Closely held businesses are keenly focused on the creation of significant wealth and operational success, dedicating significant effort and resources to growing revenue and market share. However, this focus may come at a price. These types of businesses succeed or fail based on the efforts of their principals, and their operational infrastructures are often a reflection of them.
Closely held businesses generally strike a balance between strong internal controls and the informality of a trusting environment. There is, however, an inherent conflict between convenience, trust and loyalty on the one hand, and the implementation of adequate internal controls on the other. When trust outweighs reasonable caution, trouble can follow, leaving businesses and their principals vulnerable to financial improprieties.
In the vast majority of cases, the primary factor contributing to becoming a victim of fraud is misplaced trust. Individuals and managers of organizations should ask themselves Whom should we trust and to what degree? and then develop effective responses by way of policies, procedures and compliance programs.
Fraud wins when trust trumps internal controls
It is not unusual for the operations of a successful business to quickly grow beyond, and in advance of, the control environment. For example, in an investment fund scenario, the focus is usually on growing assets under management and creating alpha. However, this often comes at the unintentional cost of devoting less attention and resources to the accounting and finance functions of the advisor/management company. This leaves the door open for someone who may feel entitled to additional compensation, whether authorized or not, to commit fraud.
Guilty conscience: The principals of an investment fund were unaware that their trusted CFO was diverting significant amounts of cash from shorted distributions, which had accumulated to more than $10 million over a period of years. While a forensic review of the books and records would have uncovered this misappropriation, the embezzlement came to their attention when the CFO, burdened by his wrongdoing, confessed to one of the principals.
Organizations of all sizes understand the need to develop an internal control structure. The trouble begins when trust and loyalty are given priority at the expense of internal controls. Having a reputation for not checking facts or not enforcing compliance with control measures can produce many opportunities for malfeasance. Once it is discovered that no one is watching, that is when someone had better start paying close attention.
In plain sight: The CFO of a hugely successful investment fund complex discovered that he was the only one responsible for working with the outside payroll service and that he did not have to provide any details on employee payroll to others. He also had unrestricted access to the accounting system.
The head of operations and the partners were solely focused on investment performance and the review of partner distributions. Total compensation was of a size that even relatively large, individual unauthorized payments might not have been detected, even if someone were watching; however, the fact was that no one was paying attention or questioning any variances. Because total compensation also experienced regular fluctuations between periods from changes in partner draws and employee turnover, unusual variances were not surprising.
A sense of entitlement and lack of oversight contributed to the environment, and the CFO provided himself with a unilateral increase in compensation. It wasn’t long before the thefts quickly increased from relatively small amounts to more than $100,000 each occurrence. After more than $1 million in unauthorized compensation, the payments were finally discovered.
Download the white paper
By Gary Arrick , a former Managing Director at Kroll.