New fraud activity involves IT

The home security business wasn’t so hot in Florida in 1994 and 1995, meaning lousy quarterly financial reports for Sensormatic Electronics Corp. in Boca Raton, Fla.

Slashed prices and easy payment terms didn’t produce sales that meet Wall Street’s expectations. So Sensormatic executives told underlings – including information technology manager Thomas Pike – to doctor the books.

For almost two years, Pike dutifully directed his staff to roll back the computer clocks so that sales were booked sooner than they should have been and profits looked bigger. That simple act, which any IT manager can do, got Pike sued by the Securities and Exchange Commission (SEC), a U.S. accounting watchdog.

The SEC, which only recently closed the case, charged Pike with seven counts of violating or causing Sensormatic’s violation of accounting rules. Pike couldn’t be reached for comment.

Several IT professionals faced SEC suits recently for using their technology skills to help commit financial fraud or falsify accounting books. Resetting computer clocks is a common trick. So is manipulating inventory reports to inflate the value of products.

And an interesting note in the Sensormatic complaint suggests that more IT departments could be investigated by the SEC: The agency said an IT director “is responsible for the accuracy and integrity of the documents and data generated by” a company’s computer systems.

“If they’re doing their job, they should catch [accounting fraud],” said Bill Baker, an SEC lawyer in Washington.

For example, IT managers should know whether unauthorized changes have been made in general ledger, accounts receivable and other accounting software modules, Baker said.

Though Pike escaped a fine – because he didn’t appear to have profited personally from the crimes – he did suffer a common SEC punishment: He agreed to a cease-and-desist order not to commit such crimes again, and he endured a public airing of exactly what he had done.

“That’s why we write complaints in narrative style. It’s important to get the story out,” said Paul Berger, another SEC lawyer in Washington.

In an ongoing saga, managers at theatrical producer Livent Inc. are accused of overstating profits by at least US$59 million over eight years. They did it mainly by manipulating accounting software, the SEC charged in January.

Livent, which has financed big Broadway shows such as The Phantom of the Opera, allegedly tampered with the general ledger to hide losses from less-successful plays.

Toronto-based Livent wouldn’t comment on the case. But according to the SEC, two senior controllers with computer know-how were asked by Livent’s executives to create a program that could override and rewrite invoices. The IT manager at the time was involved but wasn’t charged, Berger said.

“This was hundreds, if not thousands, of invoices. The computer let them do it on a volume basis,” said Greg Faragasso, an SEC lawyer also on the case.

Malcolm also kept a second set of books so that managers could track Livent’s real financial shape, the SEC said. The agency’s civil complaint against Livent is on hold until March while a criminal case in New York state proceeds.

The SEC can exact fines of up to US$100,000 per person, per violation, in financial fraud cases.

IT can also get into trouble when the configuration of accounting software doesn’t guard against potential crimes. In a case against Material Sciences Corp., a specialty coatings maker in Elk Grove Village, Ill., the SEC in September rebuked the company for a computer system that “lacked safeguards” to prevent manual altering of the general ledger.

Sunrise Medical Inc. faced SEC lawyers when its Bio Clinic Corp. subsidiary faked financial reports to disguise sales and profit dips – and IT got involved in a cover-up.

Ontario, Calif.-based Bio Clinic’s CEO worked with the company’s chief financial officer to falsify revenue when sales of its orthopedic mattresses started to slow, said SEC lawyer Max Hathaway.

The scheme grew out of control, and the two executives coaxed IT manager Vicki Kranawetter and outside software consultant Luther Dale Robinson to hide it by reprogramming the accounting software, Hathaway said.

In one incident, the SEC found more than 400 invoices – worth US$6 million – that had already been paid and added into the ledger a second time, Hathaway said. “That took over a week of programming and finding enough old invoices,” he said. Kranawetter and Robinson didn’t respond to requests for interviews.

Executives at parent company Sunrise in Carlsbad, Calif., who weren’t accused of doing anything wrong, were chagrined that they hadn’t spotted the misdeeds at the subsidiary. They cooperated with the SEC and formed a committee of outside directors to investigate Bio Clinic’s accounting, and everyone involved was fired, Sunrise said in a statement.

The lesson for CIOs? Make sure that accounting systems at each subsidiary mesh properly with those at headquarters, so routine audits don’t miss problems in the field, Hathaway said.

The corporate pecking order can perpetuate wrongdoing. Who wants to rat out the boss? IT directors often report to the chief financial officer or CEO – who, according to one study, committed 83 per cent of the financial frauds prosecuted by the SEC between 1987 and 1997.

One problem is that IT people often perceive themselves as mere builders of computer systems, not as stewards of how the systems are used, said Jeff Smith, an expert in IT ethics at Wake Forest University in Winston-Salem, N.C.

And IT directors might not think that a small software change could have such big ramifications. “They may not focus on the fact that what they are doing is aiding and abetting the commission of a felony,” said Toby J. F. Bishop, a partner at Arthur Andersen LLP’s Business Fraud and Investigation Services unit in Chicago.

IT people are often blind to the pressures that can push executives to cook the books, said Dana Hermanson, an expert in corporate governance at Kennesaw State University in Kennesaw, Ga. He studied 200 fraud cases brought by the SEC from 1987 to 1997.

CIOs don’t often get the same stock-option rewards as other top managers; therefore, they don’t think much about how reporting a disappointing quarter to Wall Street can mean the loss of a big bonus or a big chunk of the company’s value, Hermanson said.

“Reported earnings directly affect people’s careers and wealth,” he said. “If you haven’t come up through a business background, you might not appreciate these incentives and the related potential for dishonesty.”