Forensic Accounting – What can it uncover?

Forensic accounting is another area where accountants can provide expert support and advice.

Forensic accounting is the investigative process by which financial information is gathered, analysed and presented in a clear, unambiguous way, with conclusions as to events and outcomes. It is similar to a due diligence process, although the scope is often narrowed to a particular area of concern, which is investigated in much more detail, rather than a broader investigation into areas of potential risk. Common situations for engaging a forensic accountant include suspected theft or fraud, insurance claims for loss of earnings e.g. from a fire, or the losses incurred with the breach of a non-compete clause.

The process is not always in connection with a court case, but if there is the potential that legal action may result, it is worth seeking an expert with experience and who understands the processes required under the Civil Procedure Rules.

The initial investigation process can assist with the following:

  • Gathering evidence which may be required for a later court case
  • Analysing information and presenting it in an easy to understand manner
  • Providing clear statements of opinion on events and their financial impact
  • Making suggestions of next steps and potential actions

The exercise could be undertaken on behalf of either party, or jointly agreed between them as part of a more formal process.

Once the report is presented to the instructing party/parties, it may then be called upon in any court action. The investigating accountant can then assist the litigation process in the following ways:

  • Providing expert testimony in court
  • Support in formulating questions for other witnesses on the financial information
  • Review of other witness expert reports and providing comment
  • Potentially preparing a joint expert statement with the opposing expert to explain areas of similarity and areas of difference
  • Providing guidance on settlement discussions and the calculation of damages

It is important that the forensic accountant is provided with access to all information required and that they use that information to form their professional opinion on the events and their implications. Key to the quality of a report in a case, particularly one that proceeds to court, is the presentation of this professional opinion as this is the area where an expert truly demonstrates their value.

If you have any questions or would like to discuss our Forensics services in more detail, please contact Hannah Farmborough or call on 0207 429 4147 to be put in contact with a member of our Forensics team.

This article originally appeared on the blog of our member firm, Broomfield & Alexander.

 

Sage Data Breach – Is your data secure?

In August 2016 a woman was arrested following a loss of customer data at Sage (the Newcastle based Plc software firm), which provides accounting and payroll software to SME’s in the UK and abroad.

This was an embarrassing loss for a company specialising in software.

However, this attack came from within – an employee gained access to a significant amount of sensitive client information covering 200 businesses utilising some specific Sage systems. This was achieved using an internal employee login credential, which allowed the user unrestricted access to payroll information of Sage customers.

Salary information, national insurance numbers and individual bank account details were viewed, which could have potentially been distributed, sold or misused in further cyber-criminal attacks. In a worst case scenario, companies could have suffered a disruption in trading or sustain losses as a result of a subsequent targeted attack, which, in the case of small or medium sized businesses, could have a devastating effect on finances.

Given the nature of the breach, Sage UK Payroll worked closely with police and the Information Commissioner’s Office (ICO) to investigate the extent of the fraud. Swift action is critical when a data breach has occurred in order to minimise and prevent losses.

Sage contacted its UK clients whose data had been affected, and although the data obtained in this case was not distributed, the reputational damage to Sage was done, resulting in an immediate fall in share price following the announcement of the crime.

The cost to business of a breach is therefore not only the obvious costs of compensation, remediation (and associated legal fees) but also potential loss of customers, and the costs of rebuilding damage to a firm’s brand.  There will also be a fine from the ICO in due course

Following the high profile breaches of gaming giant Sony in 2014 and telecoms provider Talk Talk in 2015, there are increasing pressures on companies to have robust data protection policies and measures in place to prevent data theft.

The result has been a focus on strengthening network security to defend against external attacks, but firms remain vulnerable to insider threats from employees or individuals within their own organisation. Insider fraud is an opportunity fraud, and the good news is that nearly all insider threats can be prevented by reducing the opportunity in the first instance.

Employees often have detailed knowledge of internal systems and controls, and can circumvent or override procedures, knowing where businesses’ weaknesses are and how they can be exploited and concealed.

Smaller businesses (where the number of employees is low) are especially susceptible to these risks, as one individual may have responsibility for a number of key systems.

So what can be done?

  • Prevent staff having unnecessary access permissions to systems that are not related to their role or function.
  • Rotate duties and responsibilities.
  • Cultivate an atmosphere of transparency and honesty, and enable channels of communication to encourage employees who suspect suspicious activity to come forward.
  • Educate staff on the signs of internal fraud – simply knowing an organisation has procedures in place to detect fraud is a powerful deterrent to fraudsters.

Our member firms work closely with SMEs to identify weaknesses in a company’s systems, to seal the holes in their security that fraudsters seek to exploit, as well as providing practical advice to limit exposure to fraud.

Our member firms can provide a rapid, co-ordinated response with local law enforcement, and solicitors in the event fraud is detected, and advice to quantify and evidence the losses sustained, helping with recovery whenever possible.

If you would like to know how to avoid data losses and reduce risks of internal fraud, please contact Hannah Farmborough or call on 0207 429 4147 to be put in touch with a member of our Forensics team.

This article originally appeared on the blog of our member firm, Tait Walker.