Академический Документы
Профессиональный Документы
Культура Документы
Cybersecurity expert
THERESA PAYTON
says don’t wait until you’re
in the middle of a breach to
formulate plans.
Write your cybersecurity
playbook now.
FROM THE PRESIDENT CONNECT WITH US
FM
M
odern technology advances quickly.
What’s innovative and fresh one day can Download the Fraud
Magazine app for
be quickly outdated and short-lived in just
iPhone or Android.
a few months.
As smart devices get smarter, business and
industry depend more heavily on them and the data
they store, which makes fraud examinations more
challenging and complex. Like the ACFE on
In college, I recall enduring one semester of Facebook for the latest
news, photos, videos and
BASIC language before I realized that there was noth- exclusive online content.
ing “basic” about it — at least for me. As CFEs, we
don’t necessarily need to be computer scientists to
operate in today’s tech society, but we do need to be
aware of the current methods that fraudsters are using
to steal from our companies and disrupt our lives. Follow @TheACFE
Cybercriminals will keep changing tactics to on Twitter and keep
informed on breaking
bypass security measures and attack our systems. We news and industry trends.
must stay vigilant in our protection and detection
efforts. Many cyberattacks are preventable through awareness, training and education. Even
something as simple as updating software can make all the difference.
Teresa Payton, former White House chief information officer and keynote speaker at the 30th
Annual ACFE Global Fraud Conference in Austin, delivers just such a message in the cover article. Make connections with
fellow fraud fighters in
“Cybercriminals change tactics daily,” Payton says. From sophisticated phishing schemes
the ACFE Community at
to ransomware attacks, these fraudsters exploit vulnerabilities within our information systems. Connect.ACFE.com.
Likewise, CFEs must also stay up to date on these nefarious trends if we want to fight fraud ef-
fectively and successfully in the 21st century.
But it’s not just a data or financial protection issue. The reputational risks we face from a
cyberfraud attack impact our organizations tremendously. Not only must we be watchful for the
attack, we also must have plans in place to remediate quickly should it happen. View stories and photos
on Instagram and never
“Awareness and education shouldn’t be one time a year and solely focused on compliance,” miss exclusive Fraud
Payton says. Amen. Just as proactive data monitoring increases the ability to detect and prevent Magazine content.
fraud, continuously updating your staff — all — your staff on these cyberfraud trends can be
very effective. As we implement anti-fraud training and education more and more in our work-
places, the median life of a fraud declines. The ACFE Report to the Nations proves just that.
Peyton warns us that we need a “[n]ew line of thinking” for our cyber training and to “prac- CONTRIBUTE
tice a digital disaster before you have a breach.” We can’t hide from technology — it’s here to
stay. But just as digital devices get smarter every year, so too must fraud examiners get smarter Share your expertise
and earn up to 10 CPE
by staying on top of the latest schemes and the ways to combat them. n FM
credits annually for your
published work. Visit
Bruce Dorris, J.D., CFE, CPA, is president and CEO of the ACFE. Contact him at Fraud-Magazine.com/
getpublished.
President@ACFE.com.
COVER STORY
24
Fear not the breach!
Write your cybersecurity
playbook now
By Dick Carozza, CFE
FEATURES
18 Global Anti-Fraud Regulations 32 Oil theft and fraud 44 GlobAL LEGAL SYSTEMS
Subscriptions
ACFE members: annual membership dues include
$45 for a regular one-year subscription; $15 for an
electronic member subscription, and $15 for student,
15 Romance fraud
and retired member subscriptions. Non-member
subscription rates are: $65 in the U.S.; $77 outside the
US. Membership information can be obtained by visit-
ing ACFE.com or by calling (800) 245-3321, or +1 (512)
478-9000. Change of address notices and subscriptions
TAKING BACK THE ID
2018 FTC numbers paint
64 Deshietha Partee-Grier, CFE should be directed to Fraud Magazine. Although Fraud
Magazine may be quoted with proper attribution, no
portion of this publication may be reproduced unless
worsening fraud picture written permission has been obtained from the editor.
The views expressed in Fraud Magazine are those of
By Robert E. Holtfreter, Ph.D., CFE 12 ACFE NEWS 66 the authors and might not reflect the official policies
of the Association of Certified Fraud Examiners. The
editors assume no responsibility for unsolicited manu-
GLOBAL FRAUD FOOTPRINT CPE QUIZ 72 scripts but will consider all submissions. Contributors’
guidelines are available at Fraud-Magazine.com. Fraud
Magazine is a double-blind, peer-reviewed publication.
Romance fraud, crypto-
currency risks and money To order reprints, visit Fraud-Magazine.com/reprint or
email reprints@fraud-magazine.com.
laundering in Asia Pacific © 2019 Association of Certified Fraud Examiners, Inc. “ACFE,” “CFE,” “Certified
By Mason Wilder, CFE 15 Fraud Examiner,” “CFE Exam Prep Course,” “Fraud Magazine,” “Association of
Certified Fraud Examiners,” “Report to the Nations,” the ACFE Seal, the ACFE
Logo and related trademarks, names and logos are the property of the Association
of Certified Fraud Examiners, Inc., and are registered and/or used in the U.S. and
countries around the world.
Ex-beer exec
Green-card marriage scheme
found guilty
According to the May 15 ABC News article by Julia Jacobo,
“96 people charged in Texas marriage fraud scheme to get After nearly a decade of defraud-
ing one of the largest beer makers
Green Cards,” Houston fraudsters are responsible for grant-
in America, a former executive is
ing citizenship to Vietnamese nationals who paid hefty fees.
heading to jail. According to the
Police say ringleader Ashley Yen Nguyen operated a well- May 17 FOXBusiness article by
organized marriage scam — charging between $50,000 to Kathleen Joyce, “Ex-MillerCoors vice
$70,000 for a marriage license. As a result, nearly 150 people president sentenced to prison over
fraud charges,” David Colletti will
fraudulently obtained green cards to become permanent
spend 42 months in prison. Accord-
U.S. residents. ing to the article, Colletti falsified
The indictment remains sealed, but according to U.S. Im- marketing and promotional invoices
migration and Customs Enforcement (ICE), organizers of the he billed to his company MillerCoors
and pocketed more than $8.6 mil-
scam even created fake wedding
lion. Colletti claimed he was involved
photo albums to further the guise. in the billing scheme to “keep up
The 96 organizers are charged with with the rat race.”
various counts of mail fraud Read the full story at
tinyurl.com/y5hoff4p.
and stand to serve 20 years in
federal prison. Read more at
tinyurl.com/y2t6jfzg.
An Achievement
on Friday.
ON-SITE TESTING
Take the CFE Exam on-site while the
material is still fresh in your mind. Go home
knowing you’ve passed the CFE Exam.
Get on the fast track to passing the CFE Exam and earning
IT’S AMAZING WHAT your credential with the CFE Exam Review Course, an
YOU CAN ACCOMPLISH intense 4-day seminar designed to give busy working
when you set some time aside professionals the tools to prepare for the CFE Exam.
noticed they were losing money, to hire outside help to pursue an audit or
Each of the 2,690 real cases of despite producing substantial rev- take other action.
occupational fraud reported in the enues. Some of the physicians became Most physicians that Brian and his
ACFE’s 2018 Report to the Nations suspicious that something was go- buddies hired to replace those who left
(ACFE.com/RTTN) has a unique ing on. Many were operating at a loss weren’t concerned about the practice’s
story behind it. Here’s one from month after month. Millions of dollars finances because their spouses were suc-
investigating CFEs. (See more at cessful, they had family money, or they
seemed to simply disappear. Some of
tinyurl.com/y6p2ctbk.) — ed. were nonconfrontational. These new
the physicians believed many of the
expenses the practice charged to them physicians were perfect targets for fraud
schemes.
F
seemed exorbitant. Several of them left
raudsters are often able to When the seventh physician, Ewan,
the practice over the years. Eventually,
deceive their victims for long left the practice, he expected the prac-
we discovered that more than $25 mil-
periods of time through gained tice to pay him approximately $50,000
lion had been skimmed and embezzled
trust and personability. These in accounts receivable, but it only paid
in the 20-year period.
cases cut their victims the deepest him a little more than $2,000. He then
Initially, the partners were involved
because they’ve not only lost money, hired our firm to investigate, and we dis-
in making decisions on expansion of
they’ve been personally betrayed. That covered that Ewan’s accounts receivable
the practice and general matters. But as
was the case with a medical practice at the time of his resignation was closer
they increasingly were disturbed about
that housed a charismatic fraudster for to $100,000.
low revenues through the years, Brian
two decades. I (Judy Wright) realized that Brian
transferred decision-making to what
Twelve practitioners established was at least complicit in skimming
were “committees” in name only. He
Total Primary Care Pros with the funds when I met with him to discuss
and his closest allies ran the financial why he hadn’t pursued recall or col-
friendly Dr. Brian (names have been
changed) as the lead administrative committees. lections, which would’ve increased
physician. Charismatic Brian was a Whenever a physician would call revenues for all the physicians. He said
well-liked figure in the community. for accountability, Brian and his friends he was satisfied with things the way they
He appeared to be the perfect profes- would begin to ostracize them from the were. I was shocked because if the finan-
sional, spouse, parent and friend — rest of the group and punish them with cial statements were true, any physician
the type of person you point to as an a reduced schedule and inflated costs for would’ve jumped at the chance to use
example for others. supplies and other expenses. It appeared these easy ways to increase revenues.
The practice buzzed with activity Brian levied these financial penalties to Brian’s body language screamed that he
for nearly 20 years, but the physicians reduce the dissatisfied physician’s ability didn’t want anyone rocking the boat. At
CASE IN POINT
general public from similar schemes. Fraud cases in- they stressed about being able to take
care of their families.
clude the WorldCom scandal, Madoff’s Ponzi scheme
Ewan said that whenever any of the
and the Fédération Internationale de Football Associa- physicians asked Brian why they weren’t
tion (FIFA) scandal. making enough money, he told them
to “work harder.” Of course, the harder
they worked, the more money Brian
KEY TAKEAWAYS: stole from them. Many of the physicians
• Introductions and background information even took on part-time jobs to help sup-
for all cases
port their families.
• Insights into how each scheme was perpetrated CPE Credit By the time we discovered the fraud,
and detected 4
Brian had taken total control of the
• Recommendations to prevent future frauds
administrative and financial leadership
• Lessons learned for each case and was making all decisions. Ewan took
the results of our investigation straight
Course Level
Basic to Brian and asked him to reimburse him
for the losses. Brian used the practice’s
legal counsel to file a civil case against
JOIN THE
HFPP
Together we can identify and reduce fraud, waste, and abuse across the healthcare
sector through collaboration, data and information sharing,
and cross-payer research studies.
PARTNER BENEFITS
In the “employment or tax-related borrow money for auto, business, per- data in Table 3 don’t reflect that. The FTC
fraud” type, the “tax fraud” subtype sonal or student loans. would’ve more accurately shed light on
decreased 38% while the “employment In the “government documents the group that’s experiencing the most
or wage related” subtype increased 44%. or benefits fraud” category, the “driver problems if it had determined the num-
Tax fraud probably decreased because licenses issued/forged” and “passport ber of complaints per 100,000 individu-
of the IRS’s recent efforts to curb income issued/forged” subtypes are ranked rela- als in each age group.
tax refund fraud by vetting the validity tively low — 24 and 29 respectively
th th
of those requesting refunds. Employ- — but they’ve increased significantly at Share, share, share!
ment or wage-related identity theft 19% and 25%. Please share this information with your
fraud could’ve increased because fraud- Under the “other identity theft” business associates, family, friends and
sters might have used more victims’ type, all the subtypes except “evading clients and include it in your outreach
names as ghost employees, among other the law” have increased significantly. programs. An important takeaway
crimes. Fraudsters are using the identities of from this column is that the number of
The “mobile telephone new ac- others to obtain “medical services” (up a identity theft complaints reported to the
counts” subtype (ranked fourth in the whopping 103%), “insurance” (up 24%), FTC has been on a study upward climb
“phone or utilities fraud” type) and “online shopping or payment account” for the past 18 years, and there’s reason
“landline telephone new accounts” sub- to believe that the trend will continue
type (ranked 17th in the same category) Age group No. of complaint unless we educate the public about
both increased 28%, which mirrors the reports phishing and identity theft schemes.
24% increase in the credit card “new ac- 19 and under 14,251 Many of the identity theft subtypes have
counts” subtype. Based on the signifi- 20-29 76,760 increased significantly from 2017. You’ve
cant increases in all the “new accounts” 30-39 107,367 been forewarned, so tread with care!
subtypes, it’s obvious that fraudsters 40-49 84,165 Please contact me if you have any
are increasing their efforts to target 50-59 63,229 identity theft or cyber-related issues that
industries with weaker defenses. The you’d like me to research and possibly
60-69 42,704
“landline telephone - existing accounts” include in future columns or as feature
70-79 16,462
increased 25%, and the “utilities – exist- articles, or if you have any questions. I
80 and higher 5,989
ing accounts” increased 20%. don’t have all the answers, but I’ll do my
The only significant issue in the Table 3 Identity theft by age best to help. Stay tuned! n FM
“bank fraud” category is with the
subtype, “new accounts,” which ranked (up 18%) and for “email or social media” Robert E. Holtfreter, Ph.D., CFE, is
tenth and increased 12%. A fraudster purposes (up 23%). distinguished professor of accounting
might open a bank account in a vic- As shown in Table 3 above, the 30 and research at Central Washington
tim’s name to launder money, among to 39 age group reported the highest University in Ellensburg, Wash. He’s
other reasons. They typically use a wire number of complaints, but we shouldn’t also on the ACFE’s Advisory Council
transfer to move the money out of the conclude that this age group is having and the Editorial Advisory Committee.
account. relatively more problems with identity Holtfreter was the recipient of the Hub-
All the subtypes of “loan or lease theft than the others. Older-age groups bard Award for the best Fraud Magazine
fraud” have increased significantly. commonly are more susceptible to feature article in 2016. Contact him at
Fraudsters use victims’ identities to identity theft and other frauds, but the doctorh007@gmail.com.
H
e said he was an engineer from
Britain who wanted to establish
a relationship with a wealthy,
66-year-old Hong Kong busi-
nesswoman. What he really wanted to do
was rip her off. And he did — to the tune
of $23 million in four years. He claimed on
the online platform Lovestruck that he had
financial problems and repeatedly asked
the woman for money. She transferred
cash to bank accounts in Hong Kong,
mainland China, Malaysia, Japan, Taiwan,
Britain and Germany — in more than 200
transactions. This lonely-heart case set the
record for Hong Kong’s largest romance
scam. (See “Online romance scam record
for Hong Kong as Wan Chai business-
woman loses US$23 million to ‘British
engineer,’ ” by Clifford Lo, South China consisted of romance scams that cost vic-
COLUMNIST tims more than $57 million. (See “Overall
Morning Post, tinyurl.com/ybsh3k4o.)
law and order situation remained stable
According to the Hong Kong Com- CFE in 2018,” The Government of the Hong
puter Emergency Response Team, cyber- ACFE RESEARCH
Kong Special Administrative Region, Jan.
crime cost Hong Kong companies and SPECIALIST
29, 2019, tinyurl.com/y55xz9ln.)
residents more than $250 million in the
During a recent interview with Fraud
first nine months of 2018 (a 565% increase
Simone McCarthy, South China Morning Magazine, Parag Deodhar, CFE, Asia Pa-
from 2012) with businesses sustaining Post, Dec. 8, 2018, tinyurl.com/y5s24trz.) cific director for information security at a
more than 9,000 attacks (a 55% increase Hong Kong police recorded 8,372 multinational corporation, described the
from 2017). The true amount of attacks is cases of deception in 2018, up 18 percent romance fraud phenomenon. “Romance
likely much higher, which justifies Hong from 2017. Among the notable increases fraud is one of the major scams prevalent
Kong’s presence in a LexisNexis Risk were cases of social media deception in Hong Kong and Singapore,” Deodhar
Solutions list of the top five cyberattack (2,064 cases and a 94 percent increase), says. “Scammers target wealthy single
destinations. (See “With financial losses online business fraud (2,717 cases and a women. Similarly, con artists — posing as
of HK$2.2 billion and more than 9,000 36 percent increase), email scams (894 part-time sex workers — target men.”
cyberattacks so far this year, Hong Kong cases and a 29 percent increase). Almost Though romance scams are com-
finds itself a top target of hackers,” by 600 of the social media deception cases mon in Hong Kong and Singapore, they
aren’t unique to the region, according spearphishing attacks with tax-themed and London, rounding out the index’s top
to Barry Tong, CFE, advisory partner at lures and then deployed malware linked to five while making it 60 percent Asian.
Grant Thornton Hong Kong and president previous attacks on financial institutions (See “The Global Financial Centres Index
of the ACFE Hong Kong chapter. including the Bangladesh bank heist that 24,” Z/Yen, China Development Institute,
“These kinds of scams are often I covered in a previous column. (See “Why September 2018, tinyurl.com/y3guwo8w.)
cross-border frauds because many of the In January 2018, well before the
is North Korea So Interested in Bitcoin?”
fraudsters are targeting victims from
by Luke McNamara, FireEye, Sept. 11, 2017, UN panel met or the DOJ civil suit, U.S.
outside of Hong Kong,” says Tong.
tinyurl.com/yczoy5e5 and the “Global Treasury officials warned Hong Kong that
In October 2018, authorities in Hong
Kong, Malaysia and Singapore launched a Fraud Footprint” column, Fraud Magazine, it needed to do more to combat North
joint operation targeting a romance scam November/December 2018, tinyurl.com/ Korean smuggling and money launder-
ring that led to the arrests of 52 suspects y2cf3xtk.) ing, including strengthening company
who allegedly conned more than 140 vic- According to a United Nations Secu- formation and registration rules. (See
tims out of $14 million. (See “Hong Kong, rity Council panel of experts convened in “US official warns Hong Kong over North
Malaysian and Singaporean police bust March, North Korea has amassed more Korea smuggling, money laundering,”
US$14 million online romance scam ring,” than $670 million through cybercrime by by Joshua Berlinger, CNN, Jan. 25, 2018,
by Clifford Lo, South China Morning Post, using cryptocurrencies and blockchain tinyurl.com/yyzcg3eh.)
Oct. 26, 2018, tinyurl.com/ybhaunww.) technology to launder the proceeds. The “The Hong Kong Monetary Authority
panel singled out at least five successful at- (HKMA) has been amending the anti-mon-
Crypto risks tacks on crypto exchanges in Asia between ey laundering/counter-terrorism financing
The Asia Pacific region also faces prevalent January 2017 and September 2018, with regime and guidelines to tackle the chang-
risks associated with cryptocurrencies. A losses totaling $571 million. (See “North ing trends of money laundering,” Tong
cryptocurrency promoter staged a particu- Korea stole cryptocurrency via hacking: says. Their efforts include incorporating
larly eye-catching stunt in December when UN panel,” by Kaori Yoshida, Nikkei Asian updates to government statutes.
he threw thousands of Hong Kong dollars Review, March 8, tinyurl.com/y5kvn5hc.) “For example, the Anti-Money
off a rooftop. In an online video, he asked The prospect of North Korea launder- Laundering Ordinance (AMLO) extended
onlookers if they “believe money will fall ing proceeds of crime in the region doesn’t the due diligence and record-keeping
from the sky” as the bills fluttered from lack precedent. In November 2018, the requirements of financial institutions to
buildings. Within months, Hong Kong U.S. Department of Justice (DOJ) filed a designated non-financial businesses and
police arrested the same man for allegedly civil suit alleging that companies in Hong professions (DNFBPs) in March 2018,” says
selling specialized machines that mined Kong, Singapore and China helped launder Tong. “We also notice that the SFC has
his cryptocurrency, which wasn’t yet trade- more than $3 million for sanctioned North been launching more investigation cases
able. (See “Hong Kong cryptocurrency Korean banks. The Singaporean company in 2017 and 2018 than in 2016 and before.”
promoter thought to be behind money- involved agreed to forfeit funds to the U.S. More recently, a London-based think
tossing stunt arrested for fraud over sale of government and claimed a Chinese money tank issued a report pointing out South-
digital coin ‘mining machines,’ ” by Danny remitter directed it to send payments to east Asia’s vulnerability to North Korea’s
Mok, South China Morning Post, March 1, North Korean companies when the Singa- sanction-evading activities, including
tinyurl.com/y2mafbgl.) porean company sought discounted rates those enabled by cryptocurrencies, because
In Singapore, authorities charged for exchanging currency. (See “U.S. Files of North Korea’s proximity and the avail-
two company directors for promoting Suit to Seize Assets Tied to Alleged North ability of sophisticated trade and finance
OneCoin, a fraudulent cryptocurrency, by Korean Money Laundering,” by Samuel infrastructure, plus the wide variations in
using a multi-level marketing scheme. Rubenfeld, The Wall Street Journal, Nov. the nature and scope of regulation from
(See “Two Singaporean company directors 29, 2018, tinyurl.com/y3k373nm.) country to country. (See “Closing the Crypto
charged for promoting ‘fraudulent crypto- “The [North Korean] money launder- Gap,” by David Carlisle and Kayla Izenman,
currency,’ OneCoin,” by Ketaki Dixit, AMB ers in this case chose Hong Kong as the Royal United Services Institute for Defence
Crypto, April 11, tinyurl.com/yxz2pj5c.) destination probably because it is one of and Security Studies, April 2019, tinyurl.
Security researchers linked attacks the closest international financial centers com/y6t3lenh.)
on three South Korean cryptocurrency for North Korea,” Tong says. “The governments in Asia have set up
exchanges to the Lazarus group, which According to the Global Financial task forces,” says Deodhar. “Financial regula-
is believed to be a collective of hackers Centres Index, Hong Kong, Singapore and tors, banks and the police are also doing
sponsored by the Democratic People’s Re- Shanghai together are closing in on the lot of public awareness campaigns. [Hong
public of Korea (North Korea). They used top two financial centers, New York City Kong] police set up the Anti-Deception
fluid GLOBAL
anti-fraud regulations
by
K
umar is a business owner keen on expand-
ing his enterprise. He has his eye on acquiring
another company in his field, Previo Industries.
Kumar didn’t chance upon Previo — he’s already
familiar with it from his experience a few years
back when he worked for another company, Intra-
zio Inc., that also considered acquiring Previo. (All
names have been changed.) At that time, Intrazio
ran proper due diligence checks on Previo. Kumar
was privy to the process and results. In the end,
the company decided to change direction and
didn’t acquire Previo.
But now, Kumar is eager to bring Pre- REGULATOR More reforms and statutory changes
vio into his growing company. Because Y EVOL followed with the 2010 U.S. Dodd-Frank
he’s already familiar with Previo’s busi- Wall Street Reform and Consumer Protec-
ness and its processes, Kumar tells his Kumar should’ve realized that the legal and tion Act. And that year, the U.K. Bribery
analysts to bypass their regular scrutini- regulatory landscape for businesses world- Act updated the nation’s anti-corruption
zation to try to speed up the process and wide is increasingly fluid. He also should’ve laws for the first time in a century. Other
grab Previo before his rivals do. known that organizations’ compliance and countries also started legislating anti-brib-
However, shortly after the acquisi- ery and corruption laws and regulations.
commitment to ethical standards can vary
tion, Kumar realizes he’s made a critical Fraud examiners, in conjunction with
over time.
mistake. His team takes a closer look at compliance managers, must continually
At the turn of the century, high-profile
counsel their managers and clients on
Previo’s inner workings and discovers
fraud cases like Enron, WorldCom and the ever-changing corporate governance
that the company had been convicted
Satyam, for example, shook the economic landscape and best practices. The newest
of some corruption violations, which
world and caused a huge trust deficit for generation of fraud examiners will benefit
it hadn’t remediated. Of course, Kumar
corporations facing similar challenges of from the history of corporate governance.
hadn’t anticipated this, but he should’ve
balancing “profitability at all costs” with
known better. Laws, regulations, enforce-
ethical standards. The resulting clamp- CORPORA
ment measures and penalties are always
PRIMER
changing. Kumar shouldn’t have relied down in the U.S. was the Sarbanes-Oxley
on the due diligence Intrazio conducted a Act of 2002, which mandated an indepen- Let’s examine some of the major gover-
few years earlier as a bulletproof indicator dent management certification of internal nance initiatives, laws and regulations
of Previo’s present standing. controls over financial reporting. from the modern era.
• The U.S. was the first nation to crimi- Meanwhile, the private sector has also All these regulations and standards
nalize the bribery of foreign public of- been working to raise standards and fight were designed to make corporations and
ficials with the passage of the seminal fraud. their leaders more responsible and ac-
1977 U.S. Foreign Corrupt Practices • The Committee of Sponsoring Organi- countable to stakeholders. They raised
Act (FCPA). zations of the Treadway Commission expectations for companies to act with
• The Organisation for Economic Co- (COSO), an independent private-sector ethics and integrity, rather than just deliver
operation and Development (OECD) initiative, began in 1985 to study the numbers at any cost. (See the online ACFE
formed an ad hoc working group in causal factors that can lead to fraudu- Fraud Examiners Manual, Section 2: Law/
1986 to explore corruption in interna- lent financial reporting. In 1992, COSO The Law Related to Fraud/International
tional trade. It published the Recom- issued its initial Internal Control—In- Initiatives Against Fraud and Corruption
mendation on Combating Bribery in tegrated Framework, which quickly plus Section 4: Fraud Prevention and De-
International Business in 1994. Since became the best-practice road map for terrence/Fraud Risk Management/Risk
then the OECD has published several designing, implementing and main- Management Frameworks.)
additional recommendations, includ- taining a system of internal control.
ing the 2010 Good Practice Guidance on COSO revised this original framework
Internal Controls, Ethics, and Compli- in 2013 to include 17 additional prin-
ance (tinyurl.com/y3t7gtaj). Even with emerging laws and regulations,
ciples to assist in creating an effective
some companies still resort to shortcuts
and unethical practices to achieve ambi-
tious growth numbers and targets. Let’s
examine how the regulatory governance
phases have evolved over the last few de-
cades from being merely compliant to
Fraud examiners, in conjunction with being completely committed. While I’m
writing about the phases from a largely
compliance managers, must continually
Indian ecosystem, the same would’ve been
counsel their managers and clients on the true for many countries at some point.
ever-changing corporate
governance landscape and best practices. Prescriptive phase of governance
In this first phase of governance, require-
ments are prescriptive, such as required
approvals (to set up factories, for example),
time frames and fees organizations need to
pay. In this procedure-driven compliance
phase, “permissions” from the government
• The United Nations Convention internal control system.
are important. A typical governmental
Against Corruption (tinyurl.com/ • In 2016, COSO partnered with
body isn’t interested or even knowledge-
y7r228yw), which went into force the ACFE to create the Fraud Risk
able about business norms and practices.
in 2005, is considerably broader in Management Guide (ACFE.com/
Compliance is largely binary in na-
scope than the OECD convention. It fraudrisktools).
ture: You either comply or you don’t. This
establishes a framework to combat all • In 2017, COSO published Enterprise procedure-heavy bureaucratic phase can
forms of corruption, including bribery, Risk Management—Integrating with spawn corruption and a “speed money”
extortion, embezzlement, trading in Strategy and Performance to update its culture (greased payments to hasten pro-
official influence and general abuses original ERM framework and address cesses and services).
of power. This further underscores the evolving needs and landscape While this aspect of governance is
my earlier point that the governance related to risk management. (See important, it just fosters rules-based ad-
landscape is constantly changing. tinyurl.com/y2ovcdla.) herence and doesn’t necessarily promote
D O N ’ T J U S T A C C E P T I N N O VAT I O N .
Embrace it.
gt.com/cio
Grant Thornton LLP is a member firm of Grant Thornton International Ltd (GTIL). GTIL and the member firms are not a worldwide partnership. Services are delivered by the member firms. GTIL and its member firms are not agents of,
and do not obligate, one another and are not liable for one another’s acts or omissions. Please see gt.com for further details. © 2019 Grant Thornton LLP | All rights reserved | U.S. member firm of Grant Thornton International Ltd
Global anti-fraud regulations
corrections. a culture of openness in which indi- rections. The monitoring process should
viduals can share their concerns with highlight successes besides identifying
Written policies and standards management if they observe any actual non-compliance, failures and gaps. Orga-
Organizations need written policies and or perceived breaches of ethics without nizations then should identify corrective
standards on ethical subjects such as brib- retaliation. At many large organizations, measures and preventive steps and carry
ery and corruption, conflicts of interest, employees, vendors and other associates out the necessary remediations.
Guardian Analytics is the pioneer and leading provider of behavioral analytics solutions
for preventing banking fraud. Hundreds of financial institutions rely on us to stop the
criminal attacks targeting their clients. Visit our website to learn more about our Digital
Banking, Real-time Wire, ACH ODFI & RDFI, and Zelle P2P Real-time solutions.
FEAR NOT
THE
BREACH
by Dick Carozza, CFE / Photos by Jason Miczek, AP Images
“For example, we’re now seeing malware that’s designed to evade most
of today’s detection techniques. We see attacks hiding in encrypted com-
munications and traffic,” she says.
“There’s also a new playbook that Russia perfected during the 2016
U.S. presidential election, which nation states and cybercriminal groups
are using. That playbook is the evolution of hacking social sentiments and
using misinformation campaigns,” Payton says. “Russia used it to create
public unrest around the globe and provoke arguments on both sides of
issues. In the future, cybercriminals could use it to defame individuals,
industries and organizations.
“Cybercriminals change tactics daily. Most of them are dynamic and
evolve their tradecraft of tools, tactics
and procedures — TTPs — often to de-
velop new attack methods and to attempt
to remain undetected,” Payton says. “Ad-
ditionally, new technologies introduced
daily into the workplace add to the po- Theresa Payton
tential attack surface. Cybercriminals
use an ‘all of the above’ strategy. They BLAZES TRAILS in
deploy social-engineering emails with CYBERSECURITY
poisoned links and attachments. They
surf password databases and retry them
on company emails and networks. They
take advantage of software flaws to insert
themselves into technology processes.”
The situation might be dire but Theresa Payton was the first female to serve
not hopeless, Payton says. “We have to as White House chief information officer
continue to up our game, too. Defenders Payton: We do talk where she oversaw IT operations for the
must leverage emerging technologies to about the same cyber- second President Bush administration during
architect better and more security strate- security problems, and a period of unprecedented technological
gies while also removing more burden it’s maddening, isn’t change and escalating threats.
and friction on the user.” it? We keep focusing IFSEC Global ranked her fourth among
on the user being the the top 50 of the world’s cybersecurity profes-
FM: In many ways, we seem to be weakest link, and that’s sionals. Security Magazine has placed her in
talking about the same cyberse- the absolute wrong the top 25 Most Influential People in Security.
curity problems that have existed way to design an effec- Payton co-authored two books: “Pro-
for decades, such as user IDs and tive cybersecurity pro- tecting Your Internet Identity: Are You Naked
passwords, failure to patch systems, gram. The threat land- Online?” and “Privacy in the Age of Big Data:
lack of reliable backups and more. scape evolves as we add Recognizing Threats, Defending Your Rights,
But now in a much more sophisti- new technologies that and Protecting Your Family.” She’s been a
cated and complicated technology are incorporated into repeat guest on the “Today Show,” “Good
environment, what needs to change our transactions and Morning America,” Fox business shows, Fox
news shows, “CBS This Morning” and “CBS
to make our cybersecurity more how we interact with
Evening News,” BBC TV news and radio,
effective? What are some common the internet but also
CBSN, CNN, NBC News, MSNBC and NPR.
denominators of successful, innov- as we find ways to stop
Payton is the founder, president and CEO
tive cybersecurity programs? the adversary.
of the cybersecurity consulting company,
Fortalice Solutions, LLC, and co-founder of
Dark3, a cybersecurity product company.
Payton: When you’re in the middle of a breach, what you do will define your Payton: Have some fun with education. To most
reputation for years to come. The best approach is to practice a digital disaster employees, cybersecurity training is so boring.
before you have a breach. You need to develop a playbook so that everyone They snooze, and you lose! Focus on the digital
knows their roles and will highlight any gaps that exist in your cybersecurity assets and operations that matter most to the
plans. Determine what role you want external helpers to play for incident re- organization. Talk to your employees about what
sponse, forensics, legal advice and cybersecurity fixes. Hopefully, you’ll never it would mean if those digital assets were under
need the playbook, but if you do, it should include your communication plan. attack and stolen. Then talk about tips to safe-
A communication plan needs to focus on when you need to disclose pub-
guard those assets.
licly to your employees, board, third-party vendors, regulators and — most
Consider instituting contests, such as, “The
importantly — your customers. Make sure you know how you’ll communicate.
person who forwards the most spam messages to
For example, for employees, will it be an internal web portal or a phone blast?
For customers, will you post a notice on your website and in social media, or our organization spam alert account wins a free
do direct mailers? Know who your friendly press outlets might be. Have the lunch this month.” Awareness and education
phone number handy for your local FBI cyber unit. shouldn’t be one time a year and solely focused
Here’s what your playbook should emphasize: on compliance. Consider a curriculum that lever-
ages many mediums throughout the year. Keep
• Assemble: Now’s the time to pull together the trained incident response
most of the messaging short and focused on one
team. Incident response requires co-locating the team even if via video con-
topic for easier retention.
ferences. Discuss the disaster, review possible remedies, discuss how this
Mediums you can use include delivering
group will get alerts and how the escalation process and approval process
in person, video conferences, posters and inter-
for ongoing internal and external communications will work.
nal memos. You can train them on: 1) your most
• Transparency: Both internally and externally, communicate what you know,
important assets and how to safeguard them 2)
what you don’t know and when future updates will occur.
how to protect yourself and your loved ones from
• Dig deep into details: Provide details when and where possible. The where online fraud (transferrable skills that will help
and when might depend upon forensics and ongoing case work. Explain protect the organization) 3) local and federal
how you plan to avoid similar issues in the future. obligations if you have a breach 4) reminding
• Feedback loop: Design and implement an incident response [IR] feedback everyone that the security team is a small and
loop. Tell customers how best to reach you — possibly via a toll-free number mighty team so security is everyone’s job 5) train,
or social media. Walk them through the best way to be heard. explain, test and repeat!
enablers and safety nets, rather than by rules that become restrictive
for people to gain access to do their jobs.
According to a recent Experian report, “Managing Insider Risk
FM: What else can organizations do to train Through Training and Culture Report,” [tinyurl.com/y4ux9pb2] security
their employees? and privacy training professionals stated that just over 65% of their
organizations’ employees are still the “weakest link” in cybersecurity.
Payton: Cybercriminals can hack your employees’ I realized that wasn’t really true when I worked at the White House.
devices — whether they belong to the individuals or The pivotal moment for me was when I shifted the design of a
the organizations. All of them have open platforms security strategy. We knew we had to address the hearts and minds
so they can upload operating system updates and of the staff at 1600 Pennsylvania if we wanted to protect their privacy
security patches. However, their devices are emi- and security. After all, if solving cybersecurity and privacy issues were
as simple as following security best practices, we’d all be safe. It’s not
nently hackable. Their latest apps can spell trouble
that simple.
for your organizations.
Two key questions came to me the first 90 days at the White House,
What are we doing wrong with these devices?
and I had to answer them, or we would have had a major calamity: 1)
We provide very arcane rules for employees to fol- Why, in spite of talented security teams and investments on security,
low, such as having them devise 12-character pass- do breaches still happen? 2) Why is it, that despite hours and hours of
words of non-repeating numbers or letters, etc. boring computer-based training and security campaigns, we still make
The complicated passwords actually feel designed mistakes and click on links?
to keep the owner of the account out because they We need a new line of thinking. It’s the one that kills boring com-
puter-based training courses. It’s the path that bans buying the latest
can’t remember them, and only the bad guy with a
fancy security tool if you haven’t used innovation to combat the hu-
password cracking tool can get in. We must work
man element. The new path is driven by a core principle: “Design for
harder to design security systems that act more as the human.”
I compare this line of thinking to installing childproof or safety
items in your house for toddlers or pets. You still tell them, “don’t touch
a SURYS company
Ernst and Young estimates that Tackling these crimes is particularly criminal activity is a global phenomenon.
thieves steal, adulterate or defraud about difficult when stakeholders, whose intent During an interview I had with Ralby, he
$133 billion worth of fuels from legitimate should be to fight crime, become criminals said oil theft happens everywhere, so sin-
themselves. gling out key countries can be misleading.
oil and gas enterprises. The Eurocontrol
4
I.R. Consilium, a research and analy- However, certain states are hotbeds for
Technics Group noted that these num-
sis firm in maritime security, oil and fuel fuel theft.
bers are likely to be understated because
Mexico experiences widespread and
crimes, international law and the blue
of corruption, government involvement rampant fuel theft. The profits are large
economy, conducted the first compre-
and the nature of the crime, which is hard and growing (even the most conservative
hensive study of refined oil products theft
to detect.5 estimates suggest criminals stole $3 billion
in 2016, which the Atlantic Council pub-
Oil theft is a widespread problem that of fuel in just the last two years), and gangs
lished in 2017.6 The study continues with
harms countries around the world. The and organized-crime groups are the main
another report expected later this year. perpetrators.7
scale of the issue, however, remains widely
The report provides insights into modali- Mexico transports large amounts of
unknown. When we hear about oil theft,
ties and trends in oil theft plus respon- refined product throughout thousands of
we tend to think about Nigeria or Mexico, sible parties, affected stakeholders and miles of pipelines in areas that are difficult
but it goes far beyond these countries. recommendations that could change the to monitor. Pipeline tapping, or “milking”
Oil theft could also involve various dynamics of the issue. as it’s known there, is a major enterprise.
illicit activities, including smuggling, In some ways it’s more profitable than traf-
adulteration, fueling terrorist groups and THE SCALE OF THE PROBLEM ficking drugs because oil theft involves less
drug cartels, tax avoidance and money According to Dr. Ian Ralby, founder and risk. According to Reuters data, thieves are
laundering. CEO of I.R. Consilium, downstream oil stealing roughly one-fifth of total national
SAVE
THE
DATE
September 25-27, 2019
MARINA BAY SANDS | SINGAPORE
Visit
34 FraudConference.com/AsiaPac
FRAUD MAGAZINE JULY/AUGUST 2019 to learn more.
FRAUD-MAGAZINE.COM
gasoline consumption (about 150,000 bar- which results in less processing and refin- are legal documents issued by a carrier
rels per day) from pipelines.8 They hijack ing.) The main categories are: to a shipper that details the type, quan-
tanker trucks or steal directly from the tity and destination of the goods being
1. LARGE-SCALE THEFT
country’s refineries, too, with the willing carried.
in which thieves pump stolen oil —
or coerced collusion of petroleum com-
often tapped from pipelines or taken 4. HIJACKING OF TANKER TRUCKS
pany employees, though it’s much easier
from storage facilities — into barges, with or without collusion of the driver.
to steal oil via taps than tankers.
boats and ships and export it, either
Mexico’s current government recent- 5. PIRACY AND ARMED ROBBERY OF
under the guise of legitimacy or mixed SEAGOING TANKERS.12
ly implemented new reforms to combat
with legitimate product.
fuel theft, including using tankers instead The U.S. government investigated
of pipelines to move fuel and shutting 2. SMALL-SCALE THEFT and broke the story that thieves routinely
down the most heavily targeted pipelines. in which stolen oil is either sold back mixed stolen Nigerian crude with Gha-
However, these new initiatives have led into the supply chain or refined and naian crude at an offshore facility before
to shortages at gas stations across several then sold on the streets as fuel. exporting it into the supply chain as legiti-
states.9 Less than four months later, the mate oil.13 According to the I.R. Consilium
3. THEFT AT EXPORT TERMINALS
report, a major concern involves crooks
government had announced that the oil via the manipulation of meters and the
laundering and releasing ship-to-ship
theft was down by 95%, but many forging of bills of lading; bills of lading
transfers of stolen crude into the global
suspect that this sudden change
market.
is temporary and won’t last
Also, according to the I.R. Consilium
long.10 As Ralby said, chang-
report, apart from the extensive array of
ing the mode of moving fuel
upstream oil theft, Nigeria also suffers
will only change the method of
from massive downstream crimi-
stealing it unless entities address
nality, mostly involving thieves
the underlying dynamics.
misdirecting and smuggling im-
Nigeria also experiences oil theft
on a large scale. This has been a problem ported fuel into neighboring coun-
for years, mainly because of widespread tries. Perpetrators smuggle about 80
corruption and the direct involvement of percent of Benin’s fuel, for instance,
security forces, terminal workers, regula- from Nigeria. It’s believed that culprits
tory authorities and government officials. pay the majority of the proceeds of this
Despite efforts to combat oil theft, the smuggling activity to members of the
problem continues unabated at consis- Nigerian political elite.
tently high levels. The U.S. deputy am-
ASIA, LIBYA AND THE
bassador for the United Nations, Michele
EUROPEAN MARKET
Sison, said that Nigeria loses $1.5 billion
in revenues every month because of the Fuel theft is also rampant in Southeast
extensive nature of the oil-laundering Asia. Last year, investigations revealed
game across the nation. 11 that thieves siphoned and smuggled
Nigerian crude, which is among thousands of tons of fuel out of a major
the lightest and sweetest in the world, Singapore refinery. The working routes
is physically stolen in a variety of ways. in this region formed a triangle between
(Light and sweet oil is the most valuable Thailand, Vietnam and Singapore, and
oil because it’s easier and less expensive also included oil facilities in Malaysia.
into refine to products. Light oil also has a Smugglers took advantage of the dif-
higher percentage of light hydrocarbons, ficult-to-patrol sea (difficult because of
the vastness of the Thailand and Vietnam are others.15 Smugglers transport Russian (including ships). Thieves then transport
coasts) and attractive black-market prices. fuel into the EU by a few routes, including the oil elsewhere to be sold or refined.
Also, pricing differentials that arise from Kaliningrad and Belarus; Poland, for in-
6
TAPPING PIPELINES
some countries’ fuel subsidies drive a re- stance, is one of the main sources of fuel “Hot tapping” or “pressure tapping” is the
gional dynamic. For example, Malaysia, for smugglers into the U.K. and Ireland.16 most common method of oil theft in plac-
Indonesia and Bangladesh are particularly Other examples from around the es with extensive pipeline networks. The
vulnerable to losses because of their low world include Ecuador, the Philippines, method involves accessing a high-pres-
fuel prices.14 Turkey, Morocco and Azerbaijan, among sure operational pipeline and diverting a
According to the I.R. Consilium re- many others. percentage of the oil flow. This allows the
port, Libya, a destabilized state struggling According to the I.R. Consilium re- theft to remain undetected as the pipeline
to control its prime source of revenue, also port, the most concerning aspect of this continues to operate at full functionality.
suffers from fuel theft. The nation faces large-scale problem is that profits from The complexity of the hot-tapping meth-
coordinated criminality from militias, downstream fuel end up in the hands of od usually means that it often requires
corrupt officials and transnational crimi- transnational criminal organizations, ter- technical support from former or current
petroleum company
employees, who can
also advise on securi-
ty patrols and inspec-
tion schedules.
Illegal bunkering Smuggling
Illicit networks
Tapping pipelines also employ “cold
Laundering
tapping” to pilfer
Ship-to-ship transfers crude oil by cutting
Adulteration or even blowing up
Piracy and armed and stretching
robbery at sea a section of pipeline,
which disables the
White-collar theft
Bribing corrupt officials pipeline for several
weeks. During this
time, offenders set
up an underground
nal organizations out of Italy, Malta and rorist groups and insurgent outfits, all of
tap to divert a continuous supply of oil to
other locales. Recent U.N. investigations whom use those profits to finance even
their storage facilities. After workers fix
have discovered that crooks routinely fer- more nefarious activities.
the pipeline, the constant flow of oil into
ried huge quantities of stolen fuel from
the illegal pipeline won’t cause any fluc-
coastal facilities to waiting tankers affili- HOW OIL THEFT HAPPENS
tuation in overall pressure, and therefore
ated with Malta-based companies. The Here’s a list of the most common ways
no one will likely detect the tap.
criminals then offloaded the fuel at the criminals steal oil and refined petroleum
Augusta refinery in Sicily, sold it at below- products.17 SHIP-TO-SHIP TRANSFERS
market rates, mixed it with existing stock ILLEGAL BUNKERING Thieves transfer illegal fuel from their
and distributed it in Italy, France and Spain While the term “bunkering” describes the vessels to more reputable ships, i.e.,
by various companies, including an Italian process of loading oil onto a ship, it’s be- those from well-known companies.
trading firm. come synonymous with oil theft. Illegal This way, they can pass off the illegal
Libya illustrates one way smuggled bunkering means illicit removal of oil from fuel as legitimate and sell it on an open
fuel enters the European market, but there a pipeline or other distribution system market. Often traders use purpose-built
Importantly, the company providing the sites, too. For example, Nigeria lost about NOT JUST LOST DOLLARS
technology also worked to make sure that $64 million between 2015 and the first Governments and companies are in-
their data could be admitted in court to aid quarter of 2017 to poor metering of its creasingly aware of the extent of oil and
prosecutions by equipping their balloons oil wells.20 fuel crimes around the world and their
with high-sensitivity thermal cameras GPS TRACKING OF TANKER TRUCKS, AIS worrying implications. While the eco-
with zoom capability.19 TRACKING OF VESSELS nomic losses are huge, it’s also critical to
Other electronic forms of monitoring Tracking vessels and vehicles promotes understand the connection between il-
pipelines have also proved effective but do
safety and security. These solutions pro- licit hydrocarbons activities and a serious
come with the risk of being susceptible to
vide a real-time picture of the vessel or array of security problems. “We all need
cyberattacks.
tanker truck movements, and companies fuel, and we all want it at a discount,”
INSTALLATION OF METERS AT OIL WELLS, can use the data in legal cases, investiga- Ralby says. “But we can’t allow that de-
EXPORT TERMINALS AND OIL-TANK FARMS
tions and negotiations. sire for less expensive fuel to cause us to
Accurate metering makes a big difference.
FOCUS ON SUPPLY-CHAIN INTEGRITY turn a blind eye to this global problem.
It’s more common to install meters at the
Transparency in the supply chain ensures We’re all stakeholders in this issue, so
export terminals and oil tank farms but
accurate and consistent information on we must all be stakeholders in resolving
not at the oil wells. This is because com-
petroleum products from production to it.” n FM
panies mix oil collected at the produc-
tion fields with water, sand and other consumption, thus reducing the possibil-
residual matters, which makes it difficult ity of fraud along the way. Partnering with Anastasia Nazarova, CFE, is a cor-
to determine the volume of oil accurately. counter-parties to share data and good porate auditor at Chevron Products
However, this practice is often necessary, practices could aid in developing effec- UK Limited in London. Contact her at
because thieves steal oil at production tive strategies. anastasia_wish@yahoo.com.
3
“Mexico’s oil company is losing more 10
“Mexico Declares Victory Over Fuel diesel marker stumps them,” by Deborah
than a billion dollars a year to cartels - and Thieves. But Is It Lasting?” by Kirk Sem- McAleese, Belfast Telegraph, March 28,
its own employees are helping them out,” ple, The New York Times, May 5, tinyurl. 2016, tinyurl.com/y6pe8bsl
by Christopher Woody, Business Insider, com/y577omd3 17
“Fuel theft is a big problem,” by Jeff
April 13, 2018, tinyurl.com/yyryc7yw
“Massive Oil Theft By Pirates Costs
11 Desjardins, Business Insider, May 7, 2017,
4
“Fuel theft is a big problem,” by Jeff Nigeria $1.5 Billion Every Month,” by Irina tinyurl.com/y66nldcw
Desjardins, Business Insider, May 7, 2017, Slav, Oil Price, April 27, 2016, tinyurl.com/ 18
Source for both Albania and Tanzania is
tinyurl.com/y66nldcw y3ad8n6z a presentation by Gadi Gonen of SICPA at
5
“Fuel Theft — The Costs & Effects,” West- 12
“Nigeria’s Oil Theft Epidemic,” by the conference “Technology for Maritime
ern Global, June 11, 2018, tinyurl.com/ Shadow Governance Intel, Oil Price, June Security, Governance and Development
y34lcmpq 6, 2017, tinyurl.com/y24xvcfh in the Gulf of Guinea,” Freetown, Sierra
Leone, Nov. 16, 2018
6
“Downstream Oil Theft,” by Ian M. Ralby, 13
“Oil Theft Around the World: Cartels
Atlantic Council, Jan. 6, 2017, tinyurl.com/ And Exploding Donkeys,” by Zainab Cal- 19
“Balloons for Internet access,” by Yuri
yxv57g6g cuttawala, May 31, 2017, Huffington Post, Vasconcelos, Pesquisa FAPESP, July 2017,
tinyurl.com/y3rwo5nv tinyurl.com/y4ymm29l
7
“Explainer: Mexico’s fuel woes rooted
in chronic theft, troubled refineries,” by 14
“Shady triangle: Southeast Asia’s il- 20
“How Nigeria ‘lost N2 trillion to poor
David Alire Garcia and Marianna Par- legal fuel market,” by Henning Gloystein metering of oil wells’ in two years,” by Ed-
raga, Reuters, Jan. 20, 2019, tinyurl.com/ and John Geddie, Reuters, Jan. 18, 2018, iri Ejoh, Vanguard, May 14, 2017, tinyurl.
y58r2ao5 tinyurl.com/y6mvxqyr com/yysnogd8
acceptable for success. They might lack focus on strategies, tactics and analytical
challenging work, suffer from boredom, approaches for employees. But disengaged
work long hours or just lack any personal employees are a symptom of poor, inef-
initiative. When left unchecked, these ele- fective leadership. That’s focusing on the
ments can cascade through the workforce wrong end of the problem! To quote a line
like an epidemic. It becomes difficult to from the movie, “Indiana Jones and the
shield those not yet influenced by such Raiders of the Lost Ark”: “They’re digging
widespread detachment. in the wrong place.” To work on the cause,
Let’s take employee disengagement we must look further upstream.
one step further. This workplace detach-
ment can reveal itself in more costly issues Two subtle but significant conse-
over months and years, leading to: quences of ineffective leadership
• Lost market share (competitors gain- Organizations need to change attitudes,
ing market share). behaviors and — sometimes — people
• Revenue loss. in leadership positions well before they
• Higher overall employee turnover. contribute to the creation of a toxic work
2/3
environment. These interventions require
• Higher incidence of on-the-job safety
an understanding of two subtle — and rare-
problems.
ly addressed — influential psychological
• Lost shareholder value (lower stock
factors: how poor leadership contributes
price, lower analyst expectations/
to the psychological depletion of “shared
forecasts).
resources” (financial resources, inventory,
• Loss of key employees. human skills, production resources, and
• Quality and customer service issues. information technology and natural re-
of U.S. employees admit to • Internal fraud and abuse. sources) and how it destroys workplace
not being engaged in their • Higher absenteeism (legitimate and
“psychological empowerment” (emotional
belief that leaders fully empower their
work and workplace. otherwise; poor leadership affects
workforces to apply their talents and ex-
workplace stress and can lead to
perience to accomplish the objectives of
depression and cardiovascular health
the organization).
issues for employees. See “Workplace
bullying and the risk of cardiovascular
organization makes them enthusiastic disease and depression,” by M. Kivi-
Psychological depletion of shared
resources by poor leadership
about the future.” maki et. al., Sept. 22, 2003, tinyurl.
com/y4wplfjd). In 1968, evolutionary biologist Garrett
• 87% of employees strongly do not
In extreme cases of disengagement, Hardin coined the phrase, “tragedy of the
agree with the statement: “Leader-
employees can sabotage financial records commons,” to explain various types of en-
ship of their organization communi-
and capital equipment or even become vironmental over-exploitation. Examples
cates effectively with the rest of the
violent. These dangerous scenarios are include the ocean garbage “gyres” (See “The
organization.”
bigger issues than poor leadership; they Great Pacific Garbage Patch,” by the Ocean
now become a corporate culture problem. Cleanup Group, tinyurl.com/yc3q4o9l),
What does employee overfishing of cod in the Grand Banks (see
Losses from employee disengage-
disengagement look like?
ment tempt organizations to implement “Cod: A Biography of the Fish that Changed
Disengaged employees (doing just about programs for boosting employee morale, the World,” by Mark Kurlansky, tinyurl.
anything other than real work) are those motivation, communication, team build- com/y56yphya), demise of passenger pi-
whose performance, attitudes and perhaps ing, etc. Such programs designed to correct geons (see “Why the Passenger Pigeon
behavior have decreased to levels less than disengagement and productivity issues Went Extinct,” by Barry Yeoman, Audubon
to company goals and objectives and to or procedures can produce frustrated em- programs teach techniques that appeal to
the tasks at hand that’s replaced with in- ployees. Indefatigable leaders also embrace the neocortex where logic, reasoning, ana-
dividual self-interest. initiative, risk assessment and working with lytics and concepts thrive. However, emo-
uncertainty. (See “Psychological Empower- tional intelligence (the ability to be aware
Poor leadership destroys work- ment in the Workplace: Dimensions, Mea- of, control, and express one’s emotions,
place psychological empowerment surement, and Validation,” by Gretchen M. and to address interpersonal relationships
Spreitzer, The Academy of Management Jour- thoughtfully and compassionately) arises
When we think about our jobs, they’re more
nal, October 1995, tinyurl.com/y24ja3tu.) in the neurotransmitters of the brain’s lim-
than positions that deliver a specific func-
bic system, which directs feelings, impulses
tion; they also provide emotional, social and
Leadership programs fail because and emotions. (See the sidebar on page 43
political currency — the invisible capital
they focus on the wrong part of for details.)
— that we exchange in workplaces every-
the brain Emotional intelligence (EI) training
where. Because of these different value as-
According to the Harvard Business Review: focuses on developing strategies in five
pects that jobs provide, employees are more
“American companies spend enormous major areas: empathy, self-management,
than job titles, job descriptions or promoters
amounts of money on employee training relationship management, social aware-
of products and services.
and education—$160 billion in the United ness and self-awareness. EI training is not
We can further explain this invis-
States and close to $356 billion globally “one and done” but requires frequent re-
ible capital that leaders and employees
in 2015 alone—but they are not getting inforcement of key learning components,
exchange, or workplace psychological em-
a good return on their investment. For individual and small-group activities and
powerment, via four related dimensions:
the most part, the learning doesn’t lead role playing, and individual coaching over
competence (or, as I say, aptitude), meaning
to better organizational performance, be- many months. EI training is more about
(or value), impact (or influence) and self-de-
cause people soon revert to their old ways changing old habits and attitudes and re-
termination (or autonomy). (See the sidebar,
of doing things.” (From “Why Leadership placing them with new ones that enhance
“Four dimensions of workplace psychologi-
Training Fails – and What to Do About It,” employees’ soft-skill inventories.
cal empowerment” on page 43 for details.)
by Michael Beer et. al, paid subscription, What of the psychological depletion
Early signs of ineffective leadership
Harvard Business Review, October 2016, ti- of shared resources and workplace psy-
often appear as fractures in any of these four
nyurl.com/z8j8kmc.) chological empowerment? At first glance,
dimensions because workplace psychological
Organizations often unwittingly pre- they seem to lend themselves to neocortex
empowerment is at its fullest when employees
vent leadership training from taking root processing, but it’s the emotion tied to the
believe that their leaders have given them com-
by thinking that employee events, such as belief of having the freedom to be fully and
plete freedom to do their jobs. Of course, I’m
one-day workshops or seminars, will suf- completely engaged, contributing and add-
not saying that means that employees aren’t
fice instead of slowly building long-term, ing value in a work role that directs limbic
accountable, but they have the autonomy to
continuous-reinforcement processes. And processing.
use and grow their skills to meet and exceed
their work goals. there’s another major problem.
“Unfortunately, far too many training Leadership presence, ‘engage-
When people believe they no longer
mentality’ and ‘connectworking’
have the freedom to engage these four psy- programs that intend to build leadership
chological empowerment components, they skills – including emotional intelligence Organizations want their future C-suite
might feel threatened and begin disengag- – are a waste of time and money,” writes leaders to have presence more than any
ing. Often negative changes in a manag- Daniel Goleman, who co-directs the Con- other soft skill. They want them to have
er’s dominant leadership style (embracing sortium for Research on Emotional Intel- the ability to naturally and comfortably
a more autocratic style, for example) or ligence in Organizations (eiconsortium. engage others, establish personal connec-
even abruptly switching senior executives org) at Rutgers University. “The problem tions and build trust, confidently position
can cause employees’ disengagement and is simple: They focus on the wrong part of their leadership expertise as offering value
corresponding productivity losses as they the brain.” (See “What Makes a Leader,” in for others, and interject wise influence to
adjust to uncertainty. Harvard Business Review, January 2004, by gain acceptance or cooperation of ideas
Because work relationships and Daniel Goleman, tinyurl.com/kxdnfql.) and initiatives. The strength of their pres-
processes are complex, effective leaders According to Goleman, most of these ence is a catalyst for mentoring others or
know that merely following defined roles failed, wrong-part-of-the-brain leadership serving in advocate-protégé arrangements.
SAVE
November 7, 2019 | Washington, D.C.
Join us for the can’t-miss anti-fraud training event
for law enforcement and government professionals.
THE
DATE
Register by
October 7 to
SAVE
Visit ACFE.com/LEGAsummit to learn more. $150!
FRAUD-MAGAZINE.COM JULY/AUGUST 2019 FRAUD MAGAZINE 45
GLOBAL
FRAUD
is the same -
LEGAL SYSTEMS
aren’t
DEFINITION OF EVIDENCE
Australia
• The statement was communicated • Statements made in preparation of COU RT R ECORDS
(published) to third parties. judicial proceedings. Generally, civil and criminal court re-
cords aren’t available to the public.
• The statement was made on an un- • Statements made between a legal However, some civil court records
privileged occasion. professional (e.g., solicitor or attor- are available via the Australasian
ney) and client. Legal Information Institute’s online
• The statement caused injury to the
database (austlii.edu.au). Criminal
subject. • Good faith statements made to records and convictions generally
protect a legitimate interest of the can’t be accessed without the sub-
speaker or recipient, such as a com- ject’s consent, but court schedules
Untrue statement of fact
and attendance lists might be avail-
munication between an employee able online and can contain useful
To be defamatory, a statement must
and employer regarding an impor- information. Court transcripts can
be a statement of fact (not opin-
tant business matter or the results of sometimes be obtained by making a
ion) and be untrue. Thus, truth is freedom of information request.
an examination into suspected fraud.
an absolute defense to defamation.
Accordingly, in many jurisdictions, MAJOR DATA PRIVACY LAWS
a number of privileges protect prudent • Australian Privacy Act 1988.
Communicated to third parties • Local laws governing surveillance
fraud examiners from defamation claims.
devices, workplace surveillance
To be defamatory, a statement must be
or similar issues.
conveyed, either orally or in writing, to Injury
one or more third parties. Defamation
Additionally, to be considered defama- OF F RAU D- RELATED
doesn’t occur when one accuses another L EGISL A
tory, a statement must cause some kind
directly and in the presence of no other Criminal Code Act 1995 and the
of injury. This often takes the form of
parties; to be defamatory, a statement criminal laws in states and territories
damage to reputations. For example, a that prohibit fraud.
must be heard or read by a third party. plaintiff might argue that he lost busi-
-
ness opportunities and income because
A -
Unprivileged occasion the statement damaged his professional TORS FROM OUTSIDE AUSTRA-
For a statement to qualify as defamatory, reputation. LIA SHOULD BE AWARE
the occasion in which the statement is Generally, any person who conducts
investigations (including surveil-
made must be an unprivileged one. Many JUST THE BEGINNING lance) in any state or territory of
jurisdictions recognize that there are The information in this article is a start Australia must hold an Investigator
some circumstances in which the need or Inquiry Agent License. Australia’s
in learning what you need as you conduct
National Privacy Principles govern
to share information is so important that fraud examinations that cross global ju- the collection, use, disclosure and
people should be free to make mistakes risdictions. See chapter 2 in my “Inter- storage of personal information.
without having to worry about being sued national Fraud Handbook,” and the rest
for defamation. Statements made in these of the book, to learn from CFE nationals
circumstances are said to be privileged. around the world about the legal specif-
Assuming that an employee can ics of their countries. (See the sidebar at
Anti-fraud professionals from around
establish that an individual made and right.) And, of course, consult with your
the world contributed this informa-
communicated defamatory statements legal counsel before tackling any fraud tion, contained in the 2018 “Interna-
about the employee to a third party, some investigations outside your borders. n FM tional Fraud Handbook,” on some
of the most common recognized privi- legal topics in just four dissimilar
countries. It’s just a taste. The book
leges include: Dr. Joseph T. Wells, CFE, CPA, is the contains much more material from
• Statements made during a judicial founder and Chairman of the ACFE. many more regions and nations.
proceeding. Contact him at jwells@ACFE.com. Consult with your legal counsel
when working in other countries.
B
abubhai Bhurabhai Rathod, of — and the physician’s bank account was
Okemos, Michigan, said he was COLUMNIST
frozen.
addicted to drugs. But he was DAVID A. PICARD, CFE Rathod was sentenced to 10 years in
lying. He was really addicted to INVESTIGATIONS MAN- prison for health care fraud and an addi-
AGER, NC DEPARTMENT OF
medical identity theft. tional two years for aggravated identity
HEALTH & HUMAN
In 2013, Rathod was sentenced to SERVICES, DIVISION OF theft. He pleaded guilty to both charges
four years in prison after a conviction of HEALTH BENEFITS, in August 2018. U.S. District Judge
NC MEDICAID
paying practitioners illegal kickbacks Janet T. Neff also ordered Rathod to pay
in exchange for patient referrals to his $939,795.89 in restitution to Medicare
health care companies, according to the and Medicaid.1
U.S. Department of Justice (DOJ). And he In 2016, there were nine
was further excluded from participating times more medical Medical identity theft
in Medicare and Medicaid. compounded by breaches
Apparently, he had no desire to than financial records Medical identity theft is derivative of
reform. While in prison, Rathod faked a
drug and alcohol use disorder to qualify
breached — 27 million. identity theft. The number of medical
identity theft victims has increased from
for admission into the Residential Drug an estimated 1.42 million in 2010 to 1.85
Abuse Program (RDAP). Rathod com- million in 2012 to 2.32 million in 2014 with
pleted the RDAP and was released early As part of his scheme, Rathod used 500,000 more victims in 2014 alone.2
from custody. Within days of his release the name, address, date of birth, Social The estimated economic impact of
in 2016, he began violating his exclusion Security number (SSN) and driver’s medical identity theft has increased from
and supervised release conditions by op- license of a physician colleague to obtain $30.9 billion in 2011 to $41.3 billion in
erating four health care providers across 2012, which makes medical identity theft
working capital loans for one of Rathod’s
the State of Michigan. the fastest-growing form of identity theft
businesses, Advanced Medical Services.
To conceal his ownership of these in the world.3
Rathod also used the physician’s identity,
providers from Medicare and Medicaid, Compounding the threat of medical
without the physician’s knowledge, to
Rathod used a variety of aliases, straw identity fraud are the increased numbers
owners and shell holding companies that personally guarantee those loans. When of data breaches of health care provider
were registered to other people. Rathod’s Advanced Medical Services defaulted on and insurance company medical records
scheme netted nearly a million dollars in one of these loans, a state-court judg- such as the Anthem Health Care data
Medicare and Medicaid reimbursements ment was entered against the physician breach in 2015, which exposed 78 mil-
to which his providers weren’t entitled. — without the physician’s knowledge lion member’s personally identifiable
enforcement agency. You might need If they’re victimized they should take Forum, https://tinyurl.com/y3ev64d2
to provide a police report to collection corrective actions and report incidents “Medical identity theft,” Coalition
13
agencies, health care providers, and to authorities. n FM Against Insurance Fraud, tinyurl.com/
y4zzsmvg
government and private insurance
“The Rise of Medical Identity Theft,” by
14
providers. David A. Picard, CFE, is investigations
Michelle Andrews, Consumer Reports, Aug.
• Correct erroneous and false information manager, NC Department of Health & 25, 2016, tinyurl.com/yclnvpj4
Human Services, Division of Health
in medical payment files with health 15
“Medical Identity Theft: Fighting and
Benefits, NC Medicaid. Contact him at Epidemic,” by Brad Gow, Sompro Interna-
providers.
David.Picard@dhhs.nc.gov. tional, 2018, tinyurl.com/y3e6tmdz
• Contact one of the three credit bureaus 16
“Recovering from Identity Theft,” Fed-
to place a fraud alert on your account: 1
“Excluded Felon Sentenced to Twelve eral Trade Commission, September 2018,
Experian (tinyurl.com/yl6hk84), Years For Health Care Fraud And tinyurl.com/jlzpfqh
A
s a grade-school-aged boy the 5,000 container units totaling an ad-
growing up in southwest COLUMNIST ditional $500. So, the total payment the
lower-Michigan, I remember L. CHRISTOPHER retailer pays to the distributor is $5,500.
helping load up the car with , CFE, CPA The retailer then passes along the
emptied glass pop bottles that we’d take FORENSIC ACCOUNTANT 10-cent deposit on top of the retail mark-
IN INDIANAPOLIS, INDIANA,
to our neighborhood grocery store in ex- AND ADJUNCT FACULTY up to each end customer. For example,
change for a few dollars. In the Midwest MEMBER AT INDIANA UNI- the retail will charge each end customer
VERSITY’S KELLEY SCHOOL
U.S., “pop” is the vernacular term for soft OF BUSINESS AND INDIANA
a retail price of $1.50 for each container
drinks made by such producers as Coca- UNIVERSITY-EAST unit purchased plus 10 cents per contain-
Cola, PepsiCo, Dr Pepper and National er unit for a total of $1.60. The customer
Beverage. If you’re from the Northeast can then return the empty container to a
Purpose of beverage
U.S., it’s simply “soda.” Southerners collection center — typically a retailer —
container deposit laws
for redemption and retrieve their 10-cent
often call them all “Coke” even if they’re The primary purpose for beverage
container deposit laws is to prevent deposit. Finally, the retailer will ship the
not brown. I still remember the clinking
littering. Requiring deposits provides empty container to the distributor for
and clanking of those bottles in the car
an economic incentive for consumers their return of the 10-cent deposit. This
as we drove to the grocery store.
to properly dispose of containers for is how it should work every time in a
Michigan passed a bottle bill, or
recycling rather than dispose of them in perfect world.
beverage container deposit law, in 1976.
trash receptacles that will then end up in However, we must consider what
Even though it wasn’t the first state to a landfill or, worse, dumped on the side happens when a customer doesn’t re-
do so (Oregon passed the first in 1971) of roads to pollute the environment. deem their container deposit but throws
at the time Michigan had the highest
it in the trash or on the side of the road,
deposit — ten cents on airtight contain- Beverage container deposit or takes it to an alternate recycling center.
ers under one gallon composed of metal, refund scenario Depending on state law, the distributor
glass, paper or plastic. Today, 10 states Here’s how most common beverage will keep that ten-cent deposit, return it
and one U.S. territory have container container deposit law processes work. A to the state authority or a hybrid of both.
deposit laws. distributor sells beverage products to a (See “General flow-chart of beverage con-
Like any well-intentioned laws, retailer. As part of this transaction, the tainer deposit process” on page 57.)
some fraudsters will exploit them for distributor collects a deposit payment for Even though the underlying process
nefarious purposes. Here I’ll explore the each beverage container — let’s say 10 seems simple, the flow of transactions as-
general mechanics of beverage contain- cents for each container. For example, a sociated with the return of containers and
er deposit laws, perpetrators’ fraudulent distributor sells 5,000 container units at deposits can become complex. Further
schemes and the greatest risk factors $1 each for a total of $5,000. The distribu- adding to the complexity is that states
associated with these programs. tor will also charge a 10-cent deposit on regulate beverage container deposit laws.
reports to the state. The company’s general certified redemption centers and lack of Bottling up these fraudsters
manager, who initiated and directed the adequate controls to monitor the accuracy Beverage container deposit fraud is a real
scheme, would modify customer invoices and completeness of the information they concern within jurisdictions that require
from drivers’ daily route records to exag- provide. such programs. The cases here involve
gerate the number of empty containers They simply file inaccurate informa- more than just a couple of buddies haul-
they collected. tion to receive increased refunds or not ing a garbage bag of containers over state
In one instance, the general man- remit taxes due similar to how individu- lines. The most logical answer to this issue
ager indicated on an invoice that a store als or organizations might evade other is for state authorities to develop vigor-
in Queens returned 80 bags of assorted tax payments. Distributors and certified ous enforcement components to ensure
empty cans and bottles — although drivers redemption centers committing beverage compliance with beverage container
deposit programs policies and procedures.
hadn’t picked up any empty containers. container deposit frauds might file false
This might be a tall task for officials to
Oak Beverages retained the $1,264.80 ad- or fictitious documentation with state
implement because of state jurisdictions
justment to the invoice. The general man- regulatory authorities to receive increased
facing shrinking revenues and cost-cutting
ager also instructed lower-level employees container deposit refunds. Or they might
budgets. The overall integrity and future of
to modify sales records to reflect these understate the amount of unreturned
beverage container deposit programs could
alterations and not inform anyone else at containers to reduce deposits they pay to
be in jeopardy because of fraud. n FM
the company about the adjustments. state coffers.
The greatest risk for malfeasance ex-
Greatest risk factor: self-reporting ists at the distributor’s stage because they L. Christopher Knight, CFE, CPA,
An audit of the state of Hawaii’s deposit might have the incentive to under-report is a forensic accountant in Indianapolis,
sales/distributions of deposit beverage Indiana, and an adjunct faculty member at
beverage container program has analyzed
Indiana University’s Kelley School of Busi-
the risks of self-reporting. (See tinyurl. containers to retailers plus collected con-
ness in Bloomington and Indiana Universi-
com/yyb4md2k.) The primary audit find- tainer deposit refunds from retailers and ty-East in Richmond. The views expressed
ings center around the program’s reliance not remit them to state authorities by in this article are his own. Contact him at
on self-reported data from distributors and falsifying paperwork. lchristopherknight@yahoo.com.
KEYNOTE SPEAKER
1400+ STUDY QUESTIONS TIMED PRACTICE EXAMS FRAUD EXAMINERS MANUAL MONEY-BACK PASS GUARANTEE
Review sample exam questions Simulate the CFE Exam environment Explore topics in-depth with the Prepare with confidence — the
with explanations of the correct by taking timed practice exams. Fraud Examiners Manual. CFE Exam Prep Course is backed by
answers. our Money-Back Pass Guarantee.
An intern’s front-row
seat to fraud
This former intern learned firsthand about fraud when her boss and
mentor, the senior accountant, was arrested for embezzlement and
credit card fraud. The author helped discover the crimes at the nonprofit
business.
ACFE.COM/CORPORATE
FRAUD-MAGAZINE.COM JULY/AUGUST 2019 FRAUD MAGAZINE 67
ACFE NEWS
a minor in criminal justice. A mid-size been interested in how financial institu- Steven Shannon works as a special agent
public accounting firm has offered him tions help prevent or end illicit activities, with the U.S. Secret Service and maintains
a litigation support/fraud and forensics such as human trafficking. a 3.98 GPA as he pursues a master’s degree
internship. She works as a financial intelligence in criminal justice at the University of
Howard is a crime analyst intern with analyst with Lone Star National Bank in Wisconsin-Platteville. At the Secret Ser-
the Chattanooga Police Department. He Texas along the southwest border. Her vice, Shannon has investigated complex
says he’s developed connections within role requires her to do extensive research wire, bank and credit card fraud cases. He
on high-risk accounts to identify any previously worked as a municipal police
law enforcement and the legal system
questionable patterns or trends that could officer for more than a decade.
while learning about various crimes.
point to illegal activity. Shannon says he derives professional
Howard says his ultimate career goal
Algasem has interned with the fulfillment from ensuring justice for ev-
is to work for the FBI as a forensic accoun-
U.S. federal probation office where she eryday citizens and businesses. His duties
tant and eventually become the FBI direc- assisted in writing pre-sentence investiga- are split between investigative work and
tor. After graduation, he says he plans to tion reports and follow-up evaluations on protective duties. He says his goal is to
work in public accounting in the forensics offenders who committed offenses rang- become a CFE and pursue a full-time fraud
field or go straight to the FBI while obtain- ing from white-collar crimes to sexual investigation position. Shannon says he’d
ing his CPA license and CFE credential. assault. Her investigative training during also like to teach future law enforcement
her internship, she says, helped her obtain professionals part time.
$5,000: Hannah her current position as a financial intelli-
Algasem, Boston gence analyst and set her on a career path $2,500: Alison Parker, Met-
University in white-collar crime and cybersecurity.
ropolitan State University
Hannah Algasem’s
Alison Parker says a former
academic background $2,500: Steven Shannon,
professor’s “contagious”
is in criminology, but University of Wisconsin-
she says she’s always passion for fighting fraud led to her anti-
Platteville fraud career interests. She’s pursuing a
FRAUD
CONFERENCE
SAVE C A N A D A
October 20-23, 2019 | Montreal
THE
DATE
Visit68 FraudConference.com/Canada
FRAUD MAGAZINE JULY/AUGUST 2019 to learn more.
FRAUD-MAGAZINE.COM
master’s degree in accounting and is a stu- The ACFE presented each of these Stephen Cox, Texas A&M
dent member of the ACFE and the ACFE students with a $1,000 scholarship: University-Corpus Christi
Colorado Chapter. Parker maintains a 3.69 Stephen Cox works as a detective
GPA and has received awards, including Samantha Brooks, with the narcotics division of a municipal
the National Engaged Leader Award from ork University police department. He maintains a 4.0
the National Society of Leadership & Samantha Brooks is pursuing GPA as he pursues a master’s degree in
Success. a master’s degree in accounting. She’s accounting. He says he’s planning to retire
After graduation, Parker says she interned for the FBI and is interning this from police work and transition to a career
plans to pursue the CFE credential in the summer for PricewaterhouseCoopers as in private-industry forensic accounting or
a forensic consultant. Brooks maintains fraud investigation.
fall of 2021. Her career goal, she says, is to
work as a forensic accountant with Colo- a 3.57 GPA. She says her ultimate goal is Colin Haynes, Western Gover-
to be a forensic accountant for the U.S.
rado’s Office of the Attorney General.
federal government. Colin Haynes is pursuing a
Stafford Baum, bachelor’s degree in accounting. He’s
$2,500: Matthew Mitchell,
Georgia Southern University worked for the Las Vegas Metropolitan
Old Dominion University Police Department as a senior finan-
Stafford Baum is pursuing bach-
Matthew Mitchell maintains elor’s and master’s degrees in accounting. cial intelligence analyst. He says he’ll
a 3.63 GPA as he pursues a He’s an officer for his university’s ACFE be earning his CPA license. He has a
master’s degree in accounting. He was student chapter. He maintains a 3.51 GPA. 3.0 GPA.
an audit intern with BDO in Norfolk, Vir- He says he hopes to work at a local CPA Claudia Munoz, Florida Atlantic
ginia, which hired him as an audit associ- firm with a forensic accounting practice. University
ate. He’s a member of the ACFE Hampton Annissa Steiner, Embry-Riddle Claudia Munoz is studying
Roads Chapter and the IIA Tidewater Aeronautical University forensic accounting and business valua-
Chapter. Annissa Steiner is studying fo- tion with a 3.94 GPA. She says she plans
Mitchell also served as the vice rensic accounting and fraud examination. to earn the CFE credential and the CPA
president of the Managerial Auditing She says she plans to pursue a master’s in license, become a forensic accountant in
and Accounting Club, plus the ACFE accounting, the CFE credential and CPA the private sector and eventually open a
and IIA student chapters. He’s pursuing license, and then a career in internal audit public accounting and fraud examination
the CFE credential, CPA license and CIA in the aeronautical industry. Steiner has a practice.
4.0 GPA. Trent Williams, Penn State
designation.
Rashae Hart, University
St. Mary’s University Trent Williams is earning a mas-
$2,500: Emily Taylor,
Embry-Riddle Aeronautical Rashae Hart is pursuing a ter’s degree in accounting and maintains
University bachelor’s degree in commerce with an a 3.9 GPA. He interned for the Office
intended declared major in finance. She of the County Controller of Schuylkill
Emily Taylor’s job as a U.S.
says she intends to pursue a master’s de- County, where he worked on internal
Army intelligence analyst inspired
gree in either forensic accounting or fraud audits, the first “simple pension” form
her to pursue forensic accounting and
examination. She has a 4.0 GPA and has report and the 2017 “friendly understand-
fraud examination. She’s studying made the dean’s list. able financial statement.” Williams is a
accounting and has maintained a 3.58 Jaron Patterson, University of member of the Beta Gamma Sigma Honor
GPA. Taylor’s goal is to be an internal Tennessee at Chattanooga Society and treasurer of Penn State Uni-
auditor for a major corporation such as versity’s Corporate Control and Analysis
Jaron Patterson, CFE, is earning
Amazon or Google. After graduation, Club. He says he plans to earn the CFE
an MBA. He has a 4.0 GPA. Patterson
Taylor wants to earn an MBA, the CFE credential and the CPA license, and work
works in the University of Tennessee
crednetial and the CPA license. She’s a for a government agency.
Police Department’s FBI Cyber Task Force.
member of the ACFE and the student
He says his goal is to be an FBI special agent.
chapter at Embry-Riddle.
The Fraud Examiners Manual is now available online. With online access,
the Fraud Examiners Manual is more accessible and useful than ever.
Benefits of Online Access Include:
• Real-Time, Ongoing Content Updates — Access the most up-to-date
anti-fraud information available.
• Access to Both U.S. and International Editions — View the content that is pertinent to your situation, but have the option to
change editions when your needs change.
• Optimized for Multiple Devices — Access the Fraud Examiners Manual on all your internet-connected devices.
$ 119.20 - $ 239.20
$149-$299 Non-Members
ACFE.com/books
SELF-STUDY COURSES
Expand your anti-fraud knowledge with our comprehensive,
NASBA-compliant self-study CPE courses. Visit ACFE.com/selfstudy.
= This course fulfills the annual ethics CPE requirement for CFEs. For more information on ACFE self-study courses including refund and ordering policies,
fields of study, learning objectives and course levels visit ACFE.com/selfstudy.
CPE QUIZ No. 145 (July/August 2019, Vol. 34, No. 4)
The Fraud Magazine CPE quizzes are now available 5. According to the article, “Dark world of oil theft and fraud”:
online only. Please visit ACFE.com/FMQuiz or view A. “Oil theft is a widespread problem that harms countries
around the world. The scale of the issue, however, remains
the CPE Quiz form on the next page for more widely unknown.”
information on how to earn your 10 CPE. B. “Oil fraudsters commit their crimes primarily in South
Africa.”
C. “Most oil theft results from bribery of officials.”
1. According to the opening case in the article, “Keep ahead D. “Oil fraud and theft decreases world GDP by $22 billion
of fluid global anti-fraud regulations,” Kumar: each year.”
A. Successfully completed his due diligence and acquired Pre-
vio Industries with no problems. 6. According to the article, “Dark world of oil theft and fraud,”
the first and most pivotal step in tackling the problem of
B. Acquired Previo Industries and commenced to devise an downstream oil theft is to recognize how pervasive and
embezzlement plan.
pernicious the problem is.
C. Shouldn’t have relied on the due diligence Intrazio conduct-
A. True.
ed a few years earlier as a bulletproof indicator of Previo’s
present standing. B. False.
D. Didn’t acquire Previo Industries because he discovered
7. According to the article, “Bad leaders? Increased fraud,”
numerous red flags. workplace detachment can lead to:
2. According to the article, “Keep ahead of fluid global anti- A. Lost market share.
fraud regulations,” standards across the globe are fast B. Revenue loss.
converging to the “ethics and value” phase of governance. C. Higher overall employee turnover.
A. True. D. All of the above.
B. False.
8. According to the article, “Bad leaders? Increased fraud”:
3. According to the article, “Fear not the breach!” Theresa A. A Workplace Foundation survey reports an 18% increase in
Payton said: organization pilfering in 2018.
A. “Organizations aren’t bulletproof. They have to assume B. Bad Tone at the Top alone can’t explain workplace dis-
that cybercriminals will breach them.” sonance.
B. “As CIO at the White House, I had to protect data on C. Poor leadership is a contaminant originating upstream in
multiple fronts.” the work environment.
C. “Here’s the challenge: lock down gaps in your organization D. Emotional intelligence arises in the neocortex.
but don’t devalue your employees.”
D. “When you’re in the middle of a breach, what you do will 9. According to the article, “Global fraud is the same — legal
define your reputation for years to come.” systems aren’t”:
A. The majority of legal systems aren’t secular systems.
4. According to the article, “Fear not the breach!” Theresa
Payton said: B. Common law has its roots in ancient Roman law.
A. “A communication plan needs to focus on when you need to C. Most common-law countries use adversarial proceedings.
disclose publicly to your employees, board, third-party ven- D. Judges play extremely crucial roles in civil law systems.
dors, regulators and — most importantly — your customers.”
B. “Your cybersecurity playbook is only as good as the latest 10. According to the article, “Global fraud is the same — legal
ransomware fix this week.” systems aren’t,” evidence is anything that tends to prove or
C. “You have to maintain close daily relationships with your disprove some claim or assertion.
IT crew.” A. True.
D. “Devise a breach response team now and make sure it B. False.
meets weekly with a robust agenda.”
DO NOT SUBMIT THIS FORM. Log in to your My Transactions page after purchasing the Fraud Magazine Quiz
! set to submit your answers or record your answers on the answer sheet and submit online when you are ready.
Kylie Ting, University of Texas at Austin The Fraud Magazine CPE Quiz has moved to an online self-
Kylie Ting plans to graduate with bachelor’s study format, making it easier for CFEs to earn 10 ACFE
and master’s degrees in accounting and earn- (non-NASBA) CPE. CFEs can earn 10 CPE by taking quizzes
ing the CFE credential and the CPA license. She has a online after reading featured articles in Fraud Magazine.
3.84 GPA. Ting says she wants to be a forensic auditor
with the U.S. Government Accountability Office.
Michael Gillen, Villanova University
Michael Gillen is a finance and accounting
Visit ACFE.com/FMQuiz and follow the steps below:
double major with a 3.8 GPA. He says anti-
fraud professionals, including professors and his fa- 1. Select the Online Fraud Magazine CPE Quizzes by year
ther, have influenced him. He serves on the executive from the dropdown*.
board and is an ambassador at the Villanova School
of Business, and is an active member of the Villanova 2. Click the “Add to Cart” button and complete the
Mergers and Acquisitions Society. Gillen says he plans checkout process.
on pursuing the CFE credential, the CPA license and
the Certified Financial Planner certification. 3. Read featured articles in Fraud Magazine that corre-
Haley West, Wake Forest Business School spond to the year of the quiz set you purchased.
Haley West is pursuing an MBA and main-
tains a 3.7 GPA. She says she plans to focus on 4. Access your quiz set by logging into your ACFE.com
developing business theory as it relates to organiza- account, clicking on the “My Transactions” tab and
tional psychology and its effects on employee fraud. clicking on the quiz set you purchased.
West is a member of SynerG, a young professional’s
group; the ACFE; AICPA; and the North Carolina Asso- 5. Pass 5 of 6 quizzes with a score of 70% or higher and
ciation of CPAs. West says she’d like to earn a doctor- receive your CPE certificate instantly via email.
ate in a management program and work for the FBI.
Claire O’Brien,
The Catholic University of America
For more information, please review the “CPE Info”
Claire O’Brien is pursuing a bachelor’s in
accounting with a minor in finance. After graduation, and “FAQs” tabs or contact a representative:
she says she plans on earning the CPA license, becom-
MemberServices@ACFE.com
ing a forensic accountant and working at one of the
Big Four accounting firms. O’Brien has a 3.41 GPA. (800) 245-3321 / +1 (512) 478-9000
Eric Ingwerson, Montana State University Secure online chat service
Eric Ingwerson is studying accounting. He
says he plans to pursue a career in internal
audit, a master’s degree in professional accounting,
the CFE credential and the Certified Internal Auditor
*Quizzes will be added to the current year’s set as issues of Fraud Magazine are published.
certification. Eric has a 3.15 GPA. CPE can only be obtained from the current year’s quizzes after the fifth quiz is made available
Crystal Balderas, in September.
Texas A&M University-Kingsville Please Note: The Fraud Magazine CPE Service CPE credits apply only to the CFE status and
not to any other professional designations. Fraud Magazine CPE is not registered with the
Crystal Balderas is studying accounting. She National Association of State Board of Accountancy (NASBA).
says she wants to pursue the CPA license and be an
The ACFE collects and stores your personal data in the U.S. to provide member services and
FBI special agent. After college, Balderas says she fulfill transactions requested by you. For a full explanation of your rights regarding how we
store and use your data, visit ACFE.com/privacy-policy.aspx.
plans on working at a bank. She has a 3.03 GPA. n FM
Calendar of Events
JULY 2019 AUG CFE EXAM REVIEW COURSE SEP CFE EXAM REVIEW COURSE
5 San Francisco, CA 16 Washington, D.C.
JUL DETECTING FRAUD WITH DATA August 5-8 | CPE: 32 September 16-19 | CPE: 32
22 ANALYTICS WORKSHOP
Minneapolis, MN BRIBERY AND CORRUPTION
AUG CFE EXAM REVIEW COURSE SEP
July 22-24 | CPE: 24
19 Chicago, IL 19 London, U.K.
August 19-22 | CPE: 32 September 19-20 | CPE: 16
+ COMBO COURSE
JUL BUILDING YOUR FRAUD FRAUD RISK MANAGEMENT
SEP
29 EXAMINATION PRACTICE 23 Los Angeles, CA
Philadelphia, PA September 23-24 | CPE: 16
July 29 | CPE: 8
SEP
2019 ACFE FRAUD CONFERENCE
CONTROLLING THE RISK OF
JUL + COMBO COURSE 25 ASIA-PACIFIC
30 ASSET MISAPPROPRIATION
DETECTING FRAUD THROUGH Singapore
Philadelphia, PA AUG
September 25-27 | CPE: 4-20
July 30-31 | CPE: 16 26 VENDOR AUDITS
Washington, D.C.
August 26 | CPE: 8
JUL CFE EXAM REVIEW COURSE
29 Denver, CO AUG UNCOVERING FRAUD WITH
July 29-August 1 | CPE: 32 27 FINANCIAL AND RATIO ANALYSIS
Washington, D.C.
August 27-28 | CPE: 16
AUGUST 2019 OCTOBER 2019
AUG CONDUCTING INTERNAL + COMBO COURSE
1 INVESTIGATIONS SEPTEMBER 2019
OCT UNDERSTANDING THE MINDSET
Columbia, SC + COMBO COURSE 2 OF A FRAUDSTER
August 1-2 | CPE: 16 CONTRACT AND PROCUREMENT
SEP Tampa, FL
9 FRAUD October 2 | CPE: 8
+ COMBO COURSE Chicago, IL
AUG DETECTING FRAUD THROUGH September 9-10 | CPE: 16 OCT TRACING AND RECOVERING
5 VENDOR AUDITS 3 FRAUD LOSSES
New York, NY SEP CONTRACT AND PROCUREMENT Tampa, FL
August 5 | CPE: 8 11 FRAUD WORKSHOP October 3-4 | CPE: 16
Chicago, IL
AUG BRIBERY AND CORRUPTION September 11 | CPE: 8
6 New York, NY
August 6-7 | CPE: 16
Join more then 250 leading anti-fraud professionals for the 2019 ACFE Fraud
Conference Canada taking place in Montreal, October 20-23.
FraudConference.com/Canada
OCT FRAUD RISK MANAGEMENT + COMBO COURSE NOV BRIBERY AND CORRUPTION
7 Cleveland, OH OCT LEGAL ELEMENTS OF FRAUD 21 Sacramento, CA
October 7-8 | CPE: 16 30 EXAMINATION November 21-22 | CPE: 16
Baltimore, MD
+ COMBO COURSE October 30 | CPE: 8
OCT INFLUENTIAL AND PERSUASIVE
16 PRESENTATION TECHNIQUES OCT PROFESSIONAL INTERVIEWING
Dallas, TX 31 SKILLS
October 16 | CPE: 8 Baltimore, MD
October 31-November 1 | CPE: 16
OCT AUDITING FOR INTERNAL FRAUD DECEMBER 2019
17 Dallas, TX
October 17-18 | CPE: 16 + COMBO COURSE
NOVEMBER 2019 DEC INVESTIGATING CONFLICTS OF
OCT FRAUD RISK MANAGEMENT NOV CFE EXAM REVIEW COURSE 9 INTEREST
17 SUMMIT 4 Austin, TX Las Vegas, NV
New York, NY November 4-7 | CPE: 32 December 9 | CPE: 8
October 17 | CPE: 8
NOV 2019 ACFE LAW ENFORCEMENT DEC CYBERFRAUD AND DATA
7 AND GOVERNMENT ANTI-FRAUD 10 BREACHES
SUMMIT Las Vegas, NV
Washington, D.C. December 10-11 | CPE: 16
November 7 | CPE: 8
DEC ADVANCED FRAUD EXAMINATION
OCT 2019 ACFE FRAUD CONFERENCE NOV CONDUCTING INTERNAL 9 TECHNIQUES
20 CANADA 7 INVESTIGATIONS Austin, TX
Amsterdam, Netherlands December 9-11 | CPE: 24
Montreal, QC
October 20-23 | CPE: 4-24 November 7-8 | CPE: 16