In one of the most egregious cases in history, Bernard Madoff, a financier and investment manager, recently admitted to embezzling more than $50 billion of investors’ funds through an elaborate Ponzi scheme he perpetrated. Allegedly, the money he paid to early investors was from funds received from subsequent investors, and when too many investors demanded their funds in response to the failing economy, the scheme collapsed. Although Ponzi schemes are common and have occurred many times in history, Madoff’s scheme is the largest Ponzi scheme ever. The dimension of fraud cases is becoming unfathomable—multi-millions and even billions are becoming commonplace.

In one recent case detected in my home state of Connecticut last month, the sole equity partner of a six-office, 238-attorney law firm was accused of stealing more than $350 million in client funds. One person—$350 million. The question that remains is just how many of these schemes exist today and continue to go undetected?

“Identify theft,” a buzz word for the past two years, has been replaced by “subprime lending,” “mortgage fraud,” and record-setting foreclosures. Financial lending has come to a grinding halt, with money no longer moving between institutions, and interest rates have been cut to record lows by the Federal Reserve in the hope of jump-starting the economy. It’s not a particularly great time in history from an investor’s perspective, but an extremely interesting time for fraud professionals.

It is not unusual for policies and practices to have a direct link to increases in fraudulent activity. To examine identify theft for a moment, we would start by looking back to see how personal and financial information was safeguarded. We would not have to look far into the past to see that Social Security numbers appeared on many items, including insurance cards, voter registration cards (a matter of public record), and class lists posted on every professor’s office door in most every college and university. The use of shredders has only become commonplace in most businesses and homes since identity theft became an issue. The earlier practice was to simply throw away old and unwanted information, which allowed thieves to capture critical information merely by going through the garbage. With so much personal and financial information proliferated under past practices, it is no wonder identify theft became such an issue.

The same holds true with the new mortgage fraud industry. Prior to subprime and other questionable lending practices, would-be borrowers were required to substantiate their income and assets and support their applications for loans with credible documentation. The application package was scrutinized and verified, and the borrower would be allowed to borrow only up to a maximum value of the property. Borrowers could only borrow funds up to a limit they could afford to repay monthly, including real estate taxes and insurance costs, and also have some residual funds for living expenses. Loan products offered as late as 2006 and 2007 offered borrowers the ability to purchase homes well beyond their price range, with little to no income verification performed. Borrowers could state their income without providing any support and could borrow up to 100% of the value of the property with no money down. It is no wonder the foreclosure rate has reached historic levels, leading to the discovery of mortgage fraud in many of these deals. Individuals participating in real estate closings were often compensated with a commission for each closing, creating a financial incentive for lenders and mortgage brokers to solicit and close as many purchases and refinances as possible, at any cost. It is only after the mortgage industry’s collapse that we are finding out that many real estate professionals, including real estate agents, appraisers, lenders, mortgage brokers, and real estate attorneys fudged documents, inflated values, and perpetrated other intentional acts to ensure closings occurred.

Although it is too recent for reaction, the Madoff investment scandal will no doubt forever have an impact on the investment community and industry. New rules will likely result, and investors will review their accounts and investments in a different light, especially if an outside investment firm is involved. Future investment decisions and the ways those investment decisions are tracked will forever be examined in light of Madoff’s scheme, with the goal of ensuring what happened with the funds invested with Madoff never happens again.

According to the Association of Certified Fraud Examiners’ 2008 Report to the Nation on Occupational Fraud and Abuse, approximately 7% of an entity’s gross revenue is lost to fraud. When the 7% estimate is applied to the Gross Domestic Product, the loss due to fraud approximates $994 billion each year. In reality, the figure is likely even higher, as most frauds go unreported—or worse, have yet to be detected.

When assessing the frequency of fraudulent activity to gauge just how much fraud has been occurring, it is important to remember that only the most egregious fraud cases receive media and legislative attention. In fact, fraud is not limited to large international corporations like WorldCom and Enron. Fraud can and does occur in any size company or organization, large or small, regardless of their for-profit or nonprofit status, and in every industry. The majority of smaller frauds never appear in the media and become public knowledge, partly due to their size and frequently by investigative design.

Fraud is also not limited to financial statements, disclosures, and reports issued to investors and lenders alike. Employees are stealing from companies at alarming rates, and individuals concoct new schemes almost daily to defraud some program or system for their own personal gain.

It is clear that fraud has become a growth industry and not only for the perpetrators. Fighting fraud through education, prevention, detection, investigation training, and ultimately prosecution and punishment offers unprecedented growth opportunities in various career paths and industries. The passage of the Sarbanes-Oxley Act (SOX) alone, enacted to address fraud and the dire need for adequate internal controls and procedures within publicly traded companies, has resulted in a whole new industry in and of itself.

Fraud can be and often is broadly defined, but to really understand fraud, it needs to be contextualized to identify the characteristics and issues unique to each type of fraud. One of the goals in writing this third edition of Fraud 101 is to provide the reader with a working definition of fraud in the broad sense, followed with as many examples as possible of various types of fraud based on my personal experience as a forensic accountant and fraud professional for more than 20 years. Unlike many fraud professionals who have spent their careers investigating a specific range of fraud schemes, I have been fortunate in having the opportunity to apply my knowledge and experience in fraud prevention and investigation in a wide variety of contexts.

Building on the previous editions of Fraud 101 by Howard Davia and then Howard Silverstone, this third edition brings to focus two areas of fraud: financial statement fraud and employee fraud, including embezzlement. The new edition also provides an investigative approach and new discussion regarding investigative issues, including alternatives for resolving fraud-related matters. Lastly, as with previous editions, new case studies are included to illustrate various fraud schemes in rich detail.

In updating this book, I recognized that many great books exist detailing the history of fraud, various theories on fraud, fraud motivators, deviant traits and tendencies, prevention recommendations, investigative techniques, and other generalized information. Those books provide the depth and detail needed to become and remain proficient in this specialized field. I own most of them. However, there is also a need for books designed to introduce professionals, as well as non-accountants, to the specialized field of fraud. This book is meant to be a valuable introduction to the subject of fraud for those who have little to moderate experience dealing with it, whether preventing, detecting, or investigating it.

The approach used in this third edition is to explain fraud in a practical, easily understood manner, supplementing discussions with real-world case studies that clearly illustrate the fraud issues and schemes discussed. Three detailed cases based upon actual fraud investigations have been included as Appendices to illustrate examples of how fraud schemes are perpetrated, detected, and investigated. Each case concludes with practical advice on how the fraudulent activity could have been prevented or detected earlier, thus minimizing the loss experienced by each victim organization. Experienced fraud professionals seeking to expand and enhance their well-developed skill set may feel this book is basic, although the cases may enlighten even the most seasoned investigator.

While it would be ideal and efficient to discuss every possible aspect of fraud in every possible context all in one book, it would also be an impossible undertaking. As you will learn, the details of any one specific type of fraud could be expanded and detailed within a book dedicated only to that type of fraud, and many of those books exist today. My hope is that you will find this book a valuable introduction to how fraud works and how to prevent, detect, and prosecute fraud that could be occurring in your organization.

To my friends and trusted advisors, who have supported my career decisions, have taken personal interest in my success, and have helped bring to light the things they saw in me.

To Helen Koven, my friend and publicist, who gave me the push I needed to begin to document more than 20 years of experience in fraud and forensic accounting in a way that takes the complex and makes it easily understood by accountants and non-accountants alike.

To the folks at Wiley, who gave me this opportunity to expand into the world of writing, opening new doors into my future.

To Joseph T. Wells, founder of the Association of Certified Fraud Examiners, for his foresight into the need for a specialist cross-trained between accounting and investigations, and for providing me with someone to follow as my role model in becoming a national expert in this specialized field.

And to James Ratley and everyone in the Association of Certified Fraud Examiners down in Austin, Texas, who, unbeknownst to them, have contributed so much towards my success as a fraud examiner.

Jim asked me to schedule a meeting with Bob to review the company’s most recent financial reports, and he sent over the company-provided monthly financial statements and reports for my review prior to meeting Bob.

I called Bob and we set a meeting for later in the week. In the meantime, I received the past two years’ financial statements and reports, which Bob had provided to the bank. I surveyed the monthly balance sheet and income statement amounts, looking for any anomalies or unusual trends. Nothing significant or unusual noted. I noticed the annual financial statements issued for the past two calendar years had been prepared by a local CPA, a good sign.

I went to the company, and as I waited to meet Bob, I watched a well-dressed man leave the shop area and exit the building through a side door. As he closed the door he glanced back, catching my eye as I watched him leave. Later, I learned he was Bob’s CPA.

Bob met me in his conference room and gave me a stack of printed reports. Bob indicated he didn’t have much time to spend with me, as he had meetings all day, but said that if I needed anything at all I should ask his business manager, Mary, for whatever I needed.

After a few minutes of general conversation, Bob left for a “meeting,” never to be seen again that day. As I flipped through the reports he provided, I noticed right away the reports were merely summarized balance sheets and income statements for October and November, and the most recent bank statement. Not much to spend an entire day examining, and certainly nothing that would identify why the company looked so promising through September, only to have financial issues two months later.

After about ten minutes, I walked around until I found Mary. I introduced myself and asked if Bob could be interrupted to shed light on the financials and answer questions. Mary called someone and was told Bob would not be available. Mary, feeling sorry for me not having what I needed and Bob not being available, asked if there was anything she could do while Bob was tied up. She played right into my plan.

I told Mary that Bob had said she could provide me anything I needed, and asked her if she could generate a detailed general ledger report for the full year, in as much detail as possible. Mary said she had never run a general ledger, but would be willing to run it if she could find it on the report menu. With me leaning over her shoulder, she found the report option on a menu. She generated a complete detailed general ledger for the current year, as well as for the complete prior year. Bingo! This level of detail was what I needed but hadn’t been given by Bob.

I thanked Mary and told her there was no need to bother Bob any further. If I had any further questions, she and I could figure them out. I didn’t want Mary to tell Bob that she had just provided me all the financial details for both years.

As I opened the report and began flipping through the pages, it was hard not to smile. It felt like finding a puzzle solution that the creator thought was well concealed but was actually sitting in plain view. There were general journal entries, adjustments, posted every month—to sales, costs of sales, and various expense accounts. Then the other side of those entries—fixed asset accounts. Journal entries to fixed asset accounts?

I went back to Mary and showed her how to generate the ledgers with details of every adjustment and journal entry posted in the past two years. More pieces of the puzzle. Mary was unknowingly providing me with the rope I’d use to hang Bob by identifying in detail how her boss had been fooling the bank for at least the past two years. And she was so happy to be learning how to run all these new and wonderful reports she never ran before. Wouldn’t Bob be happy with her new skills development?

I spent the day detailing how Bob would record fictitious sales at the end of each month, only to reverse them in the following month. I also found that Bob was identifying expenses in both the cost of goods section and the general and administrative areas, and reclassifying them in total as fixed asset additions. The result of these entries—strong monthly sales, consistent gross margins, and decreasing expenses—led to a stable or improving net profit (bottom line). More good news for the lender was found on the balance sheet side of things: A balance sheet with increased receivables, mostly under 60 days, low accounts payable, and increases to fixed assets (equipment) needed to accommodate the increases in volume. Not a sophisticated scheme, but one that had never been identified because the bank was never provided (or had requested) any details. Bob simply provided the same summarized balance sheet, income statement, and accounts receivable aging month after month.

Toward the end of the day, I once again asked Mary whether Bob could meet with me. Mary indicated that Bob asked me to leave a list of questions and stated that he would review the questions and gather whatever I needed for my review in the morning. I left three questions along with copies of select general ledger pages.

The first thing I asked was for Bob to provide every original vendor invoice for my review for every fixed asset addition in the last two years. The second was for Bob to provide the original sales invoices for all the sales recorded each month via general journal entry. The third and last item I requested was to have the original bank statements available along with the cancelled checks, with the cancelled check supporting each fixed asset addition pulled out for my review. I then left before Bob could emerge and ruin the surprise I had left for him.

The next morning I arrived. There was Bob, pacing, waiting for me in the lobby. We went back to the same conference room, and I asked Bob how he had made out with my list. Bob said he did not have invoices or cancelled checks for the fixed asset additions, as there were no invoices for the additions. I told Bob I knew that when I left last night, but wanted to ask him for them anyway. Bob then went into a diatribe about how he was responsible for 50 employees and their families, and that his entries month after month kept the business open, preserving all 50 positions. Bob said he was never late on any debt or interest payment and that the bank was never harmed by his accounting entries. Rationalization at its best.

The bank brought in a workout team, called some of Bob’s debt, and fined Bob through increased interest rates and tighter terms. In the end, the bank retained Bob as a customer, but was committed to keeping a closer eye on him. In my last meeting with Bob, he told me that if he had to do everything all over, he wouldn’t do things the same way again.

Six months later, I heard from Jim again. Jim thought I would be interested in a new development involving Bob. Jim’s bank auditors visited Bob and obtained general ledger reports (identified by my project). They found Bob was back to adjusting his monthly financial reports again, but this time he was recording fictitious sales with offsets to accounts payable, as well as holding off recording legitimate purchases and expenses until subsequent months. Then I remembered that Bob had told me that if he could go back, he would do things differently. And he had!

Fraud has become a risk for any size organization. However, small businesses continue to be especially vulnerable, as the median loss to employers with less than 100 employees was $200,000 according to the Association of Certified Fraud Examiners’ 2008 Report to the Nation. Education is the key to addressing the growing frequency of fraud. The more an organization can learn about fraud in general and the potential fraud risks that threaten the financial stability of the organization’s cash flows, the better equipped that organization will be to design and implement measures to prevent fraud schemes from occurring in the first place. In areas where fraud could not be prevented, an organization should implement additional measures to detect fraudulent activity as early as practical. Knowledge of different schemes commonly perpetrated, along with signs and symptoms of each scheme, will increase the likelihood that detection will occur.

This book will serve as a great starting point in providing such knowledge and education, but it shouldn’t end here. More detailed information exists in every area of fraud, building on the information provided in this book. I encourage you to seek out additional books, materials, and articles on fraud, which are easily accessible online, in libraries, and in stores, with the goal of staying abreast of changes in the fraud field. It is only through this commitment to constant education that organizations, employers, and individuals alike will remain well-informed of the latest schemes and fraud issues.