Financial Statement Fraud by External Parties

Punjab National Bank (PNB).

In 2018, PNB disclosed that a prominent customer (Nirav Modi), in collusion with two junior employees at its Brady House Branch in Mumbai, perpetrated a $2 billion fraud against the bank. The Mumbai branch issued unauthorized guarantees called letters of undertaking (LOU), similar to letters of credit, to overseas branches of other Indian banks. These overseas branches made local currency advances to Modi’s designated bank accounts, ostensibly to pay suppliers of stones for his international jewelry operations.

The LOUs were sent over the Society for Worldwide International Financial Telecommunication (SWIFT) interbank messaging system. The fraud continued for seven years, but apparently escaped detection because the SWIFT activity was either never reconciled with the bank’s record of LOUs issued, or that control was overridden. Also, there were inadequate controls to prevent or detect the issuance of LOUs by bank employees without receipt of the normally required documentation, collateral, and supervisory review and approval.

Petrobras.

In 2015, Petrobras, a Brazilian government-controlled oil and gas company, disclosed a write-off of over $2.5 billion of capitalized costs representing estimated overpayments that inflated property, plant, and equipment (PP&E). External parties—large construction companies—colluded with operating division heads to rig the bidding for goods-and-services contracts in exchange for kickbacks. The construction companies used the overpayments to bribe division executives, politicians, and political parties. The external-party fraud materially misstated Petrobras’s financial statements in its annual report filed with the SEC and is believed to have continued for over eight years. A representative example of the overpayments involved Petrobras’s acquisition of a Texas oil refinery in 2005 from a Belgian oil company. Petrobras paid almost 30 times the $42.5 million the seller had paid in the same year, ultimately paying approximately $1.2 billion for the nearly century-old refinery.

Control deficiencies in Petrobras’s procurement policies and procedures included significant incompatible functions or lack of segregation of duties. The same executives had authority to both award and approve contracts, as well as to amend existing contracts without review by the legal department. Senior management also permitted bidding and contracting procedures outside those established by the procurement manual. Petrobras’s Form 20-F for fiscal year-end December 31, 2015, disclosed material weaknesses that included an inadequate tone at the top, failure to communicate ethical values, and lack of an effective whistleblower program, in addition to the specific procurement-related control deficiencies.

Colonial/TBW.

The Colonial/TBW fraud is a landmark case of external-party fraud. In 2018, a federal judge found the Colonial BancGroup, Inc. (CBG) auditor liable to the FDIC, as receiver, for professional negligence and ordered it to pay $625 million in damages. From 2002 to 2009, Lee Farkas, the chairman of Taylor Bean & Whitaker Mortgage Corporation (TBW), perpetrated a fraud against Colonial Bank, at the time one of the 25 largest banks in the United States, with assets of approximately $26 billion. Colonial was owned by CBG, a publicly traded bank holding company. The fraud occurred within the bank’s mortgage warehouse lending division (MWLD). The MWLD provided short-term, secured funding to mortgage originators, such as TBW, its largest customer. Concealment was achieved with the collusion of Catherine Kissick, who ran the MWLD, and others reporting to her.

The fraud passed through several phases. The first phase began in the first quarter of 2002, when Farkas overdrew TBW’s operating account by approximately $10 million that could not be repaid. Immediately before the daily overdraft report was generated, Kissick had funds transferred from an investor funding account into the overdrawn operating account; she then reversed the process after the report was generated, thus keeping the overdraft off the report. By late 2003, the amount of the concealed overdraft grew to $120 million, and the second phase of the fraud began.

Instead of continuing to juggle internal overdraft reports, the fraudsters began to disguise the overdrafts as an advance of funds under the COLB Facility, a mortgage loan purchase facility started by Colonial in 2002 to continue lending to mortgage originators after they reached their lending limit. Under this arrangement, Colonial received a 99% participation interest in individual mortgages originated by its customers, which was accounted for as a sale by those mortgage originators to Colonial under Statement of Financial Accounting Standards (SFAS) 140, Accounting for Transfers and Servicing of Financial Assets and Extinguishments of Liabilities, and classified as individual borrowers’ loans held for sale on CBG’s balance sheet. In a portion of these transactions with TBW, referred to by the fraudsters as “Plan B,” Colonial did not receive the normal collateral for a mortgage loan (i.e., the original promissory note and copy of the individual mortgage).

The fraudsters never created false promissory notes or mortgages that Colonial was to hold in custody pending sale to a secondary market investor, typically a government-sponsored entity (GSE) such as Fannie Mae or Freddie Mac. Colonial received only a data tape of information (e.g., names, addresses, Social Security numbers) on loans to individual borrowers for Plan B loans that TBW had already sold to others. COLB loans were supposed to have a takeout commitment from an end investor before sale to Colonial, and thus were expected to be held for relatively short periods, typically 30 days. To continue the concealment, the fraudsters periodically refreshed the Plan B loans with new data files for the growing amount of the fake asset.

In 2005, concealment of the fraud was achieved by a new tactic using another lending facility referred to as AOT, which stood for “assignment of trade.” Under the AOT facility, Colonial was ostensibly purchasing a 99% participation interest from TBW in a pool of mortgage loans in the process of being securitized as GSE-issued mortgage-backed securities (MBS) that TBW was supposed to have already sold on a tobe-issued basis to secondary market participants, primarily securities dealers.

In this third phase, in exchange for advancing funds to TBW, the sole AOT customer, Colonial was to receive a participation certificate, a list of the loans in the pool, the related mortgage collateral documents, and a trade assignment document evidencing TBW’s assignment of the trade of the to-be-issued MBS to an end investor (i.e., securities dealer) with an attached takeout commitment from that investor. Repayment of the advance to TBW was to come from the end investor, who had to agree to assignment of the obligation to deliver the securities to Colonial, along with the right to receive the proceeds. Of all the required supporting documentation, the only false document created by TBW was a trade assignment unsigned by the end investor.

The fraud was discovered in August 2009 when special agents of the FBI and Treasury Department raided Colonial and TBW’s offices as part of an investigation initiated because of concerns surrounding Colonial’s application to the Troubled Asset Relief Program (TARP).

Madoff feeder funds.

The external-party fraud that Bernard Madoff perpetrated against the feeder funds that placed substantially all of their investors’ money with him is the largest of its type. Madoff’s Ponzi scheme in effect misappropriated the assets of the feeder funds and materially misstated their financial statements. The final account statements of the feeder funds and other investors reported fictional investments of approximately $65 billion. The two largest feeder-fund groups, Fairfield Greenwich Group (FGC) and Tremont Group Holdings (TGH), had issued audited financial statements that overstated assets by over $10 billion.

This external-party fraud was facilitated by the control deficiencies that resulted from the feeder funds’ outsourcing of substantially all investment activities to Madoff, who initiated trades, making the decisions on when and what to buy and sell using his own investment strategy; executed the transactions, clearing his own trades and preparing related records; was responsible for holding securities in safe-keeping; and serviced the securities, collecting interest, dividends, and sales proceeds. Madoff provided fake confirmations of trades and monthly statements to his investors, including the feeder funds, with the computer-aided assistance of several employees of his advisory firm. These coconspirators also created fake trading terminals and Depository Trust and Clearing Corporation (DTCC) screens for the rare occasions when executives of feeder funds visited his offices. Madoff furthered the concealment by employing an auditor, Friehling & Horowitz, that lacked independence and failed to perform an audit in accordance with professional standards.

Madoff blew the whistle on himself in December 2008 when he was unable to meet withdrawal requests during the financial crisis and lawsuits were filed against the auditors of the feeder funds. Some were settled, and others dismissed, but one went to trial, resulting in a finding against the auditor. The primary deficiencies in the audit in that case likely mirrored those in all the feeder fund audits: unwarranted reliance on the confirmation process and failure to investigate Friehling & Horowitz. The Auditing Standard (AS) applicable at the time (2503.20) noted that the nature, timing, and extent of substantive procedures for investments are affected if a service organization initiates transactions as an investment advisor and also holds and services securities (this same standard was in effect during the time of the Madoff fraud for both public and private entities as AU section 332.20).

DeAngelis/American Express.

In what has come to be known as “the great salad oil swindle,” Anthony DeAngelis inflated inventory quantities to deceive a large group of financial organizations, particularly American Express’s field warehouse subsidiary, and ultimately jeopardized the functioning of the New York Stock Exchange (NYSE). DeAngelis created the Allied Crude Vegetable Oil Refining Corporation (Allied) in 1955 by leasing a huge field of petroleum storage tanks in the port section of Bayonne, N.J., cleaning the tanks to store edible oil, and storing and refining crude vegetable oil.

DeAngelis financed his activities with negotiable warehouse receipts. Allied leased a portion of the tank farm to a field warehousing subsidiary of American Express, which issued warehouse receipts for quantities of stored oil. Allied was losing money, but DeAngelis managed to stay in business for some time by inflating the quantities of oil in the tanks of the field warehouse to obtain negotiable warehouse receipts. He also persuaded brokerage firm Ira Haupt & Company to accept warehouse receipts on fake oil for original margin and margin calls on soybean futures. When DeAngelis was ultimately forced to put Allied into bankruptcy in 1963, Allied’s creditors attempted to take possession of the oil backing their warehouse receipts, but learned that a supposed 1.8 billion pounds of oil was fake. American Express, faced with sizable obligations to the holders of warehouse receipts, put the field warehousing subsidiary into bankruptcy, while Haupt’s losses on DeAngelis’s futures contracts purchased on margin put it in violation of the NYSE’s net capital requirements. Due to concern about a loss of investor confidence if Haupt’s customers were harmed, the NYSE agreed to liquidate Haupt and provide its own funds to reimburse its customers. This was extraordinary because Haupt’s losses on futures contracts were not related to trading on the NYSE or Haupt’s custodial responsibility to customers.

American Express’s subsidiary was included in its audited consolidated financial statements, but did not own the oil held in custody; thus, the oil and the related custodial responsibility did not appear in its financial statements. Nevertheless, its audited financial statements were materially misstated by the external-party fraud due to the undis-closed contingent liability.

Increase awareness of external-party fraud.

First on the list of lessons is the need for increased awareness of this type of fraud and the dangers it presents. Management’s efforts to prevent, and auditors’ efforts to detect, fraud may be too singularly focused on fraudulent financial reporting to intentionally mis-state earnings and misappropriation of assets by lower-level employees. This can result in inadequate attention to the serious risks that external parties pose for the unauthorized acquisition, use, or disposition of an organization’s assets that have a material effect on its financial statements. In all of the major cases reviewed in this article, organizations suffered significant harm, resulting in bankruptcy, major loss of assets, or reputational damage.

Identify and evaluate country, business, and entity risks.

Risk assessments by management and auditors need to include consideration of risks at every level that can foster external-party fraud. Many such risks were apparent in the major cases reviewed here. PNB’s LOU process had an obvious inherent risk of fraud that called for controls to anticipate fraud by the bank’s customers, but such controls were nonexistent. Petrobras operated in a country with a well-known history of corruption. In the Colonial/TBW matter, the greatest and most well-known risk in the mortgage warehouse lending industry was fraud by mortgage originators, including selling loans already sold to others. Farkas, Colonial’s largest mortgage-originator customer, had been terminated by Fannie Mae in circumstances that raised suspicion of fraud.

An article in Barron’s catalogued oddities about Madoff’s secretive investment advisory activities (Erin Arvedlund, “Don’t Ask, Don’t Tell,” May 7, 2001, http://bit.ly/31QzYEY), and Harry Markopolis repeatedly brought these matters to the attention of the SEC, presenting the commission with a detailed and sophisticated quantitative analysis of Madoff’s returns that pointed to a Ponzi scheme. Among the red flags concerning Madoff were impossibly consistent returns, volume trading that left no trace in stock or options markets, clearing his own trades, sending out his own paper trade confirmations, moving to investments entirely in T-bills at year-end, and using a small, unknown auditing firm. The latter was particularly significant given the exposure of the use of a fictitious auditor in the Bayou Group Ponzi scheme in 2005.

The field warehousing industry also has inherent risks because the ware-houseman is accountable for the inventory in storage for which warehouse receipts are issued, but typically performs accountability tests using personnel leased from the owner of the storage location, who receives the warehouse receipts. DeAngelis had been charged with cheating the federal government, and thus could not obtain a bank loan, but was able to persuade customers and suppliers to advance funds based on negotiable warehouse receipts that they in turn pledged as collateral for bank loans. The DeAngelis personnel leased by American Express falsified inventory in storage by methods that have since become legendary in the annals of inventory frauds (see Exhibit 3).