Fraud protection has ITs limits

Once Satyam would have been famous for the IT skills it offered customers,
many of them western multinationals. But documents recently released by Indian
investigators show that the outsourcing giant is likely to be better known for
the way it used its technology to commit one of the biggest corporate frauds in
recent years.

Five months ago chairman Ramalinga Raju admitted that he and others were
behind a $1bn invoicing fraud.

Two weeks ago, India’s Central Bureau of Investigation revealed how the
company’s invoicing systems were manipulated to allow the creation of more than
7,000 suspect invoices.

Raju inflated the growth of the company by hiding false invoices in the
systems to reflect inflated sales.

In the UK, large-scale fraud involving invoices are rare but not unheard of.
In 2004 the Serious Fraud
uncovered a fraud involving Ikea, in which suppliers and former
employees paid £1.4m in bribes and tried to hide the scam through double

If used correctly, experts say invoice software can help reduce the risk of
fraud. John Oates partner IT advisory services Baker Tilly said: ‘Controls need
to be tight and authorisation needs to be checked.’

Invoicing systems often have built in checks and balances, for example,
preventing people who can authorise an invoice from also inputting it. So, an
accounts clerk can input the invoice but not authorise it and the finance
director can authorise but not input the invoice.

‘There should be a lot of controls built into the system’ said Daniel Izsak,
general manager Europe & Africa, of Anydoc Software, a data entry

UK shareholders shouldn’t be too complacent, however. If members of the board
or those who are given ultimate control decide to commit fraud there is little
technology can do to stop them. ‘You can trick any system. That’s up to
management to authorise and control. If you have a management team who want to
commit fraud it can be done, but it will eventually be caught,’ says Izsak.

Manual checks can also help. In the UK, external auditors often check a
random selection of invoices for authenticity.

Oates agrees, adding software can only take you so far. ‘Anybody can avoid
control if they have enough authorisations and collusion.’

Mark Roke, product manager of Iris Exchequer, agrees. ‘If you are that way
inclined, then there is a possibility of fraud occurring,’ he says. ‘But under
normal circumstances the systems have enough power to stop that from happening.’

Ultimately it comes down to trusting your boss.

Related reading

HMRC banknotes