In 2010, Stephen Greb, former director of auxiliary services at La Salle University, was charged with embezzling over $5 million over 20 years by funneling funds through a fictitious food company he created.
The scheme was uncovered after the university implemented an enhanced invoice-control system, prompting an investigation by university attorneys and a forensic accounting firm. Greb faced charges of theft, forgery, and tampering.
The case underscores the vulnerability of organizations to long-term billing schemes when internal controls are weak.
Detection relied on improved invoice verification processes, highlighting the importance of robust accounts payable controls.
The chapter examines fraudulent disbursements, where perpetrators deceive organizations into issuing payments for fraudulent purposes, executed as legitimate transactions.
It emphasizes the role of false documentation and exploitation of trust within the payment process.
The chapter is organized into five modules, each with specific learning objectives:
Module 1: Billing schemes
Module 2: Check tampering schemes
Module 3: Fraudulent payroll disbursements
Module 4: Fraudulent expense reimbursements
Module 5: Register disbursement schemes
Billing schemes involve false documentation (e.g., invoices, purchase orders) to trick an organization into issuing payments. They include three categories: shell company schemes, nonaccomplice vendor schemes, and personal purchases schemes.
Shell company schemes use fictitious entities to collect payments, nonaccomplice vendor schemes manipulate legitimate vendor payments, and personal purchases schemes involve buying personal items with company funds.
Shell Company Schemes: Perpetrators create fictitious companies, often with bank accounts and forged documents, to submit false invoices. Concealment involves self-approval, rubber-stamp supervisors, or collusion. Pass-through schemes involve reselling goods at inflated prices.
Nonaccomplice Vendor Schemes: Fraudsters double-pay invoices, pay wrong vendors, or overpay and intercept refunds. Concealment relies on mimicking legitimate invoices or rerunning paid invoices.
Personal Purchases Schemes: Employees buy personal items using company credit cards or falsified invoices, often altering purchase orders or misrepresenting purchases. Concealment exploits approval authority or lax oversight.
3.3. Prevention and Detection
Segregation of duties in purchasing, receiving, and payment functions prevents fraud. Maintaining and verifying approved vendor lists counters shell companies.
Data analytics, such as sorting payments by vendor or invoice number, detect anomalies like consecutive invoice numbers or address matches with employees.
Verifying vendor legitimacy through phone book searches or site visits and scrutinizing invoices for missing details (e.g., phone numbers, professional formatting) enhance detection.
Check tampering involves altering checks during preparation or handling to divert funds, often lacking supporting documentation. It is less sophisticated than billing schemes but requires access to checks.
The module aims to identify antifraud measures and apply them to case scenarios.
Common methods include forged maker schemes (forging signatures), forged endorsement schemes (altering payee endorsements), and intercepting checks to alter or redirect them.
Concealment involves forging approvals, destroying records, or exploiting weak check-handling procedures.
Segregation of duties for check preparation, signing, and reconciliation prevents tampering. Secure storage of blank checks and regular bank reconciliations are critical.
Data analytics, such as identifying manual checks or vendors without contact information, detect tampering. Comparing check endorsements to employee records aids identification.
Payroll fraud includes ghost employees (fictitious workers), falsified hours or wage rates, and commission schemes. These schemes exploit payroll clerks’ specialized knowledge for easier concealment.
Ghost employee schemes involve adding fake workers to payroll, requiring steps like creating records, timekeeping, and paycheck delivery.
Ghost employees are created using fictitious identities or real employee data, with paychecks diverted to the fraudster. Falsified hours inflate legitimate employees’ pay, while commission schemes exaggerate sales.
Concealment involves manipulating payroll records, forging approvals, or exploiting weak oversight.
Independent verification of payroll records, segregation of payroll duties, and regular audits prevent fraud. Requiring identification for paycheck distribution deters ghost employee schemes.
Data analytics, such as flagging duplicate payments or excessive hours (e.g., over 80 hours without approval), detect anomalies.
Expense reimbursement fraud includes mischaracterized expenses (claiming personal expenses as business-related), overstated expenses (inflating costs), fictitious expenses (inventing purchases), and multiple reimbursements (submitting the same expense multiple times).
These schemes often exploit lax oversight, especially for travel and entertainment expenses.
Mischaracterized Expenses: Fraudsters submit personal expenses with false business purposes, often by high-level employees. Concealment relies on vague expense reports.
Overstated Expenses: Altered receipts, overpurchasing (e.g., buying and returning expensive tickets), or inflating others’ expenses increase reimbursements. Concealment uses altered documents.
Fictitious Expenses: Fraudsters create fake receipts or steal blank ones, claiming nonexistent expenses. Concealment exploits lack of required support.
Multiple Reimbursements: Duplicate submissions using different support documents or budgets generate multiple payments. Concealment involves timing delays or supervisor manipulation.
Requiring original receipts, detailed expense reports, and direct supervisor approval prevents fraud. Clear policies on reimbursable expenses and time limits for submissions deter schemes.
Data analytics, such as extracting round-dollar payments or expenses during vacation periods, detect red flags like consistent amounts or consecutively numbered receipts.
Register disbursement schemes involve recording false transactions (false refunds or voids) to justify cash removal from registers, differing from skimming or larceny by leaving a record.
False refunds process nonexistent returns, while false voids cancel sales to remove cash, both causing inventory shrinkage.
Fraudsters process fictitious refunds or voids, retaining customer receipts to support transactions. Credit card refunds to personal accounts avoid physical cash removal.
Concealment relies on lax manager approvals, small disbursements below review thresholds, or destroying records. Shrinkage is often not concealed, as it blends with expected losses.
Requiring management approval for all refunds/voids, distinct cashier log-in codes, and customer receipt policies prevent fraud. Random customer verification deters schemes.
Data analytics, such as summarizing voids/refunds by employee or location, detect excessive transactions or non-segregation of duties.