Friday, March 15, 2013

Private Investigators Cannot

There are a number of misconceptions about what a professional private investigator can legally obtain. These myths may begin with your matrimonial client’s insistence that her husband has secret bank account, or your colleague has boasted about how his investigators found the smoking gun in the opponent’s phone records, or it’s possible that you picked up some ideas from the latest corporate espionage page-turner…

No matter what the reason, you need the information and you need it now! So why can’t your private investigator get it for you? Typically, there are two reasons for this:

First, the information may be private and protected by either state or federal statute. In this case, your investigator may be able to identify where the information is located. Location is extremely useful information for leverage in negotiations, future subpoena requests, or discovery motions. In some cases (e.g. employment or insurance fraud investigations), you may have a previously-signed release from the subject that will allow you to access this private information.
The second reason is that the information simply doesn't exist. The information may not be compiled into a single database or a comprehensive format. An investigator may ultimately be able to obtain the information, but the process isn't as simple as you might think.

The 5 biggest misconceptions by clients involve private investigators’ access to the following:
(1) Banking and Financial Records
There are two things to consider here – where are the accounts and can we gain access to account-specific information?

First, there is no comprehensive registry of bank accounts in the United States and identifying undisclosed or hidden accounts is no small feat.

A seasoned investigator may be able to identify accounts linked to an individual through interviews, public records searches, or other legitimate investigative techniques. Once accounts are identified, legally obtaining account-specific information is nearly impossible without a court order or the consent of the account holder.

The Gramm-Leach Bliley Act, passed in 1999, imposed strict penalties for individuals who obtain information about a third party account through pretext or deceit. Check out Fred Abrams, Esq. post on Violating Federal Law In Asset Search for a great case study.

Dig Deeper: Can a Private Investigator Get Bank Records or Account Information?

(2) Telephone Records
Telephone records are private and third party access is restricted by a host of state and federal statutes, including the Telephone Records and Privacy Protection Act of 2006.

Similar to bank records, an investigator can use legitimate tools to try to identify the telephone carrier for a particular phone number or individual.

There are a number of online tools that allow you to input part of a phone number to determine the carrier (e.g. However, those cannot be completely relied upon for accurate information, particularly in today’s age of portable cell phone numbers, Skype, and Voice over Internet Protocols (VoIP).

Dig Deeper: Can a Private Investigator Get Phone Records? or Can a Private Investigator Get Cell Phone Records?
(3) Credit Information
In recent years, the federal government has placed a number of restrictions on the ability of third parties to access and use credit information.

Most important here is The Fair Credit Reporting Act (“FCRA”) and subsequent amendments.

FCRA not only restricts how a third party can obtain credit information about an individual, but it also places requirements on third parties to make certain notifications to individuals when certain actions (including employment decisions) are taken using that information.

Dig Deeper: Can a Private Investigator Get a Credit Report?
(4) Nationwide Criminal Records
The closest thing to a nationwide criminal records check in the United States today is the National Criminal Information Center (“NCIC”) database.

Access to this database is strictly limited to law enforcement agencies and authorized criminal justice organizations; private investigators and information brokers do not have access to its contents.

Dig Deeper: The Truth About Access to National Criminal Records
(5) Comprehensive Individual Profile
Type “background investigation” into Google and you’re sure to be bombarded with claims of “Only $19.99 for a complete background check!” or “$14.95 for instant background investigations!”

Such claims are dangerously overstated – it’s virtually impossible feat. Buyers beware…these bargain sites generally just pull together information from various online sources.

They are not comprehensive and miss many online public records (not to mention those records that haven’t yet made it out of the courthouses and onto the web!).

Whatever information is provided in the “investigation” is frequently filled with inaccuracies and extraneous details.

Dig Deeper: Professional Background Check v. Free Background Check

Wednesday, March 6, 2013

Are Your Employees Committing Fraud?

Source: Tracy L. Coenen – CFO Magazine
Internal fraud is a huge risk to companies. Experts estimate that on average it costs companies 3% to 5% of revenue each year. Especially when profit margins are thin, internal fraud can literally put some companies out of business.

But executives are prone to underestimating the amount of fraud that exists within their company. They want to believe that their internal controls are better, their employees are more honest, and their ability to stop fraud is more effective than that of executives at other companies.

The truth is, they are often unaware of all the frauds committed within their company’s walls. Indeed, fraud is often hard to find and may be hidden among the seemingly more trustworthy employees, those who are necessary for keeping the business running. They are the ones putting companies at risk; they have access to assets and information and the opportunity to steal and cover up fraud.

This is why Corporate America likes to speak in averages, under the guise of including all known and unknown frauds at companies across the globe. However, CFOs and other top executives should not get caught in the trap of believing their company is much better than average. They need to move beyond thinking a basic compliance program and an internal hotline are enough. Proactive fraud-prevention measures are necessary to manage the risk of fraud.

The Schemes
Fraud experts usually talk about occupational fraud in three general categories: asset misappropriation, corruption, and financial-statement fraud. Asset misappropriation is the internal fraud we hear the most about because it happens most often. Included here are thefts of inventory, money, business opportunities, and anything of value that employees can wrongly divert from the company.

Even though corruption and financial-statement frauds are not as common, the costs to the victims are much greater per fraud scheme. Corruption schemes include bribery and kickbacks, often with vendors and employees colluding to get money, benefits, or favorable terms. Financial-statement fraud includes the manipulation of reports to create a financial opportunity for an individual or entity. It is the most costly type of fraud in terms of the dollars lost by victims, but can also be costly in terms of investigative expenses, regulatory actions against those involved, and penalties assessed by the government once the fraud is discovered.

Finding the Perpetrators
These frauds and their perpetrators tend to be uncovered from an internal tip and a subsequent investigation. These probes are important to companies not only to hunt down the corporate thieves but also to send a message to other employees that management is serious about finding and stopping fraud. Investigations are also an important information-gathering exercise. They help the company discover weaknesses in the system that can be exploited by dishonest employees.

However, investigations are not the best way to reduce fraud losses. Recovery from fraudsters is generally very low, so performing an investigation with the sole intent of recovering ill-gotten gains is misguided.

Moreover, compliance with regulations like the Sarbanes-Oxley Act is not enough to prevent the need for fraud investigations in the first place. Companies need to implement their own proactive antifraud measures. This means developing policies and procedures specifically designed to stop fraud and detect fraud, such as designing procedures to avoid the concentration of too much access and authority by a single employee, implementing a data-analytics program to identify red flags in financial data, outlining the chain of command for employees to report suspicions of wrongdoing, and regularly engaging third parties to perform surprise fraud-detection procedures. The effectiveness of those proactive measures needs to be evaluated regularly, with changes made promptly to better prevent and detect fraud.

These efforts need to be aimed specifically at both preventing and detecting fraud. First the company must try to stop fraud by putting controls in place. Then management must work on detecting any fraud that might have slipped through the company’s fraud-prevention procedures.

Worth the Cost?
With a mind-boggling number of regulations to which large companies must adhere, the concept of incurring additional costs to shore up operations is unappealing. I have heard over and over again from top finance executives that the cost of implementing Sarbanes-Oxley and related regulations was enormous, and management simply doesn’t have the budget to do even more to try to stop fraud before it occurs.

The problem, though, is that the right proactive fraud-fighting measures can prevent so much fraud that the investment will be quickly returned to the company. I know it’s a hard sell, because so much fraud is unseen and therefore the measurement of the dollars is based on estimates.

Think about it this way: suppose your company does $5 billion in sales each year, with net profit of 5% of revenue, or $250 million. If your company is like the average company in the current economy (and with the current regulations), it is losing $150 million to $250 million each year to fraud committed by employees. If the company could reduce its fraud risk by only 10%, that would mean $15 million to $25 million saved, which goes directly to the bottom line.

The cost and pain of implementing effective antifraud controls may seem high, but the benefits are much greater in both the short and long term. Current regulations and standard financial-statement audits alone have not been enough to quell the tide of employee fraud, as evidenced by the all-too-frequent reports of the discovery of fraud schemes. It is time for companies to be proactive because when it comes to fraud, the best defense is a good offense.