|
Please see the bank statement and confirmation statement on: http://davehancox.blogspot.com/2012/07/peregrine-financial-group-inc.html
This is really a problem for the auditing profession.
You've got to be able to add the numbers right at least!
Sunday, July 15, 2012
Update to Peregrine Fraud - Add the Numbers
I just realized that if you add and subtract the right numbers on the Peregrine Bank Statement, you do not get the ending balance as reported on the bank statement. In addition, the balance on the bank statement does not equal the balance on the confirmation statement.
Please see the bank statement and confirmation statement on: http://davehancox.blogspot.com/2012/07/peregrine-financial-group-inc.html
This is really a problem for the auditing profession.
You've got to be able to add the numbers right at least!
Please see the bank statement and confirmation statement on: http://davehancox.blogspot.com/2012/07/peregrine-financial-group-inc.html
This is really a problem for the auditing profession.
You've got to be able to add the numbers right at least!
Peregrine – Auditors Fail to Find $200 Million Fraud
The Peregrine Financial Group Inc. fraud is
still emerging, but once again, we see auditors being duped because they failed
to follow the basic procedures of the auditing profession and exercise an
appropriate level of professional skepticism.
The CEO and
sole owner of Peregrine Financial Group, Russell Wasendorf, Sr., attempted to
commit suicide and left a note detailing the fraud that was committed over a 20
year period of time. It’s alleged that more than $200 million in customer funds
are missing.
The Note Confirming the Fraud
“I
have committed fraud. For this I feel constant and intense guilt. I am very
remorseful that my greatest transgressions have been to my fellow man. Through a scheme of using
false bank statements I have been able to embezzle millions of dollars from customer
accounts at Peregrine Financial Group, Inc.
“The forgeries started nearly twenty years ago and have gone
undetected until now. I was able to conceal my crime of forgery by being the
sole individual with access to the US Bank accounts held by PFG. No one else in
the company ever saw an actual US Bank statement. The bank statements were
always delivered directly to me when they arrived in the mail. I made counterfeit
statements within a few hours of receiving the actual statement and gave the forgeries to the
accounting department.
“... I had no access to additional capital and I was forced into a
difficult decision: Should I go out of business or cheat? I guess my ego was
too big to admit failure. So I cheated, I falsified the very core of the
financial documents of PFG, the Bank Statements.
“At first I had to make forgeries of both the Firstar Bank
Statement and the Harris Bank Statements. When I choose [sic] to close the
Harris Account I only had to falsify the Firstar statement. I also made forgeries of
official letters and correspondence from the bank, as well as transaction
confirmation statements.
“Using a combination of Photo Shop, Excel, scanners, and both laser
and ink jet printers I was able to make very convincing forgeries of nearing
every document that came from the Bank. I could create forgeries very quickly
so no one suspected that my forgeries were not the real thing that had just
arrived in the mail.
“With careful concealment and blunt authority I was able to hide
my fraud from others at PFG. PFG grew out of a one man shop, a business I
started in the basement of my home. As I added people to my company everyone
knew I was the guy in charge. If anyone questioned my authority I would simply
point out that I was the sole shareholder.
“I established rules and procedures as each new situation arose. I
ordered that US Bank statement were to be delivered directly to me unopened, to
make sure no one was able to examine an actual US Bank Statement. I was also
the only person with online access to PFG’s account using US Bank’s online
portal. On US Bank side, I told representatives at the bank that I was the only
person they should interface with at PFG.
“When it became a common practice for Certified Auditors and the
Field Auditors of the Regulators to mail Balance Confirmation Forms to Banks
and other entities holding customer funds I opened a post office box. The box
was originally in the name of Firstar Bank but was eventually changed to US
Bank....
“When online banking became prevalent I learned how to falsify
online Bank Statements and the Regulators accepted them without questions.”[1]
Improper Bank Confirmation
During a financial audit, auditors verify bank balances by sending
confirmation forms directly to the banks. In this case, the auditors made a
fundamental mistake. They allowed Mr. Wasendorf to give them the bank address
to send the confirmation form. This was a false address. It was P.O. Box which
Mr. Wasendorf controlled, he said in his statement.[2]
As we’ve learned from many frauds in the past, auditors must be
sure they do not allow management to control any part of the audit process.
Time and again, we have seen management, in the interest of helping the
auditors, work to deceive them.
Lack of Professional Skepticism
In early 2011, NFA [National Futures Association - the regulator] officials reached out to U.S. Bank, a unit of
U.S. Bancorp, seeking to confirm that Peregrine's customer account figures
matched the bank's own account, according to a person familiar with the
investigation. The regulator received a response from the bank showing that the
client-fund account held less than $10 million—far below what it was supposed
to contain.
A few days later, the NFA received a fax purporting to be from
U.S. Bank that showed that the account was whole, with more than $200 million,
the person says. In fact, this person says, investigators now believe the fax
came from a number controlled by Mr. Wasendorf.[3]
Now many people might think that the second document was
sufficient to support the $200 million account. But, there are two problems, first,
auditors have a professional obligation to be skeptical about all transactions.
Second, they have a professional obligation to follow-up on any potential “red
flags” they observe.
In fairness to the regulators, the alleged fraud was exposed:
“…after the National Futures Association, Peregrine's front-line
regulator, dispatched an audit team in recent weeks to Cedar Falls to review
the firm's books and pressure the executive to sign on to a new, online system
for verifying accounts. The system, called Confirmation.com, likely would have
rendered the fraud unsustainable.
Mr. Wasendorf resisted signing the necessary form for several
days, prompting the NFA to threaten stronger action against Peregrine,
according to a person familiar with regulators' investigation. Mr. Wasendorf
relented and signed on Sunday, the person said.”[4]
The Lessons for the Auditors
Here are some lessons from this fraud. Recognize:
1.
Any document can be altered with the technology available to us
today.
2.
Management has an incentive to get a “good” audit result. A “bad”
audit result can create future difficulties for the management team.
3.
Auditors should independently obtain confirmation from third
parties. Do not use the audited organization’s mail stream and do not let
management assist in any part of the process.
4.
If third party documents are available (such as bank statements)
get them directly from the source.
5.
Many people depend on the auditor or regulator to find the fraud
that may be occurring and to stop it before significant harm occurs to innocent
parties.
Fraud happens. Auditors have got to get better at finding it. Keep
in mind Mr. Wasendorf’s statement: Using a combination of Photo Shop, Excel, scanners, and both laser
and ink jet printers I was able to make very convincing forgeries of nearing
every document that came from the Bank. I could create forgeries very quickly
so no one suspected that my forgeries were not the real thing that had just
arrived in the mail.
Here are two of the documents Mr. Wasendorf altered:
The Phony Bank Statement:
The Phony Bank Confirmation:
Sunday, July 8, 2012
Update
I have a consulting assignment that keeps me very busy. I will be posting again on the auditing profession as soon as time permits.
Thanks for your continuing interest.
Thanks for your continuing interest.
Tuesday, June 5, 2012
MF Global Managers Didn’t Listen
In many of the past frauds I've studied, it
seems managers fail to learn from history. Even when they are forewarned,
managers sometimes can't see the emerging problems that must be addressed
if they are to be successful.
At MF Global, there was past history,
forewarnings and still managers brought down a firm that had roots going back
to the 1700s.
In February 2008, an MF Global trader, Evan
Dooley, took a risky position in wheat futures and lost the firm $141 million.
In response to this matter, MF Global
agreed it needed to improve its risk management, supervision and compliance
programs. In August of 2008, MF Global established a Chief Risk Officer
position to develop and implement risk policies.
In the spring of 2010, the Risk Department
identified emerging risk areas and notified the Board of Directors. A follow-up
report in October 2010 continued to alert the Board of gaps in MF Global’s risk
policies.
As identified in the Report of the Trustee’s
Investigation and Recommendations:
Similar concerns surfaced in internal audit reviews. A Corporate Governance internal audit issued in May 2010 identified MF Global’s risk policies as not congruent with the changes to its broker-dealer business. Among the specific gaps identified by Internal Audit was liquidity risk reporting. Similarly, an Internal Audit report on Market and Credit Risk Management in October 2010 identified “High Risk” areas arising from the lack of controls over risk reporting. The report also reiterated that market risk policies had not been updated to reflect the current operating environment. The report attributed the failures to remediate gaps to staffing and budget constraints. Thereafter, during 2011, Internal Audit expressed concern that the absence of reliable liquidity reporting tools and dependence on Ms. O’Brien’s [an assistant treasurer] comprehensive knowledge of liquidity issues might represent a “key man risk,” because the processes supporting the composition of the liquidity forecast were not documented and were mainly based on Ms. O’Brien’s expertise and experience.
Despite the Risk Department and the
Internal Audit Department raising the red flags that should have caused
management to stop and listen, managers continued to pursue a flawed strategy.
The result is a shortfall in segregated
property available to return to customers. It currently amounts to $900 million
in domestic accounts and $700 million related to trading by customers on
foreign exchanges – or $1.6 billion according to the Trustee in the liquidation
of MF Global!
The Trustee believes that claims for breach
of fiduciary duty and negligence, may be asserted against Jon Corzine [CEO],
Henri Steenkamp [CFO], and Edith O’Brien [Assistant Treasurer].
Getting managers to listen is a challenge –
not listening though may result in future prison terms for some managers if
subsequent investigations establish criminality.
You can read the Trustee's report at: http://dm.epiq11.com/MFG/Project
Monday, April 2, 2012
Do Auditors Present Useful Information?
On March 30, 2012,
Groupon, Inc. filed the following statement with the Securities and Exchange Commission concerning its internal controls over financial reporting:
- We did not maintain financial close process and procedures that were adequately designed, documented and executed to support the accurate and timely reporting of our financial results. As a result, we made a number of manual post-close adjustments necessary in order to prepare the financial statements included in this Form 10-K.
- We did not maintain effective controls to provide reasonable assurance that accounts were complete and accurate and agreed to detailed support, and that account reconciliations were properly performed, reviewed and approved. While these activities should be performed in the ordinary course of our preparing our financial statements, we instead needed to undertake significant efforts to complete reconciliations and investigate items identified in those reconciliations during the course of our financial statement audit.
- We did not have adequate policies and procedures in place to ensure the timely, effective review of estimates, assumptions and related reconciliations and analyses, including those related to customer refund reserves. As noted previously, our original estimate disclosed on February 8 of the reserve for customer refunds proved to be inadequate after we performed additional analysis.
Ernst and Young, Groupon's auditor, has
consistently issued a clean audit opinion on the financial statements of Groupon – a company
that recently went public. This company though, has struggled with properly
recognizing revenue each year.
According to SEC filings, the
Company has restated its previously issued Consolidated Statements of
Operations for the years ended December 31, 2008, 2009 and 2010 to correct
for an error in its presentation of revenue.
The Company restated its reporting of revenues from Groupons
to be net of the amounts related to merchant fees. Historically, the Company
has reported the gross amounts billed to its subscribers as revenue.
The following tables summarize the
corrections on each of the affected financial statement line items for each
period presented (in thousands).
|
|
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Is it appropriate for Ernst and Young to be issuing a
clean opinion[1]
on the financial statements with the caveats that Groupon management has
publicly disclosed?
While significant internal control weaknesses do not
preclude a clean opinion on the financial statements, it seems to me, the
auditing profession ought to get away from pro-forma opinions and offer an
opinion that is more nuanced and offers the investing public greater insight
into the financial activities of the company.
Ernst and Young cited the restatement in a Note to the financial
statements, but never disclosed the control weaknesses management reported to the
Securities and Exchange Commission.
Most people would have a hard time trying to piece
together the puzzle of Groupon’s accounting practices.
Auditors need to start presenting more useful
information to the public.
[1] “In our
opinion, the financial statements referred to above present fairly, in all
material respects, the consolidated financial position of Groupon, Inc. at
December 31, 2009 and 2010, and the consolidated results of its operations
and its cash flows for each of the three years in the period ended
December 31, 2010, in conformity with U.S. generally accepted accounting
principles.”
Sunday, March 11, 2012
Lack of Professional Skepticism Destroys Careers and Harms the Public
The auditing profession continues to struggle
as its managers and employees make some decisions that are not
appropriate or in the public interest. Too often, the interests of the company
that hired the auditing firm continue to take precedence over the interests of
shareholders, creditors and future investors.
According to Nicholas J. Mastracchio Jr.,
PhD, CPA, an associate professor of
accounting at the University at Albany, “The National Association of State
Boards of Accountancy (NASBA) responded to the recent scandals by forming a
task force to investigate the extent of education in protecting the public
interest. The American Accounting Association (AAA) agreed to cosponsor a
survey of educators on the issue of ethics education on campus. The following
results were obtained:
- 46% of the schools offered a separate course in ethics.
- 68% of those offered the course in the school of business.
- 18% offered the course in the accounting department.
- 56% indicated that the course provided separate coverage for protecting the public interest.
- Where offered, 51% stated it was a requirement for accounting majors.
- Where offered, 45% stated it was a requirement for other business majors.
- 90% indicated that protecting the public interest was covered in the auditing course.”
Despite these efforts, something is still
going wrong too often.
In February 2012, the PCAOB levied a $2
million penalty against Ernst & Young LLP for the way it handled the audits
of Medicis Pharmaceutical Corp. for three years through
2007. Medicis makes dermatological and aesthetic drugs, including acne
treatment Solodyn as well as Dysport, which competes with Allergan Inc.'s
Botox.
The PCAOB Chairman said, "These audit
partners and Ernst & Young — the company's outside auditor for more than 20
years — failed to fulfill their bedrock responsibility, The auditor's job is to
exercise professional skepticism in
evaluating a public company's accounting and in conducting its audit to ensure
that investors receive reliable information, which did not happen in this
case."
In
the settlement declaration prepared by the law firm Pomerantz, Haudek, Grossman
& Gross LLP, is the following:
II.
THE LITIGATION
Medicis’s
Improper Accounting For Reserves
13.
The Complaint alleges that Medicis’s business model was premised on its ability
to stuff its wholesale channels with unneeded prescription drugs, which could
be exchanged by customers once the product was near or at expiration. This allowed the Company to manipulate its
earnings – i.e., if the demand for its prescription drugs was too low for a
given period, it could simply push unneeded inventory on to its wholesale customers
which could be returned at a later date once the product expired – and Medicis
could recognize the revenues immediately.
14.
The express dictates of Statement of Financial Accounting Standards No. 48
(“SFAS 48”), however, presented a threat
to this business model, as it required Medicis to establish a reserve for
all of the product stuffed in the channel that would be returned or
replaced. If anticipated returns had to
be deducted immediately from revenues, there would be no benefit to be derived
from channel stuffing and the Company would lose its key tool for manipulating
revenues.
15.
Thus, the Company attempted an end run around SFAS 48, by exploiting an
exclusion provided in footnote 3 of the provision, which states that
“[e]xchanges by ultimate customers of
one item for another of the same kind, quality, and price (for example, one
color or size for another) are not considered returns for purposes of this statement.”
(emphasis added). The Company’s
customers, however, were not “ultimate customers.” Indeed, Medicis’s customers were wholesalers
that sold their product to retailers.
Thus, Medicis’s customer base did not support the application of
footnote 3 to any of the Company’s sales.
16.
Furthermore, Medicis deemed unsalable, expired prescription drugs as the “same
kind, quality, and price” as drugs that
were at least fifteen months from expiration.
As such, it treated its anticipated returns as “warranty exchanges,”
which allowed it to reduce revenues by the much less substantial replacement
costs. Such a position was wholly
untenable, especially in light of the fact that confidential witnesses attested
to the fact that expired products returned by Medicis’s customers were destroyed
by the Company—proof that Medicis understood they had no value, let alone value
equivalent to salable products. Yet,
despite this accounting ploy, the Company consistently represented in its Class
Period financial reports that “provisions for estimates for product returns . .
. are established as a reduction of product sales revenues at the time such
revenues are recognized,” indicating to investors that it was reserving for
returns as a reduction from gross revenues—not replacement costs—in accordance
with SFAS 48.
17.
The Complaint alleges that this accounting manipulation could not have occurred
without the imprimatur of Medicis’s auditor, EY, which signed on to the Company’s
annual financial reports as compliant with Generally Accepted Accounting Principles
(“GAAP”) for each 10-K the Company filed during the Class Period.
The PCAOB
supports these allegations in its Order Making Findings and Imposing Sanctions document
dated February 8, 2012:
C.
Summary
7.
This matter concerns Respondents' failures to properly evaluate a material component
of Medicis's financial statements – its sales returns reserve. Specifically, Respondents failed to comply
with PCAOB auditing standards in evaluating Medicis's sales returns reserve
estimate, including evaluating Medicis's practice of reserving for most of its
estimated product returns at the cost of replacing the product
("replacement cost"). The
audit evidence available to Respondents indicated that, at all relevant times, Statement
of Financial Accounting Standards No. 48,
Revenue Recognition When a Right of Return Exists ("SFAS 48")
applied to Medicis's product sales subject to a right of return due to
expiration and required Medicis to reserve for all of those estimated returns
at gross sales price. Reserving for most
of its estimated returns at replacement cost, rather than gross sales price,
resulted in Medicis's reported sales returns reserve being materially
understated and its reported revenue
being misstated.6/ Overall, Respondents'
approach to evaluating Medicis's sales returns reserve methodology and estimate
was inconsistent
with their obligations to exercise professional skepticism as the Company's
independent auditor [emphasis
added].
The impact
of these findings on people’s lives are reflected in the following sanctions from
the PCAOB press release:
“In
addition to the censure and fine of E&Y, the Board barred E&Y partner
Jeffrey S. Anderson from associating with a PCAOB-registered accounting firm,
with the right to petition to remove the bar after two years, and imposed a
$50,000 civil money penalty against him. Anderson was the lead partner for the
Dec. 31, 2005 and 2007 audits, and participated in the audit quality review and
the consultation.
The Board
barred former E&Y partner Robert H. Thibault from associating with a
PCAOB-registered accounting firm, with the right to petition to remove the bar
after one year, and imposed a $25,000 civil money penalty against him. Thibault
was the independent review partner for the Dec. 31, 2005 and 2006 audits, and
participated in the consultation in a National Office role as a member of
E&Y's Professional Practice Group.
The Board
censured E&Y partner Ronald Butler, Jr., and imposed a $25,000 civil money
penalty against him. Butler was the second partner, supervised by Anderson, on
the Dec. 31, 2005 audit, he led the Dec. 31, 2006 audit, and concurred with the
consultation conclusion.
The Board
also censured E&Y partner Thomas A. Christie, who was the second partner,
supervised by Anderson, on the Dec. 31, 2007 audit.”
Tuesday, January 3, 2012
COSO Issues Exposure Draft on Internal Control
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has issued its first update to the seminal 1992 guidance on internal control.
I'd encourage you to review the exposure draft at:
http://www.ic.coso.org/pages/exposure-draft.aspx and to provide your comments to the Committee before the final version is issued.
COSO has retained the five components of control and has added 17 principles that support each of the components. The following chart shows the 17 principles:
Subscribe to:
Posts (Atom)