Cybersecurity fraud is gaining momentum as a significant area of concern for business owners and leaders of not-for-profit organizations alike. And I strongly encourage you to examine your organization’s resilience to such threats. However, there’s still a lot “old-fashioned” fraud being perpetrated from within organizations, and a focus on cybersecurity shouldn’t diminish your focus on these more traditional schemes. This article will cover recent newsworthy frauds and how the perpetrators got away with it.
Fake Company – Similar Name
The executive director of a not-for-profit organization was indicted for stealing money from her employer, the Miss Florida Scholarship Program. What was her method? Did she craft phishing emails, or lock up the database in exchange for a ransom payment?
No, she simply opened a bank account under the fake company name of “Miss Florida.” When generous donors handed over checks to support the pageant program, the executive director “altered the checks” (I’d wager Wite-Out was in play) and deposited them into her own account.
A vault associate at Home Depot was arrested for swapping out over $387,000 of cash with counterfeit bills during a four-year period. The fraudster was responsible for counting cash from the tills and preparing the deposits.
You would assume that a company as large as Home Depot would have strong internal controls in place, particularly over cash. However, it appears the company assumed the biggest risk of counterfeit bills was from customers; cashiers were trained to spot fake money, but no one thought there was a risk once the till was handed over to the vault associate. The bills were spotted as fake by the bank, but no one could figure out how they were getting past the cashiers.
The biggest rub in this story? You’d think the fraudster was part of a sophisticated counterfeiting operation. But no. He bought his fake bills from Amazon.com. They sell highly realistic looking “money” that is used in TV shows and movies.
Some fraud schemes take a village to commit (i.e. collusion). This not-for-profit received federal funding to run its programs overseas. When there were leftover federal funds in one pot, staff were instructed by their bosses to charge their time to project codes that had nothing to do with the work they did. The wages and expenses of other programs were paid for by federal grants that were not intended for those programs.
The Writing on the Wall
This fraudster clearly believes in the benefits of writing things out by hand. While working as a bookkeeper, she wrote over 180 checks to herself from her employer’s bank account. (She altered the QuickBooks files to hide it.)
After she was arrested, she submitted four letters to the court, purportedly from her doctors and pastor, asking for leniency. When interviewed, the would-be letter writers indicated the fraudster must have forged them as they had not written them at all.
Finally, before her final hearing, she actually repaid her former employer and the Social Security Administration for her alleged embezzlements. One tiny detail: She got the funds to make the payments by falsifying her tax returns and receiving over $4 million in refunds.
Years before she became a bookkeeper, she had lost her attorney license after a state forgery conviction.
Threats from external sources, especially those perpetrated through and on your computer systems, are a large and growing concern for entities of all shapes and sizes. So too are internal threats. Review your internal control systems regularly for weaknesses, especially those involving positions with access to cash, the bank accounts, or disbursements.
If you would like a professional review of your internal controls, or a risk analysis done on chance of fraud, please send us an email.
© Clark Nuber PS and Focus on Fraud, 2022. Unauthorized use and/or duplication of this material without express and written permission from this blog’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Clark Nuber PS and Developing News with appropriate and specific direction to the original content.