Vendor Certification: Fraud Prevention Made Easier

By Kent Perkins

certification checkmarkWith how many vendors is your company doing business? Is it ten, twenty, or two-hundred? If you haven‘t already established a Vendor Certification Program, it‘s time you did!

Since we began investigating corporate theft and embezzlement more than forty years ago, one of the most prolific and lucrative methods we‘ve found criminal employees using to “take down” their employers is through creation of fake and fraudulent vendor accounts.

Here‘s how it‘s done:

The perpetrator sets up a phony company. If he‘s the Shipping Manager, he may create a fake trucking firm, such as “Statewide Forwarding Express.” For as little as $50.00, he can file for a Fictitious Business Name in a nearby county, and publish the information in a local newspaper or business journal you‘re not likely to see. He may use his own name as the “proprietor” or the name of a relative or friend. For a fake business address, he may rent a postal box with a very believable street address in a known commercial area.

A few weeks later, his “company” receives its FBN (Fictitious Business Name) certificate from the County Recorder‘s Office certifying the fake company is “legal to conduct business.” With that in hand, he can go to any bank in the state and open a commercial account with as little as $100.00.

Back at work, he may use your company computer to create invoices showing hauling and deliveries performed by Statewide Forwarding Express, authorized by none other than the perpetrator, himself. He may sign the invoices approving payment for deliveries never actually made by a company which never really existed. This causes checks to then be sent from your Accounts Payable Department to the mail drop, and he retrieves them. All he has to do is use a rubber stamp (custom ordered for $25.00 or less at any office supply company), and then stamp the back of the check with something like this:

———-For Deposit Only———-
Bank of America # 12445-09908-20

There‘s absolutely nothing about these transactions to raise the eyebrows of anyone in Accounting, even if your books are later audited by an outside, independent auditing firm.

To make the scheme even more difficult to detect, an answering service can be inexpensively hired to pick up a “trunk line” phone for the fake company. Layers of deception often mask the true identity of the recipient of a victim company‘s checks, and the person behind such a scam may prosper to the tune of thousands and thousands, or even millions, of dollars.

We once discovered a conspiracy between the Accounts Payable Manager, the Chief Engineer and the Shipping and Receiving Manager of a large government contractor in the business of testing rocket components. These three conspiring managers opened a total of eight fictitious businesses in exactly the manner described above. The Chief Engineer would “order” equipment he claimed he needed for government testing; in some cases, no such equipment even existed anywhere in the world. He would create a Purchase Order; his Shipping and Receiving Manager would subsequently sign and officially stamp a “receiver” document indicating the “equipment” was delivered to the company‘s docks a few days later. This purchase order copy and the receiver notice were then stapled together, indicating an order had been placed and the item delivered and the purchase completed. This was sent to Accounts Payable, where the third conspirator created a check, using this perfect documentation for “backup,” and mailed the company check to one of the eight mail-drop boxes.

They started out slowly, stealing just $15,000 the first month, and splitting the money three ways. Soon, they realized there was virtually no limit to how much they could steal. Over the next three years, they collectively stole more than $2.5 million.

The scam may never have been discovered were it not for a serious drinking problem, a business trip out of state, a wrecked rental car, and a lost computer.

The Chief Engineer was sent to a far-away location on a business trip, and he took his company-issued laptop computer. While out of town, he got drunk and wrecked his rental car with the company‘s laptop computer in the trunk. Being a crook, he did something very dishonest; rather than admit he “screwed up,” he abandoned the car where it was wrecked, inoperative, with the front end buried into a large oak tree. He walked to the hotel in which he was staying, and used his room phone to call the police and report that his rental car had been stolen.

His employer knew he had a drinking problem; he had been on probation for on-the-job alcohol consumption at the time of the business trip. As soon as they heard his rental car was out of his control, and that in the trunk of that vehicle was his company laptop computer, they called their Labor and Employment attorney, who contacted us. We were told to fly to the “crime scene” on the next available flight, investigate the accident, and to retrieve the laptop computer which, by the way, contained Top Secret U. S. Military documents!

We quickly found an empty gin bottle under the driver‘s seat with our suspect‘s fingerprints all over the bottle, and preserved DNA evidence from the area around the mouth of the bottle. We found the computer where it had been left, apparently undisturbed, in the trunk.

As soon as we took possession of the computer, we were ordered to image the hard drive and to determine whether the Top Secret information was intact and whether it could have been breached; a security problem of this kind would have involved an immediate report to the F.B.I. or the United States Secret Service had we determined the information had been compromised.

We discovered nobody had attempted to access the information on the computer while it was out of the Chief Engineer‘s hands; however, we also saw files containing code words and pass codes for bank accounts offshore in the Virgin Islands, Switzerland, and Barbados. A cursory glance indicated large deposits had been made every month to these accounts over the past two years or more. A QuickBooks program was opened to reveal payments made to “Mail Boxes, Etc.” and “Postal Instant Press Mailbox Rentals” in several locations around Los Angeles… we knew what that probably meant.

Our next stop was back at the client company, where we went through the Accounts Payable records to determine what, if any, checks had been sent to addresses corresponding with the rented mail box locations, and the scheme was unraveled.

The three main suspect employees were interviewed, and all three confessed to their respective parts in the conspiracy. In their subsequent criminal trials, they were sentenced to between three and eight years in Federal Prison, with the original instigator of the fraud receiving the harshest punishment. Restitution of more than $3 million was ordered, to include all the theft, the cost of investigating the crimes, and the attorneys’ fees; they were ordered to disgorge ill-gotten gain from stock accounts in which they had very wisely invested stolen checks; ironically, the recovery for the company was in excess of the losses due to the significant gains on stock accounts such as Internet companies, some of which doubled or tripled in value.

This story is true; it has a happy ending. However, there are many, many other investigative files in our archives in which such embezzlement has actually bankrupted the victim companies or caused serious financial harm in which the perpetrators weren‘t so wealthy… drug habits, gambling addictions and expensive lifestyles are usually adequate to keep even the most prolific thieves surprisingly close to the edge of financial security.

These situations can often be eliminated with an effective Vendor Certification Program in which the company has strict standards of proof that vendors are, in fact, really doing business and providing products or services equivalent to the approved invoices in their names.

If you aren‘t currently verifying and certifying your company‘s vendors, your firm is vulnerable to the easiest and most common form of grand theft from within… white collar crime at it‘s simplest.

In a very short time, we can and will help you set up a Vendor Certification Program in your firm; our checklist and all the information you need are available by contacting the Manager of Special Investigations in our firm, Juan Cobian. Vendor Certification policies go hand-in-hand with your existing company policies against self-dealing and nepotism. Certification of all vendors can begin this week, and a retroactive certification of all your existing vendors is in order… even if the vendors are well established and famous national companies, it‘s important to determine you really know with whom you‘re dealing. For instance, we found a fake “UPS” office being used by a thief who registered the Fictitious Business Name “Union Postal Services” and stamped his stolen checks “For Deposit Only to the Account of UPS.” The bank receiving the stolen checks had no reason to suspect a problem, and neither did the company‘s auditors! It was our Vendor Certification that discovered the connection between the address on the “UPS” account and a mail box being rented by the perpetrator.

You may wish to conduct the certification process within your company or turn this over to your outside investigators; in either case, you should get started immediately, and be prepared for a surprise or two if this is an area into which your watchful eyes have never had a single peek.

About the Author

Kent PerkinsKent Perkins is a managing partner and senior executive investigator with the investigation firm of Diversified Risk Management, Inc., a licensed, nationwide corporate investigation and risk mitigation consulting firm. He has over 30 years of experience in conducting workplace investigations throughout North America. The firm offers a broad range of specialized risk management and corporate investigation services that are designed to minimize exposure. Mr. Perkins can be reached at 800.810.9508 or by e-mail.