Kiting is a very old scheme and is not as likely to happen as it once was, but any entity with multiple bank accounts should be aware of the possibility.  For kiting to work, an individual must have complete authority over two or more bank accounts.  The perpetrator must be able to sign and draw checks and must be the person reconciling the bank accounts.

The fraud starts when the perpetrator drafts a check on Bank A for a large amount (let’s say $50,000) and deposits it in Bank B.  Before the funds clear, he draws a check for $50,000 on Bank B and deposits it in Bank A.  The drawing of checks continues until a large float occurs.  The perpetrator then siphons off a substantial balance of cash and deposits it in his own account to earn interest.  The scheme can continue indefinitely as long as enough checks are drawn and deposited.  The checks are never recorded on the books of the entity and the perpetrator destroys the bogus checks when they are returned with the bank statement.  The best way to prevent kiting is never to give an individual the authority to sign checks and to reconcile cash.  If kiting has occurred, it will be caught if the perpetrator has to take vacation for an extended period.  A proof of cash will also catch kiting.

Americans will soon start putting together the information for filing their 2009 income tax returns.  Perhaps you’ve started already.  Unfortunately, the requirement to file income tax returns has provided some individuals with an opportunity to defraud unsuspecting victims.  These fraudsters advertise themselves as tax preparers and lure their victims with untrue promises, such as a guarantee that they will obtain large refunds for any taxpayers that use their services.  They appear to keep their promises by preparing fraudulent returns that show that the taxpayers are due a refund when in fact they are not or by overstating the amount of a refund that is due.  They achieve these fraudulent requests for refunds by taking phony deductions, underreporting income and claiming credits that the taxpayers are not entitled to.  Sometimes they even claim credits that do not even exist.

Our friends at EagleBank, a local community business bank with fourteen offices in Maryland, Virginia and Washington, DC, are reminding their customers of the importance of keeping up-to-date with internet and e-mail best practices in order to decrease the chance of fraudulent activity.  They have provided the following list of recommendations for those who utilize ACH and wire transfers:

1. Provide the bank with a dollar limit for all individual ACH and wire transfer transactions.
 
2. Provide the bank with a daily dollar limit for the business for all ACH and wire transfer transactions.
 
3. Require a second approval for all ACH and wire transfer transactions.
 
4. Set-up pre-filled ACH and wire templates for common transactions.
 
5. Require a second token number be entered to send an ACH or wire transfer transaction.
 
6. Have a dedicated online banking PC that is not used for any email or other internet activity.
 
7. Monitor your account throughout the day.

For additional information on fraud prevention, you can visit the EagleBank home page at www.eaglebankcorp.com and click on “Phishing Attacks & ID Theft” on the sidebar.

The United States Postal Inspection Service warns of a scam generated by a phony e-mail message.  The phony e-mail, which indicates that it has been sent by Chief Postal Inspector William Gilligan, is sent to potential victims informing them that a parcel has been sent to them containing an ATM card worth $1.5 million.  The e-mail also informs the victim that the parcel has been intercepted by the Postal Service and goes on to say that the recipient “should not hesitate” to remit $79 to a return mailing address in order to receive the card.

The entire e-mail is, of course, a fraud and the Postal Inspection Service requests that anyone who has information about this scam contact the Service using a phone number or via a website listed at:
https://postalinspectors.uspis.gov/radDocs/consumer/CrimeAlert%20Gilliganemail.pdf

Have you ever heard of Marcia Sladich?  Unless you live in the vicinity of New York City you probably haven’t.  And, perhaps that is lucky for you.  The New York Times reports that Ms. Sladich has been convicted of running what might be called a mini Ponzi scheme.  It can be called mini because her scheme was far less devastating than the scheme originally perpetrated by Charles Ponzi and certainly miniature in relation to the investment scheme orchestrated by Bernard Madoff in more recent years.  However, that is probably of little consolation to Ms. Sladich’s friends and fellow church goers who lost more than $15 million due to her scheme.

The Times reports that from 2004 to 2007, Ms. Sladich solicited funds from her friends and neighbors, promising to invest their money and double it within a year.  She was sentenced to 70 months in federal prison as the result of a complaint by the Securities and Exchange Commission.  Ms. Sladich, who worked as a ticket taker at Giants Stadium, admitted that she used the proceeds of her scheme to pay personal expenses and invest in real estate.  To read more about this case, see http://www.nytimes.com/2010/01/14/nyregion/14towns.html

As long as entities have had accounts receivable lapping has taken place.  Lapping occurs when someone in the organization steals accounts receivable payments by diverting them.  The person committing the fraud then uses a subsequent payment from a different customer to credit the original amount stolen.  As more and more funds are diverted, the number of accounts receivable credited with late payments becomes larger and larger.

The easiest way to prevent lapping is to have adequate separation of duties.  Amounts received from customers should be listed and deposited by one individual and the details should be given to another individual to post the credits to accounts receivable.  Periodically, a third individual should check the posting of receivable payments to ensure that the correct accounts were credited for payment.  Beware of the trusted bookkeeper who handles all elements of the accounts receivable transactions and never takes vacations.  The person committing lapping cannot take a long vacation where someone else performs his or her duties because the scheme will surely be revealed.

Make sure your auditor confirms receivables at year end.  It won’t prevent lapping, but it should catch it.

As holiday shopping escalates during the period between Thanksgiving and New Year’s Day, so does the potential for gift card fraud.  Gift cards have become a convenient and popular method of gift giving in recent years and sales of these cards are clearly on the rise.  While there is absolutely nothing wrong with purchasing gift cards, you must be careful to avoid being defrauded if you do.

Most gift cards carry both an identification number and a pin number.  The identification number is often clearly displayed, but the pin number is normally hidden beneath a light coating that can be scratched off to reveal the number.  When you purchase the card, a store employee activates the card by entering the identification number into the store’s computer system.  Then anyone who physically possesses the card can use it for purchases.  And, they can even make purchases over the internet by entering both the identification number and the pin number.  And this creates the opportunity for fraud.

The Federal Bureau of Investigation warns that anyone purchasing prescription drugs over the Internet faces an increasingly high probability that they will be the victims of fraud.  Internet sales of counterfeit or ineffective drugs has become big business over the past two years and has now become the focus of international efforts to curtail the activities of scam artists who have found a new and very effective way to make money at the expense of innocent victims.

While some Internet pharmacies are legitimate, many are not and those who run the fraudulent web sites are often filling prescriptions with products that either are not the drugs that they are advertised to be or were the actual drugs before being diluted or allowed to pass their expiration date.  The health risks associated with such products are obvious.

The FBI suggests that consumers be extremely cautious when purchasing prescription drugs over the Internet and offers tips to those who do.  To access these suggestions go to
http://www.fbi.gov/majcases/fraud/seniorsfam.htm#cpd

The Federal Bureau of Investigation reports that Joy Jackson of Greenbelt, Maryland has been sentenced to more than 12 years in prison and ordered to make restitution for nearly $17 million in losses created by a fraudulent scheme that she ran through her company, Metropolitan Money Store of Lanham, Maryland.  According to the FBI report, Jackson took advantage of the current economic downturn to prey on desperate homeowners who had significant amounts of equity in their homes but lacked sufficient cash flow to make their monthly mortgage payments.

Where is fraud likely to occur in an entity?  The answer is that fraud can occur anywhere in an organization.  All it takes is someone to determine how the internal controls in the organizations can be circumvented and how to undertake the fraudulent conduct (usually the theft of assets).

For internal control to function properly there needs to be separation of the responsibility for custodianship of the assets and the record keeping for those assets.  Many small organizations lack the personnel to completely separate those functions.  When that occurs management must take responsibility for certain functions to ensure separation of duties.  For example, when the organization only has one bookkeeper who writes the checks and does the bookkeeping, the monthly bank statement should go directly from the bank to someone in management who should review the cleared checks before the bookkeeper does the bank reconciliation.  The manager should also review the completed bank reconciliation when it is done.

In future blogs we will discuss specific areas where fraud might be likely within the organization and the steps management can take to prevent fraud from occurring.