Adds Tracy Coenen, a forensic accountant and certified fraud examiner for Sequence Inc., “I get scared for small businesses because they are not thinking about this issue. I think they are more vulnerable because they’re not taking any basic steps.” Too often, businesses hire her to deal with fraud, not to prevent it.

So while all the attention has been paid to consumer identity theft, small businesses have become more attractive to identity thieves because the rewards are greater.

My friend Gary was also quoted, as he had some really great tips on protecting data:

If you must collect sensitive personal information, organize customer data in such a way that only highly confidential information is protected. Gary Nutbeam, owner of computer consulting firm Across the Big Pond, recommends creating three levels: unclassified (information that anyone can see), classified (semi-sensitive information like an internal memo on benefits) and secret (data like customer contracts).

“It is impractical to fully protect everything,” adds Nutbeam. “You can keep costs down by putting your effort toward protecting the most sensitive data.”

Ask and Don’t Tell

To further lower your liability, limit companyaccess to customer information. It could be as simple as locking up confidential files or databases and giving one or two essential employees the key or their own unique user I.D. “If a user I.D. is shared, it’s impossible to know who really accessed the data,” says Nutbeam.

The reporter was also kind enough to mention my new book, Essentials of Corporate Fraud.

Bobbi Moths opened Excel Title on Hampton Avenue after the Waukesha location of Parkview closed, but a June 5 report in the Milwaukee Journal Sentinel said that Moths has closed Excel.

And now my sources indicate to me that on May 22, Bobbi Moths appeared at the Waukesha police station to be booked on three felony counts related to the Parkview fraud. Additional felony charges in the case are supposedly forthcoming. It’s been said that the IRS is investigating Moths as well.

A little more history on the case:

In early 2004, Parkview Title Service opens a Waukesha location, with Bobbi Moths overseeing the operations. She almost immediately hires her daughter Jamie to work there. Within a month, Jamie allegedly begins paying her $2,500 a month home mortgage from the company’s trust account.

In early 2006, there is an offer from Moths and her husband to buy Parkview Title. This never really goes anywhere due to happenings in the Moths family. Wauwatosa Credit Union sues Parkview Title around this time and gets a default judgment for over $22,000 since the lawsuit was “overlooked” and never answered. The judgment is thrown out in July 2006, and the case is settled privately.

In June 2006, more problems surface. The IRS is sending notices of unpaid taxes and an underwriter wants to perform an audit but Moths stalls for more time. She tells Molkenthen she’s taking care of all of it, but that a computer has crashed and there is no information available for the trust account. (This is the account from which the alleged theft occurred.)

Moths quits Parkview Title in September 2006, and the following month, the bank notifies Molkenthen that a loan funding of over $100,000 has bounced due to insufficient funds in the trust account. Then Parkview Title receives a call from someone whose home sale had closed many months earlier, who was still owed $83,000. Molkenthen checked the company’s records, and a check for $83,000 had cleared the bank… but was deposited by Jamie Wilson into a personal account.

Wilson commits suicide in November 2006 after bank investigators contact her to discuss checks she deposited into her personal account.

Molkenthen tries to unravel everything that occurred while Bobbi Moths worked for him, and he finds that she was holding herself out as an owner of Parkview Title. (She was not.) While pretending to be an owner, Moths allegedly got credit cards in the company’s name and opened a bank account in the name of the company, none of which was known by the real owner.

More information as it becomes available.

A corporate investigative policy is necessary because it is important to have guidelines in place for the start of an investigation. What should management do when fraud is suspected? How are fraud allegations to be evaluated? When and why does the company initiate a full-blown investigation?

Most managers and executive haven’t had to deal with allegations of serious fraud. They need some guidance so that evidence isn’t corrupted and so that the allegations are handled fairly. A well-designed policy will help avoid claims of selective treatment. It also brings uniformity to the process so that similar offenses are treated similarly.

The investigative team will carry out the full fraud investigation. Depending on the seriousness of the allegations and the level of examination required, the team could be as few as one or two people, or as many as dozens of people. The team might include: attorney, fraud examiner or forensic accountant, auditor, private investigator, computer consultant, and a management representative.

A properly managed fraud investigation is critical to the successful resolution of a corporate fraud. Included in the responsibility for management of the investigation are: document management procedures and supervision of staff and consultants.  The key is being able to quickly locate critical documents, and ensuring that all necessary issues are examined.

Every fraud investigation is unique, since each fraud has its own set of facts and details. The purpose of the investigation should be to determine whether or not a fraud occurred, who was responsible for it, and how much was lost to the fraud. Evidence of the findings must be gathered and presented to those who need to know, such as the lead attorney, upper management, and the board of directors.

I’ve been investigating a couple of cases of church fraud lately, and it makes me sad to think that people will steal from churches, of all places. Sadly, many churches make it all too easy for the thief by not having any sort of controls in place to monitor the money and the bookkeeper.

Even a minimal level of controls could prevent many of the church frauds I see. It’s not expensive and it’s not hard. I can only hope that more churches take steps to protect their money.

The total average cost of compliance was $1.7 million in 2007. This is a decrease from the prior years.

The survey also asked “accelerated filers” (companies with market capitalization above $75 million) about their audit fees for 2007. The total audit fees for these companies averaged $3.6 million, up a bit from 2006.

Here are some other interesting figures:

• Companies averaged 11,100 internal people hours to comply with Section 404 in 2007. (What a waste!) Yet this was considered good because it was a 8.6% decrease from 2006.
• Companies averaged 1,244 external people hours to to comply with Section 404 in 2007. (More waste!) This was also considered good because it was a 13.7% decrease from 2006.

And companies apparently think that Section 404 is doing some good:

• 50.3% agreed that financial reports are more accurate; up from 46% in 2006.
• 56.0% agreed that financial reports are more reliable, up from 48% in 2006.
• 43.6% agreed that compliance with Section 404 has helped prevent or detect fraud; up from 34% in 2006.
• 69.1% agreed that compliance with Section 404 has resulted in more investor confidence in their financial reports, up from 60% in 2006.

Although you’ll see in my book, Essentials of Corporate Fraud, there is generally a disconnect between what the executives think about fraud and the reality of fraud. Executives think that what they’ve implemented is more effective than it is in reality.

Unfortunately, if you want to play the credit card game today, it’s your responsibility to know and abide by these rules, sneaky or not.

Here are the seven… if you want all the details you’ll have to check WalletPop:

1. Say “Bye-Bye” to Your Grace Period
2. Punishing you when you are credit smart.
3. Doing you the “favor” of sending you “convenience” checks.
4. Psst… Hey, buddy, want to skip a payment?
5. Lowering your minimum payment due.
6. It’s 5 o’clock… Do you know where your payment is?
7. “Over the limit” fees

Things started going wrong at WorldCom very early. The company went on an acquisition spree, and the merging of many small companies, managers, and accounting systems was a disaster waiting to happen. Cynthia says that WorldCom was much better at acquiring companies than integrating them, and that is clear.

From an accounting perspective, it was next to impossible to create a properly controlled system. There were too many small systems being pieced together, and it was easy for numbers and authorizations to get lost in the shuffle. This struggle is well-documented by Cynthia, who no doubt painstakingly researched the various acquisitions in order to give such a complete history.

At times the book seems to get a little off-topic as Cynthia goes through each player’s background briefly. Honestly, that information isn’t really relevant to the story and, while it was probably intended to make these characters relatable human beings, it really just serves to make the book longer than necessary. It prolongs the process of getting to the real heart of the story.

I was drawn into the parts detailing the background of Bernie Ebbers and his early entrepreneurial ventures. I don’t think Cynthia came right out and said that Ebbers wasn’t equipped to run WorldCom, but that’s exactly how it appears when you’re done reading.

Where this book is so good is in detailing the fraud and how it happened. I don’t think most consumers know how and where WorldCom’s fraud started: all in the “line costs.” You don’t need an accounting background to understand the details of the fraud once Cynthia explains how things went down. Earnings were too low and management was, quite simply, looking for a place to reduce expenses.

When management realized they were paying too much for capacity that they weren’t selling to customers, it became clear. Take some of those “line costs” and capitalize them, which essentially amounts to moving them off the profit and loss statement (decreasing expenses and increasing profits) and onto the balance sheet (increasing assets).

WorldCom moved those line costs into something that the executives called “prepaid capacity.” The company’s financials instantly looked better, and CFO Scott Sullivan found that this was an easy way to rehabilitate the financial statements each quarter. Wall Street wanted lots of growth, and that’s exactly what the executives delivered by the time the fraudulent accounting entries were completed.

Yet the process of uncovering this fraud, as Cynthia and her team would soon find out, was grueling. Their investigation into the accounting shenanigans was long because the accounting entries behind this manipulation of the financial statements were complex. Hundreds of entries were made to a variety of accounts in order to confuse anyone who might later look at them. And the investigation was hard because management didn’t want Cynthia and her people looking into the entries, for obvious reasons.

After the fraud became clear to Cynthia and her team, there was a long fight over whether something should or could be done about it. Scott Sullivan was determined to find an accounting rule to justify the fraudulent accounting entries. It is no surprise that there is not an accounting rule that backs up what was done, because it wasn’t done with the accounting rules in mind. It was done with only Wall Street in mind.

And WorldCom’s audit committee wasn’t completely behind the internal auditors’ investigation or results. The audit committee should be the independent group of individuals to whom an employee can voice concerns and be taken seriously. Yet Cynthia didn’t seem to be given as much consideration as she should have been, and she relates this struggle nicely in the book.

The story of the investigation comes to life through Cynthia’s words. I found myself drawn into the story, and I could feel myself sitting there as the internal auditors were going through entry after entry, always watching their backs because the executives didn’t want them investigating.

Lots of clichés and heartwarming stories of family interactions are woven into the book. Again, these things aren’t really all that relevant to the story and merely provided a distraction from the business at hand: the collapse of WorldCom.

These minor criticisms don’t take away from the book as a whole. It is a detailed account of what happened, and digs much deeper into the WorldCom fraud than I ever expected. The detail behind how the fraud occurred is told in a fascinating manner, and I found myself able to picture WorldCom executives sitting around and comparing the company’s financial results to the expectations of Wall Street … and making fraudulent accounting entries to meet those expectations.

Congratulations, Cynthia, on a successful first book. And many thanks for being willing to stand up for the truth and fight to expose the WorldCom fraud.

Search: sarbanes oxley act positive benefit

Answer: Not so much. I maintain that there has been little improvement in fraud prevention in companies, at too high a cost from Sarbanes-Oxley. There may have been incremental improvements, but they haven’t offered any significant reduction in fraud so far. (Reflections on Sarbanes-Oxley Act of 2002)

Search: Employee Expense Report theft

Answer: This is an issue that is much more important than most executives and boards of directors realize. They tend to overlook such things, usually because the dollars involved are so low. (And they’re more likely to overlook such theft by an executive, than by a lower level employee, in my experience.) But here’s why it’s important: A small fraud like this is indicative of a culture that tolerates dishonesty. It’s also a sign that there are bigger frauds to come. (Expense Report Abuse: Much Ado About Nothing)

Search: fraud blog

Answer: Yes, right here!

Search: tracking unreported income

Answer: Are you committing fraud and looking for a way to keep track of what you’re stealing or concealing? Or are you looking for a way to find out how much income has been unreported? I hope it’s the latter. And it’s hard to do, but it’s possible. (Methods of Searching For Unreported Income)

Search: MAKING MISTAKES DURING DEPOSITIONS

Answer: Yes, it happens. So long as witness (both expert and non-expert) are human beings, mistakes can be made. If you’re still in the deposition and you realize you’ve made a mistake, ask for an opportunity to clarify an earlier answer. If the attorney deposing you does not allow it, the attorney on your side of the case should allow you to do so when he/she has a chance to question you. If you realize the mistake after the deposition, contact the attorney you’re working with and explain the situation so that he/she can decide how best to handle it. (Litigation Disasters: Making Mistakes With Expert Witnesses)

Search: What good came out of enron

Answer: Not a lot. However, it did bring more attention to the issue of fraud, giving those executives who wished to be proactive in the fight against fraud a greater motivation to do so. (Enron: The Good, the Bad, and the Ugly)

Search: tips on being audited

Answer: I have those for you! (Help! I’m Being Audited! Tips For Surviving A Tax Audit)

Search: fraud between family members

Answer: This is very common. (Family Lies: Fraud in Family Business)