Fraud Advisory Services

It appears that the toy retailer Toys R Us is the latest big business to demonstrate how easy it is for the fraudster to attack if simple anti fraud prevention methods are not observed. Embezzlement master Paul Hopes stole some £3.7 million from the toy giant in 14 sums ranging from £101,000 to £350,000 at a time.

Over a period of around three years beginning in 2005, Hopes raised fictitious invoices for Far East toy suppliers so that he was able to arrange payment into accounts that he controlled. Yes it was as simple as that! He was a company accountant of some 23 years and the company had complete trust in him. They did not expect him to be a fraudster and therefore clearly allowed him to override any semblance of controls that should have prevented the theft.

Hopes wife of 36 years did not suspect anything. She has been devastated by the revelation that her dull dependable husband had stolen money from his employers to fund a lavish lifestyle including prostitutes and high living in the City.

Hopes will probably spend up to 8 years in jail and have a criminal confiscation of assets order made against hime that will wipe out everything he owns. In addition, Toys R Us is now attempting to recover any money that hasn’t been spent through civil asset recovery. This will mean targeting the family home and assets that Hopes may have transferred to his unsuspecting wife.

The American company has more than 1,500 stores in 33 different countries, with its New York outlet being the biggest toy shop in the world. It is surprising that such a large organisation did not have the basic anti fraud controls in place to stop this simplest of thefts! How much would it cost to implement a system of supervision and review, account vetting and credit limit monitoring? The cost of implementing and regularly reviewing such a system would be a lot less than the final bill to Toys R Us for this escapade. It was not even the company’s systems that discovered the fraud, which merrily escaped both the internal and external auditors for three years running. It was the attention drawn by one of the prostitutes used by Hopes and lavished expensive gifts upon that acted as a whistle blower on the embezzlement.

There is a mature and capable anti-fraud industry that is underutilised by corporations world wide. For a reasonable sum, experts in fraud protection and fraud detection can review systems of the smallest to the largest companies. However, it appears that these concerns would rather spend 10 times the amount investigating even larger losses when the fraudster strikes.

Most fraud experts, myself as a forensic accountant specialising in fraud included, will provide initial advice free of charge that could save you huge amounts in the long run – even if we hope to get your business!

If an employee steals from the organisation he or she is working for there are a number of ways in which this can be dealt with. The decision will no doubt be based on the organisation’s fraud policy and what it wants to achieve. Does it want its money back, to sack the fraudster or to make a public example of the issue? The alternatives include:

• Reporting the employee to the police – the police may or may not be interested. If they are – they may investigate. If they do, this can be disruptive to the business. Often however, given the shortage of police fraud investigation resources the response to a fraud report may well be a request to provide comprehensive details of the occurrence i.e. effectively to go and investigate the fraud yourselves!
• Commencing some form of disciplinary action in order to safely remove the fraudster from the business. This has to be done with care because inappropriate treatment of staff can lead to claims for unfair dismissal or constructive dismissal – even by the guilty fraudster!
• To investigate the fraud using internal or external resources with the view to instigating some form of civil litigation for recovery of the losses due to fraud.

Very often, however, an organisation will do none of the above! They will let the perpetrator go with a reference on the understanding that this is the end of the matter. Incredible though it seems, this is exactly what some major financial institutions or publicly listed companies will do. Not wanting any publicity to impact share prices perhaps, they prefer to hush the matter up!

I am aware of one major building society turned bank that caught one of its employees recently having fraudulently obtained substantial loans and conducted a preliminary investigation. Then they simply asked the person to leave. Around a month later it emerged that the person was working nearby, in one of the UK’s largest credit card insurance providers!

The fraudster was able to obtain another sensitive position, obviously with the assistance of a reference from its former employer. This is irresponsible action by the bank, as it sends out a strong message to would-be fraudsters that it is possible to get away with it. It flies in the face of all fraud prevention efforts being preached by the regulators, various fraud fora and even by fraud experts like myself. How can we combat fraud, if we do not deal with it fully when discovered?

The recent news that a number of T Mobile employees were selling customers details to competitors shows how lenient penalties can encourage fraud and theft. In this case we have the Information Commissioner complaining that the maximum fine of £5,000 from the Magistrates Court is unlikely to be reached, and that harsher penalties should be available to deter this activity. Why do we not simply prosecute – it is theft after all!