How to Use a General Ledger to Find (and Stop) Fraud Reviewed by Momizat on . Spotting Internal Fraud Schemes To identify whether an organization is vulnerable or has been a victim of fraudulent behavior, it is critical to spot common war Spotting Internal Fraud Schemes To identify whether an organization is vulnerable or has been a victim of fraudulent behavior, it is critical to spot common war Rating: 0
You Are Here: Home » Financial Forensics » How to Use a General Ledger to Find (and Stop) Fraud

How to Use a General Ledger to Find (and Stop) Fraud

Spotting Internal Fraud Schemes

To identify whether an organization is vulnerable or has been a victim of fraudulent behavior, it is critical to spot common warning signs of internal fraud schemes. The first step is knowing where to look. The company’s general ledger (GL) is a good place to start. It is a book that can tell stories of fraud, manipulation, and betrayal. Unfortunately, few know how to read the signs. While investigators, attorneys, and auditors tend to analyze the reports generated from the GL and track and monitor payment and revenue information within the GL, they often overlook a wealth of additional data that can be a signal for fraudulent activities. Properly analyzed, the GL’s contents can reveal evidence of nefarious activities, including bankruptcy fraud and theft of assets. The author of this article lists red flags that may signal potential internal fraud.

How to Use a General Ledger to Find (and Stop) Fraud: Spotting Internal Fraud Schemes

To identify whether an organization is vulnerable or has been a victim of fraudulent behavior, it is critical to spot common warning signs of internal fraud schemes. The first step is knowing where to look. The company’s general ledger (GL) is a good place to start. It is a book that can tell stories of fraud, manipulation, and betrayal. Unfortunately, few know how to read the signs. While investigators, attorneys, and auditors tend to analyze the reports generated from the GL and track and monitor payment and revenue information within the GL, they often overlook a wealth of additional data that can be a signal for fraudulent activities. Properly analyzed, the GL’s contents can reveal evidence of nefarious activities, including bankruptcy fraud and theft of assets.

There are many GL accounts that can be used to hide fraudulent activities by manipulating balances in creative ways. Scenarios include misappropriating customer payments to non-company accounts, setting up ghost employees for expense reimbursements, or creating bogus merchandise returns and depositing the money to a personal bank account.

A forensic auditor electronically analyzes the transactions in a GL to identify trends and patterns of fraud. What type of unusual transactions can be identified? Here are a few examples:

  • Identifying a reclassification from an expense account to an asset account—this often indicates an attempt to fraudulently increase net earnings.
  • Wire payments booked to unusual or not often used expense accounts—these may be money siphoned out of the company and hidden in an expense account created for this reason.
  • Clearing account with large transactions offset by both asset and expense items—this may identify an account being used to hide unreconciled payable entries.

Let me describe a real-world example from an investigation I performed for a large manufacturing company. This company was put into bankruptcy by its parent and the parent company then informed the company’s largest creditor that there were no assets to repay their debt of $10M. We reviewed the GL to determine what happened to the bankrupt company’s assets. What happened to the $20M in manufacturing assets that existed a year before when the loan was made?

We traced the series of recorded transactions that reduced the value of the assets the year prior to bankruptcy. The assets were not actually sold or depreciated as one might expect. Instead, sophisticated data mining identified a series of journal entries that went back and forth to multiple accounts before landing in the equity account, making the company appear insolvent. The entries in effect reduced assets by $20M and reduced equity by $20M. The assets did exist! Through interviews, we learned that the parent moved these assets to another subsidiary and closed the company’s operations. The parent then made these journal entries to make the company appear to lack assets and be insolvent so it would not have to pay $10M to its largest creditor.

Many bankruptcies are either intentional to avoid paying creditors or are caused because of nefarious activity.

Another real-world example involves a Ponzi scheme that went on for decades before being uncovered, financially harming thousands of investors. Trustmie Company started in the early 90’s and sold medical-related investments. Trustmie executives would use the ‘rob Peter to pay Paul’ method of conducting business. Legitimate investments were made, however the marketed returns on investments were so over-stated that to continue with its reputation of high returns, Trustmie needed to use funds from new investors to pay the old ones and then took a big fee for performing the transactions. The perpetrators of the fraud became too greedy —after not being caught for so many years, they figured they were invincible and found more creative and lucrative ways to use Trustmie to personally benefit themselves.

Being too greedy is one of the major downfalls of a fraudster for getting caught. The perpetrators funneled too much money out of Trustmie and, like many Ponzi schemes, this one finally collapsed as the company could no longer cover the old investors’ accounts with new investors’ money. During the same time Trustmie was put into bankruptcy, the Securities and Exchange Commission raised concerns, and a Trustee was appointed. Our firm was hired by the Trustee to perform an investigation. We could not wait to get our hands on the GL and use all sorts of data analytic techniques to see what inventive ways money was removed from the company to benefit the executives!

Here are a few examples of how we analyzed data and what we found:

  • We electronically stripped out all of the vendor payments over a five-year period and
  • Identified the corresponding expense or asset account for these costs. We identified millions of dollars paid for supposed ‘donations’ to entities that were actually related to the executives. We also uncovered hundreds of thousands of dollars to entities hired to help Trustmie in developing new, creative, and illegal ways to funnel money out of the company.
  • We identified all the vendor names, addresses, and vendor numbers of the executives and cross-matched them with the GL entries to identify any payments to them and the corresponding expense accounts. We discovered millions of dollars in payments for personal expense reimbursements, including credit card reimbursements for yacht-related expenses, personal homes, and trips.
  • We cross-matched the investment advisors’ names, addresses, and contact information between each other. We then cross-matched these groups of related entities to the general ledger payment detail and found significant excessive payments. This resulted in identifying several groups of advisors that were aware of the scheme, who pushed investors to invest in the scheme, and then profited significantly from duping the investors. They were in collusion with management.

How did these frauds happen? These cases have two common internal control weaknesses: a lack of controls around management override and collusion among senior management.

The following are some red flags that may tip you off about nefarious behavior at a company you may be involved with, whether you are an employee, senior management, outside consultant, or outside attorney.

  • Lack of written policies and procedures around operations and accounting: This allows senior management to be creative in the way they conduct business and account for operations without any pushback from others on how things are supposed to be handled. Schemes and shenanigans can take place without being questioned whether they are in line with written policies and procedures if none exist. In the first example above, the daughter of the CEO, also an executive, was responsible for the handling of investor funds. In order to perpetuate the fraud effectively, she handled investors using her own ‘judgement’. This resulted in payments being inconsistently applied amongst investors. However, since there was not a written policy in place, there was nothing that dictated otherwise.
  • Accounting and operations do not interact together: In other words, the staff in each department have little or no contact between one another, so accounting does not have a clear understanding of what the organization’s operations consist of. This may be done intentionally. If accounting did understand operations, they may see more clearly questionable transactions. This allows senior management to perform shady activities, yet minimizing the chances of staff challenging transactions or blowing the whistle. In the second example above, the accounting department was oblivious to the forced bankruptcy and removal of assets by the parent. They were given misinformation about the closing of the subsidiary, and it was only after the investigation that they were able to see the big picture and put the pieces of the fraud together.
  • The owner or CEO treats the company like it is his or her personal entity: This happens often when a company was just a ‘mom and pop shop’, followed by significant growth and either an IPO or financing arrangement. The CEO will hire family members in positions beyond their abilities and make operation decisions for their own personal benefit rather than for the benefit of investors, loan holders, customers, or employees. This type of mindset does not delineate between what is fraudulent versus legitimate as the owner/CEO will rationalize the nefarious activity to be his/her sense of entitlement. In the first example, the CEO hired family members that did not have the experience or education to operate a company. Their only strength was working together as a family to siphon as much money out of the company as possible without getting caught for several years.

Bringing it All Together

The GL consists of many critical elements that can help you prevent and identify fraud. Looking out for the types of red flags discussed above and enlisting a consultant to help analyze the GL can help you in your responsibilities to detect fraud and other suspicious activity. Consultants can assist clients to leverage forensic data analytics; a proven methodology that assists in identifying the highest risks of fraud, abuse, and waste.

This article was originally published by Margie Reinhart, LinkedIn, January 03, 2017, and is republished here by permission.


Margie Reinhart, CPA, CFF, CFE, with over 23 years of experience providing risk management, compliance, internal audit, and forensic accounting services to C-level executives in government agencies, law firms, and Fortune 500 organizations, plus experience with international accounting and consulting firms. She has amassed significant expertise in forensic analysis, litigation consulting, risk management, SOX, and internal audit. Ms. Reinhart served on a national ‘think tank’ team leading the path to appropriate implementation of COSO, SOX, and enterprise risk management. She consults to government agencies, law firms, and corporate executives on complex matters involving fraud, abuse, and compliance. She earned her bachelor degree in Business Management-Accounting and Finance from Ryerson Polytechnic University and regularly serves on nationally broadcasted panel discussions.

Ms. Reinhart can be contacted at (214) 244-1964 or by e-mail to margreinheart@gmail.com.

The National Association of Certified Valuators and Analysts (NACVA) supports the users of business and intangible asset valuation services and financial forensic services, including damages determinations of all kinds and fraud detection and prevention, by training and certifying financial professionals in these disciplines.

Number of Entries : 2533

©2024 NACVA and the Consultants' Training Institute • Toll-Free (800) 677-2009 • 1218 East 7800 South, Suite 301, Sandy, UT 84094 USA

event themes - theme rewards

Scroll to top
G-MZGY5C5SX1
lw