FRAUD SCHEMES IN CRISIS PERIOD: A CASE OF COVID-19

Being a Webinar Paper Series presented at theStoics Consulting’s ‘2020 Cybersafe and Fraud proof Summit’ held on 6th August 2020 on Teleconferencing Platform

INTRODUCTION

In recent months fraud risks related to COVID-19 have become more common accentuated by the unprecedented changes in work, social and economic conditions for everyone. Law enforcement and regulators across the globe have put out advisories warning of increased fraud threats and red flags.

Currently, the majority of businesses are feeling the economic repercussions of COVID-19 as they struggle to remain financially liquid. This means that concerned business entities are seeking new trade and business opportunities, and offers of such are therefore hard to turn down. With rising fear that the economic fallout due to COVID-19 will be likened to the Great Depression, businesses are accepting new opportunities with haste. This can, however, leave businesses at a serious risk of fraud.

The pandemic has created an environment of not only increased internal fraud risks but also opportunities for external fraudsters to take advantage of disruptions in normal business operations, such as potentially weakened control environments. Fraudsters have historically used crises such as market crashes and natural disasters to exploit and benefit.

The COVID-19 crisis is forcing companies to tackle significant operational, financial, and strategic challenges. And some employees might be tempted to engage in embezzlement schemes or even manipulate financial statements, among other improper acts, to address their immediate financial needs.

The line that separates acceptable from unacceptable behavior can become blurred for some people when pressures mount. Also, workforce displacement or distraction might weaken controls like segregation of duties.

FRAUD SCHEMES

Fraud can be devastating to a business, especially as fraud schemes and financial transactions are becoming more complex and sophisticated with technology advancements. Recognizing the wide variety of threatening internal and external fraud schemes, including asset misappropriation schemes, fraud by vendors and corruption is essential to detecting and deterring fraud.

Schemes may involve the falsification or improper modification of accounting documentation (invoices, purchase orders, change orders, shipping reports, etc.) to cover up the fraud scheme. Other fraud schemes involve fraudulent financial reporting and the misclassification of credits on the income statement. Majorly, Fraud Schemes can be grouped into:

Internal Fraud Schemes

Internal Fraud schemes are mostly fabricated by staff working within a firm. Internal Fraud scheme is one structured at the risk of unexpected financial, material or reputational loss as the result of fraudulent action of a person who works within a firm.

The ACFE Fraud Tree, as contained in the 2020 Report to the Nations, gave the three categories of occupational fraud committed internally:

1. Corruption
2. Asset misappropriation and
3. Financial Statement Fraud.

Corruption and Kickbacks

Generally, corruption in an organization refers to the abuse of entrusted power for private gain. A “kickback” is a bribe paid incrementally by the contractor as it is paid.  Most bribes in exchange for large contract awards in international development projects are paid as kickbacks, usually totaling 5%-20% of the contract value. In highly corrupt areas, however, the percentage can be much higher, the perpetrators taking all they can, limited only by the level of oversight, or more accurately, the lack thereof.  In an organization, the following might be linked to corruption and kickbacks during a crisis:

1. Conflicts of interest and collusion among employees and outside third parties (e.g., vendors, customers, suppliers, distributors) to execute fraudulent billing, purchasing, and sales schemes in which they’ll benefit (e.g., accounts payable employees approving payments to a third party owned by their spouse).
2. Bribes and kickbacks provided to external third parties (including government officials) on behalf of an organization to secure contracts that could increase employees’ compensation (e.g., commission-based employees).

Corrupt influence

In schemes to pay bribes in exchange for contract awards, corrupt influence usually appears as some form of bid-rigging, intended to steer the contract to the bribe payer by improper means.  The most common bid-rigging methods include:

1. Change order abuse
2. Excluding qualified bidders
3. Leaking of bid information
4. Manipulation of bids
5. Rigged specifications
6. Split purchases
7. Unbalanced bidding

RED FLAGS OF BRIBES AND KICKBACKS

1. Failure to adequately advertise the request for bids or proposals
2. Unreasonable prequalification procedures that exclude qualified bidders, or which allow unqualified bidders to compete
3. Unreasonably narrow contract specifications that favor the winning bidder and exclude others
4. Leaking of bid information to favor a certain bidder, while withholding critical information from other bidders
5. Discarding or changing bids after receipt, or improperly manipulating the scoring of bids
6. Disqualification of bidders for arbitrary or trivial reasons during bid  evaluation
7. Approval of unjustified sole source awards
8. Splitting purchases to avoid procurement thresholds
9. Pressure by project officials on contractors to select a particular subcontractor or agent
10. Contractor engages a questionable subcontractor or local agent (to handle bribe payments)
11. Long delays in contract negotiations or award (as bribe demands are negotiated)
12. Approval of unnecessary change orders to increase the contract price after award

BASIC STEPS TO DETECT AND PROVE BRIBES AND KICKBACKS

1.  Identify and interview all complainants and confidential sources to obtain further detail.

2.  Collect the relevant procurement documents (including preliminary drafts) such as those listed below and carefully examine them for information that confirms or rebuts a complaint and additional red flags or indicators of wrongdoing.

1. Requests for Expression of Interest and responses
   1. Pre-qualification applications and shortlists
   1. Requests for bids or proposals
   1. Submitted bids or proposals
   1. Bid or Proposal Evaluation Reports, including revised reports, with notes of the committee members
   1. Contract awards or purchase orders
   1. Change order requests (contract amendments or “variation orders”) and awards
   1. Related emails, correspondence, and complaints

3.  Conduct thorough due diligence background checks on the suspect companies and project officials.

Note, for example:

(1) Whether the companies have been the subject of prior allegations of corruption or have been debarred by any agency for corrupt practices, by accessing media and debarment sites, and

(2) Whether a suspect official appears to live beyond his means or has undisclosed financial interests in an outside company, by accessing public record sites.

4.  Discreetly collect employment files on the suspect project or government officials, including, to the extent available at this stage of the investigation, the subjects:

• Correspondence files 
• Business and personal emails 
• Computer hard drive files 
• Business and personal telephone and travel records
• Salary and employment history 

5.  Collect and review prior audit reports and investigative reports involving the same parties.  

6.  Interview and request documentation from third-party witnesses, including losing or excluded bidders and subordinates of the suspect project officials.  Ask, for example, about any efforts by officials to improperly steer contracts to favored bidders or any demands for bribes, as well as, of course, addressing any other issues in the case.

7.  Exercise contract audit rights on the winning bidder.  Look for questionable payments made through agents, subcontractors or consultants, or inflated invoices that could be used to generate bribe payments.

8.  If necessary, do a full financial investigation of the suspect official (suspected bribe recipient) to identify the receipt of corrupt payments or sudden unexplained wealth (See step seven of the ten basic steps in complex fraud and corruption investigation).

9.  If necessary, use the evidence collected above to attempt to obtain the cooperation of an inside witness, including a middleman or less culpable member of the corruption scheme. 

10.  Interview the subject official (suspected bribe recipient) and request the subject’s financial documents (See step nine of the ten basic steps in complex fraud and corruption investigation).

11.  Wrap up the case by carefully linking the evidence of improper payments to the evidence of corrupt influence, e.g., shows that the bribe payer received an improper contract award approved by the official who received the bribe.  Try to identify and rebut all anticipated defenses, e.g., the contract award was proper; the payment to the official was the repayment of a prior loan and there was no intent to corruptly influence him, etc.

See a much more detailed description of the ten basic steps in complex fraud and corruption investigation and advice on how to best organize and present the evidence of corruption.

Asset Misappropriation

According to Black’s Law Dictionary, “misappropriation” is the “act of misappropriating or turning to a wrong purpose; wrong appropriation, a term that doesn’t necessarily mean speculation, although it may mean that. The term may also embrace the taking and use of another’s the property for the sole purpose of capitalizing unfairly on goodwill and reputation of the property owner.”

The definition in Webster’s is a little more pointed: “to appropriate wrongly (as by theft or embezzlement).For our purposes, misappropriation includes more than theft or embezzlement. It involves the misuse of any company asset for personal gain. Therefore, employees using a company computer after hours for their own side business haven’t stolen an asset, but they misappropriated it for their benefit. Some of the acts of asset misappropriation are as follows:

1. Employees submitting fictitious invoices (potentially related to vendors purportedly associated with a COVID-19 response) that direct organizations to directly pay them or related parties.
2. Addition of fictitious (or “ghost”) employees to payroll registers.
3. Establishment of fictitious vendors to the vendor master files to siphon funds and other organizations’ assets.
4. Tampering of checks by altering payees and forging endorsements.
5. Submitting fraudulent travel and expense reimbursement claims for non-business/non-permitted expenses.

Financial Statement Fraud

This is the deliberate misrepresentation of the financial condition of an enterprise accomplished through the intentional omission of amount or disclosures in the financial statement. During Crisis, the following may be linked to financial statement fraud:

1. Organizations might be tempted to capitalize on substantial COVID-19 expenses and deduct them over several accounting periods rather than expense them immediately.
2. Management might be motivated to intentionally understate allowances and reserves to avoid additional charges to the bottom line. (Companies have numerous valuation accounts, allowances and reserves including but not limited to those for inventory, accounts receivable, insurance claims incurred but not recorded, income taxes, and contingent liabilities.)
3. To make up for decreased consumer spending, organizations might deliberately overstate or fabricate revenue to boost bottom lines and show how management was able to persevere in a challenging customer/ business environment.
4. Organizations might write-off underperforming assets and/or record what is commonly referred to as “big bath,” or large restructuring charges, as part of larger organizational restructurings, sales or closures of parts of their businesses that are either marginally associated with the impact from COVID-19 or not associated at all.
5. Organizations might avoid fully disclosing the impact of COVID-19 on their overall business results, particularly concerning risks, uncertainties, contingencies, representations contained in public statements and regulatory filings. For example, organizations might not want to disclose their (or their counterparties’) ability to satisfy contractual obligations. That disclosure would also include organizations’ assessments of whether reliance on force majeure provisions or common law principles of nonperformance might apply. The adequacy and sufficiency of such disclosures might lead to regulators and investors claiming securities fraud.

Occupational fraud generally requires three fraud risk factors: Pressure, Opportunity, and Rationalization — the Fraud Triangle.

Opportunity: The pandemic has expanded the “Opportunity” segment due to the sudden shift to remote-working, the rapid adoption of new platforms and procedures, increased digital access by criminals and victims, and the availability of government rescue funds.

Pressure: “Pressure” likewise comes from a variety of factors that could be inflamed by the pandemic, including reduced incomes stemming from lockdowns, the inability to meet debt repayments, problem gambling, and substance abuse.

Rationalization: ‘Rationalisation’ is how a usually honest individual persuades himself that his actions are justified and worthwhile. In this respect, the pandemic may have led to increased numbers of disgruntled or desperate employees, particularly as some employers have cut salaries without going through consultation or contract-revision processes.

External Fraud Schemes/Risks

External fraudsters include those unrelated to organizations (such as scammers) or parties that organizations do business with (such as vendors and customers). Here are some examples of external fraud schemes that organizations need to be alert for:

1. Third-party vendors submitting fraudulent invoices with the hopes of circumventing relatively weakened accounts-payable control environments.
2. Cyber-related attacks, specifically business email compromise schemes, in which fraudsters might pose as someone they aren’t (e.g., CEO or a customer) and request sensitive data, such as personnel records, or a change in banking/payment data. Fraudsters might also target employees with email and text phishing schemes, in which employees receive messages from unknown sources soliciting information or claiming to have “must-see information” about COVID-19 only to find links that download malware to organizations’ cyberinfrastructures.
3. Fraudsters will often pose as legitimate charitable organizations claiming to collect relief funds.

FRAUD RISK MANAGEMENT

An effective fraud risk management framework will enable organizations to have controls that first prevent the fraud from occurring, detect as soon as a fraud happens, and respond effectively to fraud incidents when they occur. Fraud risk management needs to be embedded in an organization’s DNA in the form of written policies, defined responsibilities, and on-going procedures that implement an effective program. There needs to be a clear role for the Board and top management in setting these policies with reporting in place to convey the required information about the program and its performance to them. The tone from the top will be reflected in the perception of fraud prevention and detection throughout the organization.

It is important to have a responsible person with adequate resources and access to top management running the program. This person should be charged with designing and evaluating the program, and for communicating it throughout the organization as appropriate. Since organizations vary greatly in complexity, inherent risk, and size, there is no one-size-fits-all program, but all programs will address issues such as:

1. Roles and responsibilities
2. Fraud awareness
3. Conflict disclosure
4. Fraud risk assessment
5. Reporting procedures
6. Whistleblower protection
7. Investigation process
8. Corrective action
9. Quality assurance
10. On-going monitoring

Fraud risk management (FRM) generally consists of Fraud prevention, fraud detection, and Fraud response.

1. Fraud Prevention: A fraud prevention as a component of Fraud risk management in an organization entails the following in a means to subdue the impact of any loss whatsoever to an organization:
2. Know your employees
3. Keep Personal Information safe
4. Safe Navigation of the internet
5. Implement internal controls
6. Hire trustworthy expert

• Fraud Detection: Fraud detection is a set of activities undertaken to prevent money or property from being obtained through pretenses. 

Fraud detection is applied to many industries such as banking or insurance. In banking, fraud may include forging checks or using stolen credit cards. Other forms of fraud may involve exaggerating losses or causing an accident with the sole intent of the payout.

Fraud Detection Techniques

Fraud is typically an act that involves many repeated methods; making searching for patterns a general focus for fraud detection. For example, data analysts can prevent insurance fraud by making algorithms to detect patterns and anomalies. Fraud detection can be separated by the use of statistical data analysis techniques or artificial intelligence. 

Statistical data analysis techniques include the use of:

1. Calculating statistical parameters
2. Regression analysis
3. Probability distributions and models.
4. Data matching

Artificial intelligence techniques used to detect fraud include the use of:

1. Data Mining: This is a process of discovering patterns in large data sets involving methods at the intersection of machine learning, statistics, and database systems. Data mining is an interdisciplinary subfield of computer science and statistics with an overall goal to extract information (with intelligent methods) from a data set and transform the information into a comprehensible structure for further use. Data mining is the analysis step of the “knowledge discovery in databases” process or KDD. Aside from the raw analysis step, it also involves database and data management aspects, data pre-processing, model and inference considerations, interestingness metrics, complexity considerations, post-processing of discovered structures, visualization, and online updating. It can classify group and segment data to search through up to millions of transactions to find patterns and detect fraud. 
2. Neural Networks: This can learn suspicious-looking patterns, and use those patterns to detect them further. 
3. Machine Learning: This can automatically identify the characteristics found in fraud. 
4. Pattern Recognition: This can detect classes, clusters, and patterns of suspicious behavior.

• Fraud Response: The purpose of the Fraud Response Plan (the “Plan”) is to ensure that effective and timely action is taken in the event of fraud. The Plan aims to help minimize losses and increase the chances of a successful investigation. It acts as a checklist of actions and a guide to follow in the event of fraud being suspected.

While a reactive FRM system has more detection and response work to do, a proactive FRM system is constantly putting in place plans to prevent the fraud from occurring.  Highlighted below are five tangible actions your organization can take to continue proactive fraud risk management during a crisis:

1. Reassess the FRM framework

Every risk management system involves an environmental scan of the organization to see where the risks and controls are. While some are planned annually using the calendar year, others follow the reporting period of their organizations. During a period of uncertainty and constant changes, this is a good time to re-evaluate the FRM system for emerging threats fraud risks.

• Keep and maintain a log of Policy Announcements

This period has witnessed a lot of policy announcements, changes, and restrictions from governments across the world. Equally, organizations have responded by making adjustments to daily business activities. Exemptions have been granted to some existing policies and procedures; controls have been relaxed. This log will also be important during future audits and reviews after the crisis.

• Keep tabs with other departments

Legal, human resources, supply chain, IT, communications, and just about every department have witnessed changes. Some are constantly in the spotlight. For example, payroll needs to pay staff. Communication ensures that corporate messages are aligned. Procurement still needs to purchase essential items. Cyber-security risks continue to be an IT risk, but with employees working from home longer than expected, there are greater possibilities of online theft, phishing, and other financial crimes. It’s important to engage other departments within an organization to keep up and provide expertise from an FRM viewpoint.

• Provide training and sensitization

This period provides an opportunity to keep employees sensitized so as not to expose organizations to vulnerabilities or fraudulent schemes.

• Analyze trends with data analytics

Forensic data analytics will become useful to analyze trends and patterns during and after this period. It is important to note that to analyze data, you must first start with keeping data. Some of the aftermaths of this crisis may not emerge until after six to nine months or even years. However, when analyzing data, it is important not to lose sight of real-life events occurring during the period to avoid misinterpreting results when they are false positives.

CASE EXAMPLES OF FRAUD ARISING FROM CRISES

The following are some of the many examples of crises historically generating significant frauds:

2001: UK Foot and Mouth Crisis

The foot and mouth crisis of 2001 generated a significant logistical exercise for UK agriculture. However, it was also reported that several frauds arose at that time. Indeed, the National Audit Office published a report in 2002, which noted that the first four months of the crisis placed a huge strain on the government’s financial control systems, as they tried to respond to control the disease. This led to a process of subsequent correction of overpayments and irregularities and resulted in several disputes.

2004: Indian Ocean Tsunami

In 2004, the Indian Ocean Tsunami resulted in international aid of more than $6.25 billion being advanced to assist those affected. It was however reported that those funds were the targets of significant fraud. The Sunday Times wrote an article about fraudsters targeting UK charities.

2005: Hurricane Katrina

In August 2005, Hurricane Katrina hit Louisiana, it was the most destructive natural disaster in U.S history. Nonetheless, fraudsters began to take advantage of the situation within hours of the hurricane landing. The FBI estimated that within a week, there were approximately 2,300 fraudulent Hurricane Katrina-related internet sites.

More significantly, more than $110 billion was set aside by the US for reconstruction. The relief money was handed out at a rate of more than $500 million per day, and the speed in which contracts were handed out was unprecedented. It was reported that bills arrived for deals that were sealed with a handshake, with no formal documentation to back them up, and 80% of the $1.5 billion in contracts were awarded without bidding. It was suspected that substantial sums were been lost to fraud in this way.

FRAUD ALERT TIPS DURING CRISIS

The following are tips to be cautious of in times like this:

1. Be aware that criminals are attempting to exploit COVID-19 worldwide through a variety of scams.
2. Be on the lookout for antibody testing fraud schemes. Never share your personal or health information with anyone other than known and trusted medical professionals. Learn more about what to avoid.
3. Be cautious of unsolicited healthcare fraud schemes of testing and treatment through emails, phone calls, or in person. 
4. Be wary of unsolicited telephone calls and e-mails from individuals claiming to be CBN and Treasury employees.

CONCLUSION AND RECOMMENDATIONS

In times of economic crisis, fraud comes to the fore and the same is true in times of natural disaster. The present COVID-19 crisis sets to bring elements of both economic crisis and natural disaster.  Internal and external collaboration is then crucial to tapping the intelligence you need to react quickly.

It is a global pandemic, which will most likely leave a legacy of the global recession in addition to the health issues it has created.

This is likely to create a perfect storm for fraudsters. Therefore, companies and all concerned should collaborate with clients. Tell your clients and front-line personnel what the risks are, but also make sure you listen to them, to establish two-way awareness. In a rapidly evolving situation like the COVID-19 pandemic, institutional awareness can only be ensured by pooling experience, which will in turn reinforce monitoring, intelligence, and collaboration against fraud. Finally, the Government, anti-fraud agencies, legal and accountancy professions as well as companies and the general public will all need to be vigilant to limit the damage that could be caused through fraud in these times.

REFERENCE

Campanelli, A., Corbett, K., & Georgiou, C. (2020). Fraud schemes and investigations amid the COVID-19 pandemic. https://www.fraud-magazine.com/article.aspx?id=4295010930

Gowling, W.L.G, (2020). Covid-19: The Risk of Fraud in a crisis. Available on https://iclg.com/briefing/12380-covid-19-the-risk-of-fraud-in-a-crisis

Kamber, H., Jaiwei, P., & Jian,  M. (2011). Data Mining: Concepts and Techniques (3rd ed.). Morgan Kaufmann. ISBN 978-0-12-381479-1.

Lowers & Associates (2015). 5 Principles of Effective Fraud Risk Management. Available at https://blog.lowersrisk.com/fraud-risk-management/

Mainoma, M.A. & Oyedokun, G.E. (2020). Guidance on Due-Diligent War in Nigeria: A Forensic Accounting Approach to Fight against Corruption. Lagos. Nigeria. Association of Forensic Accounting Researcher (AFAR). ISBN: 9789789787326

Oyedokun, G. E. (2020). Fundamentals of forensic accounting & fraud Investigation. 2^nd Edition,Lagos, Nigeria. Association of Forensic Accounting Researchers (AFAR). ISBN: 978-978-56462-6-9

Oyedokun, G. E. (2018). Fundamentals of forensic accounting & fraud Investigation. Lagos, Nigeria. Aaron & Hur Publishing. ISBN: 978-978-56462-6-9

Oyedokun, G. E. (2018). Ethical justification for creative accounting: Fraud & forensic Accountants’ perspectives. Lagos, Nigeria. Aaron & Hur Publishing. ISBN: 978-978-56462- 9-2

Oyedokun, G. E. (2017). Compendium of writings in forensic accounting & fraud examination. Lagos, Nigeria. ASCO Publishers. ISBN: 978-978-55513-7-2

Patricia Sullivan, (2020).Why Increasing awareness and collaboration are key to tackling COVID-19 fraud. Available at https://www.sc.com/en/feature/why-increasing-awareness-and-collaboration-are-key-to-tackling-covid-19-fraud/

Trevor, H. & Robert, T. & Jerome, F. (2009). The Elements of Statistical Learning: Data Mining, Inference, and Prediction”. Archived from the original on 2009-11-10. Retrieved 2012-08-07.

© 2020: All Rights Reserved:  OGE Professional Services is a member of OGE Group

Disclaimer: OGE’s article is to provide information on technical and contemporary issues within field of Accounting, Finance, Taxation and Forensic Accounting only. It is not to be misconstrued to be a professional advice and opinion. OGE Professional Services will not be responsible for any misrepresentation therefrom. Please, seek appropriate professional advice where needed.