Bank Robber

My column today is not the first one regarding your Accounts Payable department, nor will it be the last.

If you are a new controller unfamiliar with managing an A/P department, you need to get educated as quickly as possible.

Several years ago I was faced with the same challenge and through a stroke of luck,  I found Mary S. Schaeffer.  To say that Mary is a leading expert in the U.S. on Accounts Payable is an understatement.  I have almost all of her books and several of her writings.  I couldn’t have managed a multi-million dollar A/P department without her.

Mary has just published a new book ‘Internal Controls in Accounts Payable’ which I would describe as everything you needed to know about A/P but were afraid to ask!

I know it’s an old joke but it cannot be repeated often enough……….when Willie Sutton, a famous bank robber of the 20’s and 30’s, was asked why he robbed banks…………..he replied ‘because that’s where the money is’.
As controller, it is your job to manage and eliminate as much risk of theft in A/P as you possibly can.  As I have said before, A/P is not about cutting checks and making payments.  It’s also about fending off all would-be crooks inside and outside your company.

If you want to preserve your career and your reputation, don’t let yourself and your company become a victim of A/P fraud…..AND  don’t lull yourself into a false sense of security believing  that no one in your A/P department is smart enough to pull it off.  I’m giving you a stern warning that first…….it doesn’t take a genius to pull it off and second……some A/P fraud is committed by top management.

We often hear Controllers and others say that they cannot maintain necessary Internal Controls because of segregation of duties, probably because A/P might be a one person department.  In Mary’s book she offers practical solutions to segregation of duties and other Internal Control practices.

You can order her book now  at

Below is an image of her newsletter you can subscribe to in order to stay abreast of all the new developments happening in this corner of the world.


Newsletter of AP-Now

Newsletter of AP-Now




It’s back to school today for many students.  And, it’s back to work today for controllers facing the first full work week of the year.

So, with that said, I am going to launch my first annual ‘The Everyday Controller’ list of predictions for 2014 in America.

  1. I predict that the U.S. Government and other governmental bodies should become your new best friend this year.  In years past, many small companies have felt safe flying under the radar of compliance.  I would suggest that this will not be so easily accomplished.  Build a history of compliance with the various agencies you must deal with including the IRS, your state’s environmental division, city and county officials, etc.  Regulatory oversight is not going away.  Build a proven track record of compliance and you will most likely reduce your company’s overall risk.
  2. I predict that your skills as a Controller in a growing company will be tested.  Companies experiencing rapid growth face their own set of challenges including finding and training new personnel, maintaining internal controls, working capital forecasting and many others.  In companies with both a controller and a CFO, the controller is normally working on the frontlines.  All controllers should make sure that there are open lines of communications with employees.  I cannot tell you how many disasters were averted because someone gave me a heads up.  Keep your door open as much as you possibly can.
  3. I predict that the single greatest challenge you will face in 2014 is keeping all your personnel happy.  In today’s world of work, many employees expect the flexibility to be able to attend functions during the day at a child’s school or to utilize FMLA to care for a sick parent.  It’s the 21st century.  And people want more than just money from their jobs.  They want choice, opportunity, challenges, flexibility and to be heard and respected.
  4. I predict that as a Controller, if you fail to keep up your personal and professional development eventually you will be seen as living in the past, doing things the old way, and even possibly ‘obsolete’.  You are a professional.  Even if you are not a CPA or CMA, you should take advantage of the courses offered for them.  Take a course on Internal Control, or Tax.  There are a number of courses that are specific to industry such as construction and the restaurant business.  Find ways to interact with others in your profession.

It is too easy to live your life at work careening from one crisis, one fire, to another.  If you don’t come to life except when something has gone wrong, you probably need to start building in a daily routine.  Develop projects you want to work on.   For instance an accounting manual for your company may be needed.  If you’re on an Exchange Server developing some of its capabilities.  Have a set time each week to meet with your staff.  Maybe even an hour or two a week for that professional development track.

Finally, having lived and traveled across the world, I can safely say that America is the business engine of the world.  You should be proud to be a part of that no matter how large or small.


Good morning Controllers.  In my post last week, we talked about the ACFE’s 2012 REPORT TO THE NATION on OCCUPATIONAL FRAUD & ABUSE.

In Part IV, my final post specifically dedicated to prevention of fraud, I said we would visit the checklist included in the Report to the Nation.  Hopefully you were able to follow the link and look at it.  Let’s look at a few of the questions:

  • Is the Management climate/tone at the top one of honesty and integrity.
  • Does Internal Audit have adequate resources and authority to operate effectively and without undue influence from senior management?
  • Are strong anti-fraud controls in place and operating effectively?
  • Does the hiring policy (where permitted by law) include
    • Past employment verification
    • Criminal and civil background checks
    • Credit checks
    • Drug Screening
    • Education verification
    • References check

There were eleven separate questions but I listed the ones I thought were the most critical rather than repeating them all (but I still urge you to follow the link and print the checklist for yourself).

Just looking at the four above, I can’t overstate the importance of ‘due diligence’ in hiring, especially when it comes to accounting, finance, accounts receivable, accounts payable, treasury, sales, operations, etc.  Doing so is not a 100% bona fide guarantee you won’t make a hiring mistake, but it will certainly eliminate a significant number of bad hires.  Any time you can be proactive and not reactive, you are well ahead of the curve.  Finally, firing someone, at least for me, is gut wrenching.  Save yourself some pain.

Next, ‘tone at the top’.  I remember this kind of question on my CPA exam.  It’s not an outdated concept.  Yes, there are some successful executives who have ignored the importance of ‘tone at the top’.  But when you ignore it, you risk losing it all.  As a controller, there’s very little you can do about this if senior management is unconcerned.  As controller you can set your own tone with your people about honesty and integrity.  At least they will know where you stand.

Next, anti-fraud measures are critical.  To often as we all learned in accounting 101, segregation of duties is not possible because of the number of employees.  If you are a small company, this is a challenge.  However, as I have said, you do not want the bookkeeper reconciling the bank statement.  Do whatever you have to do to keep that from happening.  And remember that cross training, wherever possible is a significant step towards strengthening your internal control.

Internal Audit departments are generally the province of big companies.  It may be that as controller, you will have to become the Internal Auditor.  If your company uses an outside accounting firm, get with them and have them assist you in developing the internal audit questionnaire.

Fraud prevention does not have to be an expensive proposition.  There is much you can do to have fairly tight controls in place without a big dollar investment.  However, fraud losses can be very expensive, especially in smaller companies.  According to the ACFE report, average losses for small to medium companies from fraud:

  • 2012 – $200,000
  • 2010 – $231,000
  • 2008 – $278,000

Note:  At least the averages are declining.

One last story, and then we will move on.  In our small town there’s not much choice among grocery stores.  However, there was a small independently owned grocery store that I loved.  They bought produce locally and you could buy exotic lettuces and beautiful herbs there.  They had good prices and many individuals and companies did business there.  He also had a very lucrative meat business.  But they closed their doors a couple of years ago.  All of us were heartbroken.  The owner went broke.  But I found out, through a confidential informant, that the ditzy little blonde cashier that had worked there after school for about five years (and then fulltime) had stolen almost $500,000 from the cash register through phony refunds and other manipulations.  To this day, I don’t know how that was possible, but sadly it happens everyday somewhere in America.  Somewhere in the world.  Be an advocate for your company and protect it as if it were your own.  Your job may depend on it.


Hope all of you survived Thanksgiving & Black Friday.  Today is cyber-Monday.  I am trying to resist.

I hope you had the chance to read last week’s blog about ‘The Spy’ at the EPA.  If you haven’t, I urge you to take time to read it.  The level of incompetence of those responsible for our taxpayer dollars at the EPA is almost incomprehensible.

Why do people commit fraud against their employers?  According to the ACFE’s 2012 Report to the Nation on Fraud, here are a few of them:

  • Financial pressures
  • Need to live beyond their means (social pressure)
  • Addictions
  • Marital instability

After reading the Wall Street Journal article, I think we can add one more – delusions of grandiosity.  I’ve met a few people in my career that suffered from this particular malady.  They can be very dangerous in some organizations.

Here are some frauds I have encountered during my career:

  • Plant manager buying an engine for a race car he was building
  • Retail manager buying groceries and building supplies on his company checkbook
  • Secretary endorsing over and depositing to her account a vendor refund check made out to the company
  • Salesman collecting cash from customers for invoice payments and failing to turn it in
  • Salesman turned in hand written tickets for gasoline purchases he never made
  • Traffic manager taking kickbacks from a vendor

The most frightening statistic in the report reflects that approximately 5% of all business revenue is lost to fraud.  What are we as controllers and cfo’s and consultants going to do about this?

I subscribe to the Wall Street Journal in order to stay on top of business trends and developments.  It’s never boring.  There is hardly a day that goes by that there is not a report of fraud by individuals or an organization.  I’ve lived in a third world country where the citizens were just resigned to fraud and waste.  I do not want to see that happen to the United States.

I’m going to give you a link to the ACFE report.  On page 70 & 71 is a “Fraud Prevention Checklist’.  Print it, review it and then grade yourself and your organization

Next week we will delve into the Checklist.

ACFE 2012 Report to the Nation


Here’s my Thanksgiving gift to all controllers and consultants.  Yes, it’s about fraud.  A fraud so outrageous that I had to write about it.

Tucked in the bottom corner of the Editorial Page of the Wall Street Journal last week was an article titled ” The ‘Spy’ Who Fooled the EPA”.  If your faith in our government has been diminishing, I’m afraid this might be the final nail in the coffin.

It happened at the Office of Air and Radiation, a division of the EPA.  John C. Beale was a senior official there having spent 23 years of his career there.  Recently, he reached a plea agreement related to the $900,000 in overpayments of a bonus and falsified expenses.  Apparently the fraud started in 1989, even before he was hired.  On his application for employment he stated that he had been employed in the U.S. Senate.  There is no evidence of that being true.  After hiring, he informed his superiors that he was also working as an operative of the CIA.  It only gets better.  Prosecutors contended he had missed almost 2 1/2 years of work from 2000 to 2013 telling his superiors he was essentially gone on ‘secret missions’.  In fact, in 2008 he was gone for six months supposedly on an EPA ‘research’ project.  No leave request was ever submitted.  But, the EPA managed to approve and reimburse him for $57,000 in fraudulent travel expenses.  It gets even better than that.  He also claimed he had contracted malaria while serving in Vietnam.  His prize, an $18,000 handicapped parking spot in downtown Washington D.C.  P.S.: there’s no evidence he ever served in Vietnam.  Nor, any evidence that he had malaria.  For his stellar performance as an employee, he was awarded retention bonuses for six consecutive years.  Just one problem.  The EPA paid those bonuses for 23 consecutive years.  Louisiana Senator David Vitter spearheaded an investigation that led to the facts of the gross overpayments becoming known.  Senator Vitter is pushing for an investigation of the INTERNAL CONTROLS at the EPA.  However, Senator Barbara Boxer, head of the Environment & Public Works committee is resisting.  Why?  The writer states it may be because this is just too embarrassing for the EPA.

I wonder, have you had an employee tell you they would be absent for awhile because they are a CIA operative?  Or working on a secret project for your own company?  What about an employee that asks for time off at a busy time of year because they have personal issues?  And then you find out they needed the time to recover from cosmetic surgery?  Everyone is entitled to time off. It’s just there needs to be a recognition that there are times when they are needed.  Would Santa be giving the elves time off right about now?  The WSJ article is really not about the appropriate times to ask for leave.  Rather, it is about why the government can’t do any better than this protecting our taxpayer dollars?  And, what about all the stealing going on that we don’t know about.

Have a Happy and Safe Thanksgiving to all of you.  See you next Monday.  Part III of FRAUD & THE CONTROLLER.


For CPA’s and audit firms, there’s been a major disagreement going on for years as to whether or not in an audit or review, fraud should be detected.  Most investors have always assumed that it was the accountant’s main objective to discover fraud.  However, determining whether there are material misstatements in the financial statements is not the same thing as detecting fraud.  That said, I believe that a controller has the very clear responsibility to implement controls to prevent fraud.  I can think of nothing worse than to have a major fraud discovered in a company with a controller.  There are exceptions.  Mainly, the one exception I see is if it is fraud by management overriding controls.  That’s difficult for a controller to detect unless they have observed it first hand.

Fraud comes in all shapes and sizes.  Would you believe that churches are repeatedly victims of fraud.  Here are some of the fraud schemes we will look at in the coming weeks.

  • Invoicing Schemes
  • Checkbook schemes
  • Accounts Payable schemes
  • Payroll Schemes (ghost employees)

We’ll also look at ‘Report to the Nations on Occupational Fraud & Abuse’ 2012 Global Fraud Study.  Some of the statistics are actually quite sobering.  Did you know that:

  • 77% of all frauds are committed by personnel in Accounting, Operations, Sales, Executive/Upper Management, Customer Service & Purchasing.  Six departments all who have some degree of control over cash.  And some, more than others.
  •   In the U.S. 43.1% of discovered cases of fraud were through tips.
  • 87% of all occupational fraudsters are first time offenders.
  • Occupational Fraud is a significant threat to small business
  • The median loss was $140,000 with 1/5th involving $1,000,000+.
  • Companies in 2012 with less than 100 employees averaged more in dollar losses ($147,000) than companies with over 10,000 employees ($140,000)

(All of the above taken from ‘Report to the Nations)

After spending several hours the other night researching cases on the FBI website, I can tell you that after a while there is a pattern that emerges that even the non-accountant can easily perceive.  When it comes to their money, too many business owners just had to be asleep at the wheel for some of these frauds to be perpetuated.

If you are working as a controller, the owner(s) of your company has most likely already realized the need for your services.  As a controller, you must keep your eye on much more than accounting, inventory, accounts payable, general ledger and all the other things that demand our time.

In future articles we’ll look at some steps to take to start building a strong foundation of internal controls, especially over cash.

RULE Number ONE on the list.  CROSS TRAINING.  I promise you, most likely you will get resistance.  Use your imagination on this one if you have to.  No bookkeeper in a business should be the only person who can handle the deposits and the disbursements.  Finally, I think the statistic still stands………………one in four employees steal from their companies.  It’s time to pay attention if you haven’t been. 

Think Like a Consultant! “How to Streamline Your Company from the Inside” – Part II

Large consulting companies make money by promising change.  Over the years, consultants and business academics have generated countless buzz words.  For example, ‘paradigm shift’ (big in the 90’s), ‘just in time inventory’ (that’s still around), ‘prospecting’, vertical integration, etc.  In the La Quinta add I referred to in Part I, the consultant believes the answer is ‘synergistic integration’.  What does synergistic integration mean?  Probably it means different things to different people.  What it means to me is the favorite (and easiest) solution of many consulting companies.  Cutting costs by cutting employees.  But a controller who is already inside the organization should be able to achieve needed change if they are capable of and understand how to effect change.  Cost cutting and streamlining often go hand in hand as owners and management seek lower overhead costs.

Most consultants rely heavily on checklists and documentation.  Their documents have been honed and sharpened over a period of time and eventually become templates for how they approach a potential client hiring them to help improve operations.  It is the creation and  use of these templates that will be instrumental in organizing and executing your approach to any given area requiring improvement.  Your focus as a controller will most likely not extend to bottlenecks on the factory floor, although I am sure some controllers with specific knowledge of their industry may become involved.  But generally speaking, ‘Think Like a Consultant!”  is dedicated to administrative work flow, including (but not limited to) working capital, cash flow, inventory, AR and AP required improvements.

Consultants are generally brought in because management has identified a problem.  Possibly the accounting firm conducting the annual audit has identified a weakness in internal controls.  Or, as I stated in Part I, there may be some kind of morale problem which is usually not in a controller’s power to fix.  Sometimes consultants are hired to help a company achieve economies of scale.  Below I am going to present TWO scenarios that you, as controller, may encounter.


Background: You work for a privately owned company with 45 separate retail and wholesale  facilities.  You are the controller for the company and work in the corporate office.  You have been with the company for just under a year.  The owner is not happy.  He has just discovered that a duplicate payment has been wired, each for $100,000.  He asks you ‘how could this happen’?  You tell him you will investigate.  You go straight to the Accounts Payable department and ask how this happened.  Everyone in A/P is stunned.  This is the first time they have heard about it.  You say, ‘I need an answer right now.  I have to report back immediately’.  The first thing the A/P department does is pull the vendor file.  There are two bills for $100,000 each.  Both are dated the same date, same invoice number, same amount.  One is obviously a duplicate.  All the proper approvals are present.  It is obvious what happened.  The vendor submitted an invoice directly to the corporate office and it was paid.  No Purchase order had ever been assigned.  The payment was made on the last day of the month.  The vendor did not receive payment according to terms and their system generated a duplicate invoice which was mailed to your company.  It happens.  You explain to the owner what happened.  Oh, by the way, you have already called the vendor and they are willing to wire back the money immediately.

You draw a sigh of relief and report back to the owner.  He is satisfied.  You go back to work.

Does this sound familiar to you? 




You work for a privately owned company with 45 separate retail facilities.  You are the controller for the company and work in the corporate office.  You have been with the company for just under a year.  The owner is not happy.  His Credit Manager has reported to him that at one of the wholesale sites, the manager shipped $225,000 worth of product to a single customer who had no approved credit.  The customer had promised to pay the store manager as soon as he received payment for the merchandise to be resold.  The entire balance is comprised of only one product.  A very high dollar specialty product contained in small bottles.   As controller, you are responsible for managing interim and final year end inventories.  The product was shipped over a small window of time at least eight months ago.  The owner wants to know how you missed what would have been an obvious inventory shortage.  You tell him you will investigate.

Obviously, the manager has violated the most basic of internal controls, failing to enter the shipments into the company’s computer system.  Furthermore, the manager has violated basic credit policy.  Subsequently the manager will be written up and placed on probation.  During your investigation, you discover that the count team assigned to that location was given a physical inventory count sheet which had the names of all the products that should be located at the wholesale site.  Next to the name of each product was a blank line and at the end of the blank line the correct Unit of Measure of the product based on how it is carried in inventory.  As is the procedure, the count team leader asks the manager to review the physical inventory count.  When the manager sees the specialty product line is still blank, he tells the count team leader that the product has been delivered but not invoiced yet due to a pricing dispute, so they should add it back to the count sheet.  The count team leader does not question this or notate this on his report back to the Corporate Inventory Department.  As a result, no shortage is shown. 

You report this back to the owner.  By now, fortunately the customer has sent a check for 50% of the outstanding balance of $225,000 and has promised to pay in sixty days.  The owner is satisfied with the outcome.  You draw a sigh of relief and go back to work.

Does this sound familiar to you?

As time marches on, the owner’s concerns grow about how well his company is being protected from risk.  And, that is when many owners call in the consultants.  All I can say to you, as the controller, don’t let this happen to you.  It may not end well.

Look at the two scenarios above.  Do you see anything wrong with how the controller handled the situations in Scenarios I and II?  I’d love to hear your opinion.  All of us who have served in the ‘Controller Army’ know that most days we are just putting out fires.  From the moment we walk in the door, all our plans made on the drive to work seem to fall apart.  You cannot be effective if you are in constant reactionary mode.

Next week, in Part III…………..we will look in depth at how documentation, checklists and an understanding of processes can turn you into an internal consultant.  By the way, a reminder.  The most important word in your ‘consultant’ arsenal is ‘Why?’.

SDF Applications

Exceptional Apps.

Dennis Dean Smith

Cross From Your Ideas to Success

Crochet with Raymond

The mad adventures of a lesbi@n hooker and her siamese cat!

The Office Blend

Work Life Now

Law At Work

HR, employment, and health & safety advice in Jersey and Guernsey, Channel Islands

Live to Write - Write to Live

We live to write and write to live ... professional writers talk about the craft and business of writing

The Daily Post

The Art and Craft of Blogging


News and reviews from the world of gadgets, gear, apps and the web

TED Blog

The TED Blog shares interesting news about TED, TED Talks video, the TED Prize and more.

Matt on Not-WordPress

Stuff and things.

Philadelphia Estate and Tax Attorney Blog

Philadelphia tax, estate, corporate, small business attorney providing IRS tax representation, estate planning & administration, small business, probate, wills, trusts, tax planning

WordCamp Central

WordCamp is a conference that focuses on everything WordPress.

Leadership Freak

Empowering Leaders 300 Words at a Time

Late Blooming Entrepreneurs

Making it big in business after age 40

Small Food Business

The Soup to Nuts Resource for Artisan Food Entrepreuers


A voice for private company controllers

The Blog

The latest news on and the WordPress community.