On the fundamental level, Webster’s Dictionary defines fraud as “deception in order to gain by another’s loss; craft; trickery; guile“.
As the owner of a private investigation company, I have found that on a practical level, fraud is much more and takes many diverse scenarios. Fraud is a loose term that is somewhat over-used within the industry, and even could be the scape-goat of other underlying problems. Often, “fraud” is a term thrown up to management to gain their attention or to make the potential problems seem worse that what they are so that bigger budgets can be obtained for the security division. The ineffectiveness of certain security functions, policies or personnel issues can often be the real underlying issue. The term, fraud, seems to conjure up somewhat of a mystical, all encompassing catch all. Improperly labeling a situation as fraud can present legal ramifications, therefore a potential crime should not be addressed as fraud until it is precisely designated as such. In addition, close-communication with the police and district attorney’s office should be maintained to insure that the fraud investigation meets the basic criteria for successful prosecution. Of course, no all organizations want to prosecute the offender (s) due to negative press. Under these circumstances, the investigator should be careful of their terminology to prevent any possible lawsuit.
Fraud is diverse and can take place at any level of society or any level of an organization. Typically, there is internal and external fraud. Internal fraud primarily deals with employee related fraud, whereas external fraud presents itself through those outside of an organization. The apparent link between the two seem to be… the existence of circumstances which makes fraud attractive to a particular organization or circumstance. For example, a person who is well-versed in check cashing scams may pass the illegal instrument at a store that does not have good check approval policies. In contrast, a vice-president of a bank may attempt to juggle the figures on an account to cover their embezzlement if they are in charge and have discovered a “fail-safe” plan for covering up their crime. In each example, both subjects were presented with a set of circumstances that lended themselves to a particular type of fraud.
Because there are so many types of fraud, an investigator has to be able to be versatile enough to adjust to each particular situation. The premise is the same; identify the elements of the crime, trace the leads, secure the evidence and identify the culprit. Seems easy enough until you go from investigating a computer fraud to a worker’s compensation fraud which have different elements altogether. Therefore, to better understand the investigation of fraud, I will use examples of actual cases our agency has worked.
Our agency was contacted by a bank, who indicated one of their tellers had found some “discrepancies” in their records and were concerned about the possibility of internal fraud. We immediately identified those tellers who had access to the money and tape registrars in question and initiated a background investigation to determine whether any of the subjects appeared to have dramatically changed their economic status recently or had obvious financial problems. Secondly, we began to audit the records in question to positively identify a crime and the amount of money believed missing. Next, we began to interview the tellers and their supervisors regarding their normal operating procedures and their personal lifestyles. We were able to narrow the scope of the investigation down to several factors through these tactics. The initial results indicated that there was at least $150,000 which had been embezzled over a two year period. In addition, we discovered some problems in the accounting and the accountability process of the tellers. The investigation also began to point to a supervisor who appeared to have a more affluent lifestyle than her income would provide. What we eventually learned through various record checks and interviews with neighbors of the suspected supervisor would astound our client. The supervisor was being considered for promotion to vice-president of the bank and therefore our client kept directing the investigation away from the subject. However, we were able to confirm that the subject had been accepting large deposits from a local car dealership and then taking the money for herself. When the dealership made their next deposit, she would let that cover the prior deposit and then embezzle whatever was left over. By interviewing the neighbors, we discovered that the employee had been taking her neighbors and friends on all-expense paid weekend excursions to Las Vegas. Unfortunately, the money had been spent, but the bank was able to correct their policies and prevent any further loses. The resulting investigation revealed internal fraud which could have been prevented if proper procedures and policies were in place.
This particular bank was a small institution with only three drive-through branches. Because they were a small home-town bank, they treated their customers and employees like family. Unfortunately, this attitude towards their employees is what supplied the opportunity for this fraud. The bank administrators were versed in normal banking procedures but chose to over-look some of these because they felt the normal threat of internal theft was non-existent because all employees were “family”. Although they typically conducted a background check on all potential employees, their policy stopped there. The bank now conducts background checks on all employees once a year so that any dramatic change in economic standards, police contact such as alcohol or drug abuse and similar concerns can be identified and acted upon. The bank had also failed to follow their own policy concerning teller transfers. According to their policies, tellers and account executives were to be transferred to other accounts every quarter. In addition, the tellers were suppose to rotate from the main branch to the three drive-through branches. None of these things were being done. The supervisor who committed the fraud was suppose to have her daily tapes checked and initialed by another supervisor, which was also not being done. In this case, the supervisor was well liked, had been with the bank for 14 years and was therefore allowed to remain at her job function without alternating jobs or having her work checked. One of the red flags associated with fraud is when an employee refuses to take paid vacations. This supervisor had not taken a vacation in more than three years and the crime became apparent when she finally had to enter the hospital. A teller who filled in for the supervisor discovered the inconsistencies, otherwise the supervisor could still be getting away with the fraud.
In a separate issue, our agency was employed to investigate a possible fraud and/or conflict of interest. Our client, a trucking company, suspected a vice-president of operating a trucking company of his own in direct competition and in violation of company policy. Our agency initiated the investigation by checking the county assumed name records, the Secretary of State and State Comptroller’s records and found listings in all three identifying the vice-president as the owner of a separate trucking company. Although this proved that a conflict existed, we still had not obtained the information needed to show that any damages had occurred to our client’s business. We therefore initiated surveillance and was able to obtain video documentation of the vice-president using his trucks, along with our client’s trailers to haul merchandise from our client’s customers. This was still somewhat circumstantial, so our agency set up a “new” operation that needed our products hauled to our clients and contacted the vice-president for a bid. The subject was called at our client’s office and when he met with our investigators, he presented a bid from our client and from his own company. We could now demonstrate that direct competition was being conducted. Additional interviews with some of our client’s customers resulted in our agency obtaining copies of invoices that the vice-president’s personal company had been paid, which helped show actual damages. In this case, the internal fraud included theft of clientele information, theft of services, and re-distribution of assets. The client could have avoided some of these issues if they had paid attention to the supervisor’s periodic written ratings by his subordinates (anonymous) and had adhered to their policies regarding client relations.
The trucking company had all employees complete an anonymous appraisal of their supervisor once every six months. Although this was completed, no one bothered to read them and they sat in a pile in a file cabinet. Had they taken the time to review the documents, they would have seen where employees had made some direct comments concerning the supervisor “spending company time in pursuit of other business interests” and a decrease in the favorable attitude of the employees towards their supervisor. Secondly, their policy required a member of management to make follow-up visits with clients regarding the satisfaction of their services, attitude of employees and related issues. Had they done this, they would have found what our investigators found-clients who knew of the supervisor’s other business. Of course, they stated that the vice-president indicated that our client’s company was growing too fast and they decided to set him up in a sister company for tax shelters. In addition, had the client paid attention of the vice-president’s expense account, they would have found expenses on days when the subject was suppose to be in one part of the State dealing with our client’s customers when he was actually in different locations marketing his own company.
In a different issue, a client called our agency after an employee had apparently changed her lifestyle which included more expensive clothes, jewelry, a new car and a conversation where she was overheard saying that she had bought her mother a mink coat. Our client knew that her salary was less than $17,000 and she would not be able to afford these luxuries. A background investigation was initiated with very little significant information being obtained. The next step was to observe the subject’s activities at work through the use of hidden video cameras. Sure enough, the subject was observed sneaking company checks from a supervisor’s desk. The investigation revealed that she would make the checks out to some of her friends, who would cash the checks and split the profit. Through an audit of the books, it was found that she had been responsible for fraud in excess of $100,000.
While conducting this investigation, our cameras also documented one of the roots of the problem. The company checks were locked in a cabinet with only one supervisor per shift having the key. The supervisors were suppose to keep a log of each check as they were checked out and the on-coming supervisor was suppose to check the log against the checks before signing off on the supervisor’s sheet to relieve the off-duty supervisor. The cameras found that none of this was occurring and that the supervisors would get 10-15 checks at the start of the shift and place them in their desk drawer for convenience. The desk drawer was not locked and was unattended for at least two hours per shift. Needless to say, opportunity presented itself one too many times.
In a totally different type of fraud, our agency was recently employed to determine who was breaking into our client’s computer program after hours. The client was located in a twelve story office building and had less than twenty employees, of whom no were suspected. The first glaring problem was the lack of computer security that our client was using. We convinced the client to install computer security programs, assign access codes and to turn all of the computers off at night. Next, we installed hidden video camera lenses which were in wall clocks, smoke detectors and an exit sign, which were all linked to a 48 hour long-play video recorder. This system was then lined to motion detectors which would trip the system. Unfortunately, against our advisement, the client called an employee meeting and announced the problem and the solutions that they had taken. After these measures were taken, no break-ins occurred. Since we had already crossed out the possibility of modem access, it seemed somewhat apparent that an employee was responsible for the break-ins. Our focus therefore changed to educating the client regarding internal fraud and providing policy breeches. The next step involved conducting background investigations on their employees to better determine any party with characteristics towards criminal behavior. Through these and other searches, we concluded that one employee had taken on too much debt and had decided to blame their employer for the situation. The employee had decided to break-in to various files to gather confidential information on the business, it’s clients and other employees. Fortunately, enough circumstantial information was developed to allow investigators to approach the subject, who subsequently confessed to the plot.
This situation could have been prevented using several different methods. First, the client failed to have any computer security programs in place, even though they had financial information, accounts, human resource files and product development documents on the system. We convinced the client to purchase some of-the-shelf security programs which makes employees enter codes to start up the system and different codes to get into different areas of the system. The computer main-frame, as well as each terminal are now turned off each night to help prevent access by modem. In addition, all lines, including their computer telephone line is forwarded to their answering service each night. An internal “employee satisfaction” questionnaire was developed in an attempt to keep abreast of employee attitude changes and supervisors are now encouraged to take employees to lunch once a month to enable a rapport to be established so that employee dissatisfaction and problems can be addressed in a non-threatening work environment.
In yet another case, our client indicated they had an employee who had been receiving life threatening notes that were left on her desk. The employee immediately claimed a stress related worker’s compensation injury, was off of work and had demanded a settlement in excess of $50,000. Our investigators interviewed all employees in the office (40+) and initiated background investigations on the injured employee. A review of the worker’s compensation records revealed the employee had a history of suspicious injuries. A check of the civil records indicated two law-suits against former employers for a worker’s compensation injury and for sexual harassment. Documents with the claimant’s hand writing were located and compared to the notes left on the employee’s desk. From a lay person’s view, the handwriting appeared to be very comparable. The interviews resulted in at least five employees who were told by the claimant that she didn’t like working at the business and wished they would fire her so she could file a wrongful termination lawsuit. Once all the evidence was compiled, the investigators met with the employee and indicated their suspicions. The employee eventually became concerned about the probable involvement of the police and suggested that the whole affair be dropped. Based on the client’s wishes, the entire episode came to a close after the employee signed an affidavit indicating she had set the whole thing up.
In this case, the client had made it a policy to conduct a background check on all potential new-hires. However, they had become selective as a means of cost-cutting and were down to conducting investigations on the average of 1 out of every 5 new hires. Secondly, because of the type of work the client performed, a battery of psychological tests were suppose to be administered as well. The program had been discontinued as another means of cutting costs. The client did not use employee exit interviews when employees left their company. If they had, they would have discovered that some of the co-workers sought other employment as the working conditions had gotten more than they wanted to deal with since this subject had been hired.
In our final example, a client approached our agency to conduct an investigation on their business partner. The client had hired a CEO approximately two years before and had recently made him a junior partner in the company. After noticing funds being wired out of their account to unknown accounts in Europe, our client became suspicious. The CEO had indicated that he had worked for his previous employer for eight years. What we found is that the subject took a year off in between jobs, which has still not be accounted for. Before this, he worked for a company which filed a lawsuit against him for embezzlement through falsifying expense accounts and creating a bogus company to have expenses paid to. Prior to this, he actually worked for the employer he indicated, but only for a short time. During the investigation, our agency found that not only was he sued by his former employer, but the attorney generals in 14 different states, along with the postal inspectors had filed lawsuits against him for deceptive trade practices, mail fraud and fraudulent solicitation. Once again, had our client had a policy of conducting background checks on potential business associates and employees, this could have been prevented.
As you can see, fraud is very diverse and can easily be mis-diagnosed. In some of these situations, the client could have easily continued to be victimized by fraud. The use of a good internal awareness training program, adherence to policies and practical observation can help stem fraud.
Kelly Riddle is the principal of Kelmar and Associates, formed in 1989, and conducts investigations domestically and internationally. A distinguished speaker and author of 10 books, Mr. Riddle has more than 30 years of investigative experience and earned a Bachelor of Science degree in Criminal Justice from the University of North Alabama. He was chosen as the “PI of the Year” by the National Association of Investigative Specialists and the PI Magazine named Mr. Riddle as the “#1 PI in the United States”. He has been designated an expert in surveillance, insurance investigations, nursing home abuse and computer investigations. He was chosen as “One of the Top 25 PI’s of the 20th Century.” Kelly obtained his Texas Certified Investigator designation (less than 50 in TX.) Mr. Riddle is also on the Board of Directors for the Texas Association of Licensed Investigators (TALI).