(c) The Chartered Professional Accountants of Canada. Contact CPA Canada for permission to reproduce this article., Audit and Assurance, Risk Management

Road to recovery

By David Malamed

What solutions exist to improve the possibility of recouping losses, which can range from small amounts to some of staggering proportions?

“In 2013 recovery auditors returned more than US$3 billion into [Medicare’s] coffers,” US publication Modern Healthcare reported in September 2014, noting that providers that appealed those audits won fewer than one in five tries. “In total, Medicare’s recovery auditor contractors, or RACs, found US$3.75 billion of incorrect payments made to hospitals and doctors in fiscal 2013,” according to the Centers for Medicare & Medicaid Services annual report to Congress. “Of that total, US$3.65 billion was related to overpayments.”

While the success of Medicare’s RACs is impressive, the majority of North American corporations and large organizations find it difficult to recover financial losses caused by fraud or errors.
The Association of Certified Fraud Examiners 2016 Global Fraud Study: Report to the Nations on Occupational Fraud and Abuse reported that 58.1% of victims “had yet to recover any losses at the time of the survey, and only 12% of organizations had recovered all of their losses at that time.”

An examination of the issue in Canada confirms the challenges entities face when trying to recover losses. In 2016, the International Monetary Fund, in a report on anti-money laundering in Canada, concluded: “Asset recovery is low.” It’s a determination echoed by Brigeeta Richdale, an associate in the Vancouver office of Bennett Jones LLP, who specializes in securities, fraud and commercial litigation. “There’s been a real lag [in being able to obtain] recovery in Canada,” she says, adding that it’s “improving, although historically it’s been tougher here.”
The primary concern for many of her clients who have faced an unexplained financial loss, which could involve fraud, is to ensure “there’s no regulatory problem or potential criminal fallout,” Richdale says. After that consideration, most clients focus on recovery, “which is obviously a big deal for share-holders.”

If recovery continues to be a difficult outcome to achieve, what solutions exist to improve the possibility of recouping losses, which can range from small amounts to some of staggering proportions?

One method is for companies to engage a forensic accountant experienced in identifying errors and anomalies to conduct a recovery audit. However, unlike the US healthcare system, most companies cannot afford such an expensive undertaking.

The good news is that a recovery audit in Canada does not need to cost a company anything, unless actual recovery is achieved. Recovery auditors typically work on a contingency fee basis, which eliminates any upfront financial investment.

Recovery audits can be undertaken for two primary purposes: reactive and proactive.

Reactive audits

The former usually occurs when a company has discovered a problem resulting in financial losses, possibly as a result of fraud or error. If recovery is a primary objective — along with quantifying the loss, identifying how it occurred and implementing policies and procedures to prevent its recurrence — it’s beneficial at the outset of an investigation or audit not to assume it’s fraud. To do so reduces the potential for recovery.

A preferred approach would be to classify the loss as an error or a mistake. “The word fraud often does instantly create backs going up and a bit more of a hostile situation,” says Richdale, “so I think that’s a smart approach.”

Once the fraud alarm bell has been pulled, it usually sets off a chain of events that reduces the likelihood of recovery being accomplished — those caught up in the web of suspicion often retain legal counsel, who often advise them not to say anything to investigators. As for actual perpetrators, they might react by trying to hide or dispose of whatever assets they’ve purloined.

There’s also the possibility that no fraud occurred, which would likely be welcome news to the victimized company. However, if suspicion has fallen on key employees as part of a fraud investigation, those targeted might decide to leave the employer and/or initiate a constructive dismissal suit.
However, if the matter is characterized as an error, it not only protects the company from jumping to the wrong conclusion, it might influence a perpetrator, if applicable, to cooperate with an investigation.

Once retained in a proactive situation, the goal for a recovery auditor is to identify errors, determine whether the losses are recoverable, assist with the recovery process and provide recommendations for improving controls and processes.

Where should you focus your attention? The recovery auditor’s plan of action, typically, would be to examine the client’s accounts payable records, such as invoices and statements, to look for anomalies or errors. If the number of records is substantial, analytic software programs can assist in this vital task.
Why accounts payable? That’s where so many errors occur.

“Duplicate payments and overpayments affect between 0.05% and 0.1% of a typical organization’s annual payments, according to the Institute of Internal Auditors,” says UK-based fiscaltechnologies.com, which provides forensic solutions that let purchase-to-pay teams protect organizational spending.

That statistic means that one in a thousand payments could be a duplicate. “If your organization spends more than £10 million annually, then all current research shows you are likely losing thousands of pounds every year due to duplicate payments, fraud and invoicing errors,” says the website. “If you spend more, the problem is very probably worse. Audit three or more years of historical accounts payable data and the immediate savings for an organization can run into six figures.”

If duplicate payments or overpayments involving a vendor are identified, for example, it will be much easier to negotiate repayment if the vendor is told an error has been detected than if the vendor is immediately questioned about having possibly committed a fraud.

Proactive audits

Forensic accountants can also be retained to conduct a recovery audit prior to the discovery of any problems. The proactive approach doesn’t just focus on accounts payable errors (and the potential existence of fraud). It is also geared towards identifying accounting inefficiencies, a problem that most companies face to one degree or another.

A classic example of the latter was illustrated in a February Forbes article, “The Rebirth Of Burger King Has Made 3G Capital, Bill Ackman And Warren Buffett Over $14 Billion.”

The article details how Wall Street shook its head at the apparent folly of paying US$3.3 billion for Burger King in 2010, “minting over a billion dollars in profits and a five-fold gain for exiting investors, including Bain Capital, TPG and Goldman Sachs. It was a ‘Whopper’ deal that left analysts scratching their heads as to how the buyer would get its money back.” Six years later, however, “Burger King’s new owners have made over $14 billion, surely one of the greatest investment scores in history.”

How was such a turnaround accomplished? By identifying efficiencies. “Something that’s embedded in our culture is that we are going to continuously look for areas to find efficiencies and to operate our business in a smarter way,” Josh Kobza, Burger King’s CFO, said while discussing costs on a 2014 earnings call with analysts. “That’s another area that will continue to be focused on over the next few years, in trying to be the most efficient operator in our sector. And that is really how we think about driving underlying growth in our business, and those are the big focuses for our model going forward.”

No recovery auditor could promise clients such benefits from discovering potential efficiencies or identifying errors in their accounts payable processes. But the likelihood of significant savings being uncovered is more than probable.

Commissioning a recovery audit after the fact is more common than assigning one on a proactive basis, although the latter can prevent problems down the road.
Why, then, do companies resist such preventive medicine? The primary reason, most likely, is human nature. Too many people assume that if they can’t see a problem, then no problem exists. So, why waste money on an unapparent problem?

In a 2015 Fraud Magazine article, Tasha Bailey, a senior vendor risk analyst with APEX Analytix in North Carolina, wrote about working with companies with annual revenues of US$5 billion or more. “Often, the company doesn’t put a robust process in place until it’s in the news with a violation, … or an internal case of undetected embezzlement that might have gone on for years. But why? As money walks out the door, why wouldn’t companies adopt a more proactive stance for early detection?”

One of the reasons may be the fear of discovering that something is wrong. “Passive detection methods aren’t enough anymore,” Bailey said. “It’s been proven time and again that instilling proactive efforts to discover or reduce fraud will increase the bottom line and enhance a company’s reputation.”

Recovery audits can’t guarantee that significant problems will be detected. But if nothing is found, the client pays exactly that — nothing. What could be a more efficient investment than that?

This article was originally published in the June 2017 issue of CPA Magazine.