The Truth About Corporate Fraud
Most fraud is eventually exposed, right? Wrong! We’re all atwitter about a study mentioned in DealBook that estimates only one-third of corporate fraud is detected. Former SEC Special Counsel Don Langevoort and Workivian/former auditor Josh Gertsch share their perspectives on accounting and securities fraud!
Season 4, Episode 11: The Truth About Corporate Fraud
Don Langevoort: If the culture is "sweep it under the rug because it is company policy to make us look good to the investor community," that's a big trouble sign.
Steve Soter: Hello, and welcome to Off the Books, where we surf the uncharted waters of accounting, finance, risk, and wherever else the waves take us. This episode is brought to you by Workiva, the one platform where financial reporting, ESG, audit, and risk teams can work together and say they had a darn good time doing it. See it for yourself at workiva.com/podcast. My name is Steve Soter, accounting enthusiast and Diet Coke aficionado. I'm looking forward to debiting a great conversation, and I'm so happy to have you with us. I'm also, as always, very happy to have Catherine Tsai joining me. Catherine, can you please tell the fine folks who you are?
Catherine Tsai: I'm not an accountant or Diet Coke aficionado, but I like asking questions and learning new things. And I'm looking forward to doing more of that, especially because today we are talking about a hot study that's been making the rounds.
Steve: Yeah, that's right. The study is called "How Pervasive Is Corporate Fraud?" It was mentioned in DealBook, the business newsletter of The New York Times, and it appeared in the Review of Accounting Studies. And from what we can tell, business leaders are all abuzz talking about it. It's getting a lot of attention because the authors of the study estimate that on average, 10% of large publicly traded firms are committing securities fraud every year, and only one-third of corporate frauds are detected. It certainly piqued my interest, Catherine.
Catherine: Yes, so we asked Georgetown Law professor Don Langevoort to dig into all of that with us. He's a former special counsel in the Office of the General Counsel at the SEC. And friend of the show Josh Gertsch, who is a former controller and has an audit background, is weighing in with an audit perspective. So I hope everyone has their Diet Coke and venti soy chais ready because here we go. So, Don, 10% of large publicly traded companies, according to this study, are committing securities fraud. Maybe only one-third of that corporate fraud is detected. What was your initial reaction to hearing those numbers?
Don: It's the holy grail to try to come up with numbers like this that tell you with some apparent precision the extent of fraud in our marketplace. I don't think this study gets there, but it's provocative. And the one thing I will say at the outset is there are about five studies like this done in the last decade, and all of them come to a low double-digit estimate, somewhere between 10 and 20%. So this isn't way off base compared to other studies, whatever you think about the methodology in this particular study.
Steve: So, Don, one of the questions that I had and actually noticed that you brought up a similar point in that DealBook newsletter, what kind of fraud are we talking about here? It seems like the study defines it very, very broadly. And as a former accounting professional myself, there's a pretty big difference between reporting fake revenue or maybe getting a little aggressive with, you know, estimates on expense accruals or capitalization policies or just making an outright error that was nobody's fault. It just happened. It needed to be corrected.
Don: Yeah, that's right. And the authors of the study are honest upfront in saying they can't actually use data about actual frauds because they are rarely adjudicated in a court of law. So you will get settlements, and you will get allegations, and you will get complaints by a plaintiff's law firm. And that's the data they have. So they deliberately define fraud in a way that none of us would consider an appropriate definition in the interest of tractability. Fraud is an elastic concept, and as a result, finding data points that give you that precisely is next to impossible.
Catherine: And it seems like one of the factors for establishing fraud would be proving malicious intent. What does that actually look like today for an accounting or finance professional? And Josh or Don, feel free to weigh in.
Josh Gertsch: Yeah, I can jump in. I think when you look at the definition of fraud, I mean, I think that's what it comes down to: You're intentionally doing something. If you don't have the intention there—I mean, there are honest mistakes that happen, or there are things that, quite frankly, are immaterial or clerical errors that are just going to happen in the nature of business because they're not perfect. I think that intent has to be there. And more and more, I think the SEC is honing in on this pretty well. They've proposed some things recently in how to address this. But I do think they kind of hit the nail on the head a little bit that the intent to commit fraud has a lot to do with driving the stock price one way or another just a little bit. I mean, it's all about when you look at intent, how is that actually going to benefit the person that's doing it? Back in the day when I was coming up through accounting school, it was like we'll set up false vendors and we'll write checks for them and things like that. We live in a far too sophisticated world now where there's too many checks and balances to do it that way. So it is more on the lines of like, hey, we're going to put a number out there for revenue, and we think the market's going to react this way, and my stock options are going to go up, or they're going to go down, and I'm going to make more or less money on it. And so I think that intent and how it kind of flows through the system where they actually benefit from it has changed quite a bit. And it's a lot more sophisticated than it used to be, honestly, on what they're trying to do there. That'd be my take.
Don: I think that's absolutely right. And to be clear, this study doesn't even try to capture what you just said is the definition of intent. They're all one-offs. They're all data points. Like, you got sued for fraud. That's a big difference between "you got sued" and "you committed fraud." And since most of these cases are settled or dismissed, they disappear without any judge ever telling us whether there was fraud or not. That's a problem with the study, but again, the authors are at least quite willing to acknowledge that problem.
Josh: And I do think the picture they painted is a little bit accurate. Well, when you look at it holistically, they've shown that this is a huge problem. So I don't know. It's interesting to look at the different perspectives. When you take a step back, it's huge. But when you're looking at one particular company or one particular thing they're doing, it would never rise to the level of an investor making a different decision or doing something differently. So it's an interesting predicament.
Don: It is an interesting predicament. Again, they're using four different measures of what might be fraud, none of which goes to the ultimate conclusion, because we don't ever get it. Materiality, which is just another word for what you were saying, is an element, I think, in all four of their data sets. So maybe we can forgive them a little bit. I think anything that is clearly immaterial at the issuer level probably got washed out in their statistics. What I thought you were going to say, and I think for everybody listening to all this, another amazing thing that makes you pinch yourself about this study is it takes us back 21 years to the fall of Arthur Andersen and actually estimates the incidence of fraud 21 years ago. Then they extrapolate forward on the assumption and, again, they're honest about this, on the assumption that nothing has changed in this domain in the last 21 years. The conclusion is a very short, sweet conclusion and says Sarbanes-Oxley was all about solving this problem. This paper tells you nothing about whether Sarbanes-Oxley did its assigned task, so we could nitpick all of the methodological problems. That said, the question you first asked really is the interesting one: Are these numbers plausible? Stop nitpicking the methodology of this study. If you had to guess, based on professional experience, is 10–20% somewhere in that range? And theirs is at the lower bound of that. Is that reasonable? My sense is, if you let me define fraud a little bit more loosely so that it's not malicious, but it is with some degree of awareness or reckless disregard of the truth, we expand the universe of fraud considerably, and we do so within the bounds of the law—do I think double-digit estimates within that broad range? I wouldn't bet against it.
Catherine: So, Josh, you think those numbers are plausible?
Josh: Oh, I think so, too. I'm looking at it from an accounting angle, and that's not necessarily what this is intended to be, but if you do expand that definition to, there are just so many judgments and assumptions that have to be made, or we get into all these gray areas where you have to point to something that there's so much uncertainty around. Like, they're never right to be honest with you. And so if you expand the definition like he says, I mean, 20% might be conservative, quite frankly. If you're getting into errors or misjudgments or things like that, that wouldn't be implausible at all. I mean, coming from someone who's had to put that together. All the different pressures that are there, all the different judgments that you're making—that wouldn't be unreasonable at all to me.
Don: Yeah. And underlying lots of accounting fraud cases, "cook the books" type cases, are books and records that often obscure the truth rather than shed some light on it. And they often become the basis for an SEC enforcement proceeding. I remember one case where there was just a mess of boxes of paper records that somebody was filling out without regard to whether this was accurate or not, expenses and things like that. There were probably 10,000 violations of books and records there, which when you put them together, easily passes the materiality threshold and awareness. Again, I think the point all of us are coming to is let me define fraud in a way that's more realistic. And then, you know, the methodological problems here fade a little bit.
Steve: Well, I want to get into that here in just a second, but first, we are going to take a very quick break from our sponsor and be right back.
Mike Gravagno: Today's episode of Off the Books is brought to you by Workiva. If you're at all like me, you were a nerdy kid who loved Greek mythology, hung out with the lunch ladies, and didn't have enough friends to actually play Dungeons and Dragons. What? I did not just reveal some light childhood trauma. No, this is all leading some—fine. So, dear listener, the Greek myth of Sisyphus describes Hades punishing the tyrant Sisyphus in the afterlife by making him roll a heavy boulder up a steep hill. But when he gets said boulder to the top of the hill, it rolls right back down to the bottom. A repetitive and useless task that drains the spirit. Maybe the act of repeatedly filling out the same reports and tracking down the right numbers feels like your own personal boulder. But unlike Sisyphus, you don't have to do it alone. The Workiva platform lets you automate repetitive tasks, orchestrates workflows, and turns your data and reports into reusable assets. So when you're at the top of the hill, take a breath, and soak in that view. Discover all the benefits of using Workiva at workiva.com/podcast. That's workiva.com/podcast.
Steve: And we are back talking about the "How Pervasive Is Corporate Fraud" study that appeared in the DealBook business newsletter of The New York Times. We were talking a moment ago about materiality, and it made me think just a little bit about the notion of how that plays out, both with an SEC enforcement case, but, Josh, maybe we'll start with you, when it comes to an audit. Let's say I am getting maybe a little bit aggressive in, I don't know, some kind of an expense accrual or something like that. I mean, if that is immaterial from an audit standpoint, do you just pass, even if you suspect there might be something going on? Do you just sort of maybe not forget about it, but do you just not do anything about it?
Josh: Yeah, I'll be honest. I mean, like laying cards on the table if it is immaterial. And I will say with this caveat: If there is no indication of fraud, which I guess is what the discussion is on, if no red flags exist that are blatantly obvious, yeah. You pass on it. Like, you are doing that audit at a certain level, and basically you are saying anything below this level, an investor would not change a decision whether to invest or manage their assets differently here or their investment. And so, yeah, if it's above that level, you move on because you don't have the time to do it. And what I find so interesting as I've thought about this more: Maybe one of the ways that there is all this fraud out there that exists—and I think we've talked about it, that it's likely—do you lower the blades of materiality? And then you get into an issue, if you do lower the blades and auditors go even deeper, the cost of compliance and dealing with that probably offsets the fraud that they're doing to some degree. So it's kind of like, I don't even know. There's a balance to this whole thing. I'll leave it at that, but I do think that materiality thing is hard. Now, I will say, fraud risk is different. Or fraud is different. If there are indications of fraud, you have to address it regardless of materiality, but there are so many ways, there are so many judgments that come into making the books and things like that, that if that materiality level isn't low enough, you're going to drive on and you're going to move on and you're going to leave it alone because if not, you'll never get that audit done. You won't comply with the regulations. You'll lose the client if you're on the auditor side. There are just too many consequences to not keeping that thing moving towards those necessary deadlines.
Steve: And Don, would it play out that way with an SEC enforcement? Because I realize that materiality for SEC is going to be a little bit different within this context than auditing. But at the same time, the SEC can't go after every single immaterial thing. I mean, that's just impractical.
Don: Yeah. One thing that has always fascinated me, and there is a really nice study on this, has to do with the slippery slope. I agree with everything Josh said, but from the SEC's perspective, in hindsight, they're going to come in because you missed something. It may have been not a big red flag, but you missed it. And there's a great financial economic study that watches the typical SEC enforcement case in terms of how it rolled into being. And it's always one small step at a time. The first step is imperceptible. But you've done it once, and you can rationalize going a little bit further. And a little bit further. And five times further, you're down in a serious material violation of law. The person looking from the outside only sees that first step, and it looks tremendously innocent. Josh is absolutely right. Unfortunately, the enforcement division of the SEC does operate in hindsight and sees everything when it passes judgment on what you did with that first step.
Catherine: Well, since I'm not an accounting major, I have to ask you all: Is it required to take an ethics course when you're studying accounting?
Josh: Many. And I think you'll find, even if you're following The Wall Street Journal, you'll see that a lot of these—not only do you have to take them from the initial get-go, but if you are licensed, you have to continue to comply and keep up on ethics and study. You'll even see those sanctions versus KPMG and E&Y: There was over $150 million that they sanctioned those firms because people weren't even completing the ethics studies or tests properly. And so I think that goes to show you, underneath the core of all this, if you really want to keep fraud down, you've got to have ethical people that can stand up to the scrutiny that Don's talking about, where they are little decisions and they keep growing, but you've got to have somebody that has enough—I would say I don't know if you call it a moral value or a value—that they're not going to let it slide at some point, that they're going to come in and stop that. So I think there's a lot of pressure on the accounting industry and the legal industry to be able to stand up and raise your hand when something's wrong and not let it keep going down that slippery slope.
Steve: And I think maybe to add on to that, and Josh, you'll definitely understand this based on your time in practice, but I feel like in addition to having that ethical foundation, having some backbone about it becomes really important. And I remember an example. This is one of my first interactions in a month-end close as a controller. And the CFO was just pounding me about this expense accrual and this reserve. And what about this, and what about that? A few of my staff were in there in that meeting, and after the CFO left, they were like, "Wow, Steve, he was really beating you up there. Does that make you feel uncomfortable?" It's like, well, yeah, a little bit. But, you know, on the one hand, the CFO's not doing their job if they're not asking those kinds of questions. And on the other hand, it's my job as a controller to have a sense for where that line is in terms of the CFO asking really reasonable questions versus, I feel like they're pushing and they're fishing a little bit hard. That's going to put me in a position where I might be tempted or might be inclined to compromise one way or another. And maybe, Don, that's that first step that might have seemed innocent or not that big of a deal. But then once we cross that threshold, now you're suddenly on that downhill slope.
Don: Yeah. And some corporate cultures feed that sense. Some let you lean against it. But yeah, there are many corporate cultures where you can see from the CEO, the CFO they want to succeed, and there isn't an option to that. So if it involves hiding a little couple of bumps in the road, we'll hide them, and they're little, they're immaterial. But yeah, that's what I was talking about before. There's never just one bump. And if the culture is "sweep it under the rug because it is company policy to make us look good to the investor community," that's a big trouble sign.
Catherine: Is there anything we can do to hold people accountable when fraud does happen?
Don: You know, it's certainly the case that the SEC is far more likely simply to go against the entity, absent some malice, some kind of malicious manipulation that's going on. And that's unfortunate. It does send a message to individuals that they're really not in the crosshairs. That's a long-standing problem. When you're in front of a judge and a jury, the individual can say, "I wasn't in the loop. No one shared this information with me." There are so many stories that can't be rebutted by any form of direct evidence. So it's just nightmarishly difficult to prosecute a human being when the corporation is there, the issuer is there, and it can't speak, and it doesn't have any of the kind of sway with the jury that human beings can.
Josh: I mean, to that point, the level—I'm trying to figure out how to term this—but basically you would have to prove that the person was grossly negligent, that they knew all the facts, that they made a conscious choice to do the wrong thing. And to get to that level of gross negligence is incredibly challenging to prove. And to your point, you just don't get down that road that often. That level of proof to get to gross negligence is extremely challenging and extremely rare.
Don: And you've just made a point that I think we have to underscore, going back to the beginning of this podcast, which is, if you're guesstimating the incidence of fraud, the one thing to me that nudges me in the direction of a higher number rather than a lower one is how relatively little we fund the resources, the regulatory resources, compared to how big the world is out there, how many numbers there are floating around, and how many analysts and portfolio managers are using those numbers. It's a tiny fraction. How couldn't there be a fairly robust sense of incidents of fraud out there. That to me is the number one reason for guessing a little high on the number.
Catherine: Interesting. I wish we had more time to talk with you about the study, but before we let you go, Don, we typically end every episode with a fun closing question of the day. Are you up for us asking you?
Don: You've made me nervous, but go ahead.
Catherine: All right. We've been talking about numbers here and things going undetected. What's an activity that you do 10% of the time that often goes undetected?
Don: Wow. The first thing that pops into my mind is dreams, which contain a lot of content but normally get washed into something that's completely forgotten, about 10% of the time not.
Catherine: That's a great answer, a great off-the-cuff answer.
Steve: That's an excellent off-the-cuff answer. Now the pressure's on, Josh.
Josh: I went in a different direction. I'm pretty sure, now that I work from home, I'm pretty sure I do the laundry and wash the dishes far more than 10% of the time, but that would never get proven or be perceived or understood that way.
Catherine: Or appreciated or rewarded.
Catherine: You want it to go detected.
Steve: Well, Catherine, for my part, I feel like every time I go to Costco or Sam's Club, I spend about 10% of that visit walking through the fresh fish, seafood. I have this thing for grilling salmon. I've been doing that lately, and I spend way too much time looking at fish filets while I'm at the store. And I don't tell my wife. I just disappear like, "Hey, I got to go look at something." Because she started to make fun of me for that fetish. So anyway, that's mine. A little more innocent, I would say. How about you?
Catherine: I'm learning all new things about you. I was going to say this is probably not 10% of the time, but maybe like 1% of the time. It often goes detected when I go weekday skiing. I'll leave it at that.
Steve: Catherine, I feel like, you know, secretly you're trying to jab me there just a little bit, but it will remain undetected for Steve's weekday skiing. So let's just leave it at that.
Catherine: Well, thanks for your answers to that. And thanks, Don and Josh, for being here on the podcast today.
Don: All right. It's nice to be here.
Steve: Definitely. And thank you, dear listener, for surfing along with us. I'm Steve Soter. That was Catherine Tsai, and this has been Off the Books, presented by Workiva. Please subscribe or leave a review. Tell your buddies if you like the show. And if you're watching this on YouTube, please drop us a note in the comments. Or if you're old school like me, feel free to drop us an email at OffTheBooks@workiva.com. Surf's up, and we'll see you on the next wave. [