Homeowner loan personal secured

Easy come, easy go: An insurance agent uses company funds for personal investment, and auditors at a claims office give their clients a lesson in firearms

A NEW INSURANCE AGENT WAS depositing his collections to the company's trust account -- a central repository used by all agents in the state. Collections were deposited daily and credited to the policies of those insured. Because the new agent did not understand the breadth of the account, he was surprised to find that his deposit receipt showed an account balance of more than $900,000.

The agent couldn't resist the opportunity for personal gain. He decided to withdraw the entire balance and transfer it to another bank. After completing a counter withdrawal slip, he requested a cashier's check for the full amount. Because there was no block on the account to prevent miscellaneous withdrawals, the cashier was able to complete the transaction without any trouble.

The agent, now almost a millionaire, couldn't believe how easily the company's system could be exploited. He was unaware, however, that the firm's internal control mechanism was already at work. A daily reconciliation listing at the insurance company noted the withdrawal, and internal auditing was immediately notified.

The auditors visited the agent the next day. When they confronted him with evidence of the misdeed, he confessed to draining the account and then using the cash to purchase certificates of deposit (CDs). He agreed to return the CDs and to pay the bank's penalty fee for early withdrawal.

Because the amount stolen had exceeded $500,000, the company was required to notify the U.S. Federal Bureau of Investigation. The agent was eventually sentenced to four years' probation. The last thing the internal auditors remember him saying is, "My wife is really going to be mad at me when she finds out about this one."

DENVER CHAPTER

COMMISSIONS OUT OF CONTROL

The auditor was asked to participate in an assignment away from her office to help the audit department at one of the company's satellite branch locations. A significant fraud had been uncovered, and the department was looking for assistance with its investigation.

The on-loan auditor was asked to recalculate commissions paid to independent sales personnel and their supervisors. Her work involved manual recalculations from months of microfiche records and was limited to checking only the commission totals; she was not responsible for tracing the origins or history of the transactions.

At one point during the auditor's review, one of her clients mentioned that "anyone" can issue a manual commission. Troubled by this discovery, the auditor wondered why someone would issue a manual commission versus an electronic commission and who, specifically, had this capability. Although such issues were technically outside the scope of her work, she decided to investigate further. Throughout the remainder of her assignment, the auditor conducted background research on the issuance of manual commissions. She even continued to investigate these transactions after returning to her home office.

Based on the auditor's findings, the audit department determined that manual commissions were a significant issue. The client was using an older commissions system that had not yet been completely converted to automated processes, and anyone with a user ID could access it. Once obtaining access, the user could enter a commission payment as large as $9,999,999.99.

The only formal control in place was a supervisory review of reports. However, because of flaws in the reporting system, a supervisory review had not been conducted for more than a year. Although complaints from the sales force also helped to gauge the effectiveness of the commission payment process, such feedback only served to identify underpayments, not overpayments.

After helping to identify these weaknesses, the auditor began working with the necessary departments to establish effective controls. The reporting system has since been corrected, and reports now accurately reflect amounts that should be reviewed by a supervisor. In addition, user access to the system has been limited, double-entry fields have been added to eliminate erroneous entries, and the field size has been changed to limit entry dollar amounts. Furthermore, additional procedures are currently being written to show all affected employees how to implement the new control measures.

The auditor's decision to trust her instincts on this assignment was clearly well-founded. Her willingness to listen and reach somewhat beyond the original scope of her work enabled the company to correct a considerable shortcoming in its system of internal controls.

DENVER CHAPTER

LETHAL WEAPONS

When handling homeowner theft claims, insurance companies often disburse payment to the policyholder before the police have completed their investigation. Any stolen items recovered by law enforcement after payment has been made are then returned to the insurance company.

To address this issue, the insurance company charged each of its local claims office managers with controlling and liquidating salvage from homeowner theft losses. The auditors conducted a review of the claims offices some time after the company issued this directive. They compared the salvage on hand at each office with the respective manager's monthly listing of outstanding items.

One manager's list included six firearms, which the auditors were unable to physically locate. Because many claims offices hold salvaged weapons in a separate, secured area, the auditors were not particularly concerned at first. Nonetheless, they decided to speak with the office secretary, just to be sure that the firearms were accounted for and properly secured. When asked about the location of the weapons, the secretary opened her desk drawer and said, "I keep them here." Seeing the look of shock on the auditors' faces, she opened the center drawer and quickly added, "It's okay, I keep the bullets here."

The auditors immediately met with the claims office manager and requested that he find a better location to store salvaged weapons. To ensure this type of incident would not recur, the company provided all offices with training on the risks associated with firearms sales and storage.

PHOENIX CHAPTER

MISPLACED TRUST

The marketing manager noticed that his costs for printing sales manuals over the year exceeded budget projections by more than $150,000 -- an amount that should have enabled his department to order far more manuals than were actually received. Unable to explain this discrepancy, the manager decided to ask for internal auditing's help.

The auditor reviewed accounts payable records for checks paid to the local printing company. Interestingly, most of the checks written to the vendor were cashed at a grocery store rather than deposited at the vendor's bank. The individual who requested the checks was a receiving clerk in the supply department -- a trusted employee who had been with the company for more than 20 years. The clerk had complete control over the purchasing, receiving, and shipping functions relating to sales manuals. In addition, he was a dose friend of the owner of the printing company and had not obtained competitive bids from other vendors.

The auditor compared the purchase and shipment records for the year with an inventory of the sales manuals on hand and found a discrepancy of approximately $190,000. When questioned, the receiving clerk denied any wrongdoing but could not explain the inventory shortage. The vendor also denied any wrongdoing but could not provide any support that he actually printed an delivered the missing manuals to the company.

Based on the audit department's findings, the company terminated the clerk and is currently pursuing criminal prosecution against both the employee and the vendor. The company has also instituted stringent controls in the purchasing, receiving, and shipping functions. Most importantly, the firm's management no longer values trust at the expense of sound procedures.

AUSTIN CHAPTER