Corporate Fraud Part 2 -- An Alternative Proposal for Enchancing Detection

Abu Arqala Publishes His Proposal

In the previous post, I expressed some concerns about a proposal to combat corporate fraud.

Saying that a particular solution seems unworkable or difficult to implement isn’t really of much utility.

Don’t tell me what can’t be done. Tell me what can.

The point is to outline a possible solution.

What then is AA’s alternative? What is to be done?

To start we have to accept that just as with corporate misgovernance there is no financial equivalent of hydroxychloroquine that is a sure cure. 

Because fraud is not just equivalent of a bad “flu”, financial or otherwise, and won't just go away in July or some other month, we do have to take action.

To that end I offer this alternative proposal which seeks to use existing structures to enhance current risk disclosures and promote risk-based auditing.

A key goal is turning auditors’ attention and action away from what appears to be a sole focus on policies, internal processes and controls, and pieces of paper.

As the old joke goes, if it isn’t written down, it doesn’t exist for an auditor.

The real risk with that mentality is the converse.

If an auditor has a piece of paper—a confirmation, a copy of a contract, etc.--the existence of an asset or liability or a business relationship is a proven fact.

The steps I’m proposing would not mean that auditors would abandon examining adherence to financial reporting and accounting standards, reviewing internal controls and processes for adequacy, nor performing many paper based audit activities, including confirmations, nor issuing opinions on those matters.

Because the majority of companies do not engage in major fraud, that current audit work provides needed information to a wide range of third parties, e.g. shareholders, other investors, lenders, business partners, etc. And so it should continue.

If a company is fraud free, an investor is still going to want to know if the company is following accepted accounting principles, has proper accounting systems and internal controls, has documentary evidence to back up transactions, etc. That it uses reasonable assumptions when valuing hard-to-value assets.

One doesn’t want to invest one’s money with or make a loan to an honest but incompetent or disorganized company.

So my proposals are designed to leave those aspects of auditing in place but enhance the extent of auditors’ work.

First, emphasize the need for auditors to identify if the company has any serious or unusual risks in its business model or practices, including unusual vulnerabilities.

If such risks are found, require that they are disclosed in a clear form in a company’s audited financial statements.

When those risks are pose substantial or unusual vulnerabilities, auditors should include these in the “key audit matters” section of their audit opinion. That would require that they discuss the existence and materiality of such “matters”; describe the additional audit work they have performed to address them; and their resulting assessment on that matter.

If they don’t reach the level of a “key audit matter”, they should be noted and addressed/focused on in the audit plan. 

The goal is not to come up with a laundry list of every potential risk factor similar to a bond or stock offering memorandum which is primarily a CYA or more accurately a CYLE (cover your legal exposure) exercise for the underwriting/offering banks and the issuer. 

All business are subject to a variety of risks.

The point is to identify those risks or vulnerabilities that are not obvious and have a material impact. 

This will become clearer in the post to follow where I outline this “point” applied in actual cases or hypothesize how it might have been applied at Wirecard or Hin Leong Trading.

Second, require that auditing procedures be scaled to risk of an individual asset, liability, etc.

For example, one should not use the same method to verify bank deposits of Euros 1.9 billion that one uses to confirm a USD 100,000 receivable. 

What are these two principles designed to achieve?

The first is designed to alert market participants, lenders, and regulators of vulnerabilities and dependencies that could have a material affect on the company’s health. To raise a red flag. 

That's important because fighting fraud is not the sole job of one group any more than corporate governance is. 

What that means is that for this aspect of point one to work someone out there has to be "listening".  If the "flag" is missed, the chances of uncovering the fraud decrease. 

It is also intended to cause the auditor to focus on a class of risks that seem often to be overlooked at least in some cases. 

That serves as the "back-up" if no one is listening.

Auditors are already required to assess a company’s risks and then develop a specific audit plan of work to ensure appropriate audit work is done on these areas. So this is a reminder with emphasis of this existing requirement.

But if they don’t focus on this latter class of risks, there is a real danger—as perhaps evidenced by some recent fraud cases—that they will not undertake the work they should have to address these issues.

The second is designed to "force" auditors to scale audit work to risks.

What’s the relation to fraud?

As I noted in an earlier post, many but not all types of fraud necessarily require the overstatement of assets. 

We’re most concerned with major frauds that threaten the viability of a company that is the reason for risk based scaling of audit work.

At first blush, this may sound like a good proposal. Or at least that's what I tell myself.

But it is not a panacea. There are no 100% solutions.

Why?

As to reliance on large numbers of market participants reacting to alerts (the first point), if you’ve read this blog before, you know I have little faith in the mythology of efficient markets.

Not no faith. Just a slight bit more than I have in the “Power Ponies”.

Admittedly, I’m banking on a very small number of market participants to read, understand, and then take action on any red flags raised by disclosure of these sort of business risks.  

That being said, just a few persistent sharp investigative (but probably underpaid) journalists at the FT played a major role in uncovering NMC and Wirecard

.

But, the effectiveness of this point doesn't just rely on those sort of market participants.

Widening auditors' risk focus and thus getting them to adjust their audit focus and work should also contribute to detection, particularly because they have access to detailed company financial information that other market participants don't.

But neither of these two intended goals will result in fraud detection all the time.

That’s the reason for the second point.

That’s why it’s in some respects more important than the first. 

Enhanced audit work. Moving beyond the tick-the-box approach to one that is based on risk. The more risk the more work required.

Why is that important?

As I’ve argued, “fiddling” with the income statement requires “fiddling” with the balance sheet pretty much dollar for dollar.

Major fraud requires major fiddling.  

If audit procedures disclose that assets are overvalued or non existent, it’s very good sign that the income statement has been overstated and income is non existent. And vice versa.

There are other cases of fraud that might be detected by enhanced audit work to confirm the existence of an asset or its carrying value.

Some examples.

Knowingly exchanging one asset for another of lesser or of no value.

Or, as happened at Hin Leong Trading, selling inventory without recognizing the sale in the accounts.

Failure to recognize the financial impact of a “good” transaction that has gone bad. A receivable associated with a legitimate sale turns out to be uncollectable. An asset purchased in good faith goes “south”. But there is no charge to the income statement or to equity.

Harder to detect frauds would be inflating expenses to take cash out of the firm. For example, overpaying for goods or services actually received. Or paying for non existent services.

Note in the second part of the previous sentence I’ve eliminated “goods”. It’s much easier to determine that an asset doesn’t exist, than it is that a service wasn’t performed. Or performed in full.

Enhanced audit procedures should lead to discovery of some and perhaps even many of those frauds, primarily those likely to have a material adverse impact on the company. 

Smaller amount items are likely to remain undetected. 

All well and good, you might say. But what about other cases of fraud like NMC where billions of US dollars in liabilities were not recorded in the financials.

Indeed.

These are extremely difficult to detect.

The “first line” of defense is the auditor’s confirm from lenders or providers of funds. This is not ironclad because auditors do not send confirms for each and every loan or other asset of the lender. 

If clever people are perpetrating the fraud, they may arrange a fraudulent reply to the confirms.  

One might hope that as part of annual credit reviews, lenders and other providers of funds look to see if their debt is reflected in the borrower's financials.  They have the details that generally should enable them to identify their debt, e.g., rate, tenor, currency in the absence of their name in the financials.

Banking on "hope" is a endeavor with limited probabilities of success.

Other difficult to detect frauds involve hard-to-value assets, e.g., non listed investments, or real estate. 

Slight changes in assumptions can result in large changes in value. If stock analysts have trouble accurately valuing listed securities, it’s unlikely that accountants or even forensic accountants will fare better.

Enhanced audit work (my second point) does not provide an airtight solution. It does, however, raise the odds of detection.

That means that at best my proposal will not detect all fraud, but it might result in more fraud being detected than currently.

In a post to follow, I’ll detail how both steps have been applied and might have been applied at Wirecard and Hin Leong.  The latter by drawing on my legendary powers of 20/20 hindsight.

Wirecard - Why Income Statement Manipulation Results in Balance Sheet Manipulation

R^2 -Not Affiliated with Wirecard or Hin Leong

As you will recall, Financial Times articles reporting that Wirecard’s (WC) revenues and thus net income had been deliberately overstated triggered the unraveling of the company. Here is an article from early 2019.

If these allegations are true, then it should be no surprise that a significant amount of WC’s assets (most likely cash) does not exist.

And like AA’s “missing” Maybach S 850 Luxury Edition never did.

What that means is that Wirecard’s “billions” have not be misappropriated.

Nor have they been misplaced. Not left, perhaps, in the German equivalent of the Victoria Station Brighton Line cloakroom in a handbag or handbags.

Furthermore, we should have expected to learn that assets were inflated when we first read that income had been.

Since it seems that there is some confusion on this matter, (example here) I’m writing this post to explain why income statement manipulation necessarily requires manipulation of the statement of condition (balance sheet) by the same amount.

Similarly if there is misstatement of a company’s balance sheet, then it’s a very good “bet” that company’s income statement has been misstated as well as discussed further below. 

Why is this?

The answer comes the fundamental accounting identity: Equity = Assets – Liabilities.

If net income is overstated, then equity must be similarly overstated because the results of operations – net income or net loss – are added to equity.

As the balance sheet identity above demonstrates, if equity is overstated, then so must A-L.

Inflating net income then requires that one:

1. overstate assets or 
2. understate liabilities. 
3. Or some combination of 1 and 2.

But there’s more.

There is a very close relationship between the income statement and balance sheet.

In general every entry on the income statement is mirrored in an equal but opposite entry or entries on the balance sheet.

If one reports USD 100 in revenues (a credit), then a debit or debits for the same amount must appear on the balance sheet, e.g., in cash and/or accounts receivable.

If one reports USD 100 in expenses (a debit), then an equal amount credit or credits appears in the balance sheet, e.g., in cash and/or in accounts payable (a liability).

Non-cash revenues (e.g., revaluation of assets, reversal of provisions) must be accompanied by debits to the assets concerned or to existing provisions (contra accounts or liabilities).

Non-cash charges (e.g. depreciation, amortization, provisions) must be accompanied by credits most often to contra accounts to assets or in some cases creation of liabilities, e.g., reserve for litigation.

There’s no escaping this – if one’s balance sheet is to balance.

A dollar’s worth of “fiddling” the income statement, requires a dollar’s worth of “fiddling” the balance sheet.

As noted above, when one hears that a company's assets have been manipulated - usually to make them larger, then one should know that so has income.

By way of example is the case of Hin Leong Trading Singapore.

At this time, reports are preliminary not final.

Details remain “sketchy”--in both senses of the word.

Based on these three articles, CNBC, The Independent (Singapore), and AsiaOne, it appears that HLT hid some USD800 million in derivatives losses (oil futures), and fabricated some USD 2.2 billion of accounts receivable.

As well, the company's inventory is "short" USD800 million.

What that means in layman speak is that HLT’s inventory is overvalued. In this case the value of the actual (physical) inventory is USD800 million less than the value shown on HLT’s balance sheet.

HLT seems to have had two goals with the manipulation of its financials.

Creating fictitious income to cover losses.

Because the amount of the “inflated” receivables is much greater than the USD800 million derivatives losses it’s clear that HLT has been unprofitable for some time as well as cashflow negative.

HLT’s unrecorded sale of USD800 million in pledged inventory to obtain cash for its general operations not only supports the latter conclusion (negative cashflow) but shows just how serious it was.

Maintaining/expanding its “borrowing base”

Most banks lend to commodity traders on a secured basis, with the maximum loan expressed as a percentage (borrowing base) of receivables and inventory.

The “base” is always less than 100% to provide a margin of additional protection because typically one doesn't realize the face value of collateral.

When the outstanding loan is equal to the allowed borrowing under the “base”, the bank will make no further loans.

If outstandings are greater than the amount allowed under the "base", the bank will demand a repayment in the outstanding loan to bring it within the base.

Account Receivables

Banks generally tier the lending percentage according to the days outstanding of receivables, the credit standing of the obligor, etc. The quicker a receivable is collected the better credit quality it is. The longer a receivable is outstanding the lower the quality and therefore the "base".

The nature of the goods being sold is also a factor.

HLT fabricated multiple transactions to replace “aging” bogus receivables with new ones to maintain the borrowing base.

And critically as well to create additional amounts of receivables to expand its “base” and fund its cash “burn”.

Banks also monitor the turnover (inflows and outflows) in borrowers’ balance sheet accounts as well as the borrower's cash account with the bank, particularly those borrowers involved in trading.

If a borrower’s account is “stagnant”, it is a sign of distress in its business. If receivables are turning over (being collected) at a glacial pace, another red flag.

HLT round tripped cash through its accounts to give the appearance of robust cash flow, e.g. collection of receivables.

Inventory

Banks perform a similar borrowing base calculation with inventory, factoring in price volatility, nature of the commodity/goods, costs of sale, etc. 

For example, in general crude oil inventory would be considered “better” than specialty manufactured goods that could be used by only a limited set of potential buyers.

HLT needed cash and didn’t want to reduce its borrowing base which would prompt a demand for reduction in its loans. So it sold pledged inventory without recording it in the income statement or its balance sheet.