How to Identify, Prevent, and Investigate Accounting Fraud
by Jennifer R. Brannen, Michelle A. Reed, and Ashley B. Vinson

Today, every public company is knee-deep in preparation for upcoming Sarbanes-Oxley Act deadlines. Developing, implementing, and financing a compliance program are costly and burdensome endeavors. But consider the alternative: the costs should the SEC come knocking could far exceed what now may seem to be unmanageable compliance costs.

The last thing any company wants is another box to add to its checklist. But the fact is that while the measures demanded by Sarbanes-Oxley may keep the SEC at bay, private plaintiffs are hungrier than ever to sink their teeth into public companies at the first sign of accounting concerns.

Accounting fraud can happen at any company, no matter its size. We frequently find in financial fraud cases that executives simply did not know what to look for until it was too late. This article describes the red flags that the plaintiffs’ bar looks for and shows you how to turn internal detection into meaningful prevention. In addition, we outline what to do when allegations of fraud surface and how to handle a restatement if it becomes inevitable. Our hope is that this article will supply additional insight into the benefits of compliance and provide constructive enhancements to compliance programs already underway.

How Plaintiffs Identify Accounting Fraud

What are they looking for?

Internal detection is the key to stopping accounting fraud early and preventing the dire effects of resulting litigation. Plaintiffs scour public filings for signs of fraud. Knowing what they look for can give you a head start on prevention.

To begin, there are five general categories of accounting fraud that plaintiffs find inviting: expense deferral, bogus revenue, premature revenue, burying liabilities, and “other.”

      Expense deferral involves the failure of a company to recognize current expenses in the proper period. Management typically attempts to defer the recognition of expenses to later periods to boost current period earnings using one of three methods: failing to write down assets whose fair value has decreased below the fairmarket value; manipulating reserves despite estimable, probable contingent events that will impair the value of assets if they occur; and capitalizing expenses that the company should recognize in the current period.

      Bogus revenue includes fictitious transactions, where records are falsified to create sales out of thin air, and reciprocal sales, barters, or other types of transactions that have the effect of increasing revenue while providing no underlying economic benefit to the company.

      Premature revenue involves the recognition of revenue from sale transactions where the buyer has substantial return rights or the seller continues to have significant ongoing obligations connected with the sale.

      Burying liabilities occurs when a company hides liabilities or other obligations off the books by shifting them to another entity (such as the special purpose entities made famous by Enron), or when a company fails to disclose its significant obligations, like the guarantee of the debts of another entity.

      Other accounting fraud generally involves inadequate disclosure within the company’s footnotes to its financial statements.

A securities fraud case may involve one or more of these types of accounting fraud, so do not focus on one aspect of the financial reports to the detriment of another.

Plaintiffs begin their search in a company’s public filings and announcements. A number of things may indicate that fraudulent activity abounds—and they are not all what you would think.

Results often serve as initial warning signs

Obviously, poor performance is the quickest catalyst for litigation. Everyone knows that a business downturn does not automatically indicate fraud. But companies making announcements of earnings deterioration, loan covenant violations, or other financing problems will top plaintiffs’ list of those to investigate. A company that is beginning to miss targets or experience unanticipated losses should investigate first.

The same goes for an accounting restatement; this is one of plaintiffs’ favorites. When a company restates its financial statements, it does not admit to prior bad acts. But plaintiffs are likely to sue over any financial restatement. When a company decides a restatement is unavoidable, it should thoroughly investigate any signs of fraud.

Even positive results can be too good to be true. While poor performance typically is the catalyst for litigation, plaintiffs’ fraud allegations often will focus on management’s prior overstatements as well. Perfectly on-target earnings, unusual growth or profitability, or consistent outperformance of competitors all can be cited as circumstantial evidence of wrongdoing. Skepticism is the safest policy; be sure to confirm that management can verify all results.

Monitor the books. Plaintiffs do.

One of the most common places to discover signs of accounting fraud is the balance sheet. Flags plaintiffs look for include overvaluation of inventory or accounts receivable, cookie-jar reserves, and significant (one-time, R&D, or Big Bath restructuring) charges. But plaintiffs probably pay closest attention to companies’ reporting of revenue and expenses. Some of the most common allegations of accounting fraud on an income statement involve premature revenue recognition on anticipated orders or fake shipments, current expense deferral, or large belowthe- line expenses. Management also should carefully scrutinize inter-company credits and unsupportable general ledger revisions or topside adjustments any place else where the numbers seem dubious. Plaintiffs certaintly will.

In addition, look in-house. Plaintiffs do not limit their investigations to publicly filed financial statements, so neither should management. Plaintiffs often must provide confidential sources to support their allegations. Therefore, management must ensure that all aspects of the company are effectively monitored.

Begin with members of the management team; they set the tone for compliance and proper financial reporting. Almost all securities class actions name at least one manager as a defendant. To hold management responsible, plaintiffs often point to a corporate culture that allegedly breeds fraudulent practices. For example, plaintiffs look for pressure by management to hit targets as a prime motivator for earnings smoothing and other overstatements. They also look for companies within which it is difficult to identify who is in control and those where management conveys a bad attitude about compliance with Sarbanes-Oxley or other antifraud measures. The impact of high compliance costs on corporate pocketbooks has been well documented, but a strong management commitment to compliance is one of a company’s most effective antifraud weapons, as discussed in more detail below.

Sales departments also are a prime target of plaintiffs. When the allegations involve revenue recognition, you can be sure plaintiffs are scrutinizing sales practices. Common fraud allegations involve channel stuffing and falsified inventory and sales. A good practice is to investigate all customer complaints promptly and vigilantly.

Finally, any instances of self-dealing should be eliminated or, at the least, fully and impartially evaluated. Plaintiffs inspect footnotes for any sign of impropriety. Related-party transactions will be scrutinized with particular vigor. In addition, reports of employees using corporate assets illicitly should be carefully dissected. Be scrupulous in assessing any transactions where conflicts of interest are possible.

The best way to minimize the risk of being sued is to ensure that truthful accounting is reported to shareholders. There is an important lesson to be learned in detection. Plaintiffs are attentive to all signs of fraud. A company that heeds the warnings can isolate and neutralize possible fraud before it leads to much more costly litigation.

Preventative Strategies Within the Company

Informed management—the key to topdown compliance

Preventing accounting fraud involves internal and external protections. Most importantly, management must create a positive top-down attitude toward compliance. All objectives— including increasing internal controls and compliance —are better met when management demonstrates its commitment to a strong antifraud policy.

As an initial matter, to effectively communicate this commitment, management must foster closer relationships with employees, investment bankers, internal and external auditors, and others. Officers and directors should be familiar with those who effect business transactions that could influence accounting judgments. Monitoring every level of the accounting process decreases the likelihood of fraud.

Companies also should be sure to have adequate D&O coverage. The time to seek additional coverage is before any fraud is revealed.

Audit committees play a critical role in internal antifraud regulation. The committee should be strong, with leadership capable of asking accountants probing questions. Sarbanes- Oxley and the new Nasdaq and NYSE rules mandate powerful and experienced audit committees. All audit committee members should carefully read their bylaws, charter, and exchange rules. They also should receive training on significant accounting policies related to the company and the industry.

This need for strong leadership means companies should avoid electing directors with significant equity ownership and little experience. As accounting rules and treatments change so rapidly, directors should have significant experience and should not be selected based solely on ownership or familial relationship. Family relationships may lead to less than armslength dealing and can decrease objectivity in assessing accounting business judgments.

Continued accounting training should be required of all management, not just the CFO. This training should include examination of accounting distinctive to the company’s industry; some companies and industries have unique circumstances and often complex accounting treatments. Management also should be familiar with common types of fraud (and accordingly common vulnerabilities), which often occur at lower- and middle-management levels. Finally, all upper-level management should receive annual training on relevant Generally Accepted Accounting Principles (GAAP) for the company and the industry and on the company’s methods of guaranteeing compliance.

Informed employees—an anti-fraud solution

One way to consistently communicate the antifraud message is to establish ethics and conflict-of-interest policies. A thorough and conscientious ethics policy goes a long way toward preventing accounting fraud. Pursuant to Section 406 of Sarbanes-Oxley, the SEC now requires public companies to disclose whether they have adopted an ethics policy applicable to the chief executive officer and senior financial officers. Both Nasdaq and the NYSE require that this code of ethics apply not only to officers and directors, but also to employees. The policy must satisfy the “code of ethics” requirements of Section 406(c). Specifically, it must include written standards regarding: honest and ethical conduct; full, fair, accurate, timely, and understandable disclosure in public disclosures and reports and documents filed with the SEC; and prompt internal reporting of any ethics policy violation.

Other policies also impact the antifraud environment. Supervisors should avoid pressureand incentive-based management. Almost inevitably, fraud occurs where the defrauder has something to gain. Much fraud can be eliminated by avoiding management pressure to “meet street estimates” at all costs and by eliminating incentives for end-of-quarter inflation (e.g., extraordinarily high bonuses tied to quarterly sales). For example, a company could diminish bogus sales by putting the sales team on a quarter different from the fiscal quarter or by tying bonuses to collections or profitability.

Creating and enforcing understandable guidelines for revenue recognition is another critical step. Management should disseminate these policies throughout the company, particularly to all employees involved in the sales process. Management must strictly adhere to the policy and consistently sanction employees who don’t.

To achieve accountability for accounting decisions, management should identify and segregate its duties as well as the duties of senior accounting staff and employees. That will enable the company to quickly identify the source of any fraud and impose sanctions for dishonesty.

Finally, self-regulation is one of the best antidotes for fraud. Therefore, companies should foster an atmosphere where employees selfregulate. Employees on the ground are the best source for accounting accuracy. Once a clear internal policy is adopted, encourage employees to self-regulate under that policy. For example, Section 301(4) of Sarbanes-Oxley requires audit committees to establish internal procedures for submission of complaints regarding accounting matters. Companies should create an anonymous hotline and encourage employees to use it to provide information on any accounting improprieties they detect.¹

Careful accounting—tips for the wary Under federal securities laws, management is responsible for the information contained in a company’s SEC filings. Therefore, management should be vigilant in conducting regular and thorough internal audits to ensure that outside auditors are provided all necessary information. Consider requiring employees to certify annually that they have complied with all antifraud and ethics policies.

These internal audits should consider whether transactions are accounted for properly in light of their substance—not just what they appear to be from the heading on the contract. Usually the legal form and accounting treatment of transactions appear correct. Management must look beyond the legal form for any side letters, oral contingencies or promises, or any other guarantees that should alter the accounting treatment. One side letter can impact revenue recognition by millions. All related-party transactions should be scrutinized by the audit committee and closely reviewed for conflicts of interest.

Establishing rigorous internal controls also enables management to complete its Section 404 certifications. Section 404 of Sarbanes-Oxley requires management to document and certify its internal control procedures. Management should retain documentation of the evidence supporting its assessment of internal control effectiveness. Testing should include positive evidence for and analysis of significant account balances and disclosures. Effectiveness of outside service organizations should be closely examined. Management should include analysis of internal controls at all locations and business entities, and should allow ample time to assess changed internal controls (e.g., payroll or data processing changes).

Two key areas are frequently the source of securities fraud class actions: revenue recognition and reserves for doubtful accounts. Accordingly, companies should periodically assess their revenue-recognition policies to make certain they correspond with the economic flow of goods and services to the end customer and capture ongoing obligations of the seller or rights of the buyer. Scrutinizing customer accounts with high DSOs (days sales outstanding) allows management to verify that no side agreements exist.

Likewise, management must set out clear guidelines for establishing reserves for doubtful accounts. In the current environment, where shareholders and regulators expect companies to be almost clairvoyant, establishing clear standards can prevent accusations of fraud. Following SEC Staff Accounting Bulletin (SAB) No. 102’s directive to implement a consistent methodology for calculating loan and lease reserves will minimize SEC scrutiny.

How to Conduct an Internal Investigation Once Possible Fraud is Detected

What should a company do if it spots warning signs of fraud or if a whistleblower employee reports potential fraudulent activity? Immediately take steps to identify, isolate, and halt the fraud. As mentioned above, Section 301 of Sarbanes-Oxley mandates that audit committees establish procedures for employees to report questionable accounting or auditing matters confidentially and anonymously. Once a company has a complaint procedure in place, a protocol designed to ensure competent and independent investigation and review of relevant facts is essential.

Establish and follow an investigation protocol

A key goal of an investigation protocol should be ensuring adequate document preservation (including electronic documents and backup tapes). Companies should implement a document-retention policy or ensure that the existing policy addresses the requirements of Sarbanes-Oxley. Once questionable activity has been identified, documents should not be destroyed until the matter is resolved. Likewise, documents should not be destroyed in the midst of a civil suit, federal investigation, official proceeding, or Chapter 11 bankruptcy filing.

One of the first steps in an investigation process should be establishing an independent (special litigation) committee of board members. Establishing a committee composed of independent and disinterested board members to oversee any investigation will provide additional support for whatever action the company decides to take. The committee should then secure independent counsel who can help the committee determine whether independent auditors or forensic accountants are needed. All investigators should be well-trained and experienced. If the results of the investigation lead to a restatement and litigation, a committee of independent board members advised by independent outside counsel and independent auditors will provide the most credibility.

At the beginning of any formal inquiry, the company should issue specific written instructions or prepare an engagement letter setting forth the scope and purpose of the investigation. Consider whether the investigators will be fact finders only, or also decision-makers. If the investigators will make recommendations, the company should decide to whom they will be made and in what format.

A critical consideration is whether the company will seek to preserve or agree to waive the attorney-client and work-product privileges. This is a decision that will shape the manner in which the investigation is conducted. If the company decides to seek to preserve the privileges, educate employees about what that requires (e.g., no disclosure of any confidential information to third parties). If the company decides to waive the privileges if the SEC is involved, then consider having the investigators deliver an oral rather than a written report of the investigation’s conclusions to the special litigation committee, the board, and the SEC to minimize the written documentation that will be discoverable in litigation with private plaintiffs.

Encourage employees in the strongest terms to comply with the investigation. Make sure the appropriate senior corporate officials issue written instructions advising employees to cooperate fully with counsel, to keep the substance of any interview confidential, and that what they disclose will be utilized by counsel for purposes of giving legal advice to the corporation. Attorneys should inform each employee being interviewed that they represent the company, not the employee, and that only the company can prevent disclosure of the interview. Attorneys should disclose confidential information learned during the investigation only to those corporate officials who need the information for decision-making purposes.

Management and counsel must consult to establish a PR plan. They will need to anticipate and plan for workplace political issues as well as media and public relations issues. The schedule, order, and location of interviews should reflect these concerns.

Identifying and removing any wrongdoers can go a long way toward preventing further fallout from any fraud. When the investigation is completed (and if warranted under the circumstances), the company should take appropriate remedial action as reasonably calculated to end the wrongdoing. The findings of the investigation should be communicated to the whistleblower, the accused wrongdoers, and to key managers in the human resources department.

At the conclusion of the investigation, the company will be in a position to determine whether to restate its financials. If a restatement is necessary, the company must work with auditors to determine the best presentation of the restated financials. Highlight all positives resulting from the investigation and restated financials.

Proceed with caution when reporting a restatement

A company that decides a restatement is inevitable should consult with a securities litigator to help negotiate the crisis. The press release announcing an impending restatement provides the first opportunity to shape public perception of the company’s financial situation. A securities litigator will provide perspective on crafting a press release that will be of limited use to plaintiffs in any future litigation.

The company should communicate with the public as soon as possible to announce that there will be a restatement. Early disclosure may shorten the class period in the securities class action that likely will follow.

Disclosure should provide the appropriate information: adequate disclosure of the internal process leading up to the restatement, but not necessarily the findings of any internal investigation. If possible, justify the restatement without admitting potential problems that might lead the public to jump to a conclusion of fraud. Update the market as necessary, providing periodic reports as the company and the auditors work toward finalizing the restated financial statements.

When the restatement is complete, explain why it was necessary or appropriate. Provide an evaluation of the reason or reasons for the restatement under Accounting Principles Board Opinion (APB) No. 20 (e.g., mathematical errors, change in accounting principles, mistakes in application of accounting principles, misuse of facts, “management” of reported earnings) and subsequent accounting guidance.

After announcing a restatement, determine the impact it had on share price, if any. This will affect plaintiffs’ ability to prove reliance and loss causation in a class action. Also, determine the role the individual members of management played in the restatement. If not already done in the investigation phase, the company should evaluate which individuals were directly involved with accounting decisions that led to the restatement and whether any remedial actions are necessary.

Finally, be aware of Section 304 of Sarbanes- Oxley. This section requires the CEO and CFO to reimburse the company for certain bonuses, equity-based compensation, and profits from securities sales when there is a restatement due to “material noncompliance of the issuer as a result of misconduct.”

Conclusion

Strong antifraud programs benefit companies on a number of levels. Being alert to signs of fraud can help companies detect and eliminate problems before they get out of control. If fraud has taken root, however, it is imperative to have a mechanism in place to internally investigate, and if necessary, to handle a financial restatement and any follow-on litigation. With a plan in place, a company will be prepared to handle whatever comes.

Notes

1. For more on employee detection and reporting, see Daniel P. Westman, “The New Concept of ‘Undersight’ in Securities Regulation,” in this issue of WALL STREET LAWYER.

About the Authors

Ms. Brannen (jbrannen@akingump.com) is counsel and Ms. Reed (reedm@akingump.com) and Ms. Vinson (avinson@akingump.com) are associates in the securities litigation group of Akin Gump Strauss Hauer & Feld LLP.