Date posted: 27/05/2024 8 min read

Sticky fingers

Accountants are in a unique position to identify fraud across all levels of a business – if they know what to look for.

Quick take

  • Fraud is usually only detected after many years, but the red flags have usually been present in the data.
  • Some transactions that might deserve further scrutiny are large, round dollar supplier payments; multiple payments just under a payer’s permitted limit; and large numbers of transactions through a suspense account.
  • Professional scepticism and data analytics that identify outliers can help with fraud detection.

While fraud may be considered a whitecollar crime, it’s by no means victimless. Successful businesses may find themselves struggling or even being forced to close, and customers and suppliers may not receive their orders and entitlements. By the time fraud in an organisation comes to light, it has often been running for several years, perpetrated by trusted and highly regarded employees. Yet, there are several red flags accountants can keep an eye out for that will tip them off to a potential fraud.

“The funny thing is, for me, having investigated these matters for such a long time, the devil is always in the details,” says Sara Deady CA, a Sydney-based forensic accountant and investigator at McGrathNicol advisory.

“It might be a whistleblower complaint or an issue is raised and when you start to look at the data, there is certainly information in the data that would have flagged these types of matters earlier.”

There are a few red flags around accounts payable, such as large, round dollar payments going to the same supplier or amounts that are just under the payer’s authorisation limit.

“From an accounting perspective, scratching beneath the surface is the key message. If something doesn’t feel right or something doesn’t look right or the balance of an account just doesn’t seem to add up, look into it in more detail,” Deady says.

“Get a list of all the transactions that sit within that account. Are accounts actually being used for the purpose for which they were set up initially?”

Levels of opportunity

Different types of fraud tend to be carried out by people with different roles, says Deady. Those who embezzle money from the business usually work in finance. They have control over accounts and can manipulate a vendor master file to cover their tracks.

Receiving corrupt payments or bribes is generally carried out by staff who are contracting suppliers and setting up contracts. And finally, senior executives are the staff most likely to be manipulating financial statements, such as fraudulently increasing or bringing forward revenue or misstating expenses, usually to meet targets or achieve bonuses.

Suspicious transactions

Another red flag is where items are hidden in unreconciled accounts. Suspense accounts are another place where staff in finance functions can hide money or conceal misappropriation.

Suspense accounts are used by accounting staff to account for transactions before they are appropriately coded and moved to a new account and they can also mask bigger issues.

Clive Hudson CA, principal forensic accountant and electronic forensic investigator at the Serious Fraud Office in New Zealand, and a member of the CA ANZ Forensic Accounting Committee, says to watch out for a large number of transactions going through a suspense account or where an expense is recorded in the expense account, then systematically split into several different accounts. Accountants should also keep an eye on which bank accounts payments are made into.

Hudson says that in New Zealand, Westpac does all the government’s banking and a red flag is if supposed government payments don’t have a bank code beginning with 03 – Westpac’s number.

It’s also good practice to examine which bank accounts payroll uses. If salary payments for different employees are going to the same account, it could be a sign of fraud. But Hudson also points out that it could mean that a couple are both employed by the business. Likewise, if some invoices are paid to the same bank account as an employee, that is something to look into.

“Most of these things start with pulling a thread,” he says.

“If there’s something that doesn’t quite look right, and you pull the thread and sometimes there’s nothing more, and then other times you’ve got this whole ball of fake mess on the end.”

Revealing slip-ups

Sometimes fraudsters are just caught through random events.

Hudson recalls a case where a woman was forging and altering documents, and accidentally left one on the photocopier while she took a phone call. A colleague found the document and realised something was off.

There are also behavioural traits, such as unexpected or sudden flashes of wealth.

Hudson worked on a case where fraud was uncovered because a new manager started at a workplace and saw that one of his lower-paid staff was driving a luxury European car, when he could only afford an ordinary car. His suspicions aroused, he investigated and discovered the employee was receiving kickbacks from suppliers.

Scepticism and data insights

Fraudsters are often the last person anyone would expect. Often, they will work late, volunteer to take on extra responsibilities and won’t take leave, so their crimes aren’t uncovered. In one case Hudson worked on, the fraudster had made himself invaluable to the project team installing a new accounting system, with the result that he could exploit its vulnerabilities.

It’s here that a chartered accountant’s professional scepticism should stand them in good stead, when considering the facts. However, data analytics can help to identify which transactions and behaviours justify a closer look.

AI is also playing a larger role in fraud detection, says McGrathNicol’s Deady.

“Organisations are using data analytics to understand what their risks are and how people could be circumventing controls within a system, and using analytics around that to identify exceptions requiring investigation.”

What’s certain is that in the fraud triangle – pressure, opportunity and justification – accountants can reduce opportunity with robust payment systems, and protect the businesses in the process.

Business fraud


A licence to print money

In October 2023, the New Zealand Employment Relations Authority (ERA) concluded that Angela Freiden had siphoned off about NZ$350,000 from her private healthcare employer Columba at Ascot, in Auckland.

Freiden used a combination of falsified supplier invoices and unauthorised payroll payments to divert the funds to her own bank account.

She was ordered to repay the money, plus NZ$30,000 in damages.

Because Columba opted to pursue the funds through ERA, Freiden did not face any criminal charges.


Living the high life

In 2019, Rosemary Rogers, chief of staff to former National Australia Bank (NAB) CEOs Cameron Clyne and Andrew Thorburn, pleaded guilty to being an agent corruptly receiving a benefit. She paid falsified and inflated invoices to Human Group, a company owned by her friend Helen Rosamond, which ran events for NAB from 2006 to 2018.

Rogers received about A$5.5 million and Rosamond A$4.5 million, during the period. NAB spent more than A$118 million with Human Group, but the criminal case only focused on a four-year period.

The district court heard that Clyne unknowingly facilitated the scheme when he was CEO, “having provided Rogers with a delegated authority to approve expenditure up to A$20 million”.

Rogers used the stolen money for a A$620,000 family holiday for eight to the US, a A$160,000 European holiday, a A$172,000 BMW X5, a A$1.5 million house, a A$380,000 house deposit, patio renovations worth A$128,000, a A$90,000 caravan and A$115,000 boat, among other items.

In January 2021, Rogers was sentenced to eight years jail, with a non-parole period of four years and nine months. Her sentence was reduced for helping authorities and testifying in Rosamond’s case.

Rosamond was found guilty of 90 of 92 fraud charges and sentenced to 15 years, with a non-parole period of eight years.

“The length and breadth of the fraudulent activity carried out pursuant to this joint enterprise was breathtaking in its audacity,” NSW District Court judge Robert Sutherland said. “The extravagance of their spending with the money fraudulently obtained and the opulence of the lifestyles they both pursued was stunning.”


Revised fraud audit standard on the way

Audit is not designed to detect fraud. Its purpose is to form a view on whether a financial report accurately represents the financial position of a company at a point in time. Bearing this in mind, proposed revisions to the audit standard relating to fraud are designed to focus more attention on the topic and narrow the expectation gap.

“We’re not trying to change the fundamental model of the audit,” says Tom Seidenstein, chair of the International Auditing and Assurance Standards Board (IAASB), in relation to the proposed changes to International Standards Auditing ISA 240. “We’re trying to draw attention to the things that should be done within the context of an audit as it relates to material misstatement due to fraud.”

Fraud has been subject to the expectations gap in the world of audit, where regulators and others have questioned whether the audit standard is strong enough in the wake of corporate failures. The revised standard aims to overcome this problem by telling an auditor what they’re supposed to do; making the audit requirements more robust and explaining externally what the auditor has done in relation to fraud.

Seidenstein says auditors are required to find risk of material misstatement due to fraud or error. There has been an emphasis on error in recent years and ISA 240 (Revised) takes the approach adopted in ISA 135 Identifying and Assessing the Risks of Material Misstatement, and applying a fraud lens to it.

The proposed new standard adds “a little bit more robustness” to the work effort expected of an auditor if fraud is expected or identified, and clarity on where professional scepticism should be applied throughout the audit.

It also enhances the auditor’s report to have some discussion on fraud and key audit matters for listed matters.

Sedenstein says it’s hard to judge if the revised standard will lead to more fraud being uncovered, but adds: “In any regulation or standard setting, a new standard that is more clearly defined can maybe focus attention on the topic. I would expect the auditor to do a better job both in terms of identifying risk and also communicating it.”

He emphasises that the fundamental role of the auditor will not change. “We are giving a helpful nudge to remind auditors what they’re supposed to do as it relates to fraud,” he says.

The IAASB asked stakeholders to provide feedback on the draft revised standard by 5 June this year.


Take away

Fool Me Once: Scams, Stories, and Secrets From the Trillion-Dollar Fraud Industry

'Fool Me Once: Scams, Stories, and Secrets From the Trillion-Dollar Fraud Industry' by Kelly Richmond Pope offers engaging stories to identify three types of fraudster: intentional, accidental, and righteous, and explains what makes them tick and how they operate.

Read more