In early July it was released that Amazon had fallen victim to a fraud scheme perpetrated by one of its Operations Managers, Kayricka Wortham, at its Smyrna, Georgia location. In just 19 months, Wortham managed to steal almost $10M before getting caught.
How did this happen?
According to court documents, Wortham was given the authority to approve new vendors as well as approve invoiced payments to vendors. Taking advantage of this responsibility, Wortham created fake vendors and requested that unwitting employees add them to the system. Once entered, Wortham approved them and then assembled a team of employees as co-conspirators to help her submit bogus invoices for the fake vendors. Wortham then approved these invoices, and she and her conspirators all pocketed the fraudulent payments that were unknowingly transferred into their bank accounts.
How was this allowed to go on for over a year and a half without anyone noticing?
Wortham enlisted the help of a Loss Prevention specialist and a Senior HR Assistant at Amazon to use other people’s real names and social security numbers for the fake vendor accounts so that they would look more legitimate. Wortham also enlisted the help of her partner who owned a real business that already had an existing contract with Amazon to submit fictitious invoices for her company as well. It was these added layers that made the fraud harder to detect.
She then used the stolen funds to buy an almost $1M home, a Lamborghini, a Tesla, a Porsche, and two other vehicles. Thankfully, her extravagant spending garnered attention, and her fraudulent behavior was then discovered, resulting in a 16 year sentence in a federal prison.
This news story reminds us that fraud can happen anywhere… and does! It is a good reminder that without the right protections in place, companies of all sizes are vulnerable to being taken advantage of by bad actors.
Interestingly enough, this story is highly atypical for a fraud case. According to reports, Wortham was likely a career criminal (she was also caught engaging in fraudulent activities at another company while on bond for her crimes at Amazon resulting in her bond being revoked) who may have taken the job at Amazon expressly for the purpose of committing theft. She was your stereotypical villain – like a shadowy outlaw in a movie. However, in most instances, this is not the case when fraud occurs. The most common fraud story is one where an otherwise upstanding individual experiences a financial pressure or stressor in their lives (family hardship, legal issues, a gambling addiction, etc.) that they fear will threaten their standing in their family, at the company, or in the community so they make the unscrupulous decision of turning to stealing to secretly try to fix the problem. When you realize that the average person stealing from a company is more likely to be a friendly manager or well-liked longtime bookkeeper than a gritty, Hollywood-worthy crime boss, it frames the way you look at fraud differently so you can take the right steps to protect your company.
Why does Fraud Happen?
In his three-part series, Todd Kimball explains that fraud can occur when the following three factors are in place:
Without a perceived stressor or pressure as a motivator (“I have an unexpected bill I can’t pay” or “My spouse lost their job”), a perceived opportunity to commit fraud without getting caught (“No one checks this account but me” or “Everyone has access to vendor invoices so no one will know it was me”), and the ability to rationalize the unethical behavior (“It’s just a loan, I’ll put the money back later” or “I haven’t received a raise in years”), fraud does not occur.
How to Detect Fraud
When discussing the risk of embezzlement our colleagues at The ASP Team remind us that,
“The average perpetrator of fraudulent crimes has been with the company for 1-5 years and engages in their fraudulent activity for 14 months before being detected. And small businesses typically carry a higher fraud risk than their larger counterparts with twice the rate of billing fraud and payroll fraud and four times the rate of check and payment tampering.”
However, other types of business fraud can occur as well, including asset misappropriation, vendor fraud, payroll fraud, and bribery. Red flags that may indicate fraud is occurring include:
- Vendors with employees’ personal information (name, home address, email address, and so on).
- Increased ACH transfers to new vendors.
- Vendor invoices that are not consistent in their formatting.
- Invoice numbers from vendors that are sequential (ex. #1001, #1002, #1003...).
- An increase in the number (or dollar amount) of invoices from individual vendors.
- Unauthorized usage of the laser printer that prints checks for vendors.
- A lag in mailing checks after they have been printed.
- Evidence of tampering on returned checks.
- Missing bank statements (if receiving physical statements).
- A bookkeeper or accountant that is unwilling to share responsibilities.
- Lack of communication from your bookkeeper or accountant.
Who or What is Responsible?
Is fraud a systems problem or a people problem? It can be either, or both!
If it is a people problem, the fix is easy – get rid of the people who are the problem. When fraud occurs, the person/people responsible should obviously be fired, but anyone who had knowledge of it and did not say anything should probably be let go as well because remaining silent speaks to their ethics and indicates that they are not prioritizing the wellbeing of the company. It will depend on the unique circumstances of the fraud as to whether the CFO, Controller, and/or Accounting Manager should be reprimanded or terminated. Ultimately, it is their job to oversee all functions and personnel under them, but using the opportunity to increase their skills around identifying future fraud as a result of the experience can offer invaluable benefits.
If it is a system problem, the fix will require that the systems and policies in place be updated and improved to get to the root of the issue. This may include implementing stricter internal controls or changing the company culture to emphasize personal responsibility and the importance of high ethics.
How to Prevent Fraud
Before hiring anyone, do appropriate due diligence! Do a background check on everyone you are bringing into the company even if they are not going to be anywhere near accounting or finance functions. This is extremely important because not all fraud is committed alone. An employee with the motivation to commit fraud may not have the right access needed to pull off their plan without bringing in additional employees to help. For this reason, it is crucial that everyone across the organization can be trusted.
Implement these 8 essential internal controls to prevent fraud:
- Separation of Duties
- Access Controls (physical and digital)
- Required Approvals
- Asset Audits (financial and physical)
- Standardized Financial Documents
- Double-Entry Accounting Trial Balances
- Reconciliations (bank, credit, suppliers)
- Data Backups to the Cloud
Encourage communication between managers and their teams to keep everyone working together closely so that changes in employees can be spotted quickly. Todd Kimball explains,
“In real life, the person you hired 3 or 10 years ago is not the same person today. People change, and so do their circumstances. According to the ACFE, in 81% of fraud cases, there were warning signs that the fraudster’s life was not going well. Staying in tune with these signs could prevent a disaster.”
He identifies those signs as living beyond their means, experiencing financial difficulties or family problems, having an unusually close relationship with a customer or vendor, or being territorial around duties. Set the tone across all levels of the business that unethical will not be tolerated by creating a formal accounting policy to govern all accounting functions and then stick to it!
For a thorough analysis of your company’s risk profile, download our free Risk Assessment Resource now!
When you need strong financial leadership to ensure that your company is as well protected from fraud as it can be, please reach out to us. Our fractional CFOs can oversee your accounting functions and internal controls to keep things as buttoned up as possible. As an impartial third-party we can objectively take a look at your books and perform a financial assessment to determine if there is anything that should be changed to improve your accounting systems and better protect your company!
