Please, see the case study assignment instructions attached. Thank you for your help.
See the below assignment. Please, see the below professor email for more instructions. Stealing Cash with a Smile_Module2 Stealing Cash with a Smile The Affable Courier Who Pocketed $250,000 BY KENNETH C. CITARELLA, J.D., CFE, AND MINDY EISENBERG-STARK, CFE, CPA July/August 2010 Fraudsters pay close attention to how systems work in a business. Thatʼs how they find their opportunities to steal. The story of how a successful medical practice lost at least $250,000 in an employee embezzlement scheme illustrates that when internal controls fail, the devil might indeed be lurking in the details.
Here are the details of a classic “from the deposit” cash theft scheme from the Occupational Fraud and Abuse Classification System – the ACFEʼs “Fraud Tree.” (See the 2010 “Report to the Nations.”)
Westchester Medical Associates (WMA) was a nine-physician, five-office medical practice in Westchester County, N.Y. Its offices, which provided a wide array of services, were managed from an executive office at a separate location. The practice worked hard to apply good internal controls consistently in each office. All personnel clearly understood WMAʼs straightforward money-handling procedures. (All the names of businesses and individuals are fictitious to protect the privacy of the victimized practice.)
CONTROL PROCEDURES FOR PATIENT CO-PAYS In any medical office, income arrives in two ways: payments made by a patient at the time of service (often an insurance company co-pay) and payments from insurance companies, government programs, and other third-party payers. This article will focus on how a single omission in internal controls made possible a serious embezzlement that went undetected for years.
Every WMA office handled patient co-pays according to the same prescribed procedures. The receptionist recorded each patientʼs visit in a spiral notebook. The date and office designation was written on the top of each page in the notebook. There were columns for the patientʼs name, the time of arrival, the physician to be seen, the patientʼs insurance carrier, the amount of the co-pay, and how the co-pay was tendered. This record was called the daily co-pay log. Cash, checks, and credit cards were accepted. At the end of the day, at least two people double-checked that every patientʼs visit had been recorded properly. The staff also verified the amount and type of each co-payment tendered. Totals for cash, check, and credit card co-pays were entered at the bottom of each sheet, along with a grand total and the initials of both verifiers.
After the dayʼs receipts were tallied, the page was photocopied and that copy and all cash and checks received that day were placed in a clasped manila envelope and secured in a locked drawer. Credit card payments were handled electronically, so those werenʼt included in the envelope.
A WMA-employed courier would collect the envelopes at each office every morning – or sometimes every other day depending on the patient volume – and take the proceeds to the bank. When this courier arrived at each office, the receptionist would open the locked drawer and remove the clasped envelope. Together they would recount the entries on the page and verify that the correct amounts of checks and cash were present in the envelope. The courier then would prepare the bank deposit ticket, using blank forms from the bank. With the bank deposit ticket filled out, the courier would remove the customer copy of the form and attach it to the copy of the daily co-pay log, and these documents were sent to the executive office for filing.
At first blush, WMAʼs procedures appeared reasonably secure. But appearances can be deceiving. THE PROBLEMATIC COURIER When WMA first contacted the Westchester County District Attorneyʼs Office about a concern, the practice had just fired its courier, Charlie Smith. Charlie, a well-liked employee, had started out at WMA as an insurance company negotiator. If WMA didnʼt agree with a third-party payerʼs settlement offer, Charlie would try to secure a more favorable resolution. A few times when WMAʼs previous courier was on vacation, Charlie had offered to help out. When that courier resigned, Charlie volunteered for the position, got the job, and added those responsibilities to his existing role as a negotiator. He had been serving as WMAʼs courier for about three years when another employee uncovered his scam. THE SCAM When Charlie had stepped up as a substitute courier, he had observed something about the practiceʼs operations that no one else at WMA realized. As mentioned before, the executive office received copies of the bank deposit tickets for each office. WMA also received monthly bank statements showing all the deposits made during the month including how much money was deposited by the courier each time he went to the bank with the co-payments. Neither the office management nor WMAʼs accounting firm ever reconciled these independently created records. Charlie realized that WMAʼs failure to identify a readily available internal control was his opportunity to steal.
Once he became the practiceʼs official courier, Charlie followed all the procedures for verifying the cash and checks received at each office. He dutifully received the clasped envelopes from the receptionists, recounted the receipts with them and completed the bank deposit tickets, leaving the customer copies attached to the copies of the daily co-pay logs. But then he exploited the weak link in the system: Charlie never deposited the cash; those funds went into his pocket. He simply completed a new bank deposit ticket at the bank that reflected only the amount of the checks. These he deposited into the WMA account. Charlie then destroyed the customer copies of the falsified deposit tickets that the bank had stamped as received. Safe in the knowledge that no one would compare the bank statements with the daily co-pay logs, Charlie pocketed all of the co-pay cash, totaling at least $250,000, for three years. The exact amount of the theft was never determined. THE SCAM EXPOSED Despite some telltale signs in Charlieʼs behavior, his fraud lasted a considerable length of time before it was discovered. Whenever someone at WMA had a birthday, Charlie would buy lunch for the entire staff. He rarely took time off. If he knew he would be out, he would argue against having someone else act as the bank courier, claiming he would handle it upon his return.
As time passed, another employee began to distrust Charlieʼs generosity with gifts and his insistence on being the sole courier. Only with the most reluctant approval of management was she permitted to search Charlieʼs desk one day when he was out of the office. She discovered several genuine bank deposit slips, which included both cash and check payments, that Charlie had neglected to destroy. His scheme unraveled. ACCOUNTING SYSTEM FAILURES The accounting firmʼs insufficient reconciliation of the bank statements against internal records was a glaring deficiency in the system. In comparing the monthly bank statements to WMAʼs checking account records, WMA was only able to discern that the amounts deposited and drawn on the checking account were properly recorded by both the bank and WMA. If the accountants had bothered to go back a little further to the daily co-pay logs and compare those with the bankʼs statements, another story would have unfolded.
The accountants made an assumption that the deposit amounts shown on the bank statements were the correct amounts to be deposited. This is a classic example of the difference between ordinary accounting and preventive or deterrent forensic auditing, which accepts nothing at face value and tests the facts behind every reported transaction. The accountants left their clientʼs income streams unprotected for years. If even once during a three-year period they had asked for records backing up the deposited amounts shown in the bank statements, the scheme would have been detected.
Moreover, we as investigators wondered how it was possible for the accountants to not notice the almost total absence of cash deposits once Charlie became the courier. The banking statements gave separate totals for cash and check deposits every month. Cash deposits had appeared every month during the tenure of the prior courier but only extremely rarely during Charlieʼs time in that job.
How the accounting firm understood its duties with WMA is a matter of speculation that we didnʼt pursue in the course of the investigation. The firmʼs frightening ignorance of WMAʼs operations made the accountantsʼ “expertise” irrelevant to the investigation.
To make matters worse, WMAʼs accounting system made it impossible to calculate the extent of the larceny. Theoretically, the patient records should contain accurate information on what co-pays were paid for each visit. Yet, sometimes patients paid an incorrect amount – usually too much. And those errors wouldnʼt be detected until the insurance settlement payments arrived. When these situations occurred, the patients were given credit for the excess payment. Those credits, however, were recorded in the accounting system as if they were new payments from the patient.
For example, suppose a patient paid a $30 co-pay on June 1. In July, her insurance company makes a settlement payment indicating she should have paid a $20 co-pay. WMA now has $10 more than it should have, which should be credited to the benefit of the patientʼs account. So WMA would record that extra $10 in the accounting system as new money received from the patient in July. The $30 co-pay effectively became a $40 co- pay to give the patient the $10 credit.
By design, the WMA accounting system failed to properly record what actually had transpired, and it had incorrect totals for patient co-pays. The businessʼ accounting system would never be in harmony with its co-pay logs. Thus, the WMA accounting system couldnʼt provide an accurate record of the co-pays received. Had the accounting system at least recorded patient payments correctly, the size of the larceny could have been calculated by comparing actual co- pay receipts with the counter deposits at the bank. (Third-party payer settlement checks were almost exclusively electronic credits, so they didnʼt present a complication.)
We were left with the arduous task of collecting and totaling by hand all the co-pay logs from each office for the time that Charlie was the courier. The one saving grace was that the bank statements separated monthly totals for cash and checks, and all the cash totals were