Search
Certified Public Accountants
& Business Consultants

Focus on Law Firms: 10 Ways Employees Can Steal from Your Law Firm and How Data Analytics Can Help You Detect Fraud

Contact Our Team

Every year, organizations lose an estimated 5% of revenue to fraud. While fraud can never be completely eliminated, controls can be implemented to drastically reduce the chance of fraud in your firm. Establishing a strong ethical culture and a zero tolerance policy for fraud is a good first line of defense. This culture can be supported through strong written policies and internal processes that embrace best practices and strong preventive controls.
October 25, 2016

Every year, organizations lose an estimated 5% of revenue to fraud. While fraud can never be completely eliminated, controls can be implemented to drastically reduce the chance of fraud in your firm. Establishing a strong ethical culture and a zero tolerance policy for fraud is a good first line of defense. This culture can be supported through strong written policies and internal processes that embrace best practices and strong preventive controls.

However, without adopting robust detective controls, your law firm is not managing its risk of fraud as effectively as it should. Examining your firm’s technical internal controls and identifying risk is the first step to a more secure environment.

Below are 10 common ways employees can steal from your law firm and the proactive data analysis techniques that can help you detect them.

  1. Vendor schemes occur when an employee sets up a fictitious vendor and submits fictitious invoices for payment. This could be accomplished by setting up a false vendor or duplicating an existing vendor and changing the address or bank account information to that of the employee. In order to detect vendor schemes, payments should periodically be summarized by vendor and reviewed for reasonableness. In addition, vendor addresses and bank account information should be compared to employee master file information in order to identify matches.
  2. Check tampering occurs when an employee uses company checks to fraudulently pay himself or herself. This can occur when an employee with signature authority writes and endorses fraudulent checks. Check tampering can also occur when an employee reissues an older, uncashed check in his or her name. Data analysis techniques can be utilized in order to help control the check stock and detect check tampering schemes. These techniques include identifying gaps in the check sequence and identifying duplicate check numbers.
  3. Diverting goods and services for personal use occurs when an employee submits firm purchases orders for personal goods or services. Data analysis tests can identify instances where the same employee initiated and approved a purchase order and can identify purchases orders that were split just below an employee’s approval limit.
  4. Expense reimbursement schemes are perpetrated when an employee submits expenses for reimbursement that were never incurred or were personal in nature. Employee reimbursements should be tracked over time in order to detect abnormal changes, such as unusual increases. In addition, data analysis procedures can be performed to identify suspect merchant codes on credit card statements, excessive mileage reimbursements and incompatible reimbursements (mileage charges in the same period as rental car charges).
  5. Theft of client payments prior to being recorded in the accounting system can be difficult to detect; however, certain data analysis techniques can be implemented to improve the chances of detection. For example, a periodic analysis of the types of deposits being made (cash, check or electronic) should be monitored and any anomalies should be investigated. In addition, firms should periodically reconcile the control log of payments received to payments recorded in the accounting system and deposited per the bank statement.
  6. Theft of client payments after being recorded in the accounting system is typically detected during the bank reconciliation process; however, it can be more difficult to detect if the fraudster attempts to cover it up by recording account credits to reconcile the cash receipts to the recorded transactions. Using data analysis procedures to trend account credit activity over time and summarize the activity by user or approver can help to identify improper use of account credits.
  7. A ghost employee may be created in the payroll system when a fraudster adds a fictitious employee or changes the address or banking information of a terminated employee. In order to detect ghost employees, firms should test for duplicate employees by matching employee addresses, social security numbers or bank account information. Firms can also analyze whether terminated or inactive employees have received payments.
  8. Salary or bonus schemes occur when an employee mispresents information in order to gain a higher salary or bonus. Firms should generate and review comparative payroll reports in order to identify and investigate abnormalities. For example, if a firm identified an instance where an employee’s salary or bonus was significantly higher than a prior period or compared to his or her colleagues, the firm should verify the legitimacy of the increase.
  9. Trust account schemes refer to the misuse of trust funds. To detect misuse, firms should summarize the payments made out of the account by vendor and by period and review for reasonableness.
  10. Financial statement fraud occurs when financial information is misstated in order to make the firm or an individual appear more successful. Firms should monitor journal activity by identifying journal entries to unusual or new accounts, journal entries with unusual or little to no descriptions and journal entries created or posted on weekends. In addition, the firm should analyze financial ratios over time to identify and investigate unusual patterns.


Fraud Stats

Source: ACFE Report to the Nations on Occupational Fraud and Abuse, 2016 Global Fraud Study. The full report is available here.

  • Organizations lose 5% of annual revenue to fraud
  • Fraud cost organizations, on average, $150,000 per incident
  • The fraud went undetected for an average of 18 months
  • Fraud is most often detect by a tip
  • Organizations with reporting hotlines detected fraud faster and incurred fewer losses
  • Proactive data monitoring was associated with 54% lower losses and fraud was detected in half the time
  • The most prominent organizational weaknesses that contributed to the fraud were: lack of internal controls, lack of management review and the override of exiting internal controls

     

    Any federal tax advice contained in this communication (including any attachments): (i) is intended for your use only; (ii) is based on the accuracy and completeness of the facts you have provided us; and (iii) may not be relied upon to avoid penalties.

    All Law Firms News Law Firms Overview

 


For more information, please contact: