Crumbling asset values and wild volatility have left a trail of disaster in their wake. They also exposed some truly shocking frauds.
Abbey: “If something sounds too good to be true, it probably is”
In the words of acclaimed financier and investor Warren Buffett of Berkshire Hathaway, “Only when the tide goes out do you discover who has been swimming naked.” The tide is now very much out, as the credit crisis expands, and some high-profile company executives are feeling exposed. Since the credit crisis began to unfold more than 18 months ago, several former traders and executives of high-profile companies have had accusations or charges of fraud leveled against them.
In the early stages of the crisis, the global banking system reeled in the wake of the $7 billion in losses incurred at French bank Société Générale by rogue trader Jérôme Kerviel. However, Kerviel was not the only trader exposed by the subprime crisis. Two former Bear Stearns hedge fund managers were arrested on suspicion of securities fraud for allegedly lying to investors about two mortgage-backed securities funds they managed.
The US Federal Bureau of Investigation (FBI) is also investigating other high-profile characters in the subprime crisis: Lehman Brothers, insurer AIG and mortgage providers Fannie Mae and Freddie Mac. According to newspaper reports, the FBI will look at whether these firms unduly influenced agencies to inflate their ratings and misled investors about the true state of their assets.
But the biggest fraud to have emerged so far from the ashes of the credit crisis is the alleged Ponzi scheme orchestrated by former Nasdaq chairman Bernard Madoff. Madoff’s alleged $50 billion scheme relied on new money coming in to pay existing investors and is believed to have run into problems as credit tightened. Victims of the alleged fraud include leading European banks such as HSBC, RBS, Santander and BNP Paribas.
Just as the new year dawned, the head of Indian IT outsourcing firm Satyam Computers revealed that he had “fixed the books” for several years. Ramalinga Raju, chairman and chief executive of Satyam—now often described as India’s Enron—put his name to a $1 billion fraud, which sent the company’s share price into freefall. However, Madoff and Satyam Computers appear to be only the tip of the iceberg, with new fraud allegations emerging by the day, including recent allegations against the chairman of a major Dubai real estate company.
Patrick: “To uncover internal fraud you need a sophisticated system”
Until recently the largest and highest-profile cases of corporate fraud were the false accounting scandals that wracked Enron and WorldCom in 2001 and 2002. However, events of the past few months suggest that corporate fraud is alive and well. At the end of 2007 the FBI was pursuing 529 cases of corporate fraud involving losses to public investors exceeding $1 billion. The number of cases pursued by the FBI’s Financial Crimes Unit has risen steadily since 2003, when the number of cases under investigation was 279.
“The general rule of thumb is that 20% of fraud companies know how to deal with, another 40% they are aware of but don’t know how to deal with, and the remaining 40% they know must be happening but they are unsure where it is occurring,” says Bart Patrick, head of risk at business intelligence firm SAS UK. This suggests that a substantial amount of corporate fraud is likely to go undetected for some time.
Among financial companies, though, the level of fraud is harder to determine. Research firm Celent estimates that up to 50% of all insider fraud incidents in the financial services industry go unreported, with the decision to cover them up being dependent on the size of the breach, the extent of the damage caused and concerns over customer confidence and the bank’s image.
Jacob Jegher, a senior analyst with Celent, estimates that insider fraud accounts for 60% of all bank fraud cases involving a data breach or theft of funds. Richard Abbey, who has investigated corporate fraud for the past 15 years, including notable cases such as Barings Bank rogue trader Nick Leeson and the collapse of Italian company Parmalat, says companies often make the mistake of believing trust prevents fraud. But in Abbey’s experience as managing director, financial investigations, for risk consulting company, Kroll, entrusting the keys to the kingdom even to long-serving employees does not prevent fraud. “A lot of controls are put in place to protect against obvious types of fraud with new people employed,” he explains. “Yet the typical fraudster is the long-serving employee. They know their way around the system, and, as they have been there for years, they are often entrusted with everything.”
Hard Times Breed Fraud
Most experts agree that the current economic climate, where companies are facing mounting debts, working-capital shortfalls and employee redundancies, provides the perfect breeding ground for fraud. Kroll’s 2008-2009 Global Fraud Report says that 85% of companies were affected by at least one fraud in the past three years, up from 80% in its previous survey. The most common forms of corporate fraud, according to Kroll’s survey, were theft of physical assets, which affected 37% of companies; information theft, at more than a quarter of the companies studied; and regulatory and compliance breaches.
Another trend that could be further inflamed by the current economic crisis, says Abbey, is the emergence of the “non-malicious” corporate fraudster—those that commit fraud not for personal gain but to save their company and employees’ jobs. He also expects to see an increase in false accounting practices as companies look to inflate profits in order to maintain their core ratios or protect themselves from breaching banking covenants. “We will see a significant increase in that type of fraud,” adds Abbey. “However, the jurisdiction is shifting from the more regulated markets where Sarbanes-Oxley, independent audit committees and the significant level of oversight make it more difficult to get away with, to emerging markets where supervision and broad oversight is not as advanced.”
In its 2008 Financial Risk Outlook, UK banking regulator the Financial Services Authority (FSA) identified financial crime as one of the key priority risks, stating that tighter economic conditions may lead to an increase in the incidence or discovery of some types of financial crime. “We will not see rocketing levels of fraud,” says David Porter, head of security and risk at consultancy Detica, “but we will see rocketing levels of discovery. When things are going well, people don’t bother looking at fraud. Now that times are hard, what was previously non-pressing has become more pressing.”
Fraud Losses Grow Sharply
When capital is scarce, no company can afford to be the unwitting victim of corporate fraud. The financial losses, for one thing, are far too high. Kroll estimates that the average company lost $8.2 million to fraud over the past three years, an increase of 22% from the previous year’s survey. Those figures could well have been even worse had the US not rolled out the controversial Sarbanes-Oxley (SOX) legislation in the wake of the Enron and WorldCom scandals. Abbey says SOX has resulted in greater corporate governance and adds, “The fact that there are more people looking more closely at the P&L does make it more difficult to commit fraud.”
Experts say advances in technology also mean that detection and prevention are becoming more sophisticated. Voice recognition software, biometrics, enterprise fraud management systems that monitor information across different departmental silos for unusual activity and software that analyzes the way someone writes an email in order to detect potentially fraudulent behavior are just some of the tools available for detecting fraud.
According to Patrick of SAS, these technologies can help companies prevent fraud rather than focusing on “after the event” forensics. “To uncover internal fraud, you need a sophisticated system that looks across data sets, emails, internal systems and telephone records and looks for patterns of activity across everything everyone is doing,” he explains. “That means analyzing vast quantities of data to detect key patterns and then using that information to forecast whether something is likely to be fraud by matching it against common fraud patterns.”
Ironically, despite the plethora of controls a company may put in place, Abbey says most corporate fraud cases are only brought to light by accident or whistleblowers. “We don’t see many cases that are picked up by controls,” he says, pointing to one case he investigated where a systematic fraud committed by the head of a company’s accounts payable department only came to light after he collapsed and died on a golf course and was no longer able to cover up the fact that he had been diverting the automated payment run to four or five suppliers into his own personal account.
Old Lessons Must Be Learned Again
“There are some wonderful technologies that can help solve fraud,” says Porter of Detica, “but it is not just about wielding the sword of technology. It is about con artists scamming people. There is a soft, human element to combating fraud. This year companies are going to be learning a lot of old lessons about fraud.”
One of those old lessons is segregation of duties. “If you give a person end-to-end influence over a process in terms of sign-off and approvals, that is giving them the opportunity to commit fraud,” says Porter.
Stephen Kingsley, head of Financial Services for LECG, whose forensic accountants are working on the Madoff case in New York and London, says in the alleged Madoff Ponzi scheme there appeared to be a “patent lack of segregation of duties,” as the management, administration and custody were conducted either by Madoff or related parties. However, Kingsley says that standards of due diligence in this area are still developing and that there was no apparent legal onus on Madoff to separate these duties.
Abbey says companies need to understand who has access to what. If, for example, someone has access to both the debits and credits in the P&L, they are more likely to be able to cover their tracks if they decide to commit fraud with a fraudulent liability. “It is about supervision and understanding of transactions undertaken,” he explains. “The best way of identifying if something is wrong is to understand what your business is doing. If something sounds too good to be true, it probably is.”