Tag Archives: trust but verify

Not Again…

I don’t know what life was like for you, growing up, but my youth was full of lectures. I never just got into trouble. I got into trouble AND I got a lecture to go along with it. We never just went on vacation; we went on vacation, had to write an essay about our experiences AND we got a lecture about how both things were important. We didn’t just discuss our report cards, good or bad; we discussed our report cards AND got a lecture about the long-term benefits of each class we were taking. The lectures often came with true-life stories about one or both of my parents, someone they knew or someone who lived in their “day”. I am not saying that I was lectured a lot, but I did hear some stories more than once. On the occasions that I tried to interrupt to say that I had heard the story, I was told either that there was a new lesson to be learned, or asked why, if I knew the story and the wisdom it imparted, I continued to make the same mistakes.

Well, at last, I get it. Because the other day, I came across a case that includes so many lessons on fraud that, if I were teaching a semester on fraud, I could use it as an example in just about every lesson. This is the case of Christopher Myles, a former bookkeeper in New York City. He worked at Central Park Realty Holding Corp., and some of its affiliates, and reported to the President of the company. Tragically, in May 2010, the President, suffered a stroke and ended up in “a comatose-like state until her death in February 2012”.

With the president incapacitated, no one stepped in to VERIFY Myles’ work. By the time September 2011 rolled around, Christopher was aware that he could pretty much do whatever he wanted without anyone really questioning what was going on. He knew that he now had the OPPORTUNITY to defraud his employer and he took advantage of this opportunity. True to the trend, Christopher Myles started his fraud on a small scale, using the President’s credit cards to pay for personal expenses. He escalated quickly and by early 2012, he was transferring funds out of her personal bank account in order to pay his and his mother’s bills. He did this until there was no longer any money in the President’s bank account. Myles did not let this empty bank account stop him though; he then started transferring money from the business accounts, first, into the President’s personal bank account and, subsequently, into his own personal accounts. On days when he felt particularly bold, or reckless, Myles would transfer money straight into his and his mother’s personal bank accounts. Christopher Myles had unfettered access to all of these accounts, both business and personal, and never needed anyone else to sign off on any of the funds he moved into and out of these accounts. The lack of segregation of duties made this fraud simple for Myles.

If anyone had been watching him and taking notice, they may have noticed that Christopher Myles was living beyond his official means. He used his ill-gotten funds to buy a new home, go on shopping sprees and fancy vacations. This is another red flag for possible fraud. Throughout this fraud, created falsified bank statements and recorded all of these illicit transfers as business transfers. Unfortunately, no one followed up closely on any of these untruths. Perhaps none of those looking at the fake bank statements understood how the company worked and what kind expenses would appear as out of character, or maybe no one was familiar with the ledger and how to analyze it. I am not sure, but, the result was that Myles was able to continue his fraud for over two years (just a little bit longer than the median duration of a fraud), until November 2013, when he resigned.

It was only when his replacement discovered the fraudulent invoices that Myles created, in attempt to disguise his embezzlement, that Christopher Myles’ theft was discovered. A forensic investigation revealed that, in two years, Myles had stolen about $1.3 million from his employer. Myles’ former employer reported all of this to the authorities and, in addition to an indictment for the theft, Christopher Myles is also facing tax evasion charges. This is because, in the manner of Al Capone, Christopher Myles did not report any of his fraudulently acquired income on his tax returns.

Almost like a bonus in the lesson that keeps on giving series, once his theft had been exposed, Christopher Myles sent an email to all parties involved. In this email, he RATIONALIZED his fraud, claiming that he was entitled to the funds because he was due a raise and compensation for having to deal with a difficult coworker.

As I read the press release about Christopher Myles’ indictment, my jaw hung open. I said out loud, “wow, this has all the classic markers; it’s unbelievable!” Yet, the markers are classic for a reason. There are probably a lot more lessons to learn from the story of Christopher Myles, but don’t get me started!

Tagged , , , , , , , , , ,

Oh Yes, She Did!

james_ano_silly

In previous posts, when talking about the importance of controls in a system to help prevent fraud, I discussed the case of Amy Wilson. These posts were specifically about how trust is not a control. Regardless of how nice a person seems to be (or is) or how long someone has worked for you, you should never decide that you can trust them enough to forgo system controls. It really cannot be said enough, trust is not a control. It does not matter how good a person is or how long they have worked without ever considering defrauding their employer, there may come a time when they face great pressure to commit fraud. It is important that, should this time arise, there are controls that deter them from giving in to temptation.

In my first post about Amy Wilson, I discussed how many controls I come across when I run a race compared to how few controls I have seen in many businesses. I continue to be amazed by this; people will put so much into making sure folk aren’t fabricating their running times, yet they are willing to trust those very same folk with their money and assets. The second time I wrote about Amy Wilson, I had watched her enlightening interview on the Attestation Update website. Here and in the articles she has authored, Amy Wilson speaks very clearly about what she did and how she could either have been caught or have never had the opportunity to perpetrate the fraud.

Well, fast forward to today. I received notification, this morning, that Amy Wilson had visited my website and left me a comment. She was very complimentary (whew!). I am glad because Ms. Wilson does have great lessons to impart and I appreciate that she does not take issue with how I have shared her story and lessons. To have real life examples of where the weaknesses in a system were, how they were exploited and the ultimate consequences of all of this is absolutely priceless. When it comes to designing and instituting controls in a financial system, it is imperative that this is performed effectively and consistently. In order to make sure that this process is correctly implemented, the stories must be told clearly, correctly and honestly. It is fantastic that Ms. Wilson is unflinching when she talks about what she did; that kind of thing does not happen often. This kind of honesty helps forensic accountants get better at what they do and, hopefully, businesses get better at deterring, preventing and detecting fraud. Finally, feedback like Amy Wilson’s helps me feel happier about what I do.

Tagged , , , , , , , , ,

From The Horse’s Mouth

Mister-Ed-Talking-HorseEarly last year, I wrote about Amy Wilson and the lack of controls that existed in the company that she stole from. The complete lack of controls and reliance on trust gave her the opportunity to steal from the company, which she did… for four years. She was actually caught by the fraud department at the credit card company, not by her employers. Anyway, I am talking about her because Jim Ulvog has an excellent post on his website, Attestation Update. Here, Amy Wilson tells us about her fraud, how she was caught and how she got away with things for as long as she did. It is an excellent watch and a great reminder of the very wise words – “trust, but verify.”

Tagged , , , , , , , , , ,