- How would the auditors demonstrate that all the accounts that suffered losses (actual accounts and potential accounts were reviewed?
- What information should work papers contain to support a fraud case?
- What information should work papers contain to support a regular audit? Compare and contrast the differences in the information needed for a fraud case and a regular audit
- How would you review the work papers prepared for this case?
- Prepare an audit program that an internal auditor assigned to this case would use?
- What changes in internal controls would you recommend after reviewing the facts of the case?
SOUTHEASTERN FEDERAL SAVINGS & LOANS
This case study presents a fraud perpetrated by a mortgage counselor at a branch office of Southeastern Federal Savings & Loans (Southeastern) that resulted in Southeastern losing $110,000 in cash outright and $93,149 in staff time investigating the fraud. The senior management of Southeastern, the FBI, and the firm’s attorneys incurred additional costs.
This fraud occurred because established policies and procedures were not followed and that additional controls needed to be implemented.
Description of the Fraud and the Parties
Jane Davenport, the perpetrator of the fraud, was initially hired as a teller, became a savings counselor, and lastly, a mortgage counselor. In her five years of employment at Southeastern, fellow employees and customers trusted her. Ms. Davenport violated their trust by stealing from customers’ accounts. Ms. Davenport started the fraud when she took money from an older couple’s two accounts by forging signatures on withdrawal slips. She repaid the money to the accounts by taking money from other customers’ accounts in a classic lapping scheme.
The following year, Ms. Davenport targeted a customer, Ms. Sampson, who had seventeen accounts with Southeastern. Ms. Sampson was a very busy lady, her accounts were very disorganized, and her signature varied considerably. Ms. Davenport and Ms. Sampson developed a trusting relationship. For instance, Ms. Sampson would leave signed blank withdrawal tickets and/or call Ms. Davenport in order to transfer money among accounts. Based on this trust, Ms. Davenport closed out three certificates of deposits, taking penalties on two of them and placing the money into her personal account. Ms. Sampson had two checking accounts with substantial activity and transferred much money between them. Ms. Sampson made second mortgages to people and earned an excellent return on her loans. Ms. Davenport processed a change of address for the checking accounts, so that the statements were mailed to her. She would make a copy of the statements and eliminate the fraudulent transactions. She inserted the altered balances and calculated the correct interest, typed the correct address, and mailed the altered statement to Ms. Sampson so that she would not detect the fraudulent transactions. Ms. Sampson suffered a total loss of $45,168.67; all of which were reimbursed by Southeastern.
Ms. Davenport raided other customers’ accounts. One customer suffered a loss of $4,072.09 when Ms. Davenport diverted a check payable to the customers to her own account. Another customer lost $30,884.62 when Ms. Davenport prematurely closed the customer’s certificate of deposit and fraudulently withdrew money from the customer’s account. Four additional customers lost $18,134.62, $10,707.00, $1,000.00, and $151.97 respectively.
The fraud was discovered after three years when Ms. Sampson finally complained to the branch manager about problems in her accounts. The branch manager immediately contacted the security manager and Ms. Davenport was questioned. Eventually, Ms. Davenport signed a confession stating that she had stolen Ms. Sampson’s money to help her mother with financial problems. At that time, the Internal Audit Department was asked to investigate the fraud and the record center began the enormous task of gathering the documents for the investigation.
Evidence and Work Papers
Internal audit investigation had the following objectives:
1. Determine the customers and the amount lost by each to allow Southeast to reimburse customers’ losses.
2. Identify violations of existing policies and procedures and make recommendations for additional controls that could prevent future frauds from occurring.
3. Supply the FBI with evidence in the case for them to conduct their own investigation, especially in the cases not considered large enough by FBI standards.
Internal auditors assembled copies of withdrawal tickets, deposit tickets, signature cards, and checks, and placed them in a file for each customer’s accounts. For each account, the internal auditor matched withdrawals against the copies of the signature cards in order to determine if the withdrawal was a forgery. When there was a reference to another account, the internal auditors requested from the Record Center information from the other account. Among many irregularities, it was discovered that Ms. Davenport had signed her own name on withdrawal tickets for other persons’ accounts.
A summary worksheet was prepared for each account indicating the transactions not performed by the customer or those that appeared questionable. In many accounts, it was simple to determine if the transactions were legitimate or not, but in some accounts, such as Ms. Sampson’s, it was impossible to make any determination due to the discrepancies in the signatures on signature cards and the large activity of their checking accounts.
The FBI and Internal Auditors Interview Ms. Sampson
In order to resolve the above problem, the security manager arranged to meet with Ms. Sampson, the internal auditors and the FBI, to determine which transactions were made by her. The volume of transactions was so large that follow-up meetings were scheduled between Ms. Sampson and the internal auditors. During the follow-up meetings, Ms. Sampson was shown copies of the transactions from her various accounts and she was asked to identify whether she had actually performed them. A certain level of confidence was established from the information supplied by Ms. Sampson. As a final verification, the internal auditors compared the transactions in their worksheets to Ms. Sampson’s check register. The internal auditors prepared a detailed and complete list of fraudulent withdrawals. Ms. Sampson’s accountant verified the accuracy of the loss as presented on the Internal Auditor’s spreadsheet.
The Conclusion of the Case
The FBI requested the internal auditor’s spreadsheets documenting the total loss suffered by Southeastern customers. The FBI and U.S. Attorneys used the worksheets to prosecute Ms. Davenport. The spreadsheets listed 241 fraudulent transactions totaling a $465,303.58. Ms. Davenport pleaded guilty, was convicted, and sentenced to five years probation, one month in jail, and no restitution.
1. How would the auditors demonstrate that all the accounts that suffered losses (actual accounts and potential accounts were reviewed?
2. What information should work papers contain to support a fraud case?
3. What information should work papers contain to support a regular audit? Compare and contrast the differences in the information needed for a fraud case and a regular audit
4. How would you review the work papers prepared for this case?
5. Prepare an audit program that an internal auditor assigned to this case would use?
6. What changes in internal controls would you recommend after reviewing the facts of the case?
Clearly highlight each question and use bullet points within the question [
do not include the quiz fact pattern with your reply