WFOA 2024: Fighting Fraud Friday session supplement

Thank you for attending our Fighting Fraud Friday session at WFOA!

This special webpage includes notes, links and other resources cited during our presentation that we think you'll find quite helpful. If you have any questions or need more information, please contact fraud@sao.wa.gov.

Avoid the trust trap

Many types of people commit fraud, including otherwise “good” and trustworthy people. We can’t know when someone will succumb to the fraud triangle. Therefore, we should never use trust as an internal control.

Notable fraud cases of 2024 have two things in common: the government gave the subject too much trust without proper monitoring (trust, but verify was not in place), and no one reviewed the bank or credit card statements.

Many factors try to lure us into thinking we can blindly trust someone and not verify what they’re doing. Some examples include:

  • Years of experience
  • Accolades or accomplishments
  • They are a community member or friend
  • Professional dress, speech and mannerisms
  • Exuding confidence in their role
  • Eye contact with a handshake

Internal controls should stand on their own, regardless of who fills the position.

  • Internal controls should not be personality, or person, dependent
  • Trust is not an internal control

Fraudsters can generally be placed into one of two categories:

  • Predator: Consciously seeks out opportunities to commit fraud, often in serial fashion (may be related to a dark triad personality)
  • Situational: Gives in to pressure and can rationalize atypical behaviors when the opportunity presents itself (often succumbs to the fraud triangle)

For both predator and situations fraudsters, increasing the perception of detection is key. For situational fraudsters, removing opportunity should greatly reduce temptation.

Resources and Recommendations:

  • Use our Trust, but Verify guide, designed especially for elected and appointed leaders to learn how to prevent fraud
  • Book recommendations:
    • The Invisible Gorilla: How Our Intuitions Deceive Us by Christoper Chabris and Daniel Simons.
    • Talking to Strangers by Malcolm Gladwell


Review the statements

  • The notable frauds in 2024 could have been prevented or detected if someone in government had reviewed the bank statements
  • Statement review is not just for traditional bank statements. Also consider statements outlining activity on credit cards, purchase cards, fuel cards and store credit
  • Use our Trust, But Verify guide to help


Resist complacency 

Fraudsters are adapting and changing, but are your controls? Consider doing something different:

  • Data analytics
  • Surprise audit
  • Targeted audit
  • A fraud risk assessment

Data analytics:

What data do you have?

Get familiar with Excel

How to gain Excel skills
  • Invoice/check detailed listing
  • Vendor listing/details
  • Receipting activity
  • Bank activity
  • Credit card activity
  • Fuel card activity
  • Filters
  • Pivot tables
  • Charts/graphs
  • Conditional formatting
  • Excel’s help feature
  • Google
  • Chat GPT or Copilot
  • YouTube
  • LinkedIn Learning
  • Just start clicking buttons (with safe data)!

Suggested analytics

Excel 3D maps
This feature visualizes datasets that contain some type of location field. It works great for fuel card data to see fill-up locations.

  1. Format your data as a "table" (see button on the "home" ribbon)
  2. Make sure the data has some type of location field (address, zip code, etc.)
  3. You likely won’t find 3D maps on your standard tabs or ribbons – You can either add it by customizing your ribbon or just search for “3D maps”


Excel sparklines
This feature quickly visualizes a series (trend) of data points. It works great when exploring activity by month or year to spot trends, patterns or anomalies.

  1. Your data should be formatted so each row represents one item you want to evaluate (a BARS code line for example), and so that the various timeframes are in separate columns. For example, the account title may be in column 1, the 2020 total in column 2, 2021 total in column 3, etc.
  2. Click on the first open cell next to that first row of data
  3. Find the “sparklines” section in the “insert” tab. You can choose between line, column or win/loss.
  4. Enter the range of your timeline data
  5. After you’ve created one, you can drag that cell down to other rows to create sparklines in each individual row


Excel pivot tables
Understand how often your government should pay certain vendors. For example, do you pay your insurance provider annually? Use a pivot table to count the number of payments made to vendors. Consider:

  • Insurance
  • Association and other dues
  • Subscriptions
  • Other vendors – would you expect more than 12 payments per year?


Excel filters and conditional formatting for bank data
Find red flags of inappropriate activity quickly by downloading all the bank and/or card data for a timeframe and using filters or conditional formatting to highlight key risk indicators. As a start, we’d recommend:

  1. Indicators of paying a vendor through an applications or services that vendors doing business with governments don’t commonly use:
    a) Lines starting with: *SQ, indicating payments made to someone accepting funds through Square Payments
    b) Lines starting with: *IN, indicating payments accepted through Intuit
    c) Common payment apps, such as Zelle, Venmo and Paypal

  1. Words such as “cash” or “ATM.” Cash withdrawals should be extremely rare or nonexistent for governments.


Other analytics by area:

Receipting

Vendor Payments

Payroll

Credit cards

Voids and adjustments by employee, customer and timeframe

Benford’s law

Negative deductions

Payments on weekends or holidays

Trend unexpected revenue (such as B&O tax)

Duplicate vendors

Unpaid or late federal tax payments

Compare card usage by person, position and department

Negative payments

Large payments

Duplicate names or SSNs

Card balances overpaid

Delinquent accounts

Duplicate invoices or check numbers

Even dollar amounts

Charges while employee is on leave

Overpaid utility accounts

Even dollar amounts

Compare pay dates to hire/termination dates

Charges just below authorized limit

Duplicate receipt numbers

Incomplete vendor profiles

Individual paychecks that are 5% or more than average

Interest paid each month

Receipt numbers out of sequence

Compare vendor and employee addresses

Number of checks per employee

Late payment fees/penalties

Receipts not included in bank reconciliation

Multiple vendors with the same address

Pay type by employee classification (did ineligible employees receive pay types or stipends only available to certain classes?)

Vendors indicating possible personal use (cosmetics or clothing stores, for example)

Days between deposits over a period of time

Payments just under approval thresholds

Hours per pay period

Cash advances

Yearly stats by customer (number of bills or payments, high or low balance, average payment)

Out of sequence checks, vouchers or purchase orders

Sequential payments to one vendor (could indicate split purchase to purchase approval limit)

Checks made out to “cash”

Trend card purchases by month

Compare check voids by user

Payments for $0

Payments from and to the entity

Resources and Recommendations:

  • Interactive data analytics tool from the Association of Certified Fraud Examiners: Anti-Fraud Data Analytics Tests (acfe.com)
  • Segregate key duties where possible. When you can’t, add sufficient monitoring. See our Segregation of Duties guide for help.
  • Make sure your bank provides copies of all cleared checks.
  • Have someone independent of the disbursement process review cleared checks against system records.
  • If possible, utilize journal entries for interfund activity, not checks.