Telephone Scammers Use Threatening Phone Calls to Con Taxpayers

August 18th, 2016 by Whitley Penn | Permalink

WPlogoColorbulletAs you may be aware, a recent tactic used by telephone scammers is calling taxpayers at their homes or places of business posing as IRS agents.  The telephone scammers will demand the immediate payment of federal taxes from taxpayers by threatening them with civil or even criminal action.  In the event that you receive a call from anyone purporting to be affiliated with the IRS, do not give any information over the phone. The IRS website provides a list of several actions that they will never take when attempting to collect a debt from a taxpayer:

  1. Call and demand immediate payment over the phone.
  2. Call regarding a federal tax debt without first mailing a formal notice of assessment and request for payment.
  3. Demand payment of tax without providing the opportunity to challenge or appeal the amount of the assessment.
  4. Require the use of a specific payment method to satisfy a tax liability including a credit card or prepaid debit card.
  5. Request a credit or debit card number over the phone.
  6. Threaten to utilize local police departments or other law enforcement organizations to arrest a taxpayer for failure to pay a federal tax debt.
  7. Request personal or financial information using electronic communication sources including text messages, e-mail, or social media.
  8. Request PIN numbers, passwords, or other similar confidential information.

The scammers often sound authentic and use increasingly sophisticated methods to establish legitimacy.  These tactics include the use of Caller ID, e-mails from the IRS, local law enforcement or administrative agencies such as the DMV, and the provision of certain personal taxpayer information such as home or work addresses or the last four digits of social security numbers.  If you are contacted by someone claiming to be an IRS agent, remember the items previously described and take one or more of the following IRS recommended actions:

  1. Hang up the telephone immediately.
  2. Call the IRS at 1-800-829-1040 to verify your current federal tax status.
  3. Contact the U.S. Treasury Inspector General for Tax Administration (TIGTA) at 1-800-366-4484 or
  4. Contact the Federal Trade Commission at to file a complaint.

If you have already provided your federal tax information via telephone or other method or if you have any questions or concerns regarding this issue, please contact your Whitley Penn tax advisor.

Kristen Sayegh Tax Senior Houston Office

Kristen Sayegh
Tax Senior
Houston Office

Erroneous Employment Tax Deposit Penalty Notices Issued by IRS

August 12th, 2016 by Whitley Penn | Permalink

WPlogoColorbulletThe due dates for remitting employment taxes depends on several factors and vary for each employer.  An employer may be required to deposit employment taxes on a next-day, semi-weekly, or monthly basis.   However, if the applicable due date falls on a Saturday, Sunday, or legal holiday, special rules may change that due date for employment tax deposits.

This year the Memorial Day holiday was observed on May 30, 2016.  Therefore, the due date for next-day payroll tax deposits that normally would have been due on May 30 was instead Tuesday, May 31, 2016.   The due date for semi-weekly deposits that normally would have been due on Wednesday, June 1, 2016 was instead Thursday, June 2, 2016.

Due to a programming error, the IRS taxpayer records system did not recognize the changed due dates attributable to the Memorial Day holiday and incorrectly issued late payroll tax notices to certain next-day and semi-weekly payroll tax depositors.  The IRS has acknowledged the error and issued official guidance on its website regarding the remedy for any assessment related to the error.

Taxpayers who received Notice CP161 regarding a failure to deposit penalty will receive updated notice CP210/220 stating that their account has been  adjusted and that no penalty will be assessed.  Taxpayers who received Notice CP276B regarding an incorrect payroll tax deposit with no corresponding penalty assessment will not receive any further correspondence.

If you are an affected employer who received a notice solely related to the changed due dates attributable to the Memorial Day holiday, your employer tax accounts should be automatically updated and no further correspondence is required on your part.   If you continue to receive correspondence from the IRS or have any concerns that your accounts have not been properly adjusted, please contact your Whitley Penn tax advisor to discuss the additional steps necessary to correct any errors.

The 2016 OMB Compliance Supplement is finally available!

August 3rd, 2016 by Whitley Penn | Permalink

WPlogoColorbulletThe 2016 OMB Compliance Supplement (CS) is effective for single audits of fiscal years beginning after June 30, 2015, and supersedes the 2015 OMB CS.

The link where to find the CS has changed. If you have a bookmark in your browser, be sure to change it to this link.

Please click this link to access the 2016 OMB CS.

There are several changes to the 2016 CS, this is a brief summary of notable changes:

  • The Uniform Guidance (2 CFR 200) is referenced throughout the compliance supplement.
  • The usage of the terms “must” and “should” was reviewed and clarified.
  • Requirements D and K are still shown as “reserved”.
    • The “old” requirement D (Davis-Bacon Act) is now part of requirement N (Special Tests and Provisions) for certain federal grants.
    • The “old” requirement K (Real Property Acquisition and Relocation Assistance) has been removed.
  • The matrix of compliance requirements (Part 2) will clearly show “N” if the program normally does not have activity subject to that type of compliance requirement. This is a small change, in that the 2015 CS showed shaded cells when a requirement was not applicable.
    • Keep in mind that although a compliance requirement is labeled as “N” in the matrix, understanding the program’s grant agreement or contract is key since it might require the auditor to test the compliance requirement if the requirement could have a direct and material effect on a major program.
  • Part 3 – Compliance Requirements
    • This part is still divided in two: Part 3.1 (requirements for Federal awards made prior to December 26, 2014) and Part 3.2 (requirements for Federal awards made on or after December 26, 2014).
    • Discusses effect of Council on Financial Assistance Reform (COFAR) published Frequently Asked Questions (FAQs) updated September 2015, related to the Uniform Guidance and its application.
      • Per the 2016 CS these FAQs should be considered when planning and performing single audits subject to the Uniform Guidance.
      • The FAQs can be found here.
    • Discusses the current micro-purchase, small purchase and simplified acquisition thresholds for procurements methods.
    • Reflects the two full fiscal year grace period for the implementation of the procurement standards specified in the Uniform Guidance.
  • Part 6 – Internal control is added back to the 2016 CS, it was removed from the 2015 CS.
    • This section discusses: the objectives of internal control, the 5 components of internal control, and the 17 principles of internal control. It also provides overall assistance for the auditor to plan and perform the audit.
  • Appendix VII Other Audit Advisories
    • Discusses the effect that the Uniform Guidance has on the major program determination.
    • Covers the effect that the non-availability of the Federal Audit Clearinghouse has, during part of 2015 for the submission of the data collection form, on the low-risk auditee status.

For a full list of the 2016 CS changes consult Appendix V “List of Changes for the 2016 Compliance Supplement”.

The AICPA GAQC has released Alert # 311 listing other key changes and important aspects of the 2016 CS.

For more information, please contact a member of the Whitley Penn Public Sector Audit Team.

Thania Gonzalez Audit Manager Houston Office

Thania Gonzalez
Audit Senior Manager
Houston Office

Whitley Penn Serves the Tarrant Area Food Bank

July 20th, 2016 by Whitley Penn | Permalink

WPlogoColorbulletThe Tarrant Area Food Bank (TAFB), combined with 300 Partner Agencies throughout 13 counties, serves more than 2 million meals each month to more than 53,000 households.  The Partner Agencies, mobile solutions, children’s programs and social services provide access to 460,000 nutritious meals on a weekly basis.

I grew up on a farm in Hill County and am the youngest of 10 kids. We worked in the fields every day, unless you were the unlucky one who got stuck working in the garden or canning.  We ate what we grew and if I went to bed hungry it was because I was a picky eater, not because food was not available.

1 of 4 children in our community live in “food-insecure” households.  Wait… what?!!!  “Food insecure”?  What does that mean to you? To me it means that my husband Pat and I have not been to the grocery store and we’re arguing about who is going to pick up the pizza. To these children, it means that they don’t know when their next meal will be.

That anyone, much less a child, does not have food is appalling to me.

I believe that we are here on earth to help each other in any way we can.  We may not all have money to donate but we can come up with three hours a month to help someone else.

Whitley Penn started volunteering with the Tarrant Area Food Bank in 2011. Packing kids’ backpacks with food for their evening meal, or for the weekend, when they do not have access to the free breakfast or lunch programs at school.  Such a simple thing… sorting and packing food. Anyone can do it, and we have had SO MUCH FUN! Join me! We volunteer the second Wednesday of each month by inspecting, sorting and packing food items to be used in the Children’s Food Program at the Tarrant Area Food Bank.

Whitley Penn has been rooted in Tarrant County for more than 33 years and it is our honor to volunteer with an organization that provides assistance for the future leaders of our community. Their next meal shouldn’t be a worry and we are proud to assist with the mission to end child hunger in Tarrant County.

Fore more information on how you can get involved, visit the TAFB website or email to join our monthly volunteer shift.

Ronnie Craven Assistant Controller Fort Worth Office

Ronnie Craven
Asst. Controller
Fort Worth Office

Survival Tactics for Internal Audit in a Struggling Economy

July 18th, 2016 by Whitley Penn | Permalink

WPlogoColorbulletIt’s no secret that we are in the midst of a struggling economy. Networking events that were once filled with upbeat conversations about opportunity and growth are now filled with talk of workforce reductions and impending bankruptcies. The effects of an economic downturn are eventually felt across all industries and in all areas of organizations, including Internal Audit (“IA”). One challenge that IA groups face during a downturn is an increasing pressure to prove their worth within their organizations.

When asked to consider the various terms used to describe IA groups inside the companies in which I have worked, the following come to mind: cost center, support group, non-core function. Let’s face it, none of these titles do a great job of selling the important role that IA plays inside an organization. It is up to us to adapt our role to the changing risk environment and find creative ways of demonstrating our value to the organization. The following four concepts should help you promote your current audit plan in a more constructive way or provide you with new ideas to incorporate into your plan that directly help organizations when money is tight.

  1. Play a key role in the organization’s cost reduction plan. Although IA activities do not typically generate revenue, there are projects you can add to your plan to directly assist your organization in saving money. As organizations embark on developing cost reduction plans, IA can play various roles to aid in the plan’s success. During the planning phase, IA can add value by providing an objective perspective on the proposed plan, evaluating feasibility of estimated savings and helping think through potential unintended consequences to ensure that the plan does not put the company at risk (e.g. cutting IT budget means baseline security activities can’t be carried out). Additionally, IA often has insight into many areas of the organization and can provide valuable input into the key processes that drive certain costs. Once the plan is underway, IA can audit the savings numbers that are reported by each department. This is not only a good practice, but one that is sure to be appreciated by management. By including regular reviews as part of your audit plan, you support sustainability of the program and provide management with objective assurance that the reported results are accurate.
  1. Introduce cost recovery audits. Probably the most direct, or obvious, way to demonstrate that IA can support the company’s cost saving initiatives is to spearhead your own. If you don’t already perform contract compliance audits as part of your audit program, now is a good time to start. The objective of these audits is simple – to detect and recover over-billed costs from contractors, vendors and/or suppliers. These audits can be outsourced to various cost recovery firms that perform the audits for a contingency fee only, meaning it costs your organization nothing unless the auditors recover money. This may be one of the only times you get to actually deliver a check along with your audit report.
  1. Measure Value. It can be difficult to quantify the value added by IA, which is why these metrics are often excluded from reporting materials. In July of 2015, the Institute of Internal Auditors Research Foundation (“IIARF”) published the Global Internal Audit Common Body of knowledge (“CBOK”) report, Driving Success in a Changing World: 10 Imperatives for Internal Audit. A surprising insight from this report is that less than 32% of respondents indicated that they measure internal audit value. To truly demonstrate IA’s worth, you have to measure it. There are endless publications on the various KPIs that IA departments can report to management and the Audit Committee. However, the challenge is deciding which metrics are meaningful in demonstrating value in a way that will speak to your audience. Instead of highlighting traditional KPIs such as department productivity or audit report cycle time, try using one of these in your next Audit Committee presentation:
    1. Number of projects that support key business initiatives
    2. Number of major compliance findings (a clear way to demonstrate risk avoidance)
    3. Dollars spent vs. dollars audited
    4. Number of recommendations made that resulted in process efficiencies (even better if you can link to dollars or internal hours saved as a result)
  1. Embark on a marketing campaign. If someone asked you to describe IA’s value, you could certainly rattle off a lengthy list of contributions to your organization; risk management, fraud prevention, increased process efficiency, internal control oversight… just to name a few. However, the truth is, no one is going to ask you. You are going to have to tell them, and in most cases, multiple times and in multiple ways in order to get your point across. Although promoting IA takes time and effort, the payoff is well worth it. Here are some ways you can start marketing your department today:
    1. Create marketing materials. This can be as simple as a power point deck, a poster, or a brochure. The materials should include basic information on what the IA group does and highlight how the group can help individuals or departments manage risk or iron out process inefficiencies. The good news is you don’t have to start from scratch. There are resources that provide templates or ideas for promotional materials. For example, the month of May was declared International Internal Audit Awareness Month by the Institute of Internal Auditors (“IIA”) and a toolkit aimed specifically at helping auditors raise awareness can be found on the IIA website.
    2. Identify your audience. Make it an annual team goal to present materials to a certain number of groups within the organization. Getting buy in from all areas of the organization is key to establishing yourself as a vital part of the company.
    3. Maintain awareness. In order to sustain the benefits of your marketing efforts, you must continue to stay present within your organization. These efforts can range from simply visiting other department’s staff meetings to update them on relevant projects to creating an internal website that highlights the department’s recent accomplishments. The goal is to stay “top of mind” with your stakeholders.

The bottom line is, we do not get to choose the risks facing our organizations, but we can choose how we react to them. With a little flexibility and creativity IA can support the organization’s risk strategy and ensure their efforts are recognized.  Is your IA group adapting to the current risk landscape? For more information, please contact a member of the Whitley Penn Risk Advisory Services team.

Anne Slattery, CPA, CIA Risk Advisory Services Senior Manager Houston Office

Anne Slattery, CPA, CIA
Risk Advisory Services Senior Manager
Houston Office


What Your Lender Wants to See – Commercial Versus Asset Based Lending

June 2nd, 2016 by Whitley Penn | Permalink

WPlogoColorbulletHow much information your lender wants to see from you is dictated by their assessment of your risk profile.  How much availability do you need?  Will you actually utilize your line or are you just using it as a safety net?  What are the market conditions of your industry?  How leveraged are you?  What risk factors affect your business?

  • Market Concentration Risk?
  • Customer Concentration Risk?
  • Vendor Concentration Risk?
  • Inventory Risk?
    • Does the company have slow moving or obsolete inventory?
    • Is the inventory over-valued?

A company needs to be able to paint a picture of how these risk factors are mitigated and have that picture ready for showing at any given time.  Also, your painting needs to be contemporary.  No one wants to see a Renaissance piece that doesn’t accurately reflect the current status of the company and the direction the company is heading.  This is achieved by having this information as part of your routine financial reporting and planning process.

Commercial Lending is where most companies start out their capital acquisition process.  The primary advantage of Commercial Lending is the reporting, auditing and valuation requirements are less onerous.  Also, Commercial Lending has less direct and indirect costs.  At the heart, commercial lending has the same basic requirements as asset based lending: a set of financial statements, a borrowing base calculation and a compliance certificate.

The borrowing base is a calculation that shows the value of your pledged collateral at a point in time.  In a typical commercial lending situation, reporting is required monthly and is typically based upon a percentage of eligible accounts receivable and inventory, which is usually valued in the same manner as it is on the company’s books.  Eligible accounts receivables and inventory are found by deducting any pre-defined “Ineligibles”.  Ineligibles take into account items that are perceived to have more risk, such as aged inventory, aged accounts receivable, and accounts receivables with a concentration of aged invoices, customer concentration risk and foreign risk.  In a commercial lending environment these ineligible items may not be as clearly defined as in an asset lending environment.  For instance there may not be a definition of what constitutes “slow-moving and obsolete” Inventory leaving the interpretation of what constitutes “slow-moving and obsolete” to the company.

In general, the lending industry sets the bar for ineligible inventory at inventory that has not been used for one year, depending upon the type of business and business cycles.  Accounts receivable are usually considered ineligible at 60-90 days.  Terms can be different for customers that have a lower risk profile and are able to be negotiated up front.

There may be even more room for flexibility in terms utilizing an asset based lending platform as these borrowing base reports tend to be more customized to the client’s needs.  Even though flexibility is a selling point, the primary advantage of the asset based lending model is the potential for increased availability.  Asset based lenders usually will consider larger deals than commercial based lenders before having to partner with another organization in a “Club Deal.”  In exchange for this flexibility, the fees and interest rates are usually higher and there is increased scrutiny and reporting requirements.

For instance, the commercial lender may agree to accept an internally generated balance sheet and income statement or a lesser level of accounting report such as a compilation or review (again dependent upon risk assessment).  Alternatively, asset-based lenders are more likely to require an audit report.  Asset based lenders tend to prefer reporting on a more frequent basis, such as weekly.  The borrowing base reports are significantly more detailed and are more likely to be subject to field audits by the lender, the cost of which will be borne by the client.  Lenders may even require audits on a more frequent basis than annually if the risk assessment warrants.  Independent valuations of inventory and other collateral such as real estate that may secure the line are more common in the asset based model. These valuations can lead to a higher discounting of values from the amount reported on the books and records of the company.  For instance, although asset based lending may provide a higher advance rate on inventory, the starting point for valuation may be net orderly liquidation value rather than lower of cost or market.  That is the cost at which the inventory would be sold if the lender had to seize and liquidate the inventory, less the cost associated with the liquidation process.

Regardless of which financing vehicle works best for your business needs, you still need to paint the same picture of why you need the financing and what you are doing to mitigate the inherent risk in your industry and environment.  This picture should consist of solid, accurate and timely financial statements.  Although, the lender may accept a balance sheet and an income statement they will likely prefer a full set of financials including a statement of cash flows and notes to the financial statements.  A well formatted, full set of financials illustrates a different level of sophistication to your lender than one that is simply printed from the accounting software.

Financial Statements provide the background of your picture and may be enough for your current needs.  However, it is a good idea to have a more detailed financial package available, if requested by the lender.  Some reasons for having more information than required readily available include but are not limited to:

  • A business opportunity that arises that needs immediate capital outlays
  • An unplanned market down-turn, such as what is currently being experienced in the oil and gas industry
  • An unplanned natural disaster such as hurricane or flooding

When contemplating an increase in credit facility, lenders like to see a solid business plan that includes the following information: forecasts, budgets, 13-week cash-flow projections and long-term cash flow forecasts.  These financial reports are also excellent tools for making operational decisions.

For cash flow statements, they have key information that show a company’s ability to cover their obligations, a few of these are listed below:

  • Can the company pay its cost of human capital (employee’s salaries and benefits)?
  • Can they cover their facilities cost?
  • Can they pay their tax obligations?

Another point to keep in mind is that a lender can give you a credit line, but if the company does not have the borrowing base to support it, it will never be able to utilize the full capacity of the line.  It is important to include a forecast of your borrowing base availability with your cash flow forecasts, this is especially important during periods of tight liquidity.  Lenders typically like to see a good cushion of undrawn availability, usually between 15 – 20% of the total credit facility.  Although, it is ok to temporarily max out your credit facility, lenders are adverse to clients constantly remaining at the maximum amount drawn.  Staying in this position will increase your risk rating with the lender and therefore increase your costs, decrease your ability to increase the credit facility, and increase audit and documentation requirements.

Lenders, also, like to see how the company is performing compared to its budget by analyzing plan to actual variance data.  So it is best to have this information readily available to the lender, if it is requested.

If these items are prepared as part of routine reporting and planning process, then you will be ready if the need arises.  Additionally, you will have a vivid picture that tells the story of where your company has been and where it is going.  Further, you will have invaluable tools to help you in making your operational decisions.  It is a win-win situation with both practical everyday application and an insurance policy and disaster recovery document all in one.

For more information, please contact a member of the Whitley Penn Tax Team.

Mary Gauss Tax Senior Manager Houston Office

Mary Gauss
Tax Senior Manager
Houston Office

FASB Proposes Update to Standards for Restricted Cash

May 4th, 2016 by Whitley Penn | Permalink

TWPlogoColorbullethe Financial Accounting Standards Board (FASB) has indicated that diversity exists in the way changes in restricted cash are classified and presented on the statement of cash flows. In response to this finding, FASB’s Emerging Issues Task Force (EITF) has issued an exposure draft proposing changes regarding the treatment of restricted cash on the statement of cash flows.

The EITF claims that current GAAP (General Accepted Accounting Principles) lack specific guidance that addresses how to classify and present changes in restricted cash or restricted cash equivalents that occur when there are transfers between cash, cash equivalents, and amounts generally described as restricted cash or restricted cash equivalents. There is similarly no guidance to address the classification and presentation of changes in restricted cash and equivalents that occur when there are direct cash receipts into restricted cash or equivalents, or when there are direct cash payments made from restricted cash or equivalents.

This lack of specific guidance has resulted in the diversity in practice. On the statement of cash flows, entities currently classify transfers between cash and restricted cash as operating, investing, or financing activities, or as a combination of the three. Additionally, some entities present direct cash receipts into, and direct cash payments made from, a bank account that holds restricted cash as cash inflows and outflows, while others disclose those cash flows as noncash investing or financing activities.

The amendments in the proposed update would reduce the aforementioned diversity in practice by requiring that a statement of cash flows explain the change during the period in the total of cash, cash equivalents, and amounts generally described as restricted cash or restricted cash equivalents. Therefore, amounts generally described as restricted cash and restricted cash equivalents would be included with cash and cash equivalents when reconciling the beginning-of-period and end-of-period total amounts shown on the statement of cash flows. These amendments would be applied retrospectively to all periods presented.

The exposure draft is open to public comment on the proposed changes until June 27, 2016. The effective date of these amendments will be determined after that date, once the EITF has reviewed the feedback on the proposed update. To view the FASB Exposure Draft, follow this link.

For more information, please contact a member of the Whitley Penn audit team.

Kevin Barr Audit Staff Dallas Office

Kevin Barr
Audit Staff
Dallas Office

Texas Supreme Court Ruling – Net Losses Not Included in Apportionment Factor

May 3rd, 2016 by Whitley Penn | Permalink

On April 15, 2016, the Texas Supreme Court ruled in Hallmark Marketing Company, LLC v. Hegar that net losses on sales of investments and capital assets should not be subtracted from gross receipts when determining the Texas franchise tax apportionment factor.  The Texas Supreme Court’s decision reverses a Texas court of appeals ruling which upheld the Comptroller’s determination that a net loss from investment and capital asset sales could reduce the denominator used to calculate a taxpayer’s franchise tax apportionment factor.

The case arose when Hallmark filed a franchise tax protest suit against the Texas Comptroller seeking a refund of $200,000 in corporate franchise taxes it paid for the 2008 franchise tax year.  During this period, Hallmark incurred a net loss of $628 million from the sale of investments.  The Texas Tax Code provides that “only the net gain” from the sale of investments should be included in gross receipts for apportionment purposes.  However, the Comptroller adopted a rule requiring taxpayers to include a net gain or net loss in the apportionment factor calculation, which resulted in an increase to the apportionment factor and Texas franchise tax for Hallmark.  Both the trial court and the court of appeals found the Texas statute to be ambiguous because the term “net gain” could have two meanings: (1) cumulative gain or loss from all investment sales made throughout the year, or (2) gains from individual sales are included while losses from individual sales are not.  Instead, the Supreme Court focused on the plain language and reading of the statute, and concluded that under no reading can “net gain” include a net loss.  Accordingly, the Supreme Court reversed the court of appeals’ judgment and ruled in favor of Hallmark.

As a result of this decision, gains and losses must still be offset against one another.  However, if after netting, there is a net loss remaining, then the net loss is excluded from the apportionment factor.  Potential refunds may be available for similar situated taxpayers.

For more information on this or any other state and local tax matters, please contact Dan Manley at (214) 393-9452 or Sarah Kesting at (214) 393-9508.

Dan Manley Director of State and Local Tax

Dan Manley
Director of State and Local Tax

How can you benefit from the new release of the Report to the Nations on Occupational Fraud and Abuse?

April 21st, 2016 by Whitley Penn | Permalink

WPlogoColorbullet“Rather fail with honor than succeed by fraud.” – Sophocles

The Association of Certified Fraud Examiners (“ACFE”) has recently released the 2016 Report to the Nations on Occupational Fraud and Abuse (“RTTN”) (  As you open the report, something that you may gloss over but I would really like to highlight is that the first report was issued just 20 years ago in 1996.  James Ratley, President of the ACFE, noted: “It might be hard for some readers to understand or recall just how little we knew about occupational fraud twenty years ago, but until the release of the first report, there was virtually no statistical information available on the cost, frequency, methodology, or any other aspect of occupational fraud.”

While the 1996 report and the 2016 reports cover a similar number of cases during their study, 2,608 (1996) vs. 2,410 (2016), the level of detail in the analysis has grown.  The PDF version of the 1996 report is nineteen (19) pages, while the newest report is coming in at ninety-two (92) pages of detailed analysis over the case studies from 114 different countries.

Before I dive into some of the detail analysis that the report gets into, here are a few of the highlights identified in the RTTN’s Executive Summary:

  • In 94.5% of the cases in our study, the perpetrator took some efforts to conceal the fraud. The most common concealment methods were creating and altering physical documents.
  • The most common detection method in our study was tips (39.1% of cases), but organizations that had reporting hotlines were much more likely to detect fraud through tips than organizations without hotlines (47.3% compared to 28.2%, respectively).
  • As in previous studies, external audits of the financial statements were the most commonly implemented anti-fraud control; nearly 82% of the organizations in our study underwent independent audits. Similarly, 81.1% of organizations had a code of conduct in place at the time the fraud occurred.

Just reading the executive summary is an eye opening experience.  As I continued going through the report, something started to bother me.  The report was able to divide the 2,410 cases reviewed into nine regions across the world.  In these diverse regions of the world there was one common theme in the top common fraud schemes observed – corruption.  “In every region, corruption was one of the two most common scheme types.”  Below are the top two schemes observed in each region:

Region #1 Fraud Scheme Observed #2 Fraud Scheme Observed
United States Billing – 27.8% Corruption – 24.9%
Sub-Saharan Africa Corruption – 48.4% Billing – 18.6%
Asia-Pacific Corruption – 48.4% Non-cash – 22.2%
Latin America & Caribbean Corruption – 45.5% Non-cash – 23.2%
Western Europe Corruption – 40.0% Non-cash – 25.5%
East Europe & West/Central Asia Corruption – 55.1% Non-cash – 18.4%
Southern Asia Corruption – 67.3% Non-cash – 22.4%
Canada Billing – 29.1% Corruption – 26.7%
Middle East & North Africa Corruption – 57.0% Non-cash – 26.6%

Many of you may jump to the same conclusion as I.  Howdo we stop this?  In the report, the number one source of locating these frauds was definitely tips.  Below are the two most popular methods of identifying the frauds observed in the research:

Region #1 Detection Method #2 Detection Method
United States Tip – 37% Management Review – 14.3%
Sub-Saharan Africa Tip – 37.3% Internal Audit – 16.2%
Asia-Pacific Tip – 45.2% Internal Audit – 15.8%
Latin America & Caribbean Tip – 36.9% Internal Audit – 19.8%
Western Europe Tip – 40.9% Internal Audit – 16.4%
East Europe & West/Central Asia Tip – 47.4% Internal Audit – 20.6%
Southern Asia Tip – 53.1% Internal Audit – 21.9%
Canada Tip – 32.6% Management Review – 20.9%
Middle East & North Africa Tip – 39.2% Internal Audit – 25.3%

If tips are the most successful detection method, where do those tips come from and how are they received?  The study shows that a majority of the tips come from employees, shareholders, or owners.  But there is still more than 40% of tips that come from non-employees, including: vendors, competitors, and customers.  Customers were the second largest source of information related to the cases of fraud discovered in the report.  To add onto the importance of following up on tips, the companies that have a reporting hotline in place and published were approximately two times more likely to receive a tip than those companies without.

We have looked at the most common fraud schemes and detection methods.  What about the most common “fraud controls”?  Some of these answers may shock you, or more importantly, make you take a second look at what you consider an anti-fraud control in relation to your financial statements (“FS”).

Region #1 Anti-Fraud Control #2 Anti-Fraud Control
United States Code of Conduct – 74.6% External Audit of FS – 74.2%
Sub-Saharan Africa Code of Conduct – 91.9% Internal Audit Dept. – 91.6%
Asia-Pacific External Audit of FS – 88.2% Code of Conduct – 85.2%
Latin America & Caribbean Code of Conduct – 84.8% External Audit of FS – 82.2%
Western Europe External Audit of FS – 88.8% Code of Conduct – 83.7%
East Europe & West/Central Asia Code of Conduct – 90.9% External Audit of FS – 88.2%
Southern Asia External Audit of FS – 96.5% Internal Audit Dept. – 94.7%
Canada External Audit of FS – 83.3% Mgmt. Certification FS – 79.7%
Middle East & North Africa External Audit of FS – 95.9% Internal Audit Dept. – 90.9%

Of the 2,410 frauds reviewed as part of this study, most of the companies stated that their Code of Conduct and external audit of financial statements were in place to help reduce and identity fraud.  If you look back at the most successful detection methods, neither of those are included.  The report did identify that proactive data monitoring was associated with 54% lower losses and fraud schemes being detected in approximately half the time.  Proactive controls and reviews designed appropriately and operating effectively can help to reduce the instances of fraud schemes being successful.  In fact the top three control weaknesses identified in the study include:

  • Lack of internal controls,
  • Override of existing internal controls, and
  • Lack of management review.

To recap – corruption is one of the top schemes, tips are the top detection method, and controls which are appropriately designed and operating effectively are a key requirement.  Knowing that, what can you and your employees do to be on the lookout?  What does a fraudster look like?  You may be picturing a Bernie Madoff at every company in the study.  That isn’t always the case though.  In the United States cases, the gender breakdown was 55.7% male and 44.3% female.  It isn’t just a “guy thing”.

So we can’t focus on just the men, but how about the age of the perpetrators in the study?  Can we narrow it down that way?  The study had ages identified in ranges younger than 26 to over 60.  The majority of cases fell between the ages of 30 to 50, but the high dollar value losses were in the over 60 grouping.

Well we can’t look specifically at gender or age to help us narrow down possible fraud schemes.  Through effectively operating internal controls and management reviews, there are some key behavioral red flags to look for.  There may be more than one red flag displayed by a possible fraud perpetrator.  There can be many different issues that arise and bring attention to observant coworkers and supervisors, but here are the top five identified by the ACFE:

  • Living beyond means,
  • Financial difficulties,
  • Unusually close association with vendor/customer,
  • Wheeler-dealer attitude, and
  • Control issues, unwillingness to share duties.

While the ACFE’s RTTN is much more detailed than I can cover in a short blog, this covers some of the aspects and points that grabbed my attention in each section.  Over the past twenty years there have been changes in the business environment, but the schemes used to perpetrate or skills used to identify a fraud have remained.  In the first report in 1996, tips were the most common method of detection and that still rings true today.  Whether you have a mature internal control process, you are just starting out trying to minimize the possibility of fraud occurrences and impacts, or you have a possible fraud to investigate further, we can help you in the process to define and reach your company goals.  If you have any questions regarding this Report to the Nations, or any fraud related matters, please don’t hesitate to reach out to the Risk Advisory Services Team at Whitley Penn.

Joshua Stone, MBA, CIA, CFE, CISA Risk Advisory Services Senior Dallas Office

Joshua Stone, MBA, CIA, CFE, CISA
Risk Advisory Services Senior
Dallas Office


Adding Instant Value to your Internal Audit Function

April 11th, 2016 by Whitley Penn | Permalink

In a recent survey performed by the Institute of Internal Auditors (“IIA”), it was found that 56% of North American companies used third party firms to conduct all or part of their Internal Audit function. With such a high percentage of companies already using external firms and the percentage vastly increasing, the IIA asked five questions and received 14,518 responses from 166 countries at the Chief Audit Executive (“CAE”), Director, Manager, and Staff levels.

Who uses third parties for internal audit activities?

  • According to the survey, financial sector, publicly traded organizations, and not-for-profit organizations were more likely to use third parties than public sector and privately held organizations.

How much work do third parties perform?

  • When the participants of the survey were asked what percentage of their organization’s internal audit activities were performed by a third party in the past calendar year, on average, 23% of internal audit activity was performed by third parties. This low percentage may be due to organizations maintaining a fully staffed and competent internal audit team or it could be an organization’s lack of budget or awareness to the services third parties can provide.

What are expectations for future use of third parties?

  • As the use of third parties relies heavily on the organization’s third party budget, it is important to analyze future growth and fluctuations in third party budgets. It was found that 30% of organizations anticipated growth, 12% anticipated a decrease, and 58% anticipated that the budget for third parties would stay the same. With 30% expecting growth in budget in the next year, now is a good time for the organizations to discuss what types of services they require.

What types of services are provided by third parties?

  • The possibilities are endless.  According to the IIA, the most common uses for a third party is to provide specialty skill, solve staff shortages, supplement staff on an ongoing basis, cover remote business locations, and perform special projects. The common uses listed can be modified to meet the organization’s needs and allotted budget. Many times an organization cannot hire a full time internal audit function, so they elect to completely outsource their internal audit function to a third party. This path is much more attractive because it is often less expensive to use consultants for specialty projects rather than having full time employees year round. It should be noted however, that the oversight of the internal audit function cannot be outsourced.

What are best practices for relationships with third parties?

  • While the third party will most likely interact with management and the audit committee, the CAE or designee is responsible for managing the effectiveness of the internal audit function. According to the IIA, the CAE or designee must have a sufficient understanding of the objectives the service provider will fulfill, communicate and sufficiently document these objectives during the engagement process, and provide adequate supervision to the service provider to ensure the objectives are met.

It is important for the organization and the third party firm to keep a successful relationship with clear objectives and expectations. It is also imperative for the third party to be clear on the different services they can provide and how the organization can utilize the third party’s diverse skill set.

For more information on how a third party can provide value to your organization, please contact a member of the Whitley Penn Risk Advisory Services Team.

Garrett Wilson Risk Advisory Services Senior Dallas Office

Garrett Wilson
Risk Advisory Services Senior
Dallas Office

Whitley Penn

About Whitley Penn

Established in 1983, Whitley Penn has become one of the region's most distinguished accounting firms by providing exceptional service that reaches far beyond traditional accounting.

Today, with offices in Dallas, Fort Worth and Houston, 42 partners, approximately 300 exceptional employees, and a worldwide network affiliation through Nexia International, we are strategically positioned to grow and excel in the future.

Contact Whitley Penn

Dallas: 214-393-9300

Fort Worth: 817-259-9100

Houston: 713-621-1515

masters in accounting

AICPA’s CPA Letter Daily