You’re a senior manager in an advisory practice, and you have reason to believe someone in your office is embezzling client funds. You have no proof and there is nothing showing up in the books. But some transactions have made you suspicious. You don’t know what to do.

This situation occurs far more frequently than many people think — and managers often have no idea anything is amiss. They should be aware, however, that fraud is on the increase. A PricewaterhouseCoopers LLP report, the Global Economic Crime Survey, 2005, revealed a 22% increase in the number of frauds detected since 2003. In 2005, 45% of companies interviewed — 3,600 companies in 34 countries — had experienced fraud, with an average loss of US$1.7 million. Money laundering was up 133%, with financial misrepresentation up 140%.

But such figures are the tip of the iceberg. One-third of these frauds were discovered by accident, says the report. That begs the question: how many go undiscovered? With U.S.-based investment houses such as Merrill Lynch & Co. Inc. and Citigroup Global Markets Inc. ’s division, Solomon Smith Barney, falling afoul of regulators, how many financial services companies might also be liable, possibly due to a lack of transparency in their own processes?

If fraud is suspected, there is someone to go to. The people to call are forensic accountants. They are the SWAT teams of the accounting world, providing investigative services that can help root out potentially damaging practices. A closer look at the books can sometimes reveal worrying trends, such as misadvising clients, embezzlement or poor financial controls.

Forensic accountants find the facts that enable management and the courts to do their job based on the available information. Practitioners, such as David Asselstine of Winnipeg-based investigative accounting firm InFocus Forensic Financial Investigators, do not necessarily label an activity as fraud. “I spell out the facts as we know them and they’ll speak for themselves, one way or the other,” he says. “We present the facts as we see them for someone else to make a decision.”

Forensic accountants work to uncover what Asselstine identifies broadly as two types of fraud: “on the books” and “off the books.” If something has gone through the corporate records and needs to be hidden within the accounts, that is an “on the books” fraud. A forensic accountant addressing an “on the books” fraud will try to figure out where someone would try to hide money in the accounts so no one could find it.

The second type, “off the books” fraud, can be more difficult to uncover. In such cases, accountants try to find evidence of anomalies outside the accounting system. For example, says Paul Levine, a partner in the forensic accounting practice at KPMG LLP, one common method of perpetrating fraud is for an employee to set up their own company to serve clients using their employer’s services. Such fraudsters invoice from their own companies and pocket the revenue. These types of frauds are very difficult to discover because the money trail never reaches the company being defrauded.

Fraud is uncovered through a combination of activities:

> Financial analysis. Basic financial analysis enables the accountant to trace the flow of money through a company’s accounts and identify where the money has gone.

> Data interrogation. More intensive data interrogation can involve both internal and external sources of information. Gone are the days when someone would have to collect and index boxes of printed documents, explains Cameron McCaw, a principal at forensic accounting consultancy Zwaig Consulting.

Today, companies use products such as Summation, a software tool designed to index and analyse documents electronically. It becomes possible to search for keywords. When Gary Moulton, forensic accountant at Deloitte & Touche LLP, found one employee working with a supplier to defraud his client, a keyword search helped the company isolate telltale e-mails.

Similarly, querying external sources of information can also reveal details about an employee that could create a picture of his or her relationships both within and outside the company, says Paul Levine, a partner in the forensic accounting practice at KPMG.

> Detective work and employee interviews. No forensic accountant could complete an investigation without some old-fashioned detective work. In some cases, in order to decide if a supplier is real, Moulton has visited the loading dock to find out if the firm had ever received a shipment from the supplier, and asked people in the accounting department if they had received a product catalogue or Christmas card from the company.

@page_break@> Computer forensics. Forensic accountants also need computer forensics expertise to recover deleted files from hard drives. Simply dragging a file into the computer wastebasket does not delete it — it is still on the hard drive, but the operating system simply ignores it. Software tools can recover these documents, which is how Moulton eventually found an incriminating invoice that provided additional evidence against the employee he was investigating.

Ideally, however, a company will have its own anti-fraud regime in place to prevent fraud before it happens. Steven Henderson, practice leader and partner in the Ontario investigations and financial services team at PricewaterhouseCoopers in Toronto, has a list of anti-fraud measures that companies should implement:

> Establish a governance framework. Is your organization sending the right message to the public and to employees? Henderson suggests firms appoint an audit committee charged with governing fraud so that someone is responsible for preventing it.

> Conduct a fraud risk assessment. Identify fraud through scenarios in which it could develop. This will give a company a foundation upon which to create strategies to deter or deal with fraud.

> Carry out a management self-assessment. Management must assess its ability to prevent, deter and investigate fraud. What systems does management have in place to handle this?

> Create a code of conduct. A company should have documentation that it uses to promote its core ethical values.

> Undertake employee training and education. Employees must know what fraudulent activity is and how to prevent it, and should also understand the implications of not reporting it.

> Open the lines of communication. Companies must create a fluid internal communications structure, delivering messages from the CEO and senior management to employees. They must ensure that they communicate properly with external regulators.

> Install accident reporting mechanisms. Often, employees aware of fraud don’t know whom to tell. Anonymous hotlines (also known as “whistle-blowing” lines) can help to mitigate this problem. Other options are post-office boxes and anonymous forms on Web sites.

> Use intelligence screening. Conduct thorough background searches on new hires, and on employees up for promotion. Verify any credentials they give you. Such checks also extend to vendors and customers: is there anything you should know about the companies you’re dealing with that may set alarms ringing?

> Investigate any anomalies. Investigation includes involving the firm’s own internal specialists such as an internal audit or in-house counsel. Management should also have a strategy for involving regulators and other external agencies when necessary.

> Have a remediation strategy. This issue is often overlooked. Companies encountering fraud often clean up the problem, remove the employee involved and continue as before without addressing the underlying vulnerability in their internal processes that facilitated the fraud. The key is to ensure that it doesn’t happen again by closing any loopholes.

Ultimately, the root of a good anti-fraud strategy is prevention. Cures are all very well, but by the time they are implemented, the company has often already incurred a loss. IE