When internal controls breakdown, an organization’s risk of fraud increases significantly. A few years ago, we helped a financial institution identify “an issue.”
In the initial meeting, management shared their “issue” with us. There were some large unreconciled balances and several unusual cashier check transactions that were generated by the former head teller. Management had a feeling that funds were missing, but could not figure out how much or how they were taken.
Our strategy was to isolate a week’s worth of activity to see if we could identify the scheme. We reviewed transaction reports and focused on the transaction codes that impacted either the cash balance or the check balance or both. Then, we reconciled the daily cash balance reports and the batched check reports to the teller’s transaction activity. That’s when we noticed discrepancies in both the cash and check balances for the teller’s drawer. We then expanded our scope to include the entire period.
After further investigation, we discovered that the scheme was conducted in two ways:
- The perpetrator would submit a batch transaction that did not contain the correct number and amount of the checks processed in the batch. This caused a variance between the amounts posted in the ledger and the actual deposited funds received by the financial institution.
- More often, the perpetrator would submit legitimate checks received (several days after the batch transaction) from customers to support these transactions. Once the amount was too large to cover with customer checks, she began issuing official checks to cover the variance in the batch transactions.
During this period, the financial institution was not regularly reconciling the general ledger accounts, which allowed the fraud to go undetected for several years. Tellers were also not scanning images of checks as part of the batch process. Due to the fact the scheme was perpetrated by the head teller, her authority allowed her to conceal her activities in the following ways:
- She had access to the general ledger account used for cash transactions. She was careful to process the transactions through this account and not through a customer’s account where it would appear on a customer’s bank statement and could easily be detected.
- Most of the fraudulent transactions were entered near the beginning or the end of the day or on weekends when presumably she was the highest-ranking management person present and there was less risk of someone uncovering her scheme.
Based on our analysis, HORNE identified almost 300 transactions covering four years totaling over $500,000, which involved the disbursement of cash from the head teller’s drawer without corresponding checks being deposited into the financial institution’s account. Reconciling general ledger accounts is a basic internal control, and if implemented properly they can, among other things, reduce an organization’s risk of fraud. Are your internal controls effective? How often are your general ledger accounts reconciled? Is someone reviewing the reconciliations?
For weekly insights on fighting financial fraud, click here: