The concept of Forensic Accounting (never mind a fraud investigation)
can be tricky if you've never heard of it before.
We explained on our "What
is Forensic Accounting?" page that there were actually many
different "things" that an accountant in the forensic field could
But fraud investigation is the original and best known area.
And if you're already working in this field we make no apologies for
the level of simplicity we're using here to explain what it's all about.
Most people trying to find out information in this field usually get
bamboozled with flowery jargon and big words.
Hopefully we're going to avoid that and give you the following:
An example of a simple fraud
Explain the concepts of Prevent and Detection Controls
Why Controls Fail
Why Big Companies = Big Frauds
A Simple Fraud
Let's say you run a company. And you put your trust in your employee -
Dave - to run the payroll for you every month.
That means he has to pay all your employees their monthly salaries.
You put some controls in place to make sure Dave is doing the right
thing. That could mean Dave supplying you with a sheet of
showing you which employees are being paid and how much. You review it
and sign at the bottom.
Dave then goes off and pays all these employees correctly.
But, unknown to you, he adds in an extra employee to be paid that you
don't know about.
And it turns about to be Dave paying himself extra wages. And he ends
up doing this for years.
And then one day Dave doesn't turn up to work and is now living on a
beach in South America using his "extra" wages. Nice one Dave.
There's two ways a company could have stopped this happening.
Welcome to the world of Prevention and Detection Controls.
Big words but simple meanings.
And collectively they are sometimes referred to as Internal Controls.
company been smart enough they would have implemented controls to stop
(i.e. prevent) Dave in the first place. For example, Dave prepares the
list of people to be paid but someone else makes the payment. Or two
people have to sign the payroll checks (or authorize on internet
banking) before they are released.
controls come in after the payroll has been paid. For example, someone
different from Dave (i.e. you!) gets the bank statements the following
day and you check that the amount that's left the bank account ties
back to the sheet of paper that you signed the previous day.
Hopefully you notice that the two amounts are different and you
immediately investigate what's happened.
That way, you may not have prevented Dave's bad behaviour but you
certainly would have detected it very quickly.
Why Controls Fail?
So, if you could have stopped the fraud happening in the first place
(or at least limited it) then why do frauds by the truckload continue
You can design as many controls as you feel like, but if you forgot to
stick with them then you have what are known as "control breakdowns"
The main reason is the human factor.
Or if we weren't being as nice - people are lazy, forgetful, too busy,
didn't understand what was needed of them. Whatever the reason - the
And in the worst case - fraud - someone deliberately ignores the
Big Companies = Big Frauds
Now, take our simple example and then think about a huge multi-national
company with numerous processes around how their cash is spent and
collected - which could be payroll, invoicing clients, stock control
and operating expenses.
Imagine the sheer number of controls that need to be implemented to
make sure that all the cash paid out or received is accurate and
properly accounted for.
These controls will be a combination of complex computer systems and
lots of people. And they can breakdown either unintentionally (system
bugs, genuine human error).
Or a person (or a group of persons) can get together and maliciously
set out to commit a fraud. That's called collusion.
And if they get away with it....then the numbers can be massive.
So, what is Forensic
We're hoping you now have a better understanding of how frauds can be
committed in any size of company and the importance of controls.
And we're now also hoping that our definition of Forensic Accounting
will make more sense to you.
Forensic Accountants are usually called in after a fraud has already
The internal controls have failed. Money has been lost. Particularly in
large companies it may not be clear (or they may not have a clue!) what
The company needs to find out.
And that's when they call in the accountants, the lawyers, the police
and other government organisations if things get really nasty.
And the role of the Forensic Accountants is to:
Investigate and gather evidence. Interview staff
Analyse that information. Review the controls and how they
failed. Query the data systems
Work with the lawyers, police and anyone else who's
outside the company
Document their findings in a clear and concise format which
delivered to the Company
Prepare further reports/documents that will be used by the
Company to launch a legal case against the fraudulent employees.
Appear in court to explain the investigation work that
carried out and the conclusions they reached
In summary, they find out how the fraud happened, who did it, when did
they do it, and how much money has been stolen.