Here is a classic fraud that could easily have been prevented or quickly detected with the right internal control system in place (see links below).
$40 million buys an incredible number of computers and tablets. Finance Offices tend to focus on individual transactions and seek to assure appropriate documentation is available to support the transaction. What they don’t do, and should be part of a good control system, is to go into the field to see that what was purchased – actually exists. Instead, they rely on receiving reports which have limited reliability.
The simple act of trying to locate just a small part of these significant purchases would have uncovered this fraud.
Another control that is not routinely used by business or finance offices is to do data analysis of past purchases – looking for trends, patterns, and outliers that would indicate red flags that should be further examined.
We know there are certain items that people value for their personal use including computers, computer accessories, toner, and printer ink. Accumulating expenditure transactions in a data warehouse and running data analysis checks against such a file would also have highlighted that $40 million in computer purchases demands further investigation.
It’s much better for an organization manager to find the problem than for it to be uncovered by the FBI or outside auditors.
The right control systems count. Too many managers end up reacting to frauds instead of assessing potential fraud risks and defining control systems that will help mitigate the risk before it occurs.