Governance, Fraud, & Corporate Culture: Sorting Through a Complicated Relationship
I recall being asked to perform a cultural risk assessment in late 2004 because certain members of a client company’s board of directors were concerned about communication and information flow. Specifically, they wanted to know if issues were being raised timely and appropriately and not extinguished by mid-level managers. The board and senior management were not concerned about fraud or ethical violations, even though some events should have caused concern.
FCPA - The Role of The Board and More!
One of the FCPA themes for 2020 has been hiding in plain sight all along. The FCPA requirement that “reporting companies to devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances that, among other things, transactions are executed following management’s general or specific authorizations, and access to assets is permitted only in accordance with management’s general or specific authorization.” But what if the violation of this requirement occurs in a non-foreign (IE., the U.S.) and in a non-bribery situation.
The Continued Evolution of Best Practices for Compliance Programs!
First Civil Settlement for Fraud on Cares Act Paycheck Protection Program
On January 12, 2021, the U.S. Attorney’s Office for the Eastern District of California announced the first civil settlement with a borrower for allegedly committing fraud in obtaining a Paycheck Protection Program ("PPP") loan, in violation of the False Claims Act ("FCA") and the Financial Institutions Reform, Recovery and Enforcement Act ("FIRREA").The FCA allows the government to recover damages and penalties for presenting false claims for payment to the United States. FIRREA allows the government to impose civil penalties for violations of enumerated federal criminal statutes, including those that affect federally-insured financial
SEC’s Enforcement Powers Increase!
In summary, The Amendments double the SEC’s statute of limitations for disgorgement to 10 years in intentional fraud cases, grant the SEC 10 years to seek equitable relief in all cases, codify the SEC’s ability to obtain disgorgement in federal court proceedings, and make other changes that expand the SEC’s enforcement authority.
Congress Approves Anti-Money-Laundering (AML) Measure
Money laundering issues have haunted many over the years. To promote greater transparency, the U.S. Senate has approved legislation requiring companies in the U.S. to register their true owners. This change would help combat money laundering and the financing of terrorism.
All in the Family: SEC Charges Corporate Controller and His Brother-In-Law with Insider Trading Ahead of Merger Announcement
The Properly Designed Exit Interview a Necessary Step in Uncovering Ethical Violations
Herbalife - “Quis Custodiet Ipsos Custodes” - Translated: Who Will Guard the Guards Themselves, or Who will Watch the Watchmen?
Herbalife's business relationship in China was committed to illegal activity, which it knew or should have known violated the FCPA. Specifically, beginning in late 2006, Herbalife China provided improper benefits and payments to government officials to obtain direct selling licenses for two cities. Herbalife paid out millions of dollars in bribes. Fraudulent expense reimbursements were used to fund the bribes, which is is a common tactic for these types of bribes.Specifically, the SEC found that Herbalife China paid bribes through extravagant meals, gifts, and other benefits given to Chinese officials to obtain sales licenses and remove negative media coverage in China. Managers at the subsidiary asked employees to falsify expense report documents, for example, adding names to meal receipts to get below the company's per head spending limit. It also found that the payments and benefits were inaccurately recorded and that Herbalife failed to maintain a sound system of internal controls.
Donut Holes! Dunkin’ Data Breach Settlement
Dunkin’ was repeatedly alerted to attackers’ ongoing attempts to log in to customer accounts by a third-party app developer. The app developer even provided Dunkin’ with a list of nearly 20,000 accounts that had been compromised by attackers over just a sample five-day period. "Yet, Dunkin’ failed to investigate the attacks to identify other customer accounts that had been compromised, determine what customer information had been acquired, or whether customer funds had been stolen. Dunkin agreed to pay $650,000 as penalty settlement costs for the lawsuit over its failure to respond to credential stuffing attacks.
Tipsters - SEC Adds Clarity, Efficiency and Transparency to Its Whistleblower Award Program
On Wednesday, September 23. 2020, the SEC voted to adopt amendments to the rules governing its whistleblower program. According to the SEC, the amendments are meant to “provide greater transparency, efficiency and clarity, and to strengthen and bolster the program.”The amendments were proposed for public comment in June 2018 and have been adopted with some changes.
FCPA - Mergers & Acquisition Due Diligence
When a company acquires another company, the successor company can be liable for the acquired company’s activities before acquisition. The U.S. Department of Justice (“DOJ”) and the Securities and Exchange Commission (“SEC”) have administered Foreign Corrupt Practices Act (“FCPA”) enforcement actions against successor companies in cases involving egregious and sustained violations, where the successor company directly participated in the violations, or where the successor company failed to stop the misconduct from continuing after the acquisition.This writing explores some key steps that should be taken pre and post acquisition.
Big Data, Cross Border Matters, Third Party Issues, Regulatory Difficulties, and Compliance Problems are just some of the things Baker Tilly’s Global Forensic Investigations, Compliance, and Integrity Practice Tackle.
Our experience conducting fraud investigations, domestically and globally, allows us to advise our clients on measures they can take to prevent fraud from occurring and detect issues before they expand. Our clients look to us to design anti-fraud programs and controls, perform anti-bribery and anti-corruption compliance assessments, and perform proactive fraud examinations to identify possible red flags or indicators of fraudulent activity. Because of our collective skills and the depth and breadth of our experiences, we are also able to design and enhance compliance programs and serve as integrity monitors. Correcting deficiencies, addressing gaps in controls, and remediation of specific issues is important at the end of every investigation to prevent the same or similar frauds from recurring.We address these important client needs at the end of our investigations and can assist with implementing remedial actions.
COVID-19 - Fraud On The Rise is No Surprise!
Last week, the Association of Certified Fraud Examiners (” ACFE”) published the results of a survey taken by more than 1,800 anti-fraud professionals in late April and early May 2020, while we were deep into the Covid-19 crisis. The findings, for the most part, are not surprising, but does reveal some disappointing information. While I have not seen a raw copy of the survey, I was surprised the ACFE didn’t ask if the company’s fraud risk assessment was reviewed and modified accordingly.In addition, the survey highlights trends in the overall level of fraud. Survey respondents provided information about their current observations and expected changes regarding ten (10) specific types of fraud.
DOJ Revises its Guidance on the Evaluation of Corporate Compliance Programs
Without any fanfare, the U.S. Department of Justice Criminal Division has once again revised its Evaluation of Corporate Compliance Programs (“ECCP”). The ECCP remains organized around three overarching questions that prosecutors ask when evaluating compliance programs, with some revisions, which are in bold text below:Is the corporation’s compliance program well designed?Is the program being applied earnestly and in good faith? In other words, is the program being implemented adequately resourced and empowered to function effectively?Does the corporation’s compliance program work in practice?While most of the document is identical to the 2019 Guidance, there are subtle and noticeable revisions. The revisions appear to be designed to help provide additional clarity when answering the above three questions.
The Next Level of Investigations
Many investigations are currently being performed remotely, in concert with the general counsel, the chief compliance officer, the chief audit executive, and depending on the how the allegation was triaged, with outside counsel, a forensic accounting firm, and the board. Even government prosecutors are interviewing witnesses remotely.The primary goal of the interview is to elicit information in a non-coercive manner. My personal preference is always to conduct interviews face to face because I can control the subject and the environment, and evaluate the nonverbal behavior of the interviewee. But, if performing a face-to-face interview is not possible, I suggest using video over the telephone.This writing provides some suggestions for techniques to consider when conducting internal investigations remotely.
Fraud Pentagon - Enhancements to the Three Conditions Under Which Fraud May Occur
Today’s fraudster is clever and operates in an environment ripe for criminal activity. Economic unrest is making it easier for employees to find ways to set fraud in motion – and a new breed of offenders is finding cunning ways to do so. After more than 60 years, the classic fraud triangle of three elements or events that motivate an employee to cross the line has morphed into the Fraud Pentagon. Company boards and senior management must take an offensive stance against the five conditions that precipitate fraud with a clear plan that limits the opportunity for fraud and minimizes the impact when fraud does occur.
Whistleblowers: Tipsters not trusting the system?
Whistleblowers: Tipsters not trusting the system? Here's how to win them back.Anonymous hotlines and tip-reporting structures are useless, of course, if informants don’t trust them. Employees won’t blow the whistle if they fear reprisals. So, their concerns often don’t enter case-management systems and frauds continue. Here’s how to earn back their trust, take them seriously and transform raw tips into valuable fraud examinations.Ovem lupo commitere!
Whistleblowers: A Fraud Triage System to Manage Burgeoning Caseloads
As the use of whistleblower programs continues to grow, many organizations find themselves struggling to manage burgeoning caseloads. As a result, serious fraud investigations can be delayed (with mounting losses) while less consequential complaints are being investigated. The lack of a timely, systematic, and repeatable process for evaluating and prioritizing whistleblower tips that contain allegations of ethical breaches can also expose an organization to increased regulatory risk. While there is no single “right” method for following up on whistleblower complaints, the most effective approaches often resemble the medical triage programs that hospitals and first responders use to allocate limited resources during emergencies or a crisis situations. Here are some useful guidelines for designing and implementing a fraud triage system.
A Violation of Trust: Fraud Risk in Nonprofit or Not-for Profit Organizations
The risk of fraud is a serious concern for all types of enterprises, but fraud can be particularly damaging to a nonprofit or not-for-profit organization, for which a damaged reputation can have devastating consequences.