Corporate fraud, like fraud perpetrated by the employees of a corporation, is nothing new. However, the growth in the number and the complexity of the financial transactions over the years has led to increased concern about the potential risk and exposure that shareholders and the general public may face when corporate fraud is suspected. The massive frauds of the late 1990s shook the foundations of the capital markets and many of the principals by which corporations were governed. In 2002, President Bush created the President’s Corporate Fraud Task Force to restore public and investor confidence in America’s corporations following the wave of major corporate scandals that had preceded it. The task force comprises representatives from various government agencies and is a cooperative effort focused on identifying, investigating, and prosecuting corporations and individuals for significant financial crimes. Since July 2002, the task force has accomplished more than 1300 convictions for corporate fraud, including nearly 400 CEOs, presidents, vice presidents, and CFOs.
WHAT IS CORPORATE FRAUD?
Corporate fraud is most typically defined as violations of various regulations and statutes by large, publicly traded (or private) corporations, and/or by their senior executives. Corporate fraud schemes are often characterized by their scope, complexity, and the magnitude of the negative economic consequences for communities, employees, lenders, investors, and financial markets. The President’s Corporate Fraud Task Force defined corporate fraud as consisting of an array of significant financial crimes committed by commercial entities and directors, officers, professional advisors, and employees, including various types of accounting fraud, securities fraud, insider trading, antitrust and price fixing, and market manipulation, among others.
RAMIFICATIONS
The effects of the large corporate frauds over the past decade to shareholders, the financial markets, and the general public trust have been widespread and disastrous. From billions of dollars in losses by corporate employees, shareholders, and others to the advent of various new corporate regulations, the corporate landscape has forever changed…and changed dramatically.
Since the late 1990s, corporations of all types have come under greater scrutiny to protect against fraud and demonstrate their public accountability. The problems at many of the largest corporations highlighted by the highly-publicized scandals are not unique. As regulatory authorities, the media, and numerous lawsuits have pointed out in recent years, similar problems have been brought to light at a number of corporations, large and small, public and private, for-profit and tax-exempt. Some of these problems, including corporate scandals at the national level, were the impetus for increased regulation and oversight including the adoption of the Sarbanes-Oxley Act of 2002 (SBA) and enhanced disclosure requirements regarding the compensation of senior executives required by the SEC, as well as the referenced president’s task force. The ramifications of these corporate frauds have touched every aspect of business in this country.
Impact to Shareholders and the Public
The Enron corporate fraud and scandal has come to symbolize the excesses and abuses in the corporate world during the economic boom of the 1990s and continuing into the present. Although Enron was one of the largest corporate frauds in American business history, and one of the first with such broad-reaching ramifications, there have been and continue to be numerous other corporate frauds exposed over the years. At the time of the publishing of the second edition of this book, the investment management company fraud perpetrated by Bernard Madoff has the potential of being as costly and devastating as even Enron in certain ways, although it will likely take years to unravel. It is also important to note that these scandals are not unique to American businesses, as massive corporate frauds have been perpetrated by corporations in other countries, as evidenced, in part, by the multibillion-dollar scandal at the Italian dairy and food company Parmalat SpA in 2003 and the current investigation into a billion-dollar fraud at Satyam, India’s fourth largest company, which is currently being dubbed “India’s Enron.”
Each of these corporate frauds has had wide-reaching impacts because of the size of the corporations, the size of the fraud, the pubic visibility of the corporations in question, and the fact that the company and its executives were able to hide the frauds from the public for so long. At its peak in early 2001, Enron was the seventh largest company in the United States, with more than 20,000 employees and almost a billion dollars in net income. At the time, and because of its apparent success, Enron was believed to be one of the nation’s best run companies. By year end, Enron was in bankruptcy with the value of its shares plummeting more than $60 billion, a significant portion of that owned by Enron employees through the company’s 401(k) plan.
Investors and employees affected by the Enron matter lost billions. The repercussions also led to the demise of Enron, as well as its outside accounting firm, Arthur Andersen, resulting in tens of thousands of employees for both companies losing their jobs. Even more pronounced was the overall impact on investor confidence. How could so many have been fooled for so long? As the Enron fraud unraveled, the shakeup spread from industry to industry as hundreds, and perhaps thousands, of corporations undertook efforts to evaluate their own accounting practices, leading to an unprecedented level of corporations having to restate their financial earnings because of perceived financial and accounting shenanigans. Investor confidence plummeted as the integrity of the overall financial system was called into question, as well as the reliability of financial information at many of the best-known companies.
Regulatory Changes
Significant corporate frauds, especially those that have exploited a nuance or weakness in the accounting guidelines or other governmental regulations, often lead to new regulations. In addition, as the number and complexity of financial transactions including the use financial derivative type products continues to grow rapidly and change, we often observe the inadequacy of existing guidelines and regulations to account for, and regulate them, often necessitating new regulations.
As an example, the Enron and following scandals resulted in new legislation that reformed accounting practices and strengthened the ability of the SEC to investigate accounting fraud, including the passage of the Public Company Accounting Reform and Investor Protection Act in 2002, which created the Public Company Accounting Oversight Board (PCAOB), under the SEC’s supervision, that was given the authority to set accounting standards and to investigate whether companies were conforming to the standards.
In addition, the adoption of the SOA required the management of public companies, both large and small, to assess and report on the effectiveness of internal controls over financial reporting annually. Even though not subject to the requirements of the SOA, many private entities also have availed themselves of many provisions that provide guidance as to best practices.
Corporate fraud scandals have ushered in a new era of corporate responsibility. Since the advent of the SOA and subsequent corporate governance recommendations, corporate boards of directors and executives have become subject to increasing scrutiny and expectations.
Investigations and Litigation
The identification or exposure of potential corporate fraud almost always leads to significant investigations by the regulatory agencies charged with overseeing that aspect of the corporation’s business. Whether it’s PCAOB and SEC investigations of accounting fraud and securities fraud, to investigations by the FBI of money laundering or the IRS of violations of the Internal Revenue Code, a host of agencies may need to launch investigations when significant corporate fraud is involved.
In addition to the various investigations of potential wrongdoing, litigation almost always follows. Most often, shareholders file suit against the corporation, its officers, and directors for past practices that have harmed the corporation and its shareholders. Other litigation may also result where outside parties (such as business partners, vendors, suppliers, and others) have been harmed through the illicit practices. While corporate
fraud no doubt can be extremely costly to a corporation’s employees and shareholders, the ensuing investigations and litigation can also have far-reaching impacts and costs on the day-to-day operations of the business as it moves forward.
TYPES OF CORPORATE FRAUD
Many types of corporate fraud are generally grouped by the principal regulating area, such as accounting fraud, securities fraud, and money laundering, as well as corporate fraud that is more targeted and well-defined to a specific practice or industry such as stock option backdating and mortgage fraud. While corporate fraud is often distinguished from other types of fraud by the significance of the financial crimes, as well as the repercussions to the corporation’s shareholders, employees, and others, the lines can often be blurred between what we have defined as employee fraud and what is termed white-collar crime. In general, we distinguish corporate fraud from employee fraud, where the corporation itself is either the beneficiary or the instrument of the fraud rather than the target or victim as in employee fraud. That is not to say that corporate fraud is not ultimately detrimental to a corporation, but the artifice in which the fraud is perpetrated is different.
For purposes of this chapter, we focus on two areas of corporate fraud that have been, and continue to be, more prevalent in today’s business environment: accounting fraud and securities fraud. While corporations have defrauded their customers, investors, business partners, and competitors over the years in various ways, the more prevalent methods involve manipulation of the corporation’s accounting records and financial statements to alter reality regarding a company’s true financial condition.
Accounting Fraud
The accounting and financial reporting of companies in the United States is generally governed by a set of widely agreed-upon rules and procedures that define how companies are to maintain their financial records and report their financial results and overall financial condition. These so-called generally accepted accounting principles (GAAP) are promulgated by the Financial Accounting Standards Board (FASB), with authority from the SEC. A company’s compliance with GAAP is usually audited by an outside independent accounting firm that follow a set of generally accepted auditing standards (GAAS). The earlier referenced PCAOB was established, in part, to oversee and provide guidance to the auditors of public companies to maximize the protection of the interests of shareholders.
These standards lay out the fundamental means by which companies report the financial condition and period results of their business in their financial statements. One of the primary goals of having a set of accepted accounting principles is to provide a standardized approach for a company to reports its revenues and expenses, as well as its assets, liabilities, and the equity position of the company. This standardized approach is important to provide both a basis of comparison from one company to another and to enhance the confidence and reliance on the integrity of the financial markets and companies obtaining capital through those markets.
The term “accounting fraud” generally refers to a company’s improper reporting of financial operations and results in violation of the applicable (GAAP) standards. While companies often make mistakes, the intentional misuse or misreporting of materially relevant financial information often gives rise to claims of accounting fraud. Accounting fraud typically involves efforts by a company to enhance or otherwise disguise their true performance, including overstating revenues, understating expenses, overstating the value of corporate assets, or understating the existence of liabilities—so-called “creative accounting.”
Creative accounting is a typical euphemism for accounting irregularities and/or financial reporting practices at corporations that attempt to manage or manipulate their earnings through non-standard accounting practices and/or financial reporting, often to mislead the investment community and financial markets about their true economic performance. Most observed accounting irregularities typically involve some sort of earnings management or systematic misrepresentation of the true financial condition of a company. Such misrepresentation can have serious ramifications for the value of a company’s publicly-traded shares (stock), its overall market capitalization, and its ongoing business activities that depend on the company’s perceived financial condition, including its access to capital and the ability to pursue various acquisitions or joint ventures.
What to Understand
Accounting fraud is typically manifested through fraudulent financial reporting, which includes the manipulation or intentional misrepresentation of financial statements to distort the company’s true economic condition. Often this involves the misrepresentation or omission of material events, transactions, or other information and the intentional misapplication of GAAP, both of which may be supported by the falsification of various types of underlying accounting and financial reporting support documentation. The main forms of accounting fraud involve various types of accounting irregularities or earnings management in the following areas:
• Creative accounting for acquisitions
• Overstatement of revenues through improper/aggressive revenue recognition
• Understatement of expenses or liabilities through inappropriate accruals and estimates
• Creating “cookie jar reserves” through improper estimates of potential costs
• Improper or lax financial reporting disclosures
What to Look For
As with most types of fraud, accounting fraud is often concealed to avoid detection by the company’s outside auditors, investment analysts, and others. What to look for often depends on the type of accounting irregularity that is suspected (such as an overstatement of revenue or underreporting of expenses and liabilities). The questions may be specific to the facts and circumstances surrounding a specific acquisition, subsidiary, or special-purpose entity, or more broadly related to the firm’s method for recognizing revenue or accruing for expenses. Regardless of the specific area, the types of computer forensic evidence sought during an investigation of accounting fraud may be similar. The questions asked are often the same:
• Who made the decision to account for something in a certain way?
• What level of research was performed in evaluating the proper accounting method?
• Did anyone object to the accounting or question its compliance with GAAP?
• Was the misrepresentation intentional or accidental?
• Was senior management involved in the decision or was it concealed from them?
• Was the company’s outside auditor involved in the decision?
• Was any effort made to deceive senior management, outside auditors, or others?
• Was the misrepresentation material to the company’s financial statements?
• Did the company benefit from the misrepresentation?
Let’s take a look at several computer forensic techniques that we have found to be helpful in these situations.
Identifying Who Was Directing the Malfeasance
When dealing with accounting fraud, you must first identify who was involved. Was this the work of a few rogue accountants looking for ways to help the bottom line or a wider operation undertaken by the company management? Also, you can run into situations where the fraud appears to be contained to one branch or location, but in reality is taking place company-wide. Looking at the communication patterns of those involved can shed light on who knew what and when.
Tracking Communications
On the surface, this sounds like a fairly easy task. Go through the e-mails of the individuals you believe are involved in the fraud and see what turns up—that is until you think about the sheer volume of data this could entail. Hundreds to thousands of e-mails may have been sent to an executive at a large company in a single day. Sifting through all those communications to find the one or two needles in the haystack can be a real challenge (and a costly one at that). We have found the following techniques can be used to assist with the searching process.
Well-Chosen Keywords Working wi
th financial investigators or attorneys can really help in this process. You can use keywords to help winnow down the possible set of relevant e-mails. Once you have come up with these keywords, apply them to the e-mail set and see what bubbles up.
Date Range Filtering Once you have a specific set of e-mails that you believe are responsive to the proper keywords, focus on the ones that occurred during accounting-relevant timeframes. For instance, look for e-mails between the auditors and executives during the period when quarterly results are coming out, as this is when these issues will be discussed.
Data Destruction
We often encounter data destruction in these types of investigations. Once the individuals responsible for the manipulation learn that they are being investigated, their first response is to attempt to hide their tracks. The type of data destruction that occurs in these investigations is actually a bit different from what we normally think of as data destruction or wiping. Instead of attempting to clear certain files or wipe the hard drive, the destruction usually focuses on less obvious selective deletion of e-mails and communications, or modifications of accounting templates.
Hacking Exposed Page 44