Technology to Fool Auditors: From Colored Pens to Computer Scanners

Let us pause to consider changes in the technology of fooling auditors with fraudulent documents.

Back in the 1960's the fraudulent growth story destined to get the most attention was that of Equity Funding. It was a Wall Street darling with a concept that seemed ever so clever: It sold mutual fund shares to investors, and then allowed them to borrow against the value of the funds to purchase life insurance.

Unfortunately, the concept did not catch on with customers to the extent desired. So the numbers were invented. When auditors asked to see the file on a phony insurance policy, the company's employees would simply fake it. With multi-colored pens and several people – it would not do to have the same handwriting on the application as well as on the medical examination – they put together files. The auditors never guessed.

By the early 1980's, it was ZZZZ Best that showed how easy fraud could be. That carpet cleaning company was started by a 16-year old who wound up with stock worth more than $100 million after his company went public.

To accomplish that fraud, auditors were shown bank statements that showed a lot of money coming in. In fact, recalled Brian Fox, a founder of Capital Confirmation, a company selling a service that it says will allow auditors to be sure bank confirmations are genuine, ZZZZ Best simply took real bank statements, whited out inconvenient parts and typed in different numbers and – crucially – names and addresses.

Then a photocopier was used to produce documents good enough to fool the trusting auditors. They sent requests for confirmation to the addresses listed on the statements. Confirmations came, and the public offering proceeded.

And now we have Parmalat. No longer was something as crude as Wite-Out ink remover required. Instead a scanner was used to put a real bank document in a computer, and the phony one was born.

Assuming that the auditors were not complicit in the fraud – and let us hope that assumption is justified – what becomes clear is that while technology has changed, the credulity of auditors remains great.

That credulity was much more understandable, however, in the Equity Funding and ZZZZ Best cases. Auditors there thought they were looking at routine files. At Equity Funding, each such file was not inherently suspicious. At ZZZZ Best, the rapid accumulation of cash might have seemed suspicious, but it was consistent with what might be expected of a very successful entrepreneur.

No such understanding is possible with the most amazing part of the Parmalat fraud. There the auditors accepted at face value that Parmalat had 3.95 billion euros (then worth $4.1 billion) in a bank account in the Cayman Islands. They evidently failed to actually talk to the bank officer whose name was on the phony confirmation.

Who ever heard of a bank account of that size? And why would a company with that much cash in the bank – not in some lucrative and complicated investment but just in a bank account – keep borrowing billions? The auditors do not seem to have been overly curious.

To be sure, excessive credulity is not confined to auditors. Even after the phony bank account was exposed, there were buyers for Parmalat shares.

In each case – Equity Funding, ZZZZ Best and now Parmalat – the technology needed to fool the auditors was available to almost everyone. Scanners may not be as cheap as the old colored pens, but they are not expensive.

Is it too much to ask that the auditing firms come up with a foolproof way to assure that bank accounts are real?