home was in foreclosure within six months of taking the job.
The professor advised church officials that they needed to improve
internal controls, but the staff members believed that no one would ever
do such a thing here. Indeed, fraud examiners who deal with finances,
fraud and internal controls in houses of worship may be labeled overreacting conspiracy theorists when they tell church staffs they may have
fraudsters in their midst. However, fraud examiners know that houses of
19
FRAUD IN HOUSES OF WORSHIP
worship churches, synagogues, temples, mosques etc. are

among the most vulnerable entities.
WHY are CHURCHES SO VULNERABLE?
Churches typically emphasize the importance of good acts and
deeds, so we might expect their tone at the top would protect
them from fraud. Not so. A variety of factors lead to the opposite situation. Donald Cresseys research on the fraud triangle
showed that pressure, opportunity and rationalization are present in almost all frauds. (See pages 10 through 14 of Occupational Fraud and Abuse, by Dr. Joseph T. Wells, CFE, CPA.)
However, some forms of these three elements are more prevalent in houses of worship.
PRESSURES AND RATIONALIZATION
In many cases, ministers, secretaries and other staff members in
houses of worship are expected to work long hours on paupers
wages for the love of a deity, while mingling with the wealthiest of society. These working conditions can create resentment,
desperation and rationalization, such as they owed it to me.
Church staff and volunteers can also face financial problems from feeding vices and addictions. A pastor or church member with a serious vice likely will feel that any resulting financial
pressure is highly non-shareable. Cressey emphasized that the
non-shareable aspect of a pressure made it a particular impetus
for fraud.
OPPORTUNITY
Churches might be the poster child for fraud opportunity for a
variety of reasons. First, they tend to be small organizations. The
ACFEs 2010 Report to the Nations found that fraud happens
most frequently in entities with less than 100 employees a
category that would include most houses of worship. Because
of their small size, churches tend not to be willing or able to
hire professionals who have significant financial expertise or are
knowledgeable about internal controls. Also, by default, small
organizations find it difficult to adequately segregate duties or
install independent checks.
Secondly, trust among employees and volunteers fuels
church engines. Unfortunately, church cultures foster the belief
that trust is an adequate control a fallacy that can create affinity frauds, such as the $78 million fraud that Daren Palmer, a
pillar of his church, perpetrated against members. (http://tinyurl.
com/4xae883) Because of the tight-knit culture, it is common
for churches to hire family members and close friends, which
increases opportunities for collusion.
Also, churches often do not create the perception of consequences that is necessary to deter fraud. History and human
nature show that when a fraud does occur in a church, staff
members often hide the crime so they will not upset members
and other potential donors. In the opening case of the embezzling church secretary, the fraud at the first church was never
publicized or prosecuted because a close relative of the secretary
20
was a significant donor to the church and a powerful member of

the church board. In addition, U.S. nonprofits generally are not
tightly regulated. State attorneys general and the Internal Revenue Service (IRS) are the only entities in a position to provide regulatory oversight to churches. Attorneys general are typically preoccupied with other issues. And churches are exempt from the rule
that nonprofits must file informational tax returns with the IRS. So
only parent denominations, church governing boards and possibly
church members are likely to be privy to financial information.
DO THEY REALLY BELIEVE IT CANNOT
HAPPEN IN THEIR CHURCH?
To get a feel for churches perceived fraud invincibility, we interviewed individuals who provided financial oversight in 132
U.S. houses of worship. Our survey included a broad variety
of denominations (primarily Christian) of differing memberships, annual budgets and numbers of employees. Memberships
ranged from 25 to 37,500, with an average of 1,168 and a median of 425. Annual budgets ranged from $10,000 to $30 million,
with an average budget of $1,089,045 and a median budget of
$430,000. Figure 1 illustrates the distribution of church budgets. Most of these churches had at least a few paid employees,
and some were affiliated with national or international denominations providing some oversight role.
Fraud had indeed reared its ugly head with 13.4 percent of
the church leaders acknowledging they had experienced a fraud
Figure 1: Budget Range of Churches Surveyed
28%
7%
Over $1 million
$750,000 $1 million
12%
$500,000
$750,000
36%
$0 $250,000
17%
$250,000
$500,000
in their organizations within the previous five years. The estimated sizes of the frauds ranged from a few dollars to $35,000.
We suspect that the actual frequency and dollar amount of fraud
were seriously underreported for two reasons.
First, our interviews indicated that churches generally
lacked proper internal accounting controls, including segregation of duties, and that even if those controls were in place, the
churches did not consistently follow them. The reported levels
of controls in most of these institutions were so poor that they
probably harbored many undetected frauds. For example, most of
the churches we surveyed did not separate record keeping from as-
Fraud-Magazine.com
set custody, particularly with respect

to the payment of expenses. Also,
in most cases, the same person who
wrote the checks also reconciled the
No surprise audits
bank statements. Figure 2 illustrates
the frequency of various control vioNo required vacations
lations that we found in churches.
No credit checks for employees
The second reason we suspect
Same person records and
deposits receipts
underreporting is that it is likely
No term limits for financial volunteers
that some interviewees were unNo financial expert on board
willing to admit frauds, or their
Same
person deposits receipts and
churches did not tell them about
reconciles bank statements
discovered crimes. Ministers and
Related parties on board of directors
church elders are accustomed to
No criminal background checks
holding the sins of their flocks
No checking references
close to the chest, and this empha0%
sis on confidentiality may prevail
even in the case of white-collar
sins. The cloak of secrecy may mean that the right hand does
not know what the left hand is doing within the church. Also, in
the same way that those who have been scammed are often too
embarrassed to admit their victimhood, church ministers and other financial leaders may be hesitant to reveal their vulnerability.
We asked interview participants how vulnerable they
thought their organizations were to employees or members illegal or unethical financial actions. Despite generally poor levels
of controls, none of the respondents even those in organizations that had experienced fraud felt their organizations
were extremely vulnerable. Almost a fourth said they were not
vulnerable at all to fraud, and nearly two-thirds said they were
only slightly vulnerable. Table 1 on page 22 presents the perceptions of vulnerability to fraud within churches that experienced
a fraud within the last five years and those that had no reported fraud over the same period. Overall, most believed that it
wasnt going to happen here.
WHY DO THEY FEEL SO BULLETPROOF?
The lack of a realistic perception of vulnerability is driven by
several psychological mechanisms including overconfidence, ignoring base rates and confirmation biases.
Overconfidence
Overconfidence is a particularly difficult psychological barrier

to overcome, even among those with high levels of education.
Psychologists and economists, who have studied the overconfidence phenomenon since the 1960s, find that this mindset results from two factors. One might be called the Lake Wobegon
effect (from Garrison Keillors A Prairie Home Companion):
we all think we are above average.1 Secondly, we tend to have
an illusion of control over circumstances.2 The combination of
these two factors leads to unrealistic optimism. Researchers find
that people are more overconfident when they are faced with
Figure 2: Control Problems in Churches

87%
80%
78%
72%
67%
51%
48%
47%
20%
13%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
difficult or very difficult tasks. The hard-easy effect suggests

that they are more vulnerable to fraud when 1) it is difficult to
assess the likelihood of fraud, and 2) they lack the skills to appropriately safeguard their most valuable assets.
Ignoring Base Rates
Cognitive researchers find that even when people are provided

information on the likelihood of fraud, they tend to ignore
base rates. (A base rate can be defined as the average number of times an event occurs divided by the average number of
times on which it might occur.) Consequently, if we were to tell
a group of church leaders that 20 percent of all houses of worship (a hypothetical number) are likely to be victims of fraud
within the next five years, their over-optimism will lead almost
all of them to conclude that they will not be victims of fraud.
In other words, people tend to place themselves into the group
that is not affected by frauds instead of accurately assessing if
their particular situation is more reflective of the group that
will experience a fraud.
Confirmation Bias
Auditors and fraud examiners do not tend to conclude that assets are safe unless they have assessed the quality of the controls
in place. The average Joe, however, suffers from a confirmation bias. In other words, Joe will rely too much on confirming evidence, such as we have never had a fraud before. At
the same time, he will dismiss contradictory arguments, such as
we do not have adequate controls in place. This bias increases
with the amount and strength of confirming evidence. It will
decrease with contradictory evidence but at a much slower rate.3
Walt Pavlo, the perpetrator of a multi-million dollar fraud
at MCI and WorldCom, expressed confirmation bias well. At the
Oklahoma State University 2008 Financial Reporting Conference,
he was asked where the auditors were while he was committing his
21
Perception of Vulnerability to Fraud
Fraud Occurred
in Last 5 Years
Not Vulnerable
Slightly
Vulnerable
Vulnerable
Very Vulnerable
Extremely
Vulnerable
Grand Total
Yes
24%
53%
17%
6%
0%
100%
No
25%
66%
6%
3%
0%
100%
Total
24%
64%
9%
3%
0%
100%
Table 1
crime, which involved overstatement of receivables. His response:
No one wants to question good news. In the for-profit world, the
evidence has shown that excessively high revenues are a much bigger red flag for fraud than excessively low revenues.
Help them understand

that checks are cash
only more vulnerable.
HOW TO HELP
Based on our survey findings and observations, we offer seven
steps fraud examiners can take to help churches avoid fraud:
1. Freely lend your expertise to small nonprofits and church
boards to help them understand and implement the concept
of separation of duties and independent checks.
2. Help them understand that checks are cash only more
vulnerable. You could explain this by saying, If someone
steals a $1 bill from you, the most they have stolen is $1. If
they steal a $1 check from you and then add a few zeroes,
they have stolen much more.
3. Combat overconfidence through education and training.
Church boards must understand that trust is never an effective internal control.
4. To achieve adequate perception of detection and consequences, encourage church boards to be open and forthcoming about problems and consequences and to prosecute
when appropriate. Such prosecutions could have prevented
the secretary in our opening story from moving to the next
church to possibly do the same thing.
5. While churches may be in the business of bringing the good
news, it is a good idea to remind them that at least when it
comes to financial affairs, they should always question news
that is too good to be true.
6. Church leaders are becoming aware of the need (and sometimes the legal requirement) to conduct background checks
to specifically find sex-related crimes. Help them understand
that they also can use criminal and credit checks to protect
the churchs financial assets and help ensure that donors
wishes are honored by applying donor funds to good deeds,
rather than using them to feather the fraudsters pockets.
7. While we have a psychological tendency to ignore base rates,
we tend to respond to stories. These stories help bring the
reality home; so share stories about church frauds. And if you
are feeling really brave, leave a few copies of Fraud Magazine
in the church library.
22
Sue Colvil/iStockphoto
Individuals who contribute to religious institutions or other

nonprofits do so with the intent that their sacrifices will help the
institution and/or the parties it serves. Fraud examiners can help
these institutions ensure good stewardship over these resources
and prevent the unintended distribution of resources to the pockets of fraudsters. An essential element of providing this help involves convincing them that yes, it can happen here.
Robert M. Cornell, Ph.D., CMA, ACFE Educator
Associate, is an assistant professor of accounting in the Oklahoma
State University Spears School of Business. His email address is:
robert.cornell@okstate.edu.
Carol B. Johnson, Ph.D., ACFE Educator Associate, is the
Masters of Science coordinator and Wilton T. Anderson Professor
of Accounting in the Oklahoma State University Spears School of
Business. Her email address is: carol.johnson@okstate.edu.
Janelle Rogers Hutchinson is a Masters in Accounting student
at Oklahoma State University. Her email address is:
janelle.rogers@okstate.edu.
1
Alicke, M. D., & Govorun, O. (2005). The better-than-average
effect. In M. D. Alicke, D. Dunning & J. Krueger (Eds.), The self in
social judgment. 85-106. New York: Psychology Press.
2
Gino, F., Sharek, Z., & Moore, D. A. (2011). Keeping the illusion
of control under control: Ceilings, floors, and imperfect calibration.
Organizational Behavior & Human Decision Processes, 114, 104-114.
3
Juslin, P., Winman, A., & Olsson, H. (2000). Naive empiricism and
dogmatism in confidence research: A critical examination of the hardeasy effect. Psychological Review, 107, 384-396.
It Can Happen in Your Neighborhood

Example 1
A husband and wife served as treasurer and assistant treasurer
in a small church in North Carolina. When their business began
failing, they stole several thousand dollars from the church by
simply writing checks to themselves over a three-year period. The
fraud was discovered when a contractor complained that he had
not been paid for work on the church property. (http://tinyurl.
com/2e2gm2w)
Example 2
Three unrelated individuals who served as ofce manager, facilities
manager and a volunteer in a California church colluded to steal
$500,000 from the church coffers to fund extravagant lifestyles.
The threesome carried out their thefts by issuing fraudulent checks
and making inappropriate use of credit cards. The theft was discovered when the church pastor became suspicious and reported the
theft to the nance committee. (http://tinyurl.com/66cqchg)
Example 3
The pastor of a large Ohio church commingled funds, laundered
money, tampered with records, forged documents and sold 19
acres of church land to steal more than $1 million from his church
and cover his tracks. The proceeds were used to buy cars, a boat,
a pool and hair treatments in addition to funding private-school
tuition for his children. When a church employee reported that
funds were missing, it took two years to investigate the crime before
charges were led. (http://tinyurl.com/6dpnvch)
Example 4
The business manager of an Oklahoma church was accused of
embezzling $140,000 to pay her personal expenses. The alleged
theft was discovered when the bank notied the church of an overdrawn account. The suspect said she could not have stolen that
much money because the church was audited every year.
(http://tinyurl.com/6bpqblr)
Learn from the experts at
Principles of Fraud Examination

Austin, TX
April 30 - May 3, 2012
Solid Fundamentals for All Anti-Fraud Professionals

Theres so much to learn in order to be an effective fraud ghter where do
you start? Right here, with Principles of Fraud Examination. This course is the
foundation of the ACFEs curriculum and is recommended for all anti-fraud
professionals. Whatever industry or area of specialization you end up in, you
will benet from a solid understanding of the fundamentals of the four key
areas of fraud examination:
t
t
t
t
Fraud Prevention and Deterrence

Legal Elements of Fraud
Fraudulent Financial Transactions
Fraud Investigation
Build your anti-fraud career on a solid foundation
register online at ACFE.com/POFE by March 30 to save an additional $200!
23
A major, multimillion sports ticket fraud at the University of Kansas

highlights how CFEs can help convince administrators and boards
to reassert control over their athletics departments. The answer
could be independent oversight.
By Herbert W. Snyder, Ph.D., CFE; and David OBryan, Ph.D., CFE, CPA, CMA
n June 30, 2009, David Freeman pleaded guilty to

conspiracy to commit bank fraud as part of a federal
bribery case. Anxious to please the judge prior to
his sentencing, he provided investigators with information about theft and resale of football and basketball
tickets at the University of Kansas (KU). Freeman fingered
two individuals, one of whom was exonerated while the
other proved to be central to the case.
Freeman had his sentence reduced from 24 to 18
months, which his attorney said was an inadequate reward for the information he had provided, according to
Developer source in KU ticket scandal, by Steve Fry,
in The Topeka Capital-Journal, April 22, 2010. (http://
tinyurl.com/24wwss9)
Federal authorities contacted KU officials in late 2009.
Under increasing pressure, KU announced in March 2010
that it had retained the services of the Wichita office of
Foulston Siefkin LLP to conduct an internal investigation.
Assisted by a forensic accounting firm, Foulston Siefkin
found that six employees had conspired to improperly sell
or use approximately 20,000 KU athletic tickets mostly
to basketball games, including the Final Four tournament
from 2005 through 2010. The sales amounted to more
than $1 million at face value and could range as high as
$3 million at market value. Even worse, the investigators
were unable to determine how many of the tickets were
sold directly to brokers because the employees disguised
these distributions into categories with limited accountability, such as complimentary tickets, according to University of Kansas athletic tickets scam losses may reach
$3M, in the Kansas City Business Journal, May 26, 2010.
(http://tinyurl.com/3nvaf76)
The investigation did not examine years prior to 2005
because the athletics department did not retain those records. The investigation of KUs ticket sales and fundraising operations by federal authorities continued throughout
2010 and 2011.
KUs internal investigation, which was released May 26,
2010, implicated the associate athletic director for development, the associate athletic director for the ticket office, the
assistant athletic director for development, the assistant athletic director for sales and marketing, the assistant athletic
director for ticket operations and the husband of the associate athletic director for the ticket office who had been working for KU as a paid consultant.
WHAT ACTUALLY HAPPENED?

The accused allegedly abused the complimentary ticket
policies of the university in three ways:
First, official policy allowed for certain athletic office
employees to receive two complimentary tickets for each
athletic event provided they would not resell them. Instead, the athletic department routinely gave each of these
employees more than two tickets for each event and tacitly
permitted, if not overtly encouraged, reselling.
Second, the development/fundraising arm of the athletic office was permitted to use complimentary tickets to
cultivate relationships with prospective donors. However,
these officials helped themselves to many more complimentary tickets than they could have reasonably needed.
Third, athletic department members improperly used
or resold complimentary tickets reserved only for charitable organizations.
The culprits concealed these thefts by simply charging tickets to such fictitious accounts as RJDD Rodney Jones Donor Discretionary and not recording the
ultimate recipients. (Jones was the assistant athletic director for development and one of the two persons the
informant identified.)
By 2009, a cover-up compounded the original
schemes. When the 2008-2009 basketball ticket sale records could not be reconciled, Charlotte Blubaugh told
Brandon Simmons and Jason Jeffries to move documents
from the athletic office to the football stadium where she,
Ben Kirtland and Tom Blubaugh would destroy them on a
weekend and then attribute their absence to construction at
the stadium, according to Foulston Siefkins final report to
the KUs general counsel.
In a separate scheme, the husband of the associate
athletic director for the ticket office, who was supposedly employed as a consultant to the athletic department, received
payments totaling $116,500, all approved by the associate
athletic director for development. Apparently, the husband
did not provide any services in exchange for these payments.
Importantly, no allegations or evidence suggested
that any players, coaches or university administrators outside athletics were involved in these crimes. The athletic
director was not involved in the scheme but accepted responsibility for the lax oversight that contributed to its
extent and duration. Athletics office employees solely
perpetrated these frauds.
Daniel Padavona and Charles Mann/iStockphoto
FRAUD IN COLLEGIATE ATHLETICS
So how did the frauds go undetected for at least five years?

And what can anti-fraud professionals do to prevent situations
like this?
Jon Helgason/iStockphoto
WHY COLLEGE ATHLETIC PROGRAMS

ARE VULNERABLE TO FRAUD
The KU ticket scandal is not unique. It is merely the most recent
and largest among financial scandals in college athletic departments that have included the University of Louisville, the University of Colorado and the University of Miami. What happened
at KU is a combination of separate, but related, problems that
have become increasingly common in college athletic programs:
Major athletic programs generate and spend huge sums of money.
These programs frequently lack transparency in their finances.
Athletic programs often operate independently of university
oversight.
As we have seen, the frauds at KU were not particularly sophisticated. (For example, the associate athletic director for the
ticket office used multiple dummy accounts for ticket purchasers
with business locations that matched her home address.) The
difficulty anti-fraud professionals face is not designing or implementing financial controls; the challenge is convincing senior
administrators and oversight boards to reassert control over their
athletic departments so that existing controls will be effective.
A higher-education institution often uses a top-down, command-and-control structure on the field or in the gym to build
successful sports programs. However, that school might inappropriately use that same approach to administer the business side
of athletic programs. Fraud examiners who deal with intercollegiate athletics should be aware of the following factors, which
may predispose athletic programs to fraud:
College sports are a lucrative target for frauds
Part of the difficulty in dealing with ticket sale frauds in college athletics is that the sheer volume of money invites theft.
According to most recent figures available from the National
Collegiate Athletic Association (NCAA) and compiled by
ESPN (The money that moves college sports, March 3, 2010,
by Paula Lavigne, http://tinyurl.com/yf5d9vw), the 120 schools
that comprise the Division I Football Bowl Subdivision generate more than $1.1 billion from ticket sales each year. Of these,
the top five schools raise between $30.6 million and $44.7 million. (By comparison, KU is large but not exceptional. During
the same period, the KU athletic programs spent more than $65
million and generated more than $17 million in ticket sales.)
College sports increasingly value winning over good
financial stewardship
The inherent risk that surrounds such large sums of money is

compounded by the intense pressure athletic programs face to
win games and increase their television exposure. As the Knight
Commission observed in its 2009 report on college athletics:
26
Part of the difficulty in dealing with ticket

sale frauds in college athletics is that
the sheer volume of money invites theft.
The growing emphasis on winning games and increasing

television market share feeds the spending escalation because of
the unfounded yet persistent belief that devoting more dollars
to sports programs leads to greater athletic success and thus to
greater revenues. (Restoring the Balance: Dollars, Values and
the Future of College Sports, http://tinyurl.com/yjvr9kp)
This situation, albeit in different contexts, is common to
many businesses that experience fraud. High revenues combined
with a focus on growth at all costs often lead to situations in
which organizations outstrip their own control structures and
invites unscrupulous employees to siphon funds.
Sports tickets are inherently valuable and easily convertible to cash
Athletic departments maintain an inventory of valuable, readily

exchangeable assets in the form of tickets. An active secondary
market, including ticket brokers, scalpers and casual sales among
ticket holders, facilitates the unauthorized, difficult-to-trace resale of these tickets. This is exacerbated when the market value
of the tickets frequently exceeds their considerable face value by
a wide margin.
Also, custodians of complimentary tickets can wield great
power and influence over those who want these coveted assets.
Otherwise good people may turn a blind eye to wrongdoing if
tempted, for example, by free tickets to the Final Four or a BCS
bowl game.
College athletic departments frequently lack transparency
in their operations
Lack of access to information is a classic condition for facilitating fraud. The financial reporting that university athletic departments require varies widely in the amount and quality of
information that they make publicly available. The U.S. Equity
in Athletics Disclosure Act, for example, requires colleges to
Fraud-Magazine.com
Make an investment in yourself.
Become a Certied
Fraud Examiner.
When you are able to set some time aside and take away all the distractions, its
amazing what you can learn. The CFE Exam Review Course offers you four days of
guidance from experienced instructors, giving you all the tools you need to
prepare for and pass the CFE Exam.
According to the 2010/2011 Compensation Guide for Anti-Fraud Professionals,
CFEs earn nearly 22% more than their non-certied colleagues.
Distinguish yourself as an expert in the eld by attending our CFE Exam Review Course.
Benets of Attending the CFE Exam Review Course:

Structured Learning Learn how to prepare for the CFE Exam
UPCOMING COURSES:
January 30 February 2, 2012
Dallas, TX
Fast Track Immerse yourself in an intense, 3 day

preparation period
NEW LOCATION!
Instructor-Led Receive guidance from experienced instructors
March 26 29, 2012

Singapore
Interactive Sessions Participate in open discussions on a

variety of topics in fraud prevention
April 16 19, 2012

Las Vegas, NV
Team Environment Meet others preparing for the CFE
July 23-26, 2012

Boston, MA
Exam and practicing CFE instructors to help you organize study

sessions to review materials, and provide you with tips and
processes designed for the working professionals busy schedule
August 27 30, 2012

Chicago, IL
Great job! Well organized, very engaging and I learned a

lot. Very worthwhile class. I did not feel a minute of my time
was wasted.
Melinda Wilp, CPA
September 17 20, 2012

Washington, DC
October 15 18, 2012
New York, NY
November 5 8, 2012
Austin, TX
See more information about the CFE Exam Review Course at ACFE.com/CFE-Exam
file annual reports with the U.S. Department of Education.

However, compliance requires only six areas of expense an
overly broad set of categories that allows wide variation among
institutions. The situation is a bit ironic when we consider that
many Division I schools such as The University of Texas with
yearly athletic revenues of $44 million, or Alabama, with an annual athletic budget of $126 million rival or exceed for-profit
firms but without the same reporting requirements imposed by
the U.S. Securities and Exchange Commission or IRS, according to Lavignes 2010 ESPN article.
Frequently, a single individual controls the daily financial management of an athletic department and is not subject to financial
controls and oversight normally found in profit-making entities.
This trend to place all the power in one person often begins at schools with highly successful coaches. According to the
Knight Commissions 2009 review of college presidents, a majority believes that the influence of outside money has eroded
their ability to control coaches and their programs. (Quantitative and Qualitative Research with Football Bowl Subdivision
University Presidents on the Costs and Financing of Intercollegiate Athletics, http://tinyurl.com/yjvr9kp)
The trend has continued from coaches to omni-competent
athletic directors. John Gasaway, in his blog, Basketball Prospectus, has gone so far as to christen this effect, the Lew Perkins
Fallacy. (He takes the name from the former KU athletic director,
who resigned in the wake of the ticket scandal, but the phenomenon is by no means limited to the KU program.) The fallacy is that
presiding over an operation that generates an enormous amount of
revenue justifies an enormous salary: $65 million and $4 million
for KU and Lew Perkins, respectively. (Jayhawks see through the
Lew Perkins Fallacy. Will others? http://tinyurl.com/3vrok9d)
Apart from the pressure that large salaries place on university finances, they create two additional but related problems.
Winning athletic events does not necessarily translate into
managerial or financial competence. Winning may actually contribute to financial mismanagement because it promotes an aura
of invincibility, which could lead to lax oversight. Who wants
to kill the proverbial goose that is laying the golden eggs? KUs
athletic director, according to Gasaway, lost millions of dollars
in potential revenue for the university.
A second problem is that private sources often pay the large
salaries. A number of college presidents noted in the Knight
Commission study that they are losing control over athletics as
schools are accepting more outside sources of income, such as
television contracts or private fundraising, to pay athletic salaries.
Ticket audits may require specialized testing
Most colleges provide free or reduced-price tickets to major or

prospective donors. That group changes from game to game. So,
athletic departments need to test internal controls and reconcile
actual game attendance with revenues to ensure that the ticket
office is not overly generous with its donor tickets.
28
Winning may actually contribute to

financial mismanagement because it
promotes an aura of invincibility,,
which could lead to lax oversight.
Brandon Laufenberg/iStockphoto
As the KU scandal illustrates, it is absolutely critical that

someone independent from the athletic department perform
timely reconciliations after each event to ensure adequate segregation of duties.
Schools that provide free tickets to employees need additional controls and tests. In most cases, complimentary tickets
should be reported as part of employees taxable income. Similarly, controls need to be in place to make sure that employees
do not receive more tickets than they are allowed by their employment contracts. (Regardless, it seems to be more than a lack
of specialized training that caused Kansas auditors to overlook
the scandal during their periodic reviews of the ticket sales as
shown by the multiple front organizations using the ticket directors home address.)
REASSERTING CONTROL OVER COLLEGE ATHLETICS

Whether big-money sports are appropriate for universities is a
topic beyond the scope of this article. However, large revenue
streams are likely to remain an integral part of intercollegiate
Fraud-Magazine.com
athletics. The obvious course for universities, barring reducing

sports, is to become better stewards of their athletic resources.
More specifically, the same aspects of college sports that spawned
the scandal at KU and other universities should be the focus of
improvements, including better transparency and oversight.
Transparency
Public disclosure of an organizations finances is a powerful deterrent to numerous types of fraud. Although the U. S. Department of Education requires universities to report some data for
athletic programs, it is difficult to compare these disclosures
among institutions because the law requires reporting only in
very broad categories. The NCAA requires reporting with greater detail. However, the public rarely sees such data. Moreover,
the NCAA allows much leeway on the ways universities can
categorize such data.
A uniform system of accounts and reporting would promote
comparability and consistency among programs. To increase accuracy and reliability, information provided to external parties
should come from universities central financial administrations,
not directly from their athletic programs. A university internal audit function should be actively involved to enhance the
quality of reported information. The external agencies receiving these reports should post them on the Internet to promote
openness and transparency and so independent watchdogs can
scrutinize them for evidence of wrongdoing.
Oversight
As with any other organization, simply installing better antifraud controls is not sufficient to deter fraud. A standard of fraud
prevention is that controls are only as effective as the people
who use them. A lesson from the KU case is that athletic departments require independent oversight.
If it is true, as the Knight Report suggests, that university
presidents feel they are unable to do this directly, then universities must seek other bodies to provide the oversight. Potential
candidates include private university accrediting bodies, state
boards of higher education or a universitys board of governors.
Together with improved reporting standards, the move to independent review would remove the process from the more political
atmosphere of university presidents and their competing needs to
run their schools, raise funds and have winning athletic programs.
KU EPILOGUE
Since the scandal broke at KU, federal and state authorities
have continued their investigation, which as of press time has
thus far resulted in seven indictments and seven guilty pleas:
Jason Jeffries, assistant athletic director for ticket operations, pled guilty to one count of misprision and was sentenced
to two years of probation and $56,000 restitution.
Brandon Simmons, assistant athletic director for sales and
marketing, pled guilty to one count of misprision and was sentenced to two years of probation and $157,840 restitution.
Both Jeffries and Simmons cooperated in the investigation

from an early stage and received relatively light sentences.
Kassie Liebsch, athletic department systems analyst, pleaded
guilty to one count of conspiracy to commit wire fraud and was
sentenced to 37 months and $1.2 million restitution. Liebsch was
not identified as a co-conspirator in the spring 2010 investigation. She continued to work at KU until the day of her indictment, Nov. 18, 2010.
Rodney Jones, assistant athletic director for development,
pleaded guilty to one count of conspiracy to commit wire fraud
and was sentenced to 46 months and $1.2 million restitution.
Charlette Blubaugh, associate athletic director for the ticket
office, pleaded guilty to one count of conspiracy to commit bank
fraud and was sentenced to 57 months and $2.2 million restitution.
Tom Blubaugh, paid consultant to KU and husband of
Charlette Blubaugh, pled guilty to one count of conspiracy to
commit wire fraud and was sentenced to 46 months and nearly
$1 million restitution.
Ben Kirtland, associate athletic director for development,
pleaded guilty to one count of conspiracy to commit wire fraud.
He was sentenced to 57 months and nearly $1.3 million restitution, including about $85,000 to the U.S. Internal Revenue
Service and the balance to Kansas athletics.
After the story broke, Athletic Director Perkins announced
he would retire in September 2011 and then abruptly retired on
Sept. 7, 2010. KU has since replaced him with a new athletic
director who makes roughly 10 percent of his predecessor.
An Aug. 10, 2011, court filing indicates that the U.S. attorneys office had collected only $81,025 from the five individuals
convicted of conspiracy.
As Ben Franklin was quoted as saying, It takes many good
deeds to build a good reputation, and only one bad one to lose
it. It may be easier to recover the money than the damaged
reputation. Supporters of college athletics have asserted that the
KU ticket fraud represents a crime by employees and not a failure of college athletics. However, any enterprise that generates
millions and has so little internal control is inviting fraud.
Effective control of intercollegiate athletics will require
broader social and cultural changes that include good student
outcomes over a win-at-all costs mentality. Until that occurs,
anti-fraud professionals can best serve universities by helping
them ensure they receive the revenue they are entitled to for all
athletic events for advancing the institutions goals.
Herbert Snyder, Ph.D., CFE, is a professor of accounting in
the Accounting, Finance and Information Systems Department
at North Dakota State University in Fargo. His email address is:
herbert.snyder@ndsu.edu.
David OBryan, Ph.D., CPA, CFE, CMA, is a professor in the
Department of Accounting and Computer Information Systems in
the College of Business at Pittsburg (Kansas) State University. His
email address is: obryan@pittstate.edu.
29
THE
Tell-Tale Signs of Deception
The Words Reveal

Suspects and witnesses often reveal more than they intend through their choices of
words. Here are ways to detect possible deception in written and oral statements.
By Paul M. Clikeman, Ph.D., CFE
he manager of a fast food restaurant calls the police late at night to report that an armed robber
had entered the restaurant while the manager was alone
in the office finishing some paperwork. The manager said
the gunman had stolen the entire days cash receipts
a little more than $4,000. The manager had reported a
similar robbery at the restaurant about six months earlier.
No other witnesses were present at either alleged robbery.
The restaurant owner learns from police investigators that
armed robbery is extremely unusual in the surrounding
neighborhood. Also, the owner knows that the managers
wages have been garnished for the last year for nonpayment of child support. The owner hires you, a CFE, to investigate whether the manager is filing false police reports
to cover his thefts. You begin your investigation by asking
the manager to write a description of the evenings events.
Detecting Anomalies
Linguistic text analysis involves studying the language,
grammar and syntax a subject uses to describe an event to
detect any anomalies. Experienced investigators are accustomed to studying interview subjects nonverbal behavior,
such as eye contact and hand movement. Text analysis,
on the other hand, considers only the subjects verbal behavior. Because text analysis evaluates only the subjects
words, investigators can apply it to written as well as oral
statements. In fact, many investigators prefer to analyze
suspects written statements for signs of deception before
conducting face-to-face interviews.
Text analysis is based on research originating in the
1970s. Psychologists and linguists studied the language and
word choices of subjects in controlled experiments and
found predictable differences between truthful and deceptive statements. Susan Adams, an instructor who taught
text analysis (which she called statement analysis) at the
FBI Academy for many years, described it as a two-part
process (Statement Analysis: What Do Suspects Words
Really Reveal? FBI Law Enforcement Journal, October
1996). First, investigators determine what is typical of a
truthful statement. Secondly, they look for deviations from
the norm.
The following section describes deviations that suggest a subject may be withholding, altering or fabricating information.
Ten Signs of Deception
1. Lack of self-reference
Truthful people make frequent use of the pronoun I to

describe their actions: I arrived home at 6:30. The phone
was ringing as I unlocked the front door, so I walked
straight to the kitchen to answer it. I talked to my mother

for 10 minutes before noticing that my TV and computer
were missing from the living room. This brief statement
contains the pronoun I four times in three sentences.
Deceptive people often use language that minimizes
references to themselves. One way to reduce self-references is to describe events in the passive voice.
The safe was left unlocked rather than I left the safe
unlocked.
The shipment was authorized rather than I authorized the shipment.
Another way to reduce self-references is to substitute
the pronoun you for I.
Question: Can you tell me about reconciling the
bank statement?
Answer: You know, you try to identify all the outstanding checks and deposits in transit, but sometimes
when youre really busy you just post the differences to the
suspense account.
In oral statements and informal written statements,
deceptive witnesses sometimes simply omit self-referencing pronouns. Consider this statement by a husband who
claims his wife was killed accidently: I picked up the gun
to clean it. Moved it to the left hand to get the cleaning rod. Something bumped the trigger. The gun went off,
hitting my wife. The husband acknowledges in the first
sentence that he picked up the gun. But the second sentence is grammatically incomplete; I has been omitted
from the beginning of the sentence. In the third sentence,
something rather than I bumped the trigger. The statement also contains few personal possessive pronouns. The
witness refers to the gun and the left hand where we
might expect my to be used.
2. Verb tense.
Truthful people usually describe historical events in the

past tense. Deceptive people sometimes refer to past
events as if the events were occurring in the present. Describing past events using the present tense suggests that
people are rehearsing the events in their mind. Investigators should pay particular attention to points in a narrative at which the speaker shifts to inappropriate present
tense usage. Consider the following statement made by an
employee claiming that a pouch containing $6,000 in cash
was stolen before she could deposit it at the bank (I have
emphasized certain words.):
After closing the store, I put the cash pouch in my
car and drove to the Olympia Bank building on Elm Street.
It was raining hard so I had to drive slowly. I entered the
parking lot and drove around back to the night depository
slot. When I stopped the car and rolled down my window,
31
10 TELL-TALE SIGNS OF DECEPTION
Stephan Zabel/iStockphoto
a guy jumps out of the bushes and yells at me. I can see
he has a gun. He grabs the cash pouch and runs away.
The last I saw him he was headed south on Elm Street.
After he was gone, I called the police on my cell phone
and reported the theft.
The first three sentences describe the employees
drive to the bank in the past tense. But the next three
sentences describe the alleged theft in the present
tense. An alert investigator might suspect that the
employee stole the days cash receipts, then drove to
the bank and called the police from the bank parking
lot to report a phony theft. (See another example in
Antics with Semantics on page 35.)
3. Answering questions with questions
Even liars prefer not to lie. Outright lies carry the risk
of detection. Before answering a question with a lie, a deceptive
person will usually try to avoid answering the question at all.
One common method of dodging questions is to respond with a
question of ones own. Investigators should be alert to responses
such as:
6. Euphemisms
Do I seem like the kind of person who would do something

like that?
Many languages offer alternative terms for almost any action or

situation. Statements made by guilty parties often include mild
or vague words rather than their harsher, more explicit synonyms.
Euphemisms portray the subjects behavior in a more favorable
light and minimize any harm the subjects actions might have
caused. Investigators should look for euphemistic terms such
as: missing instead of stolen, borrowed instead of took,
bumped instead of hit, and warned instead of threatened.
Dont you think somebody would have to be pretty stupid to

remove cash from their own register drawer?
7. Alluding to actions
Why would I steal from my own brother?
4. Equivocation
The subject avoids an interviewers questions by filling his or her

statements with expressions of uncertainty, weak modifiers and
vague expressions. Investigators should watch for words such
as: think, guess, sort of, maybe, might, perhaps, approximately,
about, could. Vague statements and expressions of uncertainty allow a deceptive person leeway to modify his or her assertions at a
later date without directly contradicting the original statement.
Noncommittal verbs are: think, believe, guess, suppose, figure, assume. Equivocating adjectives and adverbs are: sort of,
almost, mainly, perhaps, maybe, about. Vague qualifiers are: you
might say, more or less.
5. Oaths
Although deceptive subjects attempt to give interviewers as little useful information as possible, they try very hard to convince
interviewers that what they say is true. Deceptive subjects often use
mild oaths to try to make their statements sound more convincing.
Deceptive people are more likely than truthful people to sprinkle
their statements with expressions such as: I swear, on my honor,
as God is my witness, cross my heart. Truthful witnesses are more
confident that the facts will prove the veracity of their statements
and feel less need to back their statements with oaths.
32
People sometimes allude to actions without saying they actually

performed them. Consider the following statement from an employee who was questioned about the loss of some valuable data:
I try to back up my computer and put away my papers every
night before going home. Last Tuesday, I decided to copy my files
onto the network drive and started putting my papers in my desk
drawer. I also needed to lock the customer list in the office safe.
Did the employee back up her computer? Did she copy her files
onto the network drive? Did she put her papers in the desk drawer? Did she lock the customer list in the office safe? The employee alluded to all these actions without saying definitively that
she completed any of them. An attentive investigator should not
assume that subjects perform every action they allude to.
8. Lack of Detail
Truthful statements usually contain specific details, some of

which may not even be relevant to the question asked. This
happens because truthful subjects are retrieving events from
long-term memory, and our memories store dozens of facts about
each experience the new shoes we were wearing, the song
that was playing in the background, the woman at the next table
who reminded us of our third-grade teacher, the conversation
that was interrupted when the fire alarm rang. At least some of
these details will show up in a truthful subjects statement.
Those who fabricate a story, however, tend to keep their
statements simple and brief. Few liars have sufficient imagination
Fraud-Magazine.com
to make up detailed descriptions of fictitious events. Plus, a deceptive person

wants to minimize the risk that an investigator will discover evidence contradicting any aspect of his or her statement;
the fewer facts that might be proved
false, the better. Wendell Rudacille, the
author of Identifying Lies in Disguise
(Kendall/Hunt, 1994), refers to seemingly inconsequential details as tangential
verbal data and considers their presence
to be prime indicators that subjects are
telling the truth.
9. Narrative balance
A narrative consists of three parts: prologue, critical event and aftermath. The
prologue contains background information and describes events that took place
before the critical event. The critical
event is the most important occurrence
in the narrative. The aftermath describes
what happened after the critical event. In
a complete and truthful narrative, the balance will be approximately 20 percent to
25 percent prologue, 40 percent to 60 percent critical event and 25 percent to 35
percent aftermath. If one part of the narrative is significantly shorter than expected,
important information may have been
omitted. If one part of the narrative is
significantly longer than expected, it may
be padded with false information. The following statement, filed with an insurance
claim, is suspiciously out of balance:
I was driving east on Elm Street
at about 4:00 on Tuesday. I was on my
way home from the A&P supermarket.
The traffic light at the intersection of
Elm and Patterson was red, so I came to
a complete stop. After the light turned
green, I moved slowly into the intersection. All of a sudden, a car ran into me.
The other driver didnt stop, so I drove
home and called my insurance agent.
The subjects statement contains
four sentences of prologue, only one sentence describing the critical event, and
only one sentence of aftermath. The
prologue contains a credible amount of
detail: the day and time of the accident,
the drivers destination, and the location
23rd ANNUAL
ACFE Fraud
Conference
and Exhibition
JUNE 17-22, 2012
ORLANDO, FL
Gaylord Palms Resort & Convention Center
Dont Miss 2012s Largest Anti-fraud Event.

Join forces with thousands of anti-fraud
professionals at the 23rd Annual ACFE Fraud
Conference and Exhibition in the ght against
fraud. You will address the challenges and
critical issues faced by anti-fraud professionals
during top-level educational sessions and
participate in unmatched networking
opportunities with the premier practitioners
and thought leaders from all over the world.
For more information or to register,
visit FraudConference.com.
33
of the accident. But the description of the critical event (i.e.,

the alleged accident) is suspiciously brief. The claimant did not
describe the other vehicle, which direction it came from, how
fast it was going, whether the driver braked to try to avoid the
accident or how the two vehicles made contact.
The aftermath is also shorter than one would expect from a
complete and truthful account of a two-car accident. The claimant
does not say which direction the other vehicle went after leaving
the scene of the accident. He does not mention getting out of his
vehicle to inspect the damage nor does he say whether he spoke
to any people in the area who may have witnessed the accident. A
claims adjuster receiving such a statement would be wise to investigate whether the policyholder concocted a phony hit-and-run
story to collect for damages caused by the drivers negligence.
10. Mean Length of Utterance
The average number of words per sentence is called the mean

length of utterance (MLU). The MLU equals the total number
of words in a statement divided by the number of sentences:
Total number of words / Total number of sentences = MLU
Most people tend to speak in sentences of between 10 and
15 words (ACFE Self-Study CPE Course, Analyzing Written
Statements for Deception and Fraud, 2009). When people feel

anxious about an issue, they tend to speak in sentences that are
either significantly longer or significantly shorter than the norm.
Investigators should pay particular attention to sentences whose
length differs significantly from the subjects MLU.
The Words Reveal
Complete and accurate descriptions of actual events are usually
stated in the past tense and tend to have a predictable balance of
prologue, critical event and aftermath. Truthful statements generally contain numerous self-referencing pronouns and include at
least a few seemingly inconsequential details. Truthful statements
rarely contain oaths, equivocation or euphemisms. Investigators
should apply extra scrutiny to written or oral statements that deviate from these norms. Suspects and witnesses often reveal more
than they intend through their choices of words.
Paul M. Clikeman, Ph.D., CFE, is an associate professor in the
Robins School of Business at the University of Richmond. His email
address is: pclikema@richmond.edu.
NEW COURSE!
Using Data Analytics to Detect Fraud will introduce
students to the basics of using data analytics techniques to
uncover fraud. Taking a software-independent approach,
this one-day course provides attendees with numerous
data analytics tests that can be used to detect various
fraud schemes. Attendees will also discover how to
examine and interpret the results of those tests to identify
the red ags of fraud.
Using Data Analytics

to Detect Fraud
CPE Credit: 8
Course Level: Basic
Prerequisite: None
March 19, 2012
New York, NY
This event is held in conjunction with
Investigating on the Internet, March 20-21, 2012.
For more information or to register, visit ACFE.com/DataAnalytics.
34
Fraud-Magazine.com
Antics with Semantics
t may happen that you inherit a case that someone else

opened. Besides nancial documents, all you have are the
written statements from witnesses and suspects. Can you tell
enough from words alone to detect evasion, lack of cooperation
and the intent to deceive? Yes, you can.
Semantics is a discipline concerned with the meaning of
words and the ways that words combine to form meanings in sentences. The noun rock, for example, can indicate a stone or a
type of music. As a verb, to rock indicates the action of causing
something to rock (rock the cradle) or to rock oneself in a chair
(rocking on the front porch) or a form of party-time behavior (we
were rocking last night).
Anytime you interpret someones words during a conversation, or as part of your professional duties you are practicing
semantics. Here is one example of semantic analysis:
Use of Present Tense when Describing a Past Occurrence
Sometimes deceptive individuals display a reluctance to refer to

past events as past, particularly if the past event is the subject of
investigation. They refer to past events as if they were occurring in
the present. You should pay particular attention to those points in
the narrative at which the speaker shifts to this inappropriate present tense usage, as in the following example.
How many times in this written statement does this person
switch to the present tense? What seems signicant about the
points at which the switch occurs?
On December 15, 2009, in the late afternoon hours, Don L.
Harrington, wife Wanda, and friends Amy Barr, Judy Partin and
Myself, Bob Boone, went to Taylors to pick up some layaway
items. We used two cars because there was some bulky merchandise such as bicycles and a battery-operated car. Don had just
gotten his paycheck so instead of making a trip to the bank he
would pay the balance of the layaway with his check. Wanda
usually handles the nances, so she had Dons check in her purse.
So Wanda hands Don his check, which in turn he gives it to the
layaway clerk. The clerk look at the check and said that she
couldnt accept it but it was obvious that clerk was inexperienced,
because in fact it was the other clerk working in layaway that
told the clerk that she would have to check with the manager rst.
So the clerk takes the check over to the manager, and we all see
the manager shake her head no. By this time Don sees that he
cant use his check, which was a surprise to us because it was a
payroll check instead of a personal check. But instead of causing
chaos, Don decided to pay for it in cash, which Wanda had in her
purse. So Don asked her for the money, gave it to the clerk, the
clerk gave him the receipt, and we went to the back to pick up the
merchandise. In all the confusion, Don thought that Wanda had
the check, and Wanda thought that Don had it, and by this time
we had gotten to Dons house. So Don called ABC Company and
told the payroll dept. that his check was lost.
Bob Boone uses the present tense in three sentences:
So Wanda hands Don his check which in turn he gives it to
the layaway clerk.
So the clerk takes the check over to the manager, and we all
see the manager shake her head no.
By this time Don sees that he cant use his check, which
was a surprise to us because it was a payroll check instead of a
personal check.
It is remarkable that the switch to the present tense occurs at
key moments in the exchange: as the check is handed over, as the
manager refuses to accept the check and as Don becomes aware
he will not be able to use the payroll check. This indicates the
person is sensitive about those moments.
Often, people use the present tense for past events when they
are rehearsing the events in their mind. It is a device for keeping
things straight. Maybe the person is just being careful, or maybe
he is being deceptive.
As an investigator, you should note the switches to the present
tense, and the point of the narrative at which these occur. From
there, you will decide how to explore the issues further.
Excerpted and adapted from the ACFE Self-Study CPE
Course, Analyzing Written Statements for Deception and Fraud,
2009. This excerpt is by Don Rabon, CFE.
Further Reading
Analyzing Written Statements for Deception and Fraud,
ACFE Self-Study CPE Course, 2009 (ACFE.com/
products.aspx?id=2809).
Investigating Discourse Analysis, by Don Rabon, CFE
(Carolina Academic Press, 2003).
Identifying Lies in Disguise, by Wendell Rudacille
(Kendall/Hunt, 1994).
I Know You Are Lying, by Mark McClish (The Marpa
Group, 2001).
Statement Analysis: What Do Suspects Words Really
Reveal? by Susan H. Adams, FBI Law Enforcement
Journal (October 1996).
35
Overachieving Fraud Wolves

in Sheeps Clothing
Targeting Top-Performing Employees Gaming the Bonus System
Follow this CFE consultant as he uncovers top collection reps at a business call center who inated their
performances for more money and job advancement. Lesson? Do not always follow the money.
SOMETIMES WE FIND FRAUDULENT ACTIVITY OCCURRING

IN THE MOST UNSUSPECTING PLACES. What started out
as a routine examination into a tip from an anonymous

call-center employee who was concerned with the large
number of suspicious credit card payments a few fellow
employees were processing, turned out to be the discovery
of a whole new area of call center fraud operating right
under the noses of management, compliance, internal audit, quality assurance and even fraud committee members.
A call center environment can foster many credit
card processing scams. The most popular is for call center agents to retain credit card account numbers, expiration dates and security codes for themselves or to sell to
fraudsters. We also see this scam in restaurants and other
retail industries. Fortunately, in this case, the employee
who called the hotline supplied the locations and names
of the suspicious employees and claimed that the number
of payments they processed was far beyond the norm.
As an outside consultant, I first had to become familiar with the work of the business unit and the group in
which the suspected employees worked. That unit handles inbound and outbound phone calls with customers
who are past due on delinquent accounts. The collectors,
who use defined call scripts, process payments through
a number of payment options for consumers, including
mailing payments, self-performed Internet payments,
check by phone, automatic account debit and, naturally,
credit card and debit card payments processed over the
phone. The company provides exceptional training services for the employees and monitors their work so they
comply with company policies, procedures and applicable
federal, state and even some local statutes. An automated
account management system documents all work, and the
company records all phone calls.
Next, I zeroed in on the accused employees because

the tipster had not provided specific details of the alleged fraudulent conduct. I listened to call recordings,
reviewed the corresponding accounts associated with
calls and sat in on some blind monitoring of the collectors live calls. Nothing seemed out of the ordinary.
The targeted collection representatives were very professional, positive and helpful to consumers.
I expanded the investigation to several previous
months and increased the sampling of calls and accounts. I reviewed consumer complaints containing
allegations of unauthorized charges to see if these collectors had handled them. I still found no questionable conduct. As a final part of the examination, I interviewed the entire business unit staff to uncover any
other employee suspicions of fraudulent activities. I immediately saw that the group members were extremely
competitive, but management encouraged this through
bonuses and advancement to high achievers.
After six or eight interviews, I believed I discovered
the employee who filed the anonymous report to the hotline. She made remarks that those who know how to
work the system are the ones who make bonuses and advance, while those who play by the rules are stuck, live
paycheck to paycheck and are passed over for promotions.
She struck me as either a disgruntled employee or someone tired of seeing cheaters prosper. After a few additional
probing questions, I had what I needed to develop a theory
for what may be the most unsuspecting fraudulent activity
I have ever uncovered. I tore into the historical performance measurements, metrics, reports and employee files
of the business unit. What I found was shocking.
By Jeffrey Horner, CFE, CRCMP

36
Fraud-Magazine.com
My interviews with the business units

management and review of historical documentation showed clearly that the top collection representatives processed over the
phone as much as two to three times the
number of credit card and debit card payments as the average collector. Incentives for
the number of credit card payments allowed
representatives to earn bonuses.
After I traced the payments to the accounts, I noticed that some collection representatives would set up customers on payment plans to charge their credit cards once
or even twice a week, instead of the typical
payment plan for once every two weeks or
monthly. The total amount the customer
paid was the same, but it was broken down
into smaller amounts and processed regularly to increase the number of payments
per week. Ironically, these top-performing
employees appeared to be the most talented,
dedicated, hardest-working phone representatives in the business unit.
As I reviewed the employment records
and performance reviews of the current and former supervisors
and managers of the business unit, I found it crystal clear that
they had all worked their way up in similar fashion. They routinely outscored their peers at the performance metrics. I expanded my investigative analysis to other call center business
units and found the same conduct.
DRIVING EMPLOYEES TO CHEAT
Much has been written, preached and practiced in the area of employee motivation, especially for those directly interacting with
customers. Management drives them to shatter sales and service
records, surpass customer satisfaction standards, hit key performance indicators, out-hustle the competition and find ways to
do more with less. We set goals and budgets, apply performance
metrics, and offer various bonuses and creative incentives.
Organizations monitor and evaluate employee performance,
and top achievers climb up corporate ladders. If you are passed
over too many times you are branded as stale, and you may lose
all hope to advance. Those who earn promotions then study the
playing fields and develop their strategies to move up the next
rungs of corporate ladders.
Capitalism through competition. So what is there to worry
about? Plenty. Let us take a deeper look into this activity.
Typically, CFEs, internal auditors, external auditors, and
risk and compliance managers will search for fraudulent employee activity by focusing on employee theft, embezzlement,
expense account fraud, larceny, fraudulent check writing or
cashing, vendor contracts and countless other schemes. They
follow the money and focus on financial transactions and reporting as sources for discovery. But significant fraudulent employee
activity can be occurring in the open, and we fail to recognize it
or the severity of the risks and potential losses.
Juan Darien/iStockphoto
We are familiar with criminologist Dr. Donald R. Cresseys

fraud triangle that defines fraud as the convergence of three
factors to set the climate for fraud: pressure, opportunity and
rationalization. CFEs are trained to focus their sights on the
business resources, processes, procedures, employee activities
and personnel to detect the potential for, and existence of, the
fraud triangle factors. Nevertheless, many fraud examiners do
not recognize the existence of these factors in the out-in-theopen business environment because we are diligently sleuthing
for the not-so-obvious, hidden schemes buried deep in the organization. Is it possible that fraudulent activity is fully accepted
and expected? If so, where, and how do we identify it?
THE NUMBERS CAN LIE
In this case, the use of data was essential to steer the investigation in the proper direction. Looking at the total payment
processed by the representatives in the group in Figure 1 (on
page 38), we see no significant variance. In fact, the highest producers of total payments are reps 112 and 117. However, drilling
into the number of debit card and credit card payments processed quickly reveals a statistical anomaly. Reps 114 and 118
clearly processed a disproportionately higher number of these
payments than the others in the group. Because the company
incents reps with bonuses and awards to obtain these payments,
Reps 114 and 118 benefitted.
This information caused us to review the details of payments
and customer accounts. We were alarmed to see that these reps
were breaking policy by processing payments as often as two
times per week on the same customer account to artificially inflate the number of payments and earn bonuses. The consumers
agreed to this practice when the reps told them it was necessary
37
OVERACHIEVING FRAUD WOLVES IN SHEEPS CLOTHING
Number of Payments Processed
to keep activity occurring on their accounts so

no additional collection action was taken.
In another group, we found that manageFigure 1: Employee Performance Anomoly
ment was looking at a standard call center Key
Performance Indicator (KPI) to identify any em160
ployee that may not be in line with performance
135
134
140
129
125
125
129
standards. Figure 2 below shows that the average
115
113
120
handle time seems consistent across all employ100
ees. However, upon closer examination, we no80
tice that Reps 223 and 226 have extremely short
55
60
46
44
first contact and inbound call times.
39
40
32 31
31 29
28
25 23
22
21 18
We decided to monitor calls and found that
18 20
20
these reps would not thoroughly and adequately
0
Rep 111
Rep 112
Rep 113
Rep 114
Rep 115
Rep 116
Rep 117
Rep 118
address customers questions, disputes or requests
Representative
for documentation, as required by company policy. They were cutting corners to handle more
calls. You will not be surprised to learn that the
monthly incentives in the group were based on
Figure 1
the average number of calls handled per day. By
cutting these calls short and telling customers
that someone would get back to them on their
issues or concerns, they were able to make more
calls than other reps.
Figure 2: Employee Performance Anomoly
38
Rep 223
6:54
4:38
3:59
4:31
6:21
4:28
4:08
4:11
4:28
3:57
4:21
2nd Contact
Inbound
Average
2:12
3:55
3:07
3:26
6:12
6:32
4:25
4:04
4:11
4:19
3:48
3:55
Total
1st Contact
1:41
3:59
2:41
3:12
6:26
3:57
3:35
3:58
Call Handle Time (min:sec)
According to The Committee of Sponsoring

6:86
Organizations of the Treadway Commission
5:49
(COSO), Everyone in an organization has re4:12
sponsibility for internal control. (http://tinyurl.
com/4y24k9n) It starts with the CEO, who
2:74
should ultimately assume ownership of the
1:37
system, COSO states. However, management
devises goals, targets, budgets and service stan0:00
Rep 222
dards and drives them to the production level. A
close examination of the conduct and behavior
at that level may reveal potential fraudulent activity that standard business processes and procedures have cloaked.
Figure 2
We know that certain areas are ripe for employee fraud, such as expense accounts, commission reports and vendor contracts. But does the definition
of fraud and Cresseys fraud triangle apply to activity and conduct related to employee performance metrics? We can build
the case that it does.
Employees, supervisors or managers who intentionally inflate performance metrics in daily job duties, or omit negative
information or activities, meet the first part of the definition for
fraud. But what about the requirement for a victim suffering loss
by these actions? Again, the victim here is the employer organization through the receipt of invalid performance metrics, delivery
7:02
8:24
RISK AND COMPLIANCE
Credit Card
Debit Card
Rep 224
Rep 225
Rep 226
Rep 227
Rep 228
Rep 229
Representative
and data, or the absence of these values from negative data that
could be used to improve the organization and its outcomes.
And finally, does the perpetrating employee receive gain?
This is where we make a critical mistake and overlook the obvious. Up to this point, we are dismissing these acts and omissions by employees as harmless, just seeking to look good to the
boss, avoid the consequences of missteps or failure, earn that
bonus or climb the ladder in the organization. Employees who
are evaluated by performance measurements, metrics, data,
etc. who manipulate these values are in essence causing their
performances to appear to be better/higher/more valuable to
Fraud-Magazine.com
OVERACHIEVING FRAUD WOLVES IN SHEEPS CLOTHING
the organization than they would actually be otherwise. What

is the motivation? Clearly, for those who are compensated by
commission and bonuses the answer is obvious: money. But job
retention or advancement also constitutes personal gain.
The totality of the definition has been met in the description of employees who purposefully skew performance metrics.
It is not hard for frontline employees to cut corners, force orders,
shorten calls, bury complaints, etc., day after day to put up some
impressive numbers.
This environment is ripe with employee incentive/pressure. The opportunity is present for front-liners to manipulate
the input, statistics, calls, paperwork and other job functions.
And rationalization is a personal psychological characteristic
that has been found to be present in 40 percent of employees,
according to Managing the Business Risk of Fraud: A Practical
Guide. And according to Freud, rationalization is a defensive
compliance reviews originate inside the same departments that

breed the culture of fudging the numbers. You must address it,
or it will continue. Because pressure from management to hit
the numbers will always be a source of temptation for all to look
the other way, the answer is to expand our reach to areas of the
enterprise that possess the resources and skill sets necessary for
independent examination.
In our case, once we showed executives the data for employee performance anomalies, management culture and performance-based compensation and advancement history, it was
clear that change was required. After we developed and implemented training programs to expose and address the conduct
as fraudulent behavior, we devised measurements and reporting
to display such activity to serve as deterrents. In a short period
of time, performance metrics reflected true and clean data for
employee call statistics. With this information, we were able to
Risk, cost and liability from damage to customer goodwill, brand and exposure
to regulatory actions may be signicant once the missteps are revealed.
mechanism that seeks to offer acceptable reasons to others, or
ourselves, for unacceptable behavior. As stated by ACFE founder and Chairman, Dr. Joseph T. Wells, CFE, CPA, in his Corporate Fraud Handbook, For the purpose of detecting and deterring occupational fraud, it does not matter whether employees
are actually justified, but whether they perceive that they are.
Now that we have seen that frontline employee conduct
may be an undetected area primed for fraud, we need to assess
the risk to the enterprise. According to the International Association of Risk and Compliance Management Professionals,
the risk and harm sustained by an organization are not limited to
the losses from employees who work the system to advance and
earn more money. Risk, cost and liability from damage to customer goodwill, brand and exposure to regulatory actions may
be significant once the missteps are revealed. When company
management is unable to obtain valid data from operations, the
impact can be devastating.
HELP THE COMPANY HELP THEMSELVES
The environments most susceptible to transparent frontline

fraud are those you would not normally suspect: service centers
within the enterprise with high-volume, measurable workload
functions. These include call center operations, inside order
processing, lead generation, online agent help desks, billing
and collection, telemarketing, mail processing, customer service
centers and back-office operations.
Once you recognize conduct as potentially fraudulent and
know where to focus efforts to discover the activity, you must examine what can be done to mitigate that risk. Often, process and
accurately identify problem employees and quash the culture

of working the system for bonuses and advancement. In just
three months we gained a 14 percent increase in KPIs and customer satisfaction ratings! Only employees playing by the rules
earn bonuses for the right reasons.
Clearly the solutions are very simple, and if you take one
thing away from this article, this is it: The targets, goals, incentives and bonuses are not the problem. We must focus investigative principles and techniques on performance anomalies because they are ripe for frontline, transparent fraudulent activity.
It is critical that we segment employee production by tenure,
skill and past achievement variances.
A business environment probably already has all the necessary tools, resources and historical data to assess the accuracy,
or lack thereof, of job performances at any level. Management
will need to develop controls, checks and balances, monitoring,
reporting, ethics training, employee hotlines and preventative
measures to reduce the risk for fraud.
We may nip and tuck around the edges to modify behavior,
and still the crafty employees find ways to hit their numbers
and get the prizes. If we are not diligent in reviewing, reconciling and building operations-oriented analysis tools to identify
performance anomalies and investigate them unrecognized fraudulent activity will occur before our eyes.
Jeffrey Horner, CFE, CRCMP, is chief development officer and
senior vice president of the Government Services Division of UCB
Inc. His email address is: jwhorner@ucbinc.com.
39
Data Breaches, a 3-Part Series
BREAKING BREACH
SECRECY, Part 3
BY ROBERT E. HOLTFRETER, PH.D., CFE, CICA; AND ADRIAN HARRINGTON
PN_Photo/iStockphoto
Analysis Shows Entities Lack Strong

Data Protection Programs
The authors analysis of data-breach statistics shows that organizations
poorly protect personal data. Possible solution: U.S. federal rules for
guidance in developing comprehensive data protection programs.
here are data breaches and then there

are data breaches. Hold on as we look
at two enormous cases reported by the
Privacy Rights Clearinghouse (PRCH)
in its Chronology of Data Breaches.
Even though the number of records compromised
in these two cases is atypical, it does illustrate the
problems consumers face when their personal data
is not protected by organizations that use it.
On Jan. 20, 2009, Visa and MasterCard
alerted Heartland Payment Systems, a credit and
debit card processor, of suspicious activity related
to card transactions. After the company investigated, it found evidence of malicious software
that compromised data on more than 130 million
cards. The incident may have been the result of a
global cyberfraud operation.
On June 16, 2005, hackers infiltrated the network of CardSystems a third-party processor of
payment card transactions and exposed names,
card numbers and card security codes of more
than 40 million card accounts, including 68,000
Mastercard accounts, 100,000 Visa accounts and
30,000 accounts from other card brands. On Feb.
26, 2006, CardSystems agreed to settle charges
with the Federal Trade Commission that it failed
to have in place the proper security measures to
protect sensitive personal information. CardSystems notified affected consumers and offered them
one year of credit monitoring services.
Data breaches that lead to identity theft
have affected the lives of individual consumers,
businesses, nonprofit organizations and governments at all levels throughout the world, especially in the past decade. Security companies are
constantly working to develop better products for
individuals and organizations to protect personal
information. Many organized cybercriminals work
as successful profit-making businesses, constantly

developing new fraudulent schemes to look for
system weaknesses and collect personal identifiable information (PII).
However, as our new report and analysis in
this article show, it is not just blatant hacker efforts that cause data breaches. Organizations and
individuals who do a horrible job protecting personal data, of course, create conditions that lead
to the majority of data breaches.
TRACKING THE PESKY BREACHES
Though not all organizations report data breaches

publicly, at least three independent groups track
and analyze breaches and publish them in reports:
the Privacy Rights Clearinghouse (PRCH), Verizon and the Identity Theft Resource Center.
Privacy Rights Clearinghouse
PRCH describes itself as a nonprofit consumer education and advocacy project whose purpose is to advocate for consumers privacy rights in public policy
proceedings. From Jan. 1, 2005, through press time,
it has tracked, analyzed and classified 2,752 data
breaches and more than 542 million compromised
records for inclusion in its Chronology of Data
Breaches, which is updated daily (www.privacyrights.org/data-breach) from these sources:
The Open Security Foundations DATALOSSdb.
(www.datalossdb.org)
Databreaches.net, a spinoff from www.PogoWasRight.org, has compiled a wide range of breach
reports since January 2009.
Personal Health Information Privacy (www.
phiprivacy.net/), affiliated with Databreaches.
net, is a database that compiles only medical
data breaches. Many of these are obtained from
41
BREAKING BREACH SECRECY
the U.S. Department of Health and Human Services medical

data breach list.
National Association for Information Destruction Inc. (www.
naidonline.org) provides monthly newsletters that include a
number of data breaches largely resulting from improper document destruction.
The PRCH classifies data breaches as:
Unintended disclosure: sensitive information posted publicly
on a website, mishandled or sent to the wrong party via email,
fax or mail.
Hacking or malware: electronic entry by an outside party.
Payment card fraud: fraud involving debit and credit cards
that is not accomplished via hacking. For example, skimming
devices at point-of-service terminals.
Insider: someone with legitimate access such as an employee
or contractor intentionally breaches information.
Physical loss: lost, discarded or stolen non-electronic records,
such as paper documents.
Portable device: lost, discarded or stolen laptops, PDAs,
smartphones, portable memory devices, CDs, hard drives,
data tapes, etc.
Stationary device: Lost, discarded or stolen stationary electronic
devices such as a computer or server not designed for mobility.
Unknown.
Verizon Business
For the past six years, the Verizon Business Risk Team, in conjunction with the U.S. Secret Service (since 2009) and the
Dutch National High Tech Crime Unit (starting in 2010), has
prepared the annual Data Breach Investigations Report (http://
tinyurl.com/3votjlj) based on its analysis of more than 900 data
breaches representing more than 900 million compromised records. The Verizon study classifies the breach types as from external agents, insiders, business partners and multiple parties.
Identity Theft Resource Center
The Identity Theft Resource Center (ITRC) (www.idtheftcenter.org) describes itself as a nonprofit, nationally respected
organization dedicated exclusively to the understanding and
prevention of identity theft.
The ITRC list is a compilation of data breaches confirmed
by various media sources and/or notification lists from state
governmental agencies. The group updates the list weekly. To
qualify for the list, breaches must include PII that could lead
to identity theft, especially SSNs. Since Jan. 1, 2005, and up
to press time, the ITRC has tracked and analyzed 2,852 data
breaches and more than 496 million compromised records.
The ITRC classifies its types of data breaches as from: data
on the move, accidental exposure, insider theft, subcontractors
and hacking.
42
These organizations use differing methodologies to select

and classify data breaches, which allow us to view the data from
different perspectives. Data breaches are not all alike, according to the ITRC. Security breaches can be broken down into a
number of categories. What they all have in common is that they
usually contain personal identifying information in a format easily read by thieves, in other words, not encrypted. That is true,
Gualtiero Boffi/iStockphoto
but a lot of personal information included in data breaches is

encrypted. If organizations use the 56bit Data Encryption Standard rather than the 128-bit Advanced Encryption Standard,
then hackers can normally break key codes and return encrypted
data to plain text so they can use it for identity theft.
HOLTFRETER/HARRINGTON DATA BREACH ANALYSIS REPORT
We decided we wanted to compile a data breach report for the

public and anti-fraud professionals using a different classification system to provide additional breadth and depth.
Methodology
We analyzed 2,278 data breaches and 512,289,000 compromised

records reported by the PRCH for a six-year period of 2005
through 2010 Jan. 1, 2005 through Dec. 31, 2010. (Beth
Givens, PRCHs director, granted us permission to use its data.)
We developed our classification system by conducting an
analysis of a large sample of 300 data breaches to initially classify each of them into three broad categories: internal, external
and non-traceable. We used this initial broad approach because
data breaches and related comprehensive data protection legislation are typically viewed by the public and identity theft experts from an internal/external perspective. Internal and external data breaches are defined, simply, as those originating from
within or outside an organization, respectively.
In the second phase of our analysis we examined all the
sampled breaches included in the internal and external categories to look for useful patterns for determining specific subtypes.
Fraud-Magazine.com
The ACFE Career Center

More than just a Job Board.
The ACFE Career Center has resources and advice for

anti-fraud professionals at every stage of their career, from
entering the workforce to mentoring the next generation.
Even if youre currently employed, the Career Center can
help you chart your path with:
tCareer advice from HR experts, hiring managers,
self-employed fraud examiners and more.
tProles of ACFE members who share how they charted their
career path, what worked and what didnt.
tValuable web resources including checklists, articles and
career-planning tools.
tThe ACFE Job Board, where job seekers go to nd job
postings targeted to their skill set.
Dont forget to check out job listings and network with
colleagues on the ACFE LinkedIn group.
Invest in your career. Visit the ACFE Career Center at ACFE.com/Career.
We then completed the classification process by placing all

2,278 data breaches for the six-year period into the following
subtype categories, which we defined and used for the analysis:
IIPD: Internal improper protection or disposal of data:
For example, on Sept. 4, 2007, the University of South Carolina exposed online a number of files containing Social Security
numbers, test scores and course grades.
ITF: Internal theft of data by a current or former employee with absolute or high probability of fraudulent intent:
For example, on Feb. 5, 2009, a Mooresville, N.C., dry cleaner
skipped town with her clients credit card numbers.
ITNF: Internal theft of data by a current or former
employee with low or no probability of fraudulent intent:
For example, on April 27, 2007, an employee at the Caterpillar
Corporation stole a laptop computer containing personal data of
employees, including SSNs, banking information and addresses.
IH: Internal hacking or unauthorized intrusion of
a network by a current/former employee: For example, on
March 21, 2010, a 21-year-old former Evergreen Public School
employee Vancouver, Wash., pulled off a computerized payroll
security breach that put more than 5,000 current and former
Vancouver district school employees at risk for identity theft.
IL: Internal loss of data: For example, on Oct. 15, 2009,
the Virginia Department of Education reported that a flash drive
containing 103,000 student names, SSNs, and employment and
demographic data was misplaced.
XP: External partner/third-party theft or loss of data
by improper exposure or disposal: For example, on April 27,
2007, the Long Island Railroad reported that, while in transit,
its delivery contractor, Iron Mountain, lost data tapes containing names, addresses, SSNs and salary figures of virtually all the
employees who worked for the company.
XTF: External theft of data by a non-employee with absolute or high probability of fraudulent intent: For example, on
Feb. 2, 2009, a school volunteer at the Irving Independent School
District in Texas, stole information including SSNs and birth
dates of school employees and tried to buy tires at a local Sears
store after opening up a line of credit using the name of one of the
school teachers. A suspicious, alert employee called the police.
XTNF: External theft of data by a non-employee with
low or no probability of fraudulent intent: For example, on
Aug. 1, 2009, Williams Companies Inc., in Tulsa, Okla., reported that a laptop containing personal information of 4,400 current and former employees was stolen from a workers car.
XH: External hacking or unauthorized intrusion of
network by a non-employee: For example, on June 23, 2010,
Anthem Blue Cross WellPoint of California reported that
hackers may have compromised customers personal information after gaining access to the companys web-based tool for
tracking pending insurance applications.
NA: Non-traceable unable to determine as internal or
external: For example, on June 22, 2009, numerous folders containing medical records and SSNs from Baptist Medical Center
were found in a landfill.
44
Figure 1: Record Breach Sum

1%
Non-traceable
13%
Internal Sum
86%
External Sum
Figure 2: Record Breach Types

6%
8%
External-XTNF
Internal-ITF
4%
Internal-IL
3%
Internal-IIPD
2%
External-XTF
18%
External-XP
59%
External-XH
0%: Internal-IH
0%: Internal-ITNF
0%: Non-traceable
Results? Entities Have Some Explaining to Do
Bear with us on the detailed results. Getting through these statistics will pay off. Figure 1, Record Breach Sum (above), shows
the percentage of the 581,289,000 compromised records for the
six-year period. As shown, approximately 13 percent were traced
to the internal category, 86 percent to external and 1 percent
to non-traceable. Most individuals believe that the majority of
compromised records and related breaches are externally driven
an opinion probably shaped by media outlets, which tend
to focus their reporting on data breaches of large organizations.
Figure 2, Record Breach Types (above), shows the percentages of the total compromised records traced to each of the
five internal (IIPD, ITF, ITNF, IH, IL), four external (XP, XTF,
XTNF, XH) and non-traceable (NA) subtype categories.
In the internal subtype categories, IIPD or the improper
protection or disposal of data, accounted for approximately 3
percent of the total compromised records; ITF or theft of data
by a current or former employee with absolute or high probability of fraudulent intent, accounted for about 6 percent; IH
or hacking or unauthorized intrusion of network by a current/
former employee, was about 1 percent; IL or loss of data, was
about 4 percent, and ITNF or theft of data by an employee
with low or no probability of fraudulent intent theft, was about
Fraud-Magazine.com
Figure 3: Case Breach Sum

5%
Non-traceable
39%
Internal Sum
56%
External Sum
Figure 4: Case Breach Types
7%
External-XP
7%
5%
Internal-IL
5%
Non-traceable
External-XTF
2%
Internal-IH
8%
Internal-ITF
24%
External-XTNF
18%
External-XH
24%
Internal-IIPD
0%: Internal-ITNF
1 percent. There is no dominant internal breach type, but this

is somewhat expected because the total compromised records
in this area accounted for only 13 percent of the overall total
compromised records.
In the external subtype categories, XP or partner/third party
theft or loss of data by improper exposure or disposal, accounted
for approximately 18 percent of the total compromised records;
XTF or theft of data by a non-employee with absolute or high
probability of fraudulent intent, accounted for about 2 percent;
XH or hacking or unauthorized intrusion of network by a nonemployee, was about 59 percent; XTNF or theft of data by a
nonemployee with low or no probability of fraudulent intent,
was 8 percent, and NA or non-traceable unable to trace to
internal or external, accounted for approximately 3 percent.
External hackers caused most of the compromised records,
which is expected because they get more bang for the buck by
gaining access to more data when infiltrating the networks of
larger organizations. But another serious problem exists with
some partners and third-party contractors who seem to be irresponsible when entrusted with the data of other organizations.
Figure 3, Case Breach Sum (above), shows the percentages of data breaches for the general internal, external and
non-traceable categories. Of the 2,278 data breaches, internal
accounted for 39 percent, external for 56 percent and 5 percent

for non-traceable. These results are quite different when compared to the number of compromised records for internal, external and non-traceable categories, which were noted above at
13 percent, 86 percent and 1 percent, respectively. This strongly
indicates that the external hackers are getting access to more
records per breach than those stealing internal records.
Figure 4, Case Breach Types (left), shows the percentage of
the 2,278 data breaches for the five internal (IIPD, ITF, ITNF,
IH, IL), four external (XP, XTF, XTNF, XH) and non-traceable
(NA) subtype categories. For internal, XP or the improper protection or disposal of data, accounted for approximately 24 percent; XTF or theft of data by a current or former employee with
absolute or high probability of fraudulent intent, accounted for
about 8 percent; XH or hacking i.e. unauthorized intrusion of
network by current or former employee, was about 1 percent;
XL or loss of data was 7 percent, and XTNF or theft of data
by a current or non-current employee with low or no probability
of fraudulent intent, was about 1 percent.
Improper protection or disposal of data dominates this subcategory, which again shows that some organizations need to
tighten up their controls.
In the external subtype categories, IIPD or partner/third
party theft or loss of data by improper exposure or disclosure,
accounted for approximately 7 percent of the total data breaches;
XTF or theft of data by a non-employee with absolute or high
probability of fraudulent intent, accounted for about 6 percent;
XH or hacking or unauthorized intrusion of network by a nonemployee, was about 18 percent; XTNF or theft of data by a
non-employee with low or no probability of fraudulent intent,
was 24 percent, and NA or non-traceable unable to determine
as internal or external, accounted for approximately 5 percent.
The pattern that exists among the total compromised records and data breaches for the general internal, external and
non-traceable categories seems to be true for the subtypes. For
internal types, NC or the improper protection or disposal of records, accounted for about 24 percent of the total breaches but
3 percent of the total compromised records. XTF, or the theft of
data by a current or non-employee with absolute or high probability of fraudulent intent, accounted for about 8 percent of
the data breaches and about 6 percent of the compromised records. In addition, the subtype IL, or the internal loss of data,
accounted for about 5 percent of the total data breaches but only
4 percent of the total compromised records.
The above results are similar for the external subtypes. For
example, XP, or the partner/third party loss of data by improper
exposure or disposal, accounts for about 18 percent of the total compromised records but only 7 percent of the total data
breaches. XH, or hacking or unauthorized intrusion of network
by a non-employee, accounts for 18 percent of the data breaches but a whopping 59 percent of the total compromised records.
XTF, or the theft of data by a non-employee with absolute or
high probability of fraudulent intent, accounted for nearly 6
45
CFE Exam Prep Course | Books and Manuals | Self-Study CPE | Software | Merchandise | Toolkits
ACFE BOOKS AND MANUALS
Social Engineering: The Art of Human

Hacking
Fraud Fighter: My Fables and Foibles

By Dr. Joseph T. Wells, CFE, CPA
NEW!
At a period when dishonesty at top U.S. companies is

dominating public attention, Fraud Fighter: My Fables
and Foibles is a surprisingly frank and gripping memoir from an unsurprisingly effective fraud ghter. This
autobiography forms a full tapestry of a life, displaying
wit, intrigue, trepidation, regret and nally, victory (342
pages).
By Christopher Hadnagy and Paul Wilson

NEW!
$25 Members / $39 Non-Members

Visit ACFE.com/FraudFighter for more details.
From elicitation and pretexting to inuence and manipulation, all aspects of social engineering are picked apart,
discussed and explained by using real world examples,
personal experience and the science behind them to unravel the mystery of social engineering. This indispensable book examines a variety of maneuvers that are
aimed at deceiving unsuspecting victims, while it also
addresses ways to prevent social engineering threats
(408 pages).
Internet Fraud Casebook (Audio CD Set)
NEW!
This popular ACFE casebook is now available in a convenient audio CD set. Featuring 13 CDs with more than
10 hours of captivating fraud cases, the Internet Fraud
Casebook CD set allows you to listen to the war stories of more than 40 fraud examiners and learn from
their real-life investigations. Each case study walks
through the investigation step-by-step, presenting lessons learned and recommendations for preventing future occurrences of fraud.
To download a sample chapter, visit ACFE.com/
FraudCD.
A Guide to Forensic Accounting

Investigation, Second Edition
NEW!
By Steven Skalak; Thomas Golden, CFE, CPA;

Mona Clayton, CFE, CPA; Jessica Pill
NEW!
Recent catastrophic business failures have caused

some to rethink the value of the audit, with many demanding that auditors take more responsibility for fraud
detection. This book provides new coverage on the
latest PCAOB Auditing Standards, the Foreign Corrupt
Practices Act and on options fraud, as well as on fraud
in China and its implications. This book equips auditors
with the necessary practical aids, case examples and
skills for identifying situations that call for extended
fraud detection procedures (622 pages).
Corporate Fraud Handbook:

Prevention and Detection, Third Edition
NEW!
By Dr. Joseph T. Wells, CFE, CPA

NEW!
Fraud continues to be a serious and costly problem

for businesses. Now in its third edition, the Corporate
Fraud Handbook, written by the founder and Chairman
of the ACFE, is lled with real-world cases and statistics on the various types of fraud and their real cost to
organizations.
The Fraud Audit: Responding to the

Risk of Fraud in Core Business Systems
NEW!
CBy Leonard W. Vona, CFE, CPA

NEW!
It reveals the incredibly creative fraud schemes used by

employees, owners, managers and executives to defraud their companies. Auditors, fraud examiners and
criminal investigators will discover how to spot the red
ags of fraud and prevent it from happening in the rst
place (456 pages).
The 2010 Report to the Nations found that the typical

organization loses 5 percent of its annual revenue to
fraud and abuse. Discover fraud within your business
before yours becomes another fraud statistic. The Fraud
Audit provides a proven fraud methodology that allows
auditors to discover fraud versus investigating it (378
pages).
Ordering is Easy!
ACFE.com/Shop
(800) 245-3321 / +1 (512) 478-9000
Course
Formats
Workbook CD
DVD
Online
E-Workbook
SELF-STUDY CPE
The ACFE has the highest quality CPE
of any organization that I belong to!

Avery Hudson, CFE, CPA
Internal Auditor, Liberty Bank
Interviewing and Interrogation Toolkit
CPE Credit: 16
Unfortunately, Interviewing Techniques 101 is not a course most of

us took in school. As a fraud examiner, however, you are challenged
with the task of interviewing on a regular basis. This toolkit includes
four resources to help you improve your interviewing skills and ensure
you become a more effective interviewer:
$59 M
$79 NM
U Finding the Truth: Effective Techniques for Interview and

Communication (20 CPE Credits)
U Fraud-Related Interviewing
$139 M
$159 NM
$159 M
$179 NM
U Interviewing and Interrogation, Second Edition

U Report Writing Manual
Regular Price: $254 Members / $270 Non-Members
Bundle Price: $179 Members / $229 Non-Members
FCPA Investigations: Combating

Corruption in International Business
(Online Self-Study)
$59 M
$79 NM
NEW!
$119 M
$159 NM
Course Level: Intermediate

Prerequisite: None
FCPA Investigations: Combating Corruption in International Business

provides you with important information to help you, your company
and its employees avoid adverse consequences and combat bribery
in international business. This course offers an overview of the FCPA,
discusses how you should respond to evidence of corruption, presents
a roadmap that will help you conduct investigations of suspected corruption and discusses how to conclude an investigation.
NEW!
CPE Credit: 3
$89 M
$109 NM
Course Level: Basic

Prerequisite: None
Every anti-fraud professional needs the tools to
pursue an investigation that involves a search for
concealed assets. This course gives you insight
on how to locate hidden assets and how to identify and trace hidden payments and sources of
income. Hear from fraudsters about how to hide
assets and from anti-fraud experts on how to nd
them.
Ethical Issues for Fraud

Examiners (Online Self-Study)
NEW!
CPE Credit: 2
CPE Credit: 4
Making Crime Pay: How to

Locate Hidden Assets
BEST SELLER!
Fraud Risk Management

Prerequisite: None
The eld of risk management has attracted increased attention in the wake of the economic
meltdown as the public comprehends the negative effects of uncontained risk. This course explains why managing fraud risk is important for
organizations and the steps to develop an effective fraud risk management program.
CPE Credit: 2
Course Level: Basic
Prerequisite: None
Ethical Issues for Fraud Examiners will help you understand what constitutes an ethical dilemma and develop an awareness of ethical issues faced by fraud examiners. The course also presents six ctional
scenarios that illustrate potential ethical situations that pertain to fraud
examinations. The purpose of these scenarios is not to provide you
with solutions, but rather to familiarize you with some types of ethical
dilemmas that might arise in a fraud examination.
NEW!
CPE Credit: 16
$59 M
$79 NM
Inside the Fraudsters Mind
(Fullls 2 hours ethics CPE requirement)

CPE Credit: 8 (Fullls 2 hours of required Ethics CPE)
Course Level: Basic
Prerequisite: None
$109 M
$129 NM
Understanding the thoughts and feelings of a

fraudster can provide valuable insight to enhance
an organizations anti-fraud efforts. This course
$129 M
will explore psychological information that is key
$179 NM
to the successful development of a fraud prevention and detection program. In the accompanying
training video you will hear ten convicted fraudsters explain directly
what they were thinking when they decided to commit fraud and how
they nally got caught.
Highlights Include:
t The business case for managing fraud risk
t Objectives of a fraud risk management program
t The components of a fraud risk management program
t A discussion of COSO and other risk management frameworks
Order online at ACFE.com/Shop

Where the Experts Shop.
percent of the total data breaches but only 2 percent of the total
compromised records. Lastly, XTNF, or the theft of data by a
non-employee with low or no probability of fraudulent intent,
accounted for only 8 percent of the total compromised records
but an amazing 24 percent of the total data breaches.
Analysis? Numerous Data Compromises Without Controls
The results strongly indicate that the organizations experiencing these data breaches lack strong comprehensive data
protection programs. As a result, the personal data that organizations should control and safeguard more easily is being
compromised in many ways.
For example, 26 percent of the total breaches result from
the internal improper protection and disposal of data. Examples include posting data online including SSNs on mailing
labels giving documents or hard drives to recyclers that include personal information (how about destroying them internally?) and leaving documents containing personal data unattended in the workplace.
Do we know if any of the compromised records in this category of data breaches were used for identity theft purposes? No,
but the opportunity exists. As we know, closing the door on opportunity is one of the best methods for fraud prevention.
The protection and disposal of data category is also directly linked to two other internal data breach and three external
subtype categories. For example, if companies properly protected and/or disposed data by securing physical facilities, software
and hardware, then less data, such as employee SSNs, would be
lost or misplaced. And employees or non-employees would be
stealing less internal and external data, such as customer debit
card numbers and other personal data. Also, as we wrote earlier,
organizations could better control internal and external hacking
and resulting identity theft if they were required to encrypt all
sensitive data with the use of the 128-bit encryption standard.
SELF-REGULATION NOT WORKING
It is obvious that many organizations need guidance in developing comprehensive data protection programs. Self-regulation has
not worked; maybe federal rules might help. Because of recent national exposure on data breaches, the U.S. Congress is considering
legislation on this topic. But do not hold your breath because they
have been considering legislation on notification of data breaches
for the past three sessions and have not passed any law. (The 2007
U.S. Red Flags Rule does require many business and organizations to implement a written identity theft prevention program
designed to detect the warning signs of identity theft in their daily
operations. See http://tinyurl.com/d6de4y.)
The state of Massachusetts, on the other hand, has recently passed a comprehensive data protection law (201 CMR
17.00) containing standards and requirements directly related
to the types of internal and external data breaches described
and analyzed in this article.
48
The Massachusetts law is considered one of the strictest

in the U.S. The standards and precise requirements that are
paraphrased and listed below might be a model for other U.S.
states, the U.S. Congress and perhaps some foreign countries
for developing comparable legislation. They will also provide
valuable guidance for organizations and consultants who advise
them about specific elements that should be addressed in setting
up a comprehensive data protection program.
The law states that every person that owns or licenses perFor example, if
companies properly
protected and/or
disposed data by
securing physical
facilities, software
and hardware, then
less data, such as
employee SSNs,
would be lost or
misplaced.
Ivelin Radkov/iStockphoto
sonal information about a resident of the Commonwealth shall

develop, implement, and maintain a comprehensive information security program. That includes the following standards
and requirements briefly outlined by InstantSecurityPolicy on
its website at: http://tinyurl.com/4xnnoky.
In the section of the Massachusetts law, 17.03: Duty to
Protect and Standards for Protecting Personal Information, every comprehensive information security program shall include,
but not be limited to:
a. Designating one or more employees to maintain a comprehensive information security program.
b. Identifying risks to the security, confidentiality, and/or integrity
of records containing personal information, and improving current safeguards where necessary, including 1) ongoing employee/
contractor training, 2) employee compliance with policies, and
3) means for detecting and preventing security system failures.
c. Developing policies relating to the storage, access, and transportation of personal information outside of business premises.
d. Imposing disciplinary measures for violations of the security
policy.
e. Preventing terminated employees from accessing records
containing personal information.
f. Oversee service providers by 1) selecting and retaining service
providers capable of securing personal information and 2) requiring service providers by contract to implement and maintain appropriate security measures for personal information.
Fraud-Magazine.com
g. Placing restrictions on physical access to records containing

personal information and securely storing of this information.
h. Regular monitoring to ensure the security program is operating in the intended manner and upgrading safeguards
where necessary.
i. Reviewing security measures at least annually or whenever it
is reasonably necessitated by a change in business practices.
j. Documenting actions taken in response to any incident involving a breach of security, and a post-incident review of
events and actions taken. 17.04
Computer System Security Requirements
(1) Secure user authentication protocols including:

a. Control of user IDs and other identifiers.
b. A reasonably secure method of assigning and selecting passwords or other unique identifiers.
c. Control passwords to ensure that the location and/or format
does not compromise data security.
d. Restricting access to active user accounts only.
e. Blocking access after multiple unsuccessful logon attempts.
(2) Secure access control measures that:

a. Restrict access to files containing personal information to
those who need such access.
b. Assign non-vendor-supplied, unique identifications and passwords to each person with computer access that are designed
to maintain the integrity of the security of the access controls.
(3) Encryption of all transmitted files containing personal
information when traveling across a public network or a wireless
connection.
(4) Monitoring of systems for unauthorized use of or access
to personal information.
(5) Encryption of all personal information stored on laptops
or portable devices.
(6) Use firewall protection and reasonably up-to-date
patches on Internet-connected systems that contain personal
information.
(7) Use anti-virus/anti-malware software with reasonably upto-date patches and virus definitions on Internet-connected systems
that contain personal information.
(8) Education and training of employees of the proper
use of the computer security system and the importance of
information security.
Time running out

to earn your CPE?
Earn 10 fraud-related credits with
Fraud Magazine CPE Quizzes!
Is your deadline for CPE fast-approaching? All Certied Fraud Examiners must earn
the required 20 Continuing Professional Education (CPE) credits to remain in good
standing. If you are a CFE and want to make sure you have your 10 required fraudrelated credits, then take advantage of ACFEs Fraud Magazine CPE quizzes.
Take this issues Fraud Magazine CPE Quiz on pg. 70,
or download archived quizzes at Fraud-Magazine.com/CPE-Quiz-Archive.aspx

Fraud Magazine is a trademark owned by the Association of Certied Fraud Examiners, Inc.
49
A new federal comprehensive data

protection law should also include the
requirement that all government agencies, nonprofits and businesses conduct
periodic audits by teams of experts to
determine if they are compliant with the
requirements set forth in any mandated
comprehensive data protection plan.
Each organization should include a section that includes an opinion on the results of the audit in its annual report, if
required, or on its website, if not.
Organizations that lack strong comprehensive data protection plans would
be substantially penalized.
Attention CFEs
Fulll Your Annual Ethics CPE Requirement
with this new course from the ACFE Bookstore
RESTORING TRUST
Never-ending data breaches have seriously jeopardized our national security

and trust in organizations to protect personal data. In the same way that the U.S.
Sarbanes-Oxley Act has restored the
publics confidence in our financial markets, the federal government would do
well to pass a similar law to restore the
publics confidence and trust in transacting business electronically.
Robert E. Holtfreter, Ph.D., CFE,
CICA, is distinguished professor of
accounting and research at Central
Washington University in Ellensburg, Wash.
His email address is: holtfret@cwu.edu.
Adrian Harrington graduated from
Central Washington University in
Ellensburg, Wash., in June 2011 with a
Bachelors Degree in Economics. His email
address is: aaharrington87@gmail.com.
(Robert E. Holtfreter thanks co-author
Adrian Harrington, a former student in his
fraud examination class, who volunteered to
work for him as an unpaid research assistant.
He has worked hundreds of hours over the
past 18 months providing outstanding intellect, leadership and work ethic in helping to
conduct research and investigate the data
breach area, develop our data breach classification model, analyze the data and write
this article and work on others. He has a serious interest working in the fraud area and
will make a great investigator. ed.)
50
NEW! Ethical Issues for Fraud Examiners

(Online Self-Study)
CPE Credit: 2
Course Level: Basic | Prerequisite: None
In your work to resolve allegations of fraud, you might encounter
ethical issues that require you to look beyond the technical requirements of your job and toward the moral dimensions. But ethical
issues can be perplexing. What is the right thing to do?
Ethical Issues for Fraud Examiners will help you to understand
what constitutes an ethical dilemma and help you to develop an
awareness of ethical issues faced by fraud examiners.
What you will learn:
tEthical values that you are expected to honor when carrying out your
fraud examination duties.
tUnderstandintg ethical decisions
tConsiderations to keep in mind as you work toward your own
resolutions of ethical dilemmas. Imperative, utilitarian and
generalization ethical principles
tHow to locate resources that might be useful to you in resolving
ethical dilemmas.
Order your copy today at
ACFE.com/EthicalIssues
Fraud-Magazine.com
The CFE credential is known and respected

around the world.
Will White, Jr., CFE
ACFE Member Since 2007
Certied Fraud Examiner
Chief Anti-Fraud Ofcer
Ofce of Fraud Deterrence and
Detection, NAVSEA
The CFE credential has proven to be
a great benet to my career, as I have
been selected to lead the Anti-Fraud
Program for the Department of
Defenses largest Systems Command
as the Chief Anti-Fraud Ofcer. As the
Chief Anti-Fraud Ofcer, I have the
responsibility of providing oversight
(prevention and detection of fraud,
waste and abuse) for the Naval Sea
Systems Commands 55K personnel
and $40 billion annual budget.
Invest in your career. Become a CFE.

Visit ACFE.com/CFE
Case in Point
By Roger W. Stone,
CFE
He Milked it For All it Was Worth

A Dairy Farm Bankruptcy Fraud
ankruptcy fraud, which is a form of financial statement fraud, is perpetrated by concealing assets
through misappropriation and/or a misclassification of accounts. In the following case, we will
show how delayed bankruptcy schedule filings,
inaccurate bankruptcy schedules and incorrect monthly
operation reports can create an opportunity for a dishonest
debtor to misappropriate assets of a bankruptcy estate.
The consequences of this particular bankruptcy fraud
case resulted in $1.5 million in misappropriated assets, negligence action against the attorney and the convicted debtor
receiving a 10-year prison sentence.
THE DAIRY FARMER CASE
The wayward debtor in this case, a dairy farmer (we will call
him Stan), was suspected of gambling away the majority of
the misappropriated $1,528,502 from the estate at casinos.
Eight months prior to filing bankruptcy, Stan submitted
a signed personal financial statement showing $5,582,103 of
assets and $4,842,505 of liabilities, which set his net worth
at $739,598.Three months prior to filing bankruptcy, Stan
submitted a signed personal financial statement showing
$11,607,450 of assets and $4,981,100 of liabilities, which
then made his net worth $6,626,350.
When he finally filed, the assets of the farmers bankruptcy estate consisted of farmland, farm equipment, buildings, dairy cows, growing crops and crops in storage. The
bankruptcy schedules showed real property of $1,116,000 and
personal property of $574,370, for total assets of $1,690,370.
The farmers liabilities consisted of secured creditors and priority creditors holding claims of $4,661,866, and unsecured
creditors holding claims of $293,202. This brought the total
claims to $4,955,068.
COURSE OF THE BANKRUPTCY
This bankruptcy was extremely adversarial from the beginning. The bankruptcy estate attorney imposed several delays
52
Almost two years after the initial filing, the

bankruptcy court established the value of the
farmland at $2,926,000, which differed from the
initial $1,116,000 valuation on the schedules.
that undermined what little trust existed. The attorney initially filed for a Chapter 12 bankruptcy proceeding, which is
a type of bankruptcy for farmers who have less than $1.5 million of debt. However, his clients estate had more than $1.5
million of debt, and the attorney admitted during his deposition that he knew his debtor did not qualify for Chapter 12
at the time he submitted the filing. A plausible explanation
for the attorneys action was that a Chapter 12 filing would
result in future filings to correct the initial filing. Those filings
would delay reporting requirements for the debtor.
The attorney continuously requested extensions to file
bankruptcy schedules, saying that he wanted to ensure their
accuracy. However, the amended bankruptcy schedules were
also inaccurate. Moreover, Stans monthly reports of operations, when they were filed with the U.S. Trustee office, were
filled with inaccuracies and misapplications of accounts. The
most cursory review could detect these inaccuracies, so it was
clear that the attorney had not reviewed these reports prior
to their submittal. Lastly, Stans plan for reorganization was
submitted late and was unrealistic in scope. The creditors
attorneys objected to virtually every filing.
Because of these delays, the creditors did not have accurate
information about the estates assets and monthly cash flow, and
Stan was able to maintain control over the estates assets for
2 years, instead of being removed and replaced with a courtappointed Chapter 7 trustee who would administer the estate.
Almost two years after the initial filing, the bankruptcy court
Fraud-Magazine.com
Case in Point
established the value of the farmland at $2,926,000, which
differed from the initial $1,116,000 valuation on the schedules.
The farmland eventually sold for more than $3 million.
The risk to the creditors was not the farmlands decreased value on the schedules, because the farmland itself
was not a liquid asset. The real risk was Stans misappropriation of assets (i.e., dairy cows, farm equipment, etc.) when
he sold those assets outside the normal course of business
without first obtaining the courts permission. He used the
funds from those sales for his personal gain.
The creditors attempted to deter the debtors liquidation
of assets by taking inventories and by taking court action.
However, the court action was slow and the inventory results
were disputed. Without cooperation from the estate attorney,
the creditors did not accomplish much in trying to thwart
the debtor from liquidating his assets.
The debtor misappropriated the following assets for
these amounts:
Dairy cows ..............................................................$638,925
Grain sales not deposited to estate.........................$308,895
Withdrawals of cash ...............................................$221,775
Farm equipment and vehicles ................................$167,500
Direct payment to debtors........................................$75,000
Accounts receivables not disclosed on schedules ....$43,341
Preference payments.................................................$62,230
Miscellaneous ...........................................................$10,836
Total ....................................................................$1,528,502
HOW THE ASSETS WERE LIQUIDATED
During a bankruptcy, the law allows inventory held for

sale by the business to be purchased and sold in the normal
course of business as long as the creditors are protected. For
instance, inventory cannot be sold at below-market value,
but it can be sold at market value during the normal course
of business. Also, estate assets that are used to produce income cannot be sold without the courts permission. To apply
these rules to the dairy farm case, the milk produced by the
cows could be sold at market price in the normal course of
business. However, the cows that produce the milk could not
be sold without the courts permission.
There is a gray area within the definition of normal
business operations, and this is where a dishonest debtor can
do harm to creditors, shareholders and the business itself. In
the dairy farm case, Stan perverted the dairy farms normal
operations to his benefit and the harm of the creditors. (The
attorney, though not proven to be negligent, caused the
delays that allowed Stan to pervert operations.)
To further explain, in most dairy farm operations, dairy

cows produce less milk over time; therefore, it is normal for a
dairy farm to sell approximately 20 percent to 25 percent of
its herd every year for meat and then replace those animals
with younger dairy cows. A significant number of calves born
every year can be kept or sold, but these animals typically are
not on the accounting books because they have no basis.
Following are the specific ways the bankruptcy court
liquidated the assets:
1. Dairy cows sold
Depreciation records showed that Stan bought 957 dairy

cows at an average cost of $1,229 per cow in the four years
prior to the bankruptcy. The average useful life of a dairy
cow is five years, and then it is sold for beef. The bankruptcy
schedules showed 252 cows on hand. Two-and-a-half years
after the initial bankruptcy filing there was a total liquidation of dairy cows that resulted in a sale of 102 cows for
which the estate received $49,574.The bankruptcy estate did
not recover everything else that was sold.
2. Calves sold
It was estimated that there were 957 cows in the herd at

the time of the bankruptcy filing, which would result in a
minimum of 574 calves produced per year. However, there is
no evidence that funds from these sales were deposited in the
bankruptcy estate.
3. Milk production
The dairy farm was making about $240,000 monthly in milk

sales, which was being deposited in the bankruptcy accounts.
Stan made a side deal with his milk buyer, who agreed to pay
less for the milk and then make $8,000 monthly payments
directly to the debtor. This money never came into the
bankruptcy estate.
4. Crop sales
Crops were grown using assets of the bankruptcy estate.

However, during at least one year, Stan sold the crops and
never deposited the receipts and money from the sales in the
bankruptcy estate.
5. Farm equipment
It should be difficult to liquidate farm equipment that is in

a bankruptcy proceeding because of Uniform Commercial
Code filings on the equipment. However, Stan was able to
liquidate his equipment in two ways:
53
Case in Point
If the accountant had been

more experienced or
properly instructed prior
to performing his courtappointed duties, it is
reasonable to expect that
Stan would have been
deterred. As it stood,
Stan was allowed to
liquidate assets and
pocket the proceeds.
The first was leased farm equipment

that had a significant residual value
$45,000 more than what he owed on
the lease. It appears that Stan returned
the equipment to the leasing company
with some agreement that he personally
received the residual value. The residual
value never came back to the estate.
The second method involved used farm
equipment as a part of a blanket security
agreement for an operating loan Stan had
obtained prior to the bankruptcy. In this
instance, the equipment was placed for
auction out of the area with the proceeds
going to a relative.
6. Withdrawals of cash
Without adequate supervision and controls, Stan wrote checks to cash totaling
$221,775 out of the bankruptcy estate.
At the pre-filing conference, the estate
attorney counseled the debtor to hoard cash
to prepare for footing the bankruptcy expenses. What the attorney probably meant
was to not pay creditors, lessors and other
accounts payable prior to filing for bankruptcy and the automatic stay (an injunction
that halts the bankruptcys courts actions).
The goal was to keep as much money as possible in the bankruptcy checking account so
the debtor could continue to operate amidst
the business disruptions associated with
filing for bankruptcy. However, the debtor,
who had dishonest intentions, interpreted
this advice as keeping as much actual cash
in the house as possible and to not report it.
It is suspected that the debtor had in excess
of $100,000 cash on hand at various times
during the course of the bankruptcy.
THE INEXPERIENCED ACCOUNTANT
Approximately one year after the initial

bankruptcy filing, the court appointed an
accountant to prepare the monthly reports
of operation. The inexperienced insolvency
54
accountant made several errors. When preparing the monthly reports of operation, he:
Did not have copies of checks or deposits.
Did not have a check register.
Relied on descriptions of checks and
deposits provided by Stan.
Did not question Stan about the
appropriateness of deposits made or
checks written.
Did not consider it his responsibility to
question unusual expenses or deposits.
Did not know that Stan was not allowed
to have personal bank accounts other
than the debtor in possession accounts.
If the accountant had been more
experienced or properly instructed prior to
performing his court-appointed duties, it is
reasonable to expect that Stan would have
been deterred. As it stood, Stan was allowed
to liquidate assets and pocket the proceeds.
Two-and-a-half years after the initial
filing, the court finally appointed a Chapter
7 trustee to liquidate the estate. One month
later, the original attorney for the bankruptcy estate resigned.
WHAT THE CREDITORS COULD HAVE DONE
Early on, the creditors realized that Stan

was dishonest, and there was a real risk that
he would misappropriate the assets. The
creditors hired appraisers, took inventories
of the assets and filed court documents to
protect their assets during the bankruptcy.
However, these actions failed to deter Stan.
The creditors could have engaged a
forensic accountant/CFE to inspect the
debtors monthly reports of operations. This
person could have:
Verified reconciliations of bankruptcy
accounts.
Verified that all payments were for
appropriate services.
Verified that all deposits were being made
to the appropriate accounts.
Fraud-Magazine.com
Case in Point
Reviewed prior years purchases and accounts payables to

verify the existence of assets that were in the bankruptcy
schedules or that should be in the schedules.
Notified the creditors of anything that appeared unusual or
inappropriate.
It is true that these services can be costly, so creditors
should only take this route when the expense can be justified
by the risk of loss.
The Chapter 7 trustee engaged me to quantify and prove
the amount of misappropriated assets. There was virtually
nothing left for the creditors, except for a cause of action
against the original bankruptcy attorney.
As is frequently the case in misappropriations, the
involved parties missed many obvious opportunities to stop
or minimize the fraud, prior to and during the bankruptcy.
For example, Stans attorney could have resigned when he
realized his client was dishonest; the U.S. Trustee office
could have been more proactive in reporting the level of
extreme inadequacy of the monthly operating reports to
the judge; the court could have appointed a more experienced accountant, etc.
PROFESSIONALS ROLES
Most experienced forensic accountants, and many CFEs, can

review businesses in bankruptcy and determine fairly quickly if
the debtors are following the rules. If a debtor is following the
rules, these professionals will only need to periodically review
operations reports, greatly reducing the cost of the accountants services. Such reviews will give the creditor the information required to force the court to act quickly, either by removing the debtor in possession or by forcing the individual to
report as required. Either way, the creditor is better protected.
Roger W. Stone, CFE, is the owner and operator of
Management Accounting Services in Champaign, Ill. His
primary business is providing insolvency and forensic accounting
services to businesses and attorneys. His email address is:
rstone@financialstatements.net.
The Motivations of the Players in a Bankruptcy Case

Here is a summary of the key players in a bankruptcy ling and
their respective interests:
The bankruptcy estate attorney. In most cases, attorneys
in bankruptcy cases will resign when they believe they are
representing individuals who are not adhering to the rules of
bankruptcy. In my opinion, attorneys on these types of cases
are not paid enough to get entangled with dishonest persons;
the amount of the attorneys fees is miniscule compared to the
amount that dishonest persons steal. Attorneys want their insurance to settle the case before it goes to court.
The malpractice insurer. Working for the estate attorney, the
insurer is motivated to settle the case for the minimum if engaged.
The Chapter 7 trustee. The Chapter 7 trustee is torn between recovering the maximum amount for creditors and doing
something that might upset the U.S. Trustee ofce and jeopardize
the trustees being appointed to future cases. Also, the risk of

going to trial is that the plaintiff could lose, which means there
might not be funds to pay the Chapter 7 trustee.
The U.S. Trustee ofce. The ofce may not want a case to
go to trial because it could be revealed during the trial that the
ofce was not carefully reviewing the debtors monthly operating reports.
The judge. This player might not have a dog in the hunt.
However, in my opinion, judges seem reluctant to nd lawyers
guilty of negligence.
The creditors. They are motivated to go to trial or settle for
the maximum amount. However, it is the Chapter 7 trustees call
as to whether or not to settle not the creditors. Their primary
recourse is to object to what they perceive as an unreasonable
settlement between the Chapter 7 trustee and the insurer.
55
Taking Back the ID

Identity Theft Prevention Analysis
By Robert E.
Holtfreter, Ph.D.,
CFE, CICA
Fraudsters Claiming Victims Via

Payday and LinkedIn Scams
usie Duke was a fanatic when it came to technology. She had all the latest hardware, including a
smartphone, a laptop, an iPad and a Blackberry
all of which she used to communicate with friends
and business associates. However, she was not
sophisticated about protecting herself from fraud in a tech
environment. She ended up falling for a telephone collection
scam related to purported delinquent payday loans.
Payday loans have become more common over the
past few years because of the declining economy. The loans
are short-term fixes, usually for two-week periods, to allow
individuals to cover their expenses until the loans become
due the next payday. A recipient normally is required to write
a check for the cash amount of the loan plus the loan fee,
which often is extremely high ranging from 15 percent to
30 percent of the loan. The lender normally deposits the check
in his account when the payday date arrives. If the loan recipient does not repay the loan, the lender usually extends it at the
same interest rate. The real cost of these loans can easily reach
from 300 percent to 1,000 percent of the loan if the recipient
does not cover it in a reasonable time period.
Susie would occasionally get behind in paying her bills,
so she would go online and apply for a payday loan to tide her
over until she received her next payroll check. She recently
had begun receiveing telephone calls purportedly from a FBI
representative who said he was collecting debts for a cash
advance company. Susie was very upset and confused because
she always paid off her payday loans when they became due.
This fraudster had already obtained Susies personal information, including her Social Security, drivers license and bank
account numbers, from an unknown source and was attempting to use it to bilk her out of money. In the next two weeks,
he harassed her with numerous calls, and he threatened her
with legal action if she did not immediately pay off her debt
of $2,000 by placing that amount on a prepaid Visa gift card
and mail it to him. Susie became confused and overwhelmed
and finally gave in and paid the fraudster.
56
THE DELINQUENT PAYDAY LOAN SCAM
This identity theft case is fictional, but it represents a fraud

that has gained enough momentum to be reported by the
Internet Crime Complaint Center (IC3) in an Intelligence
Note on Dec. 10, 2010 (Telephone Collection Scam Related
to Delinquent Payday Loan). Like the FBI, the Federal Trade
Commission (FTC) and the Federal Insurance Deposit Corporation, the IC3 alerts the public when it receives numerous
complaints about a new scam.
The IC3 mentioned that fraudsters in this scam typically purport that they are with either the FBI, the Federal
Legislative Department (whatever that is), other high-level
government agencies or a law firm. They say that they are
calling to collect debts for Internet check-cashing companies,
such as U.S. Cash Net, U.S. Cash Advance and United Cash
Advance. In most cases, the victims are current or former
payday loan recipients.
The fraudsters do their homework before calling their
potential victims. They have the targeted individuals Social
Security numbers, dates of birth, addresses, employer information, bank account numbers, and names and telephone
numbers of relatives and friends. How the personal information is collected is unknown, but the IC3 said that the victims often relay that they had completed online applications
for other loans or credit cards before the calls began.
Once a con artist gets a victim on the hook, he will
accelerate the scheme by continually calling that person at
work, at home, and on his or her mobile phone with threats
of physical violence, arrest and legal action. An intended
victim will question the con artist about the particulars of
the loan, but he will refuse to respond, will be abusive and,
in some documented cases, will harass the victims family
and friends. In many cases, this hard-sell strategy overwhelms
the victim, and he or she gives in. Like many telephone and
online schemes, the fraudsters have orchestrated scripts, and
Fraud-Magazine.com
Taking Back the ID

Identity Theft Prevention Analysis
The only explanation I have is that the hacker

stole his Gmail account from the LinkedIn website
and used it to capture a contact list, which
included my email address.
they are well trained to listen for victims cues and respond
accordingly to complete sales.
The U.S. Fair Debt Collection Practices Act provides
consumer protection from illegal and unethical debt collection practices. According to Lawyers.com, the act does not
allow bill collectors to:
Tell people they will be arrested if they do not pay.
Repeatedly call the person to harass or annoy him.
Issue threats of violence or harm.
Falsely claim to be attorneys.
Falsely claim that the person committed a crime.
The website also advises consumers to do the following
if they receive suspicious phone calls about a debt:
Ask the caller to send the loan information in writing.
Refuse to verify any bank account, credit card or personal
information over the phone.
Report any telephone harassment or threats to the FTC,
which enforces the Fair Debt Collection Practices Act.
File a Better Business Bureau complaint to help let others
know about the scam.
Contact the state attorney generals office to find out
about state debt collection and consumer protection
laws that might apply.
In addition, the IC3 says to do the following:
Contact your banking institutions.
Contact one of the three major credit bureaus and request
that an alert be put on your file.
Contact your law enforcement agencies if you feel you are
in immediate danger.
File a complaint at www.IC3.gov.
SCAMS USING LINKEDIN
Recently, there have been reports of con artists culling

personal information from the online business social network
LinkedIn to commit fraud. LinkedIn has more than 120
million members worldwide, and as of June 30, its membership included executives from all 2011 Fortune 500 companies. LinkedIn members share personal information on
the site, including their names, titles and places of business,
which allows them to create opportunities for themselves
and others. LinkedIn can be a great resource for identifying and networking with key people at other companies.
However, some join LinkedIn to gather information on other
members and perpetrate fraud. Many of them will email
spear-phishing messages to LinkedIn members.
Spear Phishing
In a typical phishing scheme, a fraudster casts his net wide by

sending a fraudulent email message to millions of individuals
to try to hook some victims into a scam. However, in a spearphishing scheme, the fraudster directs an email to an individual or a select group of individuals within a company or
industry. The fraudster wants to convince the recipient that
the message is coming from someone who is in a position
of authority within the company for example, a network
administrator who is asking for confidential information.
The message typically includes a request for the persons
username and password, or it will ask the recipient to click
on a link that turns out to be corrupt and allows a banking
Trojan to download onto the victims computer. The banking Trojan contains a key logger that will harvest the email
recipients business or corporate bank account information.
At that point, the fraudster can masquerade as the legitimate
user and transfer money out of the account.
ZenuS Malware Scheme
Fraudsters also have used LinkedIn to install a malware

called ZenuS on LinkedIn members computers by sending
invitations to accept new contacts. A member clicks on a
link in the email message, the malware becomes embedded
in the members browser and is used to steal personal information, including passwords for personal or corporate bank
accounts, depending on whether the message was received
at home or work. The end result is the fraudster can transfer
funds out of the accounts.
A couple of other versions of this scheme recently happened to me. Over the past four months, I have received five
suspect emails. The first four were purportedly from people I
knew who wanted to add me to their LinkedIn network. To
accept, I would have to click on a link provided in the message. One of the individuals was a student in one of my summer classes. I immediately became suspicious and declined
the offer. I then went to the LinkedIn website and entered
TAKING BACK THE ID cont. on page 69
57
Global Fraud Focus

Examining Cross-Border Issues
By Richard Hurley, Ph.D., J.D., CFE, CPA;
and Tim Harvey, CFE, JP
Chinese Stock Investment Fraud?

Separating Fact from Fiction
ccording to a June 5 article, China foreign listings dogged by scandal, by Robert Cookson
in the Financial Times, a spate of scandals at
Chinese companies listed in New York, Hong
Kong and Toronto is unsettling investors.
It seems to have bubbled into a hysteria and creates an
unfortunate overhang over all Chinese companies seeking to
raise capital in the U.S. markets, said William McGovern,
Hong Kong-based partner at Kobre & Kim and former enforcer at the U.S. Securities and Exchange Commission. It
has become hard for investors to separate fact from fiction.
(http://tinyurl.com/5udkgk3)
And a May 26 article in The New York Times, The
Audacity of Chinese Frauds, by Floyd Norris, explains
how Deloitte Touche Tohmatsu exposed fraud at one of its
long-time clients, the Chinese financial software company
Longtop Financial Technologies. Apparently, the company
fooled some smart people into buying devalued stock. (http://
tinyurl.com/6axc5ll)
Are these stock scandals legitimate frauds aided by
backdoor investment listings and outsourced by auditing firms?
Or are they works of fabrication initiated by short sellers reaping profits selling on stock price declines either by allegations
or innuendo? The reality is that there is probably a mixture of
everything from fact and fraud to analysis and anxiety within
the perceived red-hot Chinese stock market.
Would-be investors should be aware of the potential
for fraud in any investment no matter its national origin.
The U.S. Public Company Accounting Oversight Board
(PCAOB) released a report on March 14 on the Activity Summary and Audit Implications for Reverse Mergers
Involving Companies from the China Region (the China
region refers to the Peoples Republic of China, Hong Kong
Special Administrative Region and Taiwan) from Jan. 1,
2007, through March 31, 2010 (Research Note #2011-P1).
58
The recent wave of accounting issues and

scandals involving Chinese firms has raised
regulatory concern levels from a small crack to
a chasm. Furthermore, short sellers are not
helping to distinguish reality from rumor.
The report summarizes the concept of reverse mergers

(also known as backdoor mergers) as: any acquisition
of a private operating company by a public shell company
that typically results in the owners and management of the
private operating company having actual or effective voting
and operating control of the combined company. Through a
reverse merger transaction, although the public shell company is the surviving entity, the private operating companys
shareholders control the surviving entity or hold shares that
are publicly traded. In a reverse merger transaction, the entity
whose equity interests are acquired (the legal acquiree) is the
acquirer for accounting purposes. The end result is that:
1. The private company has access to the U.S. financial
markets as a registered SEC reporting company without
filing a registration statement under the Securities Act of
1933 or the Exchange Act of 1934, but the public shell
company must file Form 8-K filing with the SEC.
2. The private company probably incurs a lower
accounting, legal and filing fee and gains faster access
to capital markets than filing an IPO.
3. Investors may perceive added value to the public shell
company. (See http://tinyurl.com/3s8tkq9 and
http://tinyurl.com/3awrx3g.)
Fraud-Magazine.com
Global Fraud Focus

Examining Cross-Border Issues
The PCAOBs March 11 report on reverse mergers

identified 159 companies, with a market capitalization of
$12.8 billion, that have accessed the U.S. capital markets via
a reverse-merger transaction from Jan. 1, 2007, to March 31,
2010. During that same time, only 56 Chinese companies,
with a market capitalization of $27.2 billion, completed the
initial public offering (IPO) process.
Although Chinese auditors completed 24 percent of the
audits of Chinese reverse mergers, the PCAOB staff takes issue with some U.S. registered accounting firms because they
may not be conducting audits of companies with operations
outside of the U.S. in accordance with PCAOB standards.
On July 12, 2010, the PCAOB issued Staff Audit Practice
Alert No. 6, Auditor Considerations Regarding Using
the Work of other Auditors and engaging Assistants from
Outside the Firm, which highlighted the PCAOBs concerns
with auditors hiring external auditors and staff to perform
audits outside the U.S. including ones in the Chinese region.
(http://tinyurl.com/63wrvpg)
The PCAOB inspection staff observed that in some situations it appeared that U.S. firms provided audit services by
having most or all of the audit performed by another firm or
by assistants engaged from outside the firm without complying with PCAOB standards applicable to using the work and
reports of another auditor or supervising assistants. In one
case the U.S. firms personnel did not travel to China region
during the audit, and substantially all of the audit documentation was maintained by the Chinese firm that did the audit
work. (See footnote 37 of http://tinyurl.com/3knf6db.)
SEC Chairman Mary Schapiro is also working with
Chinese regulators to address areas of concern. One key issue
is the PCAOBs inability to inspect the reverse-merger firms
in China. SEC Commissioner Luis Aguilar was a little more
emphatic with his concerns when he addressed attendees of
the Council of Institutional Investors Annual Conference on
April 4, 2011: While the vast majority of these companies
may be legitimate businesses, a growing number of them
have accounting deficiencies or are outright vessels of fraud.
The PCAOB also has difficulties in inspecting Chinese
audit firms that have registered with the agency. Michael
Rapoport reported in the August 8 article, Progress Cited on
Audits in China, in The Wall Street Journal, that Chinese
authorities have not granted permission to the PCAOB to
enter their country to evaluate audit firms who are registered
with the agency. (http://tinyurl.com/63xzwrl)
On April 4, PCAOB Chairman James Doty said in a
speech to the Council of Institutional Investors that, If
Chinese companies want to attract U.S. capital for the long
term, and if Chinese auditors want to garner the respect of
investors, they need the credibility that comes from being

part of a joint inspection process that includes the U.S. and
other similarly constituted regulatory regimes. In light of
these risks, the PCAOBs inability to inspect the work of registered firms from China is a gaping hole in investor protection. (http://tinyurl.com/3dns5eo)
The recent wave of accounting issues and scandals
involving Chinese firms has raised regulatory concern levels
from a small crack to a chasm. Furthermore, short sellers
are not helping to distinguish reality from rumor. Take, for
example, Sino-Forest, a Chinese forestry company listed on
the Toronto exchange. Robert Cookson, reporting in the
June 6 Financial Times article, China foreign listings dogged
by scandal, writes that in a few days Sino lost more than
two-thirds of its market value since Thursday after Muddy
Waters, a research firm founded by short-seller Carson Block,
accused the company of overstating its sales and the value of
its forest land. (http://tinyurl.com/3svmcn4)
Sino denied the allegation and claimed Muddy was
muddying the waters to profit from short selling. However,
another forestry group, China Forestry, had its shares suspended in January, 2011 after its chief executive was arrested
for the alleged embezzlement of $4.6 million.
Cookson, reporting in his June 6 Financial Times article,
writes that in the last six months more than 25 New Yorklisted Chinese companies have disclosed accounting discrepancies or seen their auditors resign. Nasdaq and NYSE
Euronext have halted trading in the shares of at least 21
small and micro-cap Chinese companies in the past year, and
kicked five of them off the exchanges.
Doty is optimistic that the PCAOB can reach an agreement with Chinese regulators on inspections. In the interim,
investors should understand that investing in China has its
own sets of investment risks. Then again, they should realize
that in a post-Enron, Madoff, Paramlat, Satyam, Siemens and
Societe Generale world, fraud has no national boundaries.
Just remember: No nation has a monopoly on stock fraud.
Investors must be diligent and be aware of the risks and act
accordingly. Caveat Emptor Let the buyer beware.
Tim Harvey, CFE, JP, is director of the ACFEs UK Operations,
a member of Transparency International and the British Society of
Criminology. His email address is: tharvey@ACFE.com.
Richard Hurley, Ph.D., J.D., CFE, CPA, is a professor in
the University of Connecticut (Stamford) School of Business.
His email address is: rhurley@business.uconn.edu.
59
Meet the Staff

Improving Members Lives
By Cora Bullock
ember Services Representative Ashly Worsham

enjoys talking to members and helping them,
but the ACFE fulfills her in a way she never
anticipated when she accepted the position
her constant quest for self-improvement. She takes as many
classes as the ACFE offers, from speech and finance to personal
safety and business writing. At the ACFE, they want you as a
staff member to further yourself, she said. You feel valued.
COUNTRY LIFE
Ashly was born in the East Texas town of Groves, but immediately moved to La Grange, where she grew up. Her family
includes little sister April, with whom she is extremely close,
and brother David, who is six years younger. Her mother,
Brenda, worked as a seamstress when the kids were young. She
then went on to work for the grocery store chain H-E-B, first
as a bookkeeper, later as a customer service representative. Her
father, David, was a petro-chemical draftsman when Ashly was
little, then returned to school to earn a certificate in computer
technology. He now is a computer technician with the
Lower Colorado River Authority.
Ashly grew up in the country. She lived off a dirt road, and
they raised Barbado sheep, pigs and cattle. The family had a
stock tank for fishing. But Ashly, who calls herself pretty girly,
avoided all of that and stayed inside with her mother, who
taught her to sew and cook. Ashly still takes scraps of fabric and
hand sews dresses. She loved to play dress-up: I remember reading Gone With the Wind really young and then pretending I
was Scarlett in the backyard, she said. I also thought math was
fun when I was a kid. My dad (being a techie) gave me a huge

IBM and installed Math Blasters. I became obsessed with it for
a whole summer until I beat it.
Her father focused on making her independent. He
wanted me to not be reliant on anyone, she said. Like him,
Ashly is a comedian. On her first day at the ACFE, President
and CEO James Ratley, CFE, told her (falsely and with a
straight face) that he was the custodian and would take care of
trash and small spills. An hour later, she called him to clean up
an imaginary soda spill under her desk, knowing full well who
he really was. Jim was delighted, of course.
Ashlys parents divorced when she was 11, but they
remained friends and still live near one another. Her mother
remarried, and Ashly considers her stepfather, Hunter, like a
second father. (She also has two older stepsisters from the union
with whom she is close.) He sparked her enthusiasm for science
fiction so much that she even gave a presentation during the
ACFE speech course about how much she loves the recent
remake of the sci-fi TV series Battlestar Galactica.
GIFT OF SINGING
Ashly was the good kid and rarely got into trouble, but she
did love to sing, which could be a blessing or a curse, she said,
because she was constantly singing. My parents regretted buying me The Little Mermaid, she said, laughing. She made
excellent grades and took a lot of dance classes. During high
school, she also sang lead vocals for her churchs praise and
worship band. She was a member of the drill team and business
club, acted in plays and sang in musicals. As if she was not busy
ACFE Member Services Representative Ashly Worsham loves to assist

members, but she also works to improve her performance with the ACFEs
continuing education offerings
60
Fraud-Magazine.com
enough, she also took classes her last two years of high school to
become a licensed cosmetologist, which is how she paid her way
through college.
Ashly graduated from high school in 2003 and attended
Texas State University in San Marcos, 30 minutes south of
Austin. It took her a while to figure out her major. She initially
decided on accounting, because she is good at math, but then
Ashly took a speech class, which she loved so much that she
majored in mass communication. She also loves to counsel
people, so she minored in psychology.
Working full time as a hairdresser and attending school full
time meant she took a little longer to earn her Bachelor of Arts
in Mass Communication, which she did in 2009.
SERVING OUR MEMBERS
Photo by Christi Thorton-Hranicky, CFE
After she graduated, she was perusing craigslist and saw the
ACFEs posting for a member services representative. She
started in May 2010 and began managing the Fraud Magazine
CPE quiz in January of 2011.
I love to be able to listen to our members and make them
happy and solve their problems, even when they dont know
what their problems are, said Ashly. She might one day return
to school to become a counselor. Despite being a communications major, I like to listen to people, and over the years, Ive
honed my listening skills.
LEADING A FULL LIFE
When she is not assisting members, Ashly stays incredibly

busy. She has a passion for karaoke and sings with and writes
lyrics for her co-worker Justin Dillons electronic band, GOBI.
She also writes her own music and loves to cook. Her mother
goes through cookbooks from start to finish, trying every
recipe, and Ashly does the same. Her favorite cuisine is
Asian, specifically Thai.
Ashly has not had the opportunity to travel much The
first time I touched or saw the Pacific Ocean was at the 22nd
Annual ACFE Fraud Conference and Exhibition. but she
one day plans to do more, though she does not want to leave
Austin right now. She fell in love with the city, despite the frustrating construction the citys growing pains she encounters every day. She tries to see the beauty in everything. Your
mindset really shapes your world, and I try to keep a positive
perspective, she said. Luckily our members, and the ACFE,
get to benefit from this too.
Cora Bullock is assistant editor of Fraud Magazine. Her email
address is: cbullock@ACFE.com.
Ashly Worsham
ADVERTISERS INDEX
EthicsLine .............................................. inside front cover

TLO...........................................................................page 5
SAS ................................................................... back cover
This index is provided as a reader service. The publisher doesnt
assume any liability for errors or omissions. For information
about advertising, call Ross Pry at the ACFE, (800) 245-3321,
or email him at rpry@ACFE.com.
Publication of an advertisement in Fraud Magazine doesnt
constitute an endorsement of the product or service by Fraud
Magazine or the Association of Certified Fraud Examiners Inc.
61
ACFE News
MCFADYEN REVEALS TULSA CHAPTERS SECRETS
OF RITCHIE-JENNINGS SCHOLARSHIP SUCCESS
R. Cameron McFadyen, CFE, longtime Tulsa fraud examiner

and accountant and active ACFE member, recently spoke with
Fraud Magazine about his participation in the ACFEs RitchieJennings Memorial Scholarship program, the Oral Roberts
University (ORU) scholarship process and his work in the
fraud examination field. McFadyen is the founding president of
the ACFEs Tulsa Area Chapter and chairman of the RitchieJennings Memorial Scholarship Committee. (See ACFE.com/
scholarship.aspx.)
How long have you been associated with ORU and how have
you served in the scholarship process?
The Tulsa Area Chapter began participating in the annual
Ritchie-Jennings Memorial Scholarship competition in 1996.
I began as the chapters committee chair and started talking
about the scholarship to professors at local universities. A friend
of mine, Terry Unruh, an assistant professor of accounting at
ORU, expressed real interest. From that point on, we worked
closely together, and, over time, we developed a process, which
has been very successful. Since being named to serve on the
Ritchie-Jennings Memorial Scholarship Committee last year, I
have removed myself from the process at the local level to avoid
any conflict-of-interest issues.
ORU has had a number of candidates win the RitchieJennings Memorial Scholarship through the years.
The Tulsa Area Chapter established the R. Cameron McFadyen, CFE, Scholarship Award beginning in the 1999-2000
competition year. This award provides additional scholarship
money to local winners.
How do you attribute ORUs success?
I believe there are four key reasons for the success of this program. First, the chapter scholarship chair maintains a close relationship with ORU professors and officials. Second, the chapter
sponsors events throughout the year, such as photo shoots and
congratulatory meetings for the winners and presentations to
recipients of the Fraud Magazine issue containing the scholarship
article. Third, the chapter evaluates students regularly to determine those who would make the best candidates for endorsement. And fourth, the selection interviews are always in person
and designed to reveal as much as possible about each student:
who they are, what they want to do and how they view their futures. Those interviews are major components when the chapter
decides who to put forward as Ritchie-Jennings applicants.
62
What steps can educators take to help

students submit a
worthy application?
Educators can make all
the difference. They
are on the front lines
and know better than
anyone those students
who would make the best
scholarship applicants.
They can introduce their
students to the scholarship program and tell
them about its backR. Cameron McFadyen, CFE
ground. Educators can
spur students to work their hardest and, hopefully, steer them to
the fraud examination profession and the CFE credential. Dedicated educators can mentor students through the application
processes and assure that they meet all requirements. Educators
also can help students present themselves in the best possible
way by highlighting achievements, experiences and honors that
differentiate them from the pack.
What motivated you to become a fraud examiner?
During my years as director of corporate internal audit, I came
across inappropriate actions by individuals in various parts of
our global operations. Finding this was a shock because you
just dont start into an audit project expecting to uncover
fraud. Over time, in discussions with other audit professionals,
there was growing concern about fraud and the risks that came
with it. More and more forums about it became part of auditor
meetings to allow a sharing of experiences, and these provided
some education about how to deal with it. The subject matter
really intrigued me, and the interest grew to the point where I
just decided that I wanted to learn as much as possible and then
help others either through education or by helping them deal
directly with these very trying, difficult situations. More to the
point, I hate to see the bad guys win.
Your ACFE number is 300; youve been a member since
1989. Why did you decide to become a member and then a
CFE? What do you enjoy the most about the ACFE?
Prior to the ACFE, there was no authority to specifically address
these issues for professionals. When the ACFE began in 1988, I
saw some literature about this new organization. So I contacted
Fraud-Magazine.com
tacted the Austin headquarters to ask some questions and learn

what I could. I remember sitting in my office a few days later
and receiving a call from [now ACFE President and CEO] Jim
Ratley asking if I needed additional information. We had a very
nice conversation during which he said he hoped that with my
accounting background, combined with the interest I expressed
in fraud issues, I would seriously consider membership. And as
they say, that was that!
(Thanks to Lupe DeLeon, ACFE membership coordinator,
for assistance with this interview. ed.)
CFE TAKES THE BLOWS AND GETS BACK UP IN WIPEOUT
Wilson Kennedy holds two distinctions as a City of San Diego

employee: He is the first to become a CFE and the first to be a
contestant on ABCs summer Wipeout obstacle course TV
Wilson Kennedy, CFE, swings with gusto during the trials of a

summer Wipeout TV show.
Automatic Dues Renewal Service

Cost
Convenient
Convenient.
t.
Cost effective.
effffective Time
Time saving.
saving C
onvenient.
The key to saving time and money on your ACFE dues
t Receive a 10% discount on your dues
each year you are enrolled in the service.
t Your dues are automatically paid

each year no need to write a
check or pay online.
t Get $75 off a live ACFE training event.*

t Environmentally friendly - paper statements and postage are eliminated.
t No interruption of member benets

and services.
Visit ACFE.com/AutoDues to enroll today.

*Offer expires December 31, 2012. ACFE webinars, online learning and one-day seminars are excluded.
63
ACFE News
show. The credential has helped his career, and the program has
tested his resolve.
I wanted the opportunity to experience the worlds most
entertaining and challenging obstacle course while appearing
on prime-time TV, said Kennedy, the supervising management
analyst for the San Diego Public Utilities Department.
You have probably seen this wildly popular show when
channel surfing: Contestants move through a course of twirling and thrusting padded plastic wheels, giant balls, platforms
and mazes as they are shot with water cannons, pummeled with
exploding airbags and often ungracefully fly into pools of water.
From my couch, being on the show looked like it would be
fun, exciting and easy, Kennedy said. After all he was young,
had played college and semi-pro football and was still relatively
fit. It was one of the most physically exhausting things I have
ever done in my life!
He auditioned in four casting calls over 1 years, but he
was ready when he got the call. More than 75,000 applied for
season four, and he finally was in the 1 percent that made the
cut. Now ironically nicknamed Sewer Rat by the shows producers he is a self-described germophobe who helps secure
funding for San Diegos water and wastewater projects he
worked out frenetically for three months before the shows taping in May of last year. He ran, biked, swam, jumped rope and
lifted weights. Still, after completing the qualifying run, it must
have taken almost an hour before my heavy breathing stopped!
During the taped competition, Kennedy fought his way to
the top six of 24 contestants in the semifinals, but he just missed
the final push for the $50,000 prize.
Throughout the ordeal, his family, friends and co-workers
cheered him on. Many of them, including members of his
churchs youth ministry, gathered at a pizza parlor to watch the
show last summer. He had told the church kids during his auditions that he would buy a flat-screen TV, an Xbox and a Wipeout
video game for each of the three youth classrooms if he won.
Although I didnt win, I didnt have the heart to not get
them anything after they had been looking forward to celebrating with me for almost two years, Kennedy said. So at the end
of the viewing party he presented all those fun items for one of
the three classrooms. Then daughter Zaria, 11, Kennedys biggest fan, led her Pop Warner cheerleading squad in a cheer.
He is not ready to retire from the punishment. He wants
to appear on future all-star shows with other contestants who
also did not quite make it to the finals. Kennedy definitely is
not wiped out.
Dick Carozza
64
In Memoriam
Major Karl J. Flusche, CFE,
USAF, Ret., passed away on
Nov. 16. He was director
and manager of all electronic evidence collection
activities for Fios Inc.
ACFE President and
CEO James D. Ratley, CFE,
said, Karl was a true professional. He personified what
we wanted in a CFE.
Flusche was a federal
agent for the Air Force Office of Special Investigations
for 25 years, specializing in
computer systems analysis,
Karl J. Flusche, CFE
computer crime investigations and forensic analysis of computer systems and associated
storage media. He pioneered innovative ways for conducting
forensic analysis of computer-related evidence and was credited
in 1984 with finding the first-ever use of a computer to hide a
Karl was a true professional. He personified what

we wanted in a CFE.
suicide letter. In U.S. vs. Peri (1989), he was able to successfully
recover hundreds of electronically stored pages of classified war
plans that a defecting U.S. soldier had passed on to the East
German Intelligence Service via electronic media the first
computer spy case in U.S. history.
His father, Don Flusche, was a sergeant with the Dallas Police Department when Ratley was a police officer with the force.
Ratley said Don Flusche had a profound influence on him. Don
was the finest man I have ever known, and Karl was a chip off
the old block, said Ratley.
Karl Flusche is survived by his wife, Cindy; a son, Karl Jr.;
and a daughter, Lorrie. He enjoyed spending time with their
three grandchildren, and he loved family genealogy, and stamp
and coin collecting.
Fraud-Magazine.com
Independent CFEs Need to Check Their

Jurisdictions on PI Licensure Laws
By James S. Peet, Ph.D., CFE
Last summer, the General Forum in the Members Only discussion forums on ACFE.com contained a long conversational
stream on whether CFEs need private investigator licenses to
conduct fraud examinations. The consensus among the discussants was a clear maybe. This unequivocal consensus was
based on the private investigator licensing laws and regulations
applicable in the relevant jurisdictions.
Most licensing laws define the activities that constitute
private investigative work and state that only licensed persons
can engage in those activities. In the U.S., for example, private
investigator licensing is controlled by each state, and 42 states
and the District of Columbia have licensing requirements for
private investigators. (Alabama, Alaska, Colorado, Idaho,
Mississippi, South Dakota and Wyoming do not have statewide
licensing requirements.)
Basically, in most jurisdictions, the question as to whether
an individual must be licensed as a private investigator depends
on whether the individual engages in private investigative
work. And perhaps the most relevant factors in determining
this are how the relevant jurisdictions define private investigative work (or some variation of this term, such as private
detective business or private investigation service) and if the individual is an employee of an entity or is independent. (Check
out the thread PI Licensure in the General Forum.)
WHAT CONSTITUTES PRIVATE INVESTIGATIVE WORK?
The definition of private investigative work can vary from state to

state, but generally, private investigative work involves engaging
in the business to, or accepting employment to, obtain or furnish
information with reference to any number of matters, including:
Crime, criminals or rleated information.
The identity, habits, conduct, business, occupation, honesty,
integrity, credibility, knowledge, trustworthiness, efficiency,
loyalty, activity, movement, whereabouts, affiliations,
associations, transactions, acts, reputation, or character
of any person.
The cause or responsibility for fires, libels, losses, accidents, or

damage or injury to persons or to property.
Evidence to be used before a court, board, officer or investigative committee.
Detecting the presence of electronic eavesdropping devices.
The truth or falsity of a statement or representation.1
The above language, which is typical of some state laws,
is quite broad, meaning that it could encompass almost any
investigative profession, including the anti-fraud profession.
The general frameworks of state private investigation statutes,
however, regulate only those who are holding themselves out as
private investigators or conducting a business to perform those
functions. Indeed, these statutes typically exclude those employed exclusively and regularly by only one employer insofar as
their acts relate solely to the business of that employer.
DOES CONDUCTING A FRAUD EXAMINATION
CONSTITUTE PRIVATE INVESTIGATIVE WORK?
According to the ACFEs 2010 Fraud Examiners Manual, a

fraud examination is a methodology for resolving fraud allegations from inception to disposition. More specifically, fraud
examination involves obtaining evidence and taking statements, writing reports, testifying to findings, and assisting in the
detection and prevention of fraud.
Investigative work is one of many components in a fraud
examination, but it does not include the fraud prevention component. That is, fraud examination involves activities outside
the scope of traditional types of investigative work.
While some types of private investigative work may be
limited to reviewing data and evidence for signs of wrongdoing,
most are much more detailed. They require routine investigative tasks, such as interviewing victims, witnesses and suspects,
and taking their statements. Typically, the private investigator
collects evidence and maintains a chain of that evidence so that
a court of law will not dismiss it. The private investigator writes
detailed reports indicating the chain of events and often testifies
in court about that material.
65
ACFE News
If a fraud examiner engages in the typical activities
of investigative work, a private investigators license
Private Investigator Licensing in Canada and the United States
might be required. This is because many jurisdictions
have laws that define investigative work broadly to
include the activities involved in fraud examinations.
Thus, if a CFE conducts fraud examinations or investigations (separate, but similar activities), then this falls
under the purview of investigative work. It does not
matter if the investigations are of a criminal nature
or not; what matters is that the licensing jurisdiction
views them as investigative work.
But even if you engage in investigative work, it is
not definite that you are required to obtain a private
investigator license. Again, these statutes generally leave
free of regulation those employees acting on behalf of
their employers.
PI License Required:
Yes
No
You likely will need a private investigators license
if you are an independent CFE (not a paid employee of a
corporation, organization, agency or any other entity).
An example of how an independent CFE could be
involved in investigative work is when a prospective client contacts him or her about a possible case of occupational fraud. If the CFE speaks with the client, obtains
some cursory evidence that points to a particular employee, and investigator licensing laws as long as the investigations are in
then decides to interview the employee and his co-workers, this the performance of their official duties.
Most CPAs are also exempt, as long as the work they do for
is the beginning of a formal investigation. If the CFE completes
their
clients does not extend beyond the services traditionally
the interviews, takes statements and collects further evidence,
offered by CPAs and into activities within the scope of tradihe or she is now well into an investigation, which may lead to
tional investigative work. In many jurisdictions, once someone
the employees termination and possible arrest. And the CFE
leaves straight accounting and begins forensic accounting, a PI
may then testify in court.
license may be required. This is most often the case when someIn short, if you are paid as an independent CFE (not
one begins interviewing victims, witnesses and suspects. The
employed by an entity) to investigate a crime, you interview
person is no longer just reviewing data or evidence but is conpeople, and you collect evidence, which may be used before a
ducting a private investigation, as determined by law. Although
court, you will likely be required to obtain a PI license.
some CPA activities could fall within the broad definitions in
Dr. Joseph T. Wells, CFE, CPA, founder and chairman of
state private investigator licensing laws, the AICPA maintains
the ACFE Board of Directors expresses his own opinion succinctly. If there is any chance at all that a state licensing board that CPAs should be exempt from state private investigator licensing laws.2 Regardless of what the AICPA maintains,
could view you as holding out as an investigator, do yourself
though, jurisditional laws always take precedence.
a favor and get licensed, Wells said. Many of these state
boards are self-funding and actively look for anyone that can
Lawyers are also usually exempt from PI license requirebe construed to be unlicensed because it adds to their coffers.
ments if they are acting in their capacities as attorneys. For
Moreover, if courts or opposing counsel can brand you as an un- example, Nevada provides that [e]xcept as to polygraphic
licensed investigator, your case will likely suffer severe damage. examiners and interns, this chapter does not apply [t]o an attorney at law in performing his duties as such. Nev. Rev. Stat.
FINER POINTS
section 648.018.
Public employees conducting investigations on behalf of their
If a lawyer decides to help another lawyer investigate
governmental organizations are exempt from state private
fraud who is not in his or her firm, then the exception might
Note: Hawaii, Puerto Rico and the
District of Columbia require PI licenses,
but Guam and the U.S. Virgin Islands do not.
66
Fraud-Magazine.com
NOW AVAILABLE
2012 Fraud Examiners Manual

not apply and that lawyer might need
a PI license.
As mentioned, those conducting
internal audits/investigations for corporations that employ them are generally
exempt from state private investigator
licensing laws. (These CFEs are usually
internal auditors or internal investigators.) A couple of jurisdictional exceptions mostly in Canada require
corporate CFEs to obtain PI licenses,
but this is not the norm.
What if you do not conduct actual
investigations but work as a consultant
to develop fraud prevention programs
or review materials for others, such as
law enforcement agencies or law firms?
There is a fine line between consulting, reviewing and investigating, so you
should check with your licensing jurisdiction. Most jurisdictions do not require
a license if you are only a consultant and
do not engage in investigative work. Furthermore, if you are a forensic accountant (one who reviews and analyzes data
for purposes of litigation but does not
collect data or interview individuals) or
a computer forensic consultant, you may
be exempt from licensing. Most state
laws are unclear on this matter. A few
states, such as Texas, specifically require
computer forensic professionals to be
licensed as private investigators.
CROSSING JURISDICTIONAL BOUNDARIES
To throw yet another monkey wrench

into the gears, what if your work takes
you over jurisdiction lines? Some states
or countries do not have reciprocity agreements with other states or
countries. A CFE may be legal in one
jurisdiction but not in another. Other
places grant reciprocity to PIs up to 30
days to investigate cases originating in
their home jurisdictions.
The essential resource for anti-fraud professionals

has been updated with even more information valuable to fraud
ghters worldwide. Stay up-to-date with latest changes in laws,
statistics, fraud examination techniques, methodology and
procedures with the new 2012 Fraud Examiners Manual. Because
no other works provides such a comprehensive guide for the
anti-fraud professional, every fraud ghter should keep a copy in
their library.
Important updates for 2012 include:

t New chapter on Fraud Risk Management
t New chapter on Corporate Governance
t New coverage of the whistle-blower provisions of the Dodd-Frank Act
t Updated Computer and Internet Fraud chapter, including expanded
material on:
t Methods fraudsters use to gain unauthorized access to
computer systems
t Data manipulation and data destruction, including a discussion on some of the common methods used to destroy and
manipulate data
t Ways organizations can prevent unauthorized access to their
computer systems
t Log management and analysis as a means to detect unauthorized
access to computer systems
t Conducting investigations regarding computer crimes, including
a new eight-step plan for responding to such issues
U.S. Edition Now Available. International Editions Coming Soon.
Visit ACFE.com/Shop to order your copy today
67
ACFE News
KEEP IT LEGAL
If you are an independent CFE, check with your jurisdictions

licensing agency and get its response in writing. Better to be
on the safe side than to have your credibility destroyed in court
because you were not legal.
Useful resources for checking out U.S. private investigator
licensing is the CrimeTime.com website linking all the states
licensing agencies, http://tinyurl.com/kqp6uj, and Michael
Kesslers website on forensic accounting licensing,
http://tinyurl.com/86q7z3s.
See the map on page 66 for those states and provinces in
North America that require PI licenses.
James S. Peet, Ph.D., CFE, is an instructor at Highline
Community College in Des Moines, Wash., and principal manager
at Peet & Associates LLC in Enumclaw, Wash. He is also a licensed
Washington State private investigator. His email address is:
jpeet@peetassociates.com.
1
This definition was taken from the Revised Code of (the state of )
Washington 18.165.10, the law regulating Private Investigators. Some
state statutes contain language that is more vague and open-ended. For
example under Nebraksas statute (Neb. Rev. Stat. 71-3201), a private
investigator is one who engages in the secret service or private policing
business, which shall mean and include: general investigative work,
non-uniformed security services, surveillance services, location of missing persons and background checks.
2
American Institute of CPAs. (2011). Digest of State Issues: For the CPA
Accounting Profession 2011. Retrieved from http://tinyurl.com/89bkarb.
ACFE Asia-Pacific
Conference a Hit
The first-ever ACFE Asia-Pacific Conference held Oct. 23-25
in Singapore was a great success, with more than 200 attendees.
Speaker highlights included Aedit Bin Abdullah,
chief prosecutor of both the Criminal Justice Division and the
Attorney-Generals Chambers in Singapore; ACFE President
and CEO James D. Ratley, CFE; and Mark Steward, executive
director, Enforcement Division, of the Securities and Futures
Commission of Hong Kong. Attendees participated in educational workshops and lively panel discussions covering such
topics as anti-bribery efforts and corruption enforcement.
The ACFE Asia Pacific Fraud Conference in Singapore
was a real eye opener for me, said Kevin Taparauskas, CFE,
ACFEs director of events and marketing, who also attended.
I knew that the ACFE had loyal members in the region. But I
was extremely impressed with the enthusiasm of our attendees
and dedication to truly growing the profession that I witnessed.
I now understand why this has been our fastest-growing region
in the world for the last several years.
For our part, the ACFE intends to fully support and help
facilitate ongoing growth in the Asia Pacific, he continued.
I announced at the conclusion of the conference that the
ACFE would be holding our first CFE Exam Review Course
in the area March 26-29, 2012. In addition, we are working
on a regional call center, based in Singapore, that will greatly
improve support all of our members in the Asia-Pacific region
and beyond.
Photos by Patrick Ong
68
Fraud-Magazine.com
NEW! ONLINE SELF-STUDY
FCPA Compliance:
TAKING BACK THE ID
cont. from page 57
the name of the student; up came 25
individuals with the same name, along
with their profiles. I contacted the
student and asked him for an explanation. He said he never contacted me via
LinkedIn, but he had used his Gmail
account to email me throughout the
course. The only explanation I have is
that the hacker stole his Gmail account
from the LinkedIn website and used it
to capture a contact list, which included
my email address.
The fifth suspect email included
a message, with an embedded link,
that read, Your LinkedIn account was
blocked due to inactivity. Please follow
this link to learn more. Thank you for
using LinkedIn! The LinkedIn Team.
I do not have a LinkedIn account,
so I can only assume it was another
fraudsters attempt to install the ZenuS
malware on my computer. If you receive
a similar message, do not click on the
embedded link. If you know the individual, contact that person to see if he
or she sent it, and if they did not, alert
LinkedIn. I am sure that LinkedIn is
doing an excellent job trying to prevent
this type of fraud. However, its website is
a gold mine of personal information for
fraudsters to exploit with their schemes.
MORE FOR THE COMMUNITY
To help prevent identity theft, share

these scams with your friends, family and
colleagues. Contact me if you have any
identity theft issues that I might be able to
research and report back. Stay tuned!
Robert E. Holtfreter, Ph.D., CFE,
CICA, is distinguished professor of accounting and research at Central Washington University in Ellensburg, Wash. His
email address is: holtfret@cwu.edu.
Creating an Effective Anti-Corruption

Compliance
Program
CPE Credit: 4
Prerequisite: None
Since its enactment, the FCPA has had an enormous impact

on the way organizations around the world conduct business
domestically and abroad. As a result, it is important for you
and your company to understand the intricate and interlocking
network of criminal and civil laws designed to combat
transnational bribery.
FCPA Compliance provides relevant information on the current
legal and regulatory framework of the governments efforts to
combat bribery in international trade. More specically, this
course provides an overview of the FCPA and other international
anti-corruption initiatives, advises how companies can establish
compliance programs to detect and minimize violations of law
and examines bribery risk assessments.
What you will learn:

tThe principal components of the FCPA
t14 essential elements of an effective compliance
program
tCreating an FCPA Risk Assessment
tThe 7 core risk factors of FCPA
Order your course today at ACFE.com/compliance.
69
CPE QUIZ
1. According to the opening case in the article, Fraud in Houses
of Worship, the perpetrator:
No. 100 (Vol. 27, No. 1)
6. According to the article, The 10 Tell-Tale Signs of Deception:
a. Was a former youth minister.
a. Deceptive people often use language that maximizes

references to themselves.
b. Had been defrauding the 2,000-member church for 36

months.
b. In oral statements and informal written statements, deceptive

witnesses never omit self-referencing pronouns.
c. Was in financial trouble.
c. Truthful people usually describe historical events in the past tense.
d. Admitted everything in a teary confession.
d. Deceptive people never refer to past events as if the events

were occurring in the present.
2. According to the opening case in the article, Fraud in Houses

of Worship, the perpetrator had been defrauding the church by:
a. Writing herself duplicate paychecks.
7. According to the article, Overachieving Fraud Wolves in

Sheeps Clothing, the author in the case:
b. Stealing cash from donation deposits.
a. Was an in-house consultant.
c. Taking out credit card accounts in the church name.
b. Zeroed in on the accused employees because the tipster had

provided specific details of the alleged fraud conduct.
d. All of the above.
c. Expanded the investigation to several previous months and

increased the sampling of calls and accounts.
3. According to the KU ticket scandal case in the article, Fraud in

Collegiate Athletics:
a. Ticket sales amounted to more than $2.5 million at face
value and could range as high as $3.7 million in market
value.
b. Athletic department members did not improperly use or resell
complimentary tickets reserved only for charitable organizations.
c. Evidence suggested that several coaches were involved in the
schemes.
d. After reviewing consumer complaints, he found questionable

conduct.
8. According to the article, Overachieving Fraud Wolves in
Sheeps Clothing, CFEs are trained to focus their sights on the
business resources, processes, procedures, employee activities
and personnel to detect the potential for, and existence of, the
fraud triangle factors.
a. True.
d. The culprits concealed these thefts by simply charging tickets

to fictitious accounts and not recording the ultimate recipients.
4. According to the article, Fraud in Collegiate Athletics:
b. False.
9. According to the article, Breaking Breach Secrecy, Part 3:
a. Part of the difficulty in dealing with ticket sale frauds in

college athletics is that the sheer volume of money invites theft.
a. Organizations and individuals who do a horrible job

protecting personal data, of course, create conditions that
lead to the majority of data breaches.
b. The U.S. Equity in Athletics Disclosure Act requires colleges to

file annual reports with the U.S. Department of Intercollegiate
Sports.
b. The PRCH describes itself as a for-profit consumer education

and advocacy project.
c. The PRCH defines unintended disclosure as electronic entry
by an outside party.
c. Frequently, two individuals control the daily financial

management of an athletic department.
d. For the past seven years, the Verizon Business Risk Team has
prepared the Data Breach Summary Research Report.
d. Winning often contributes to sound financial management.

5. According to the article, The 10 Tell-Tale Signs of Deception,
linguistic text analysis involves studying the language, grammar
and syntax a subject used to describe an event to detect any
anomalies.
10. According to the Holtfreter/Harrington Data Breach Analysis

Report, described in the article, Breaking Breach Secrecy, Part 3:
a. True.
b. False.
a. Few individuals believe that the majority of compromised

records and related breaches are externally driven.
b. Internal hackers caused more of the compromised records.
c. The results strongly indicate that the organizations
experiencing these data breaches lack strong comprehensive
data protection programs.
d. Thirty-eight percent of the total breaches result from the
internal improper protection and disposal of data.
Circle the correct answers and mail to the ACFE with four other completed quizzes
published within the last 24 months and the CPE Quiz Payment Form (see next page).
Name
ACFE Member No.
Fraud Magazine CPE Quiz Payment Form
EASY
STEPS:
PLEASE NOTE: The Fraud Magazine CPE Service CPE credits apply only
to the CFE status and not to any other professional designations. Fraud
Magazine CPE Service is not registered with the National Association of
State Board of Accountancy (NASBA).
1
2
3
READ the feature articles and columns in any ve issues of Fraud

Magazine published within the last 24 months.
CIRCLE the correct answers to the quizzes in the back of the issues.
REGISTER by completing the form below and mailing or faxing in your $69
fee and ve quizzes together.
Once youve passed all ve quizzes (with a score of 70% or better on each quiz), the ACFE will e-mail you a certicate
of completion. You will receive 10 of the 20 hours of CPE credit required annually to maintain your CFE credential.
FRAUD MAGAZINE CPE QUIZ PAYMENT FORM
T YES! I want to register for the Fraud Magazine CPE Service to earn 10 hours of CPE for only $69. I have enclosed
payment along with my ve quizzes.
Name, rst and last (TDr. TMr. TMrs. TMs.)
Certied Fraud Examiner? TYes (if yes, member #) TNo
Company
Other designations (CPA, etc.)
Title
THome TWork Address
City
State/Province
Phone number (THome TWork)
Zip/Postal Code
Country
Fax number (THome TWork)
E-Mail Address (THome TWork)
Local Chapter
TSend me your FREE FraudInfo e-newsletter
METHOD OF PAYMENT
TCharge my (check one). Cards charged in U.S. dollars.
Name on Card
Expiration Date (month/year)
V-Code (on back / front of AMEX)
Card Number
Billing Address
City
State
Zip/Postal Code
Country
Signature
TCheck or money order enclosed (made payable to the Association of Certied Fraud Examiners).
Download archived quizzes and this payment form at

Fraud-Magazine.com/CPE-Quiz-Archive.aspx.
ASSOCIATION OF CERTIFIED FRAUD EXAMINERS

8PSME)FBERVBSUFSTt5IF(SFHPS#VJMEJOHt8FTU"WFt"VTUJO 59t64"

'SBVE.BHB[JOFDPNtNFNCFSTFSWJDFT!"$'&DPN
ACFE Calendar of Events

For information or to register, visit ACFE.com/Training
January
sun
22
mon
23
tues
24
wed
25
thurs
fri
sat
26
27
28
Investigating
Conicts of
Interest:
Fraud Risk Management:
Contract & Procurement Fraud:

Phoenix, AZ
February
29
30
31
Los Angeles, CA
Los Angeles, CA
CFE Exam Review: Dallas, TX
10
11
12
13
14
15
16
17
18
Introduction to Digital Forensics:

New Orleans, LA
March
26
27
28
Interviewing Techniques for Auditors:

Ft. Lauderdale, FL
Legal Elements
of Fraud
Examination:
29
Fraud
Prevention:
Baltimore, MD
Money Laundering: Tracing Illicit

Funds: Baltimore, MD
Conducting Internal Investigations:

Charlotte, NC
Charlotte, NC
Fraud Related
Compliance:
Healthcare Fraud:
Louisville, KY
Louisville, KY
11
12
18
25
10
13
14
15
16
17
19
20
21
22
23
24
Data Analytics:
Investigating on the Internet:
New York, NY
New York, NY
26
27
29
30
31
2012 ACFE European Fraud Conference: London
28
April
15
16
17
18
19
25
21
Three ways
to save!
CFE Exam Review Course: Las Vegas, NV
22
23
24
25
26
27
28
Financial Statement Fraud:

Columbia, SC
May
29
30
10
11
12
Principles of Fraud Examination:

Austin, TX
San Diego, CA
Chicago, IL
Professional Interviewing Skills:

Providence, RI
June
17
18
19
20
21
22
23
July
23
24
25
26
27
28
Interviewing Techniques for Auditors:

Denver, CO
CFE Exam Review Course: Boston, MA
August
5
12
Fraud Related
Compliance:
Auditing for Internal Fraud:
New York, NY
New York, NY
13
14
10
11
Professional Interviewing Skills:

San Francisco, CA
15
16
17
19
29
30
31
Fraud Risk Management:

Philadelphia, PA
26
27
28
CFE Exam Review Course: Chicago, IL
*Location and/or topic are subject to change.
Register to attend two

events being held
consecutively in select
cities and receive $100
in savings! Combo
events are designated
with this icon:
Group Savings
23rd Annual Fraud Conference & Exhibition: Orlando, FL
22
Find the events that you

want to attend. Register
and pay before the
Early Registration Deadline listed for the event
(generally one month
before event start date)
and SAVE $95 or more
off of the regular price
for the event.
Combo Event Savings
Mortgage Fraud:
Digital Forensics Tools & Techniques:
Early Registration
Savings
Select the event that

best suits the learning
needs of your group.
Gather a team of at
least three or more
individuals to register
together. Call the ACFE
at (800) 245-3321 or
+1 (512) 478-9000 to
determine your savings.
ANALYTICS
Stamp out fraud.
With SAS Analytics, you can score millions of transactions a day in real time to detect fraud faster, reduce
risk, streamline investigations and prevent losses. Decide with confidence.
Scan the QR code* with your mobile device to view a brief customer
video or visit sas.com/bankfraud for the complete success story video.
*Requires reader app to be installed on your mobile device
SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. indicates USA registration. Other brand and product names are trademarks of their respective companies. 2011 SAS Institute Inc. All rights reserved. S76016US.0711

Fraude Magazine PDF

Загружено:

Сведения о документе

Исходное описание:

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Fraude Magazine PDF

Загружено:

Авторское право:

Доступные форматы

A P U B L I C AT I O N O F T H E A S S O C I AT I O N O F C E R T I F I E D F R A U D E X A M I N E R S

Vol. 27, No. 1, January/February 2012

Tell-Tale Signs of Deception

Fraud in Houses of Worship,

Collegiate Athletics Fraud,

Data Breaches, Part 3,

If Every Employee and Supplier

Where a fraud hotline was in

EthicsLine is now powered by Global Compliance

888-782-4769 info@ethicsline.com www.EthicsLine.com

ACFE 2010. All Rights Reserved

JANUARY/FEBRUARY 2012 | VOLUME 27 | NO. 1

The 10 Tell-Tale Signs of Deception

Fraud in Houses of Worship

Fraud in Collegiate Athletics

Overachieving Fraud Wolves

Breaking Breach Secrecy, Part 3

COLUMNS & DEPARTMENTS

From the President & CEO

Supporting Our International Chapters

He Milked it For All it Was Worth:

By James D. Ratley, CFE

By Roger W. Stone, CFE

Frauds Finer Points

Global Fraud Focus

By Tim Harvey, CFE, JP; and Richard Hurley, Ph.D.,

By Gerhard Barone, Ph.D.; Sara Melendy, Ph.D.,

By Robert E. Holtfreter, Ph.D., CFE, CICA

By Joseph R. Dervaes, CFE, ACFE Fellow, CIA

Get Involved in Higher Education:

Taking Back the ID

Meet the Staff

Journal of the Association of Certified Fraud Examiners

Volume 27, No. 1, January/February 2012

John D. Gill, J.D., CFE

Mark Scott, J.D., CFE

EDITORIAL ADVISORY COMMITTEE

2012 ACFE European

Conducting Internal Investigation

Investigating Conicts of Interest

Contract and Procurement Fraud

Investigating on the Internet

Legal Elements of a Fraud

Digital Forensics Tools &

Money Laundering: Tracing Illicit

From the PRESIDENT

By James D. Ratley, CFE

t the end of October and beginning of November, I

International chapter members put Southern hospitality to

growth, he said. However, such large capital inflows are bound

Anything You Say Can and

uring an investigation, we scour the web and

found a company he believed would be a good target and

Employees are likely to reveal valuable information to the

Documents that an organization provides its clients to market

securely communicate information that you

Open-source intelligence can help you

If you want to know more about

I was involved in a recent

So do you cut yourself off from the world

analyze it) by simply using

Use These Queries to Examine Your Online Exposure