Fraud Spotlight: An Employee Watch List Helps Uncover a Decade-Long Fraud

This is the latest in a series of blog posts highlighting real auditors who have uncovered major frauds. We’ll break down the frauds, explore auditing theories and concepts, and get to know the people who brought these frauds to light.

Olivia Whipple is one of the smartest and most dedicated people I know.  I am constantly inspired by her work ethic, attention to detail, and creativity. She began this fraud series to help Internal Auditors learn through other’s real life experience and I asked her if I could turn the table on her. She graciously agreed!

John Kaneklides: We’ve known each other quite some time and have been business partners at The Audit Library for almost three years now, but can you tell our readers a little bit about yourself?

Olivia Whipple: I started out my career in financial institutions as a bank teller. I learned so much about banking as a frontline worker and this was really critical for my career! While I was working as a teller, I attended business school, and obtained an Accounting Certificate for college graduates. I went to work for Moss Adams at their Portland office, then worked for Dixon Hughes Goodman in their Charlotte office, when my family was relocated. I specialized in financial institutions at both firms. Eventually I decided to move away from external audit and into the Credit Union industry where I served many roles, including Chief Audit Executive.

JK: And we met when you moved into Credit Unions full time.

OW: Yes! Then, in 2018 we co-founded The Audit Library. I have been serving our clients in this role ever since. My role combines my external and internal audit skill sets nicely, and I love being an entrepreneur. I live in the Charlotte suburbs with my husband Mike and our 10-year-old daughter Heidi. We also have a really cute quarantine puppy named Ally the Aussiedoodle. When I’m not working or spending time with my family, I love to travel, read, and cook. I also volunteer for Girls on the Run, an organization that promotes self-confidence, kindness, and empowerment to girls in elementary school. I stay pretty busy!

JK: I love that you volunteer and are constantly inspiring young women! Can you tell us what your career was like when you discovered the fraud?

OW: At that time, I was an experienced internal auditor. I have to admit up front that I did not discover the fraud, and I’ll get into that story later on. I was part of a team that was monitoring an employee watch list.

JK: Can you tell me a bit more about what your employee watch list was and how your team put the pieces together?

OW: Our Internal Audit department had a list of employees that we periodically monitored. We reviewed their transaction activity because they had raised some sort of red flag in the past. Financial institutions are unique in that many of the employees actually have deposit accounts and loans held at the company. Due to Internal Audit having access to the core processor, we can look for suspicious activity or perform other research if an employee chooses to bank this way. Probably goes without saying; this is a slippery slope! As auditors, we must use our best judgment, keep the information we learn in strict confidence, and realize that we have an unfair advantage. If you are an auditor at a manufacturing company, for example, you would not be able to see employee checking account activity! So, with that said there will be many details that I’m going to hold back.

JK: So, you had a methodical way of monitoring these employees. I think it is great that you were able to stick to the appropriate boundaries set in place and still uncover this fraud. What type of transactions did your team see to know that there was fraud going on?

OW: It was bonus time. We decided to look at accounts to see what the employees on our watch list would do with a large paycheck. There was an employee we had been monitoring for some time. They appeared to be living beyond their means, had a loyal following among our customers, and had a lot of access to cash and systems, among other fraud red flag indicators. Another auditor found what I would call the “smoking gun.”

It was really hard to follow, but the employee’s bonus ultimately paid off a loan that was not their own. Even more suspicious were the transactions that happened around this time. The funds were transferred from account to account for no apparent reason, almost like money laundering. Checking to savings, and back. Into a relative’s account and back. Almost like they were trying to bury this one transaction in a bunch of “noise” if that makes sense.

JK: It does it seem like this person was really trying to hide something. How did your investigation continue?

OW: Once we found the suspicious transaction, and proved that the funds ultimately went from our employee’s account to some unknown person’s loan payoff, we tried to find out who this other person was. If they were a relative, it would have been a simple explanation. We didn’t find evidence that there was any familial relationship, and found out they lived in a different state. That set alarm bells off even further. Then, we tried to figure out what the loan proceeds were used for. This was the most exciting part to me. The loan was a personal line of credit, so unlike a credit card you had to make advances to get the loan proceeds. The advances only ever occurred at one branch, and were only ever processed by one employee… the one on the watch list!

Now I’ll explain the “smoking gun.” We requested all of the branch paperwork related to the advances on this loan, which spanned several years. All of it was missing. We were at the point that we worried the mail room which handled these requests would go to the branch, ask for their assistance, and tip them off. So, we asked them to please send us all the teller work from the dates in question, and we would find the missing paperwork ourselves. We went through it piece by piece, and the signed loan advance forms were not in the teller work where they should be. Everything else that should have been there was there. We went transaction by transaction, every day, and only this loan advance paperwork was missing.

JK: NO PAPERWORK AT ALL? If that isn’t a major red flag, I don’t know what is. What happened next?

OW: This is the part where I get directly involved in the story. I had seen my teammate find and unspool this fraud, with a little assistance from myself and others, and I was so happy about it. We had been watching this employee for who even knows how long, and now we finally had something to bring to leadership. Like all of our hard work had really yielded results. Well, not everyone was as enthusiastic as I was. We were at the point where there was nothing left to do but alert leadership and interview the employee, and they wouldn’t do it. Someone even said “what’s the point, they won’t admit it.” Or something to that effect. I offered to do the interview myself, and was not allowed because it was not “my” investigation. I was so upset.

JK: That is such a frustrating situation. I have a vague memory of you asking me some advice about this situation, but obviously, I didn’t have all these details then.

OW: That is right! I talked to you about it when we met up for drinks when you were living in Manhattan. You encouraged me to just go to leadership myself… but I didn’t have the proof! The envelopes of teller work just sat in a locked drawer that I didn’t have access to. I was beyond frustrated.

That’s where this stayed for months. Then, there was a shakeup at work. An employee was moved out of audit, and I was promoted. All of a sudden I was calling the shots. I had access to an office, cubicles, and several file cabinets: all full of paperwork. I made it my mission to find that teller work! After a lot of searching, and many paper cuts, I found the teller work and secured it. I put together a dossier with the flow of transactions and copies of everything, and took it to operations, which was also having a shakeup at that time.

An employee who was very knowledgeable about branches was the acting COO, and understood immediately that we had to move on this. Since the investigation had stalled for so long, we weren’t sure exactly what could be done, but we were determined to do something. Together we went to the CEO, who supported us fully, and I now had the green light to perform a fraud interview.

JK: How great that you had the support of management! What happened next?

OW: I drove out to the branch with one of my new employees as a witness. I explained to the suspect that we had questions about some transactions that had occurred over several years related to a line of credit, and they acknowledged that the third party was their personal friend. They admitted that they often performed transactions on their friend’s behalf, including cash advances on their line of credit. Also, they had no explanation for why they wouldn’t just have another teller perform the transaction, issue an official check instead of cash, mail documents to the friend, etc. They pretended like I had just introduced those concepts, which is actually kind of funny now that I think about it. “Official check? What’s that!” They stopped short of admitting they used the funds personally, but taking cash out of your drawer and delivering it to another person (in another state by the way) is a terminable offense.

There is a reason why tellers, or retail clerks for that matter, do not perform their own transactions! And what about carrying thousands of dollars across state lines for your “friend”?! What if you were robbed or misplaced the money? Who was responsible?! The story just didn’t make sense.

I was lucky because as the investigation continued, I had a seat at the table and support of leadership. It took a little work to educate everyone that this was fraud and not a misjudgment anyone could have made. It was a win for me and my new team to see this to the ultimate conclusion.

JK: Looking back now, how the way the discovery of the fraud and the final conclusion make you feel?

OW: I will admit that at first, I was ecstatic. I had a goal going into the fraud interview, and I accomplished that goal when the employee admitted to taking the cash. Even if they didn’t admit to spending it, I had what we needed. Auditors have a different way of being in the world sometimes. It was like a rush. But almost immediately after that, I felt a lot of guilt. I actually lost my appetite and my weight dropped. It was all I thought about for a while after that. The acting COO actually helped me out quite a bit. They explained that I was just looking at the evidence and asking the questions that needed answers. I knew all of this of course, but it really helped to hear it from someone so knowledgeable. I felt really bad for the employee. They lost their job and livelihood over this. But at the end of the day, I felt the right decision had been made and that lessened the guilt over time.

JK: Those feelings are so common when it comes to uncovering fraud and I think they should be talked about more! Thank you for being so honest. I want to dig in a little deeper to see if we can help some of our readers who could possibly face a situation like this. Can you pinpoint any control weaknesses or failures that contributed to the fraud?

OW: Yes, the branch in question had what I would describe as an isolated culture. They were a remote branch, and were sort of like outsiders at the company. They were often chided by management for not following the rules, or following loose interpretations of the rules. Pushing the envelope on policies and procedures. It was the perfect type of culture for someone to perform unusual transactions and not have anyone notice, or speak out and blow the whistle if they did notice.

JK: Is there anything in your training that helped you in this fraud discovery process?

OW: I have learned about the fraud triangle throughout my career. The employee rationalized using their friend’s loan for personal expenses because they always intended to pay it back. They had the opportunity because they had access to perform transactions. And the incentive was whatever personal expenses they had and were coming up short with their own liquidity. Knowing the fraud triangle conceptually really helped put this together.

JK: Do you think a similar fraud could happen today? If so, what advice would you give to auditors reading this now?

OW: Absolutely! This could happen at almost any company, but especially a financial institution. Any time employees have access to cash, they have the opportunity portion of the fraud triangle. And a surprise cash count would not have found this; there was an offsetting transaction!

We had a few things going for us, that I hope the readers take to heart. We were diligent in our watch list, fraud red flags, and monitoring procedures. Once we zeroed in on this employee, we took the time to see where all the pieces fit and figured out the fraud. This was not an IDEA or ACL catch, this was humans knowing where to look and what to look for, examining documents, and piecing together transactions one by one. I will give my colleagues credit for that! Where they fell short was following through. It’s not enough to be a great investigator if you aren’t willing to confront fraudsters and see these investigations through to a conclusion. It can be difficult and frustrating at times, but whose job isn’t?

JK: Thank you so much for sharing your story with us today, Olivia. I hope our readers are able to take some of your advice to heart and are able to learn from your experiences.

Thank you for reading! More fraud stories from real people like Olivia will be coming to the blog. If you would like to contribute to this series, contact us for details!

Share on facebook
Share on twitter
Share on linkedin

2 Responses

  1. This was a great read for me. I recently started a new position as the sole internal auditor for a $500 million to $1 billion credit union. The former auditor resigned their position. So I’m trying to pick up where they left off, but have found the audit programs and are rather weak with limited audit committee involvement in the audit plan development and follow through. There are many operational areas that have never had a control review. One of the tasks that the former auditor was doing and that I’m now tasked with is monitoring employee past due loan and overdrawn share transaction histories. Unfortunately, this monitoring process was and is really just a rubber stamp process that serves no real value or purpose. My understanding is that it is supposed to be used as part as an enforcement tool for the code of conduct section of our employee handbook, but that hasn’t been reviewed in forever either. Do you have any additional thoughts or guidance resources on the use of financial code of conduct monitoring as part of employment handbooks or other HR policies?

    There is only so much one person can create and implement on their own. My CU did purchase access to audit library templates before I started. So I’m very grateful for these insightful blog posts and access to the library templates that I will review to help me revamp the insider monitoring program and all the other audit programs that need a boost.

    1. Thanks for your great comment and I’m really glad you have been enjoying our blog. The good news is that you have identified that this process serves no real value or purpose. The other good news is that it should not be Audit’s duty to enforce management policies. We’d be happy to chat with you more about this through a direct message or phone conversation. Feel free to reach out via the contact page of our website.

Leave a Reply

Your email address will not be published. Required fields are marked *