Free-Reprint Article Written by: Scott Burke 
See Terms of Reprint Below.

* This email is being delivered directly to members of the group:

We have moved our TERMS OF REPRINT to the end of the article.
Be certain to read our TERMS OF REPRINT and honor our TERMS 
OF REPRINT when you use this article. Thank you.

This article has been distributed by:

Helpful Link: 
  The Digital Millennium Copyright Act - Overview


Article Title:
Curious Employee Foils Corporate Credit Card Fraud Scam

Article Description:
It would have been very easy for Molly to trust her former boss 
and get him the refund. Instead, because something didn't seem 
quite right, she chose to check on whether XYZ had already 
reimbursed Jerry...

Additional Article Information:
1416 Words; formatted to 65 Characters per Line
Distribution Date and Time: Fri Feb 24 01:15:17 EST 2006

Written By:     Scott Burke
Copyright:      2006
Contact Email:  mailto:[EMAIL PROTECTED]

Article URL:

For more free-reprint articles by this Author, please visit:


Curious Employee Foils Corporate Credit Card Fraud Scam
Copyright © 2006 Scott Burke
iMAX Business Solutions

MOLLY, THE ASSISTANT, Molly treasurer at XYZ Corp. in Miami, 
opened an e-mail from a former colleague who no longer worked 
for the organization. The e-mail read: "Hi Molly, there should 
be a refund of $716 on my old corporate Visa card from the IP 
Conference. I paid for, but did not attend, the conference and 
did not turn in the charge to XYZ for reimbursement. Can you have 
Visa issue a refund check to me? Thanks very much for your help."

The e-mail was from Jerry, a former XYZ executive who had been 
Molly's boss at one time. The message seemed innocuous enough. 
Jerry had legitimately charged a business conference to his 
corporate credit card, but he had canceled his registration 
because he left the company. Therefore, he was due a refund.

It would have been very easy for Molly to trust her former boss 
and get him the refund. Instead, because something didn't seem 
quite right, she chose to check on whether XYZ had already 
reimbursed Jerry for the conference.

To make this determination, Molly accessed Jerry's corporate 
credit card records online and retrieved his expense reports from 
the accounts payable file room. The expense reports confirmed 
that Jerry had not expensed the conference fee, but when Molly 
looked at his credit card statement, she saw a couple of odd 

First, the most recent statement indicated that the former XYZ 
executive had made four payments to his credit card in one month. 
Second, the statement was two pages long, and Molly knew that 
Jerry rarely traveled for business. She scanned the charges and 
noted that most of them were from local vendors. In addition, 
none of the items looked like business charges. The charges 
included dinners at local restaurants, department and grocery 
store charges, and airline tickets for Jerry and his wife that 
Molly knew were for their recent vacation.

Out of curiosity, Molly queried the company's checks online to 
see if any of the payments made on Jerry's Visa account matched 
the dollar amounts of checks written by XYZ. Sure enough, she 
found that all four payments made to Jerry's credit card that 
month equaled amounts on checks that the company had written to 
Visa. Molly increased the scope of her search and observed that 
every payment posted to Jerry's corporate credit card over the 
previous 12 months was from a check written by the company. She 
also noticed that of the $88,000 in charges on Jerry's card over 
that time frame, none was for business expenses.

Molly printed copies of all of the checks and noted that, 
although Visa was listed as the payee on all of them, Jerry's 
corporate credit card account number was handwritten on each 
check. Molly approached the director of internal auditing as 
well as Jerry's former manager and requested an investigation 
into the matter.

While working for XYZ, Jerry was in charge of making sure that 
the organization paid delinquent balances on the corporate credit 
cards of people who had left the company. XYZ had an arrangement 
with the credit card company that it would guarantee payment for 
certain employees if those employees did not pay the balances 
on their accounts. Once a month, Jerry would provide accounts 
payable with a list of delinquent accounts on guaranteed cards, 
and accounts payable would cut the check to the credit card 

However, on the bottom of every check request in Jerry's last 
year of employment, he had written, "Please deliver the check to 
me." Typically, accounts payable would mail the check directly to 
the credit card company, but because accounts payable knew that 
Jerry maintained a relationship with the credit card company, 
they adhered to his request and delivered the checks to him. When 
Jerry received a check, he would write his own account number on 
the check, and the bank would apply the payment to Jerry's credit 

Jerry did not need to make sure that the delinquent credit card 
owners listed on his spreadsheet paid their balances, because he 
had fabricated the delinquency list that he provided to accounts 
payable. In many cases, the employees with the so-called 
delinquent balances had left the organization long before, and 
they had paid their balances in full before departing.

So, where were the control breakdowns? First, Jerry had sole 
authority over the credit card function. He managed the corporate 
credit cards, reviewed the delinquent accounts, had access to the 
employee statements, and dealt with the bank's account managers. 
No one reviewed his work. As soon as accounts payable walked the 
checks down to his office, he had all he needed to perpetrate the 

The second breakdown was that the accounts payable clerk walked 
the checks over to Jerry. Although not necessarily right, it is 
understandable that accounts payable would not have the time to 
audit Jerry's delinquency list. After all, accounts payable was 
processing more than 1,000 checks per week with a staff of six. 
However, it was unacceptable for the clerk to deliver the check 
directly to Jerry. The check should have gone from accounts 
payable to the vendor. The vendor invoice--or delinquency data in 
this case--should have contained all of the pertinent information 
to allow accounts payable to appropriately route the check.

XYZ decided to report Jerry to law enforcement. Although $88,000 
is not a significant amount of money for a $1 billion company, 
and the legal fees and other costs might be high, the company 
wanted to demonstrate to its employees that it would not tolerate 
fraud and would hold perpetrators accountable. Decisive and 
timely action such as this is critical to maintaining a sound 
control environment.

Not everyone is as diligent as Molly. The lesson she applied is 
an important one to teach operations personnel: Take the time to 
check anything that doesn't seem right. Because she spent a few 
minutes performing due diligence, Molly uncovered an $88,000 

Several symptoms may have flagged the fraud. If internal auditing 
had been testing the employee credit card charges, simply 
identifying the top 25 corporate card users and reviewing their 
charges would have flagged Jerry. Travel reimbursements of 
$88,000 in one year covers a lot of travel. Testing the accounts 
of the people with the most posted credits would have similarly 
flagged Jerry. Also, Jerry averaged three payments a month on his 
credit card over the course of a year, an unusual pattern that, 
if identified, should have been investigated.

Testing the top 25 corporate credit card users and searching for 
unusual patterns are the staples of any audit program that 
contains tests designed to uncover fraud.


 * Employees should take the extra step. If employees are 
presented with a transaction that they do not completely 
understand, they should do what was going on so that it became 
clear to everyone that XYZ would not treat fraud lightly. what 
it takes to understand the transaction. Molly was one of the 
custodians of the organization's cash, so when someone asked for 
money from the company, even a trusted former boss, it was 
important for her to understand the nature of the transaction.

* Segregate duties. This is a concept that is drilled into the 
brains of internal auditors ad nauseam, but it is not necessarily 
communicated as often to operational management. The 
organization's head treasurer, to whom Jerry reported, was an ex-
auditor and ex-controller, and therefore should have been aware 
of this control concept. However, during the course of business, 
when times are good and everyone is busy, it is easy to overlook 
the fundamentals. Jerry had too much control, and because 
accounts payable trusted him, the clerks did not adhere to their 
own processes and send the check directly to the third party.

* Act quickly and decisively. Jerry was a long-time employee of" 
XYZ, and he was well-liked in the organization. It would have 
been easy for the company to ask Jerry to pay the money back and 
call it even. How ever, management and the board called for a 
full investigation, led by the internal audit group that included 
outside consultants, legal counsel, and the district attorney. 
Management also decided to not keep it quiet; they let the 
finance and accounting organizations know what was going on so 
that it became clear to everyone that XYZ would not treat fraud 

* Thieves can get greedy. In this case, Jerry had already left 
the company. His fraud might have gone undetected if he had not 
returned for one last $716!

For more information click over to

Scott Burke; President of iMAX Business Solutions in charge 
of sales, strategy, and execution and thus is responsible for 
managing all aspects of the company's marketing, communications, 
new accounts, and support. [EMAIL PROTECTED] -



TERMS OF REPRINT - Publication Rules 
(Last Updated:  April 7, 2005)

Our TERMS OF REPRINT are fully enforcable under the terms of:

  The Digital Millennium Copyright Act


*** Digital Reprint Rights ***

* If you publish this article in a website/forum/blog, 
  You Must Set All URL's or Mailto Addresses in the body 
  of the article AND in the Author's Resource Box as
  Hyperlinks (clickable links).

* Links must remain in the form that we published them.
  Clean links should point to the Author's links without
  redirects having been inserted into the copy.

* You are not allowed to Change or Delete any Words or 
  Links in the Article or Resource Box. Paragraph breaks 
  must be retained with articles. You can change where
  the paragraph breaks fall, but you cannot eliminate all
  paragraph breaks as some have chosen to do.

* Email Distribution of this article Must be done through
  Opt-in Email Only. No Unsolicited Commercial Email.

* You Are Allowed to format the layout of the article for 
  proper display of the article in your website or in your 
  ezine, so long as you can maintain the author's interests 
  within the article.

*** Author Notification ***

  We ask that you notify the author of publication of his
  or her work. Scott Burke can be reached at:

*** Print Publication Reprint Rights ***

  If you desire to publish this article in a PRINT 
  publication, you must contact the author directly 
  for Print Permission at:  


If you need help converting this text article for proper 
hyperlinked placement in your webpage, please use this 
free tool:


ABOUT THIS ARTICLE SUBMISSION is a paid article distribution 
service. and 
are owned and operated by Bill Platt of Enid, Oklahoma USA.

The content of this article is solely the property 
and opinion of its author, Scott Burke



1. Print the article in its entirety. Don't make any changes in the article . 
2. Print the resource box with all articles in their entirety.
3. Send the Author a copy of the reprinted article or the URL 
  where the articles was posted.

Anything short of following these three rules is a violation 
of the Authors Copyright. 
Yahoo! Groups Links

<*> To visit your group on the web, go to:

<*> To unsubscribe from this group, send an email to:

<*> Your use of Yahoo! Groups is subject to:

Reply via email to