10 Things a Fraud Examiner Has Learned About QuickBooks®️
/Stephen Pedneault CFE, CPA/CFF of Forensic Accounting Services LLC said he has been using Quickbooks before it was even called Quickbooks (it used to be called Quicken for all you youngsters out there). While it is a handy, affordable tool for small business, nonprofits and churches, it is also vulnerable to manipulation.
Here are Pedneault’s 10 lessons learned to help guide you through your next investigation involving Quickbooks:
Get the files. Pedneault said that you are not just looking for files on the computer. He said to look for Quickbook files in hard drives, network drives, USB or flash drives and even backup drives. This step is critical for the admissibility of any potential evidence to be used in court. You have to consider not only admissibility, but authentication and accessibility. “For your case in court, how you obtained, secured, and accessed the QuickBooks file will directly impact how admissible the file will be, as well as how your work will be based on the file,” Pedneault said. He also advised adamantly to preserve the original file before you access it and complete your work using a working copy.
Get the right files. “If there is a way for me to take the whole computer, I will take it. And then I will image it,” he said. “If we can’t, then we carry with us hard drives and take a picture of the entire hard drive without relying on the client." If that fails, you can put files on a jump drive yourself or have them emailed to you.
Get all of the files. There could always be more than one Quickbooks file. Don’t just assume that there is one set of books or one version available. A tip Pedneault mentioned was going to the computer and searching the entire hard drive for anything that has “QB” in it. And don’t go through Quickbooks to open the files; go through what you find on the hard drive.
Identify the version. Make sure you find and document which platform the files are in, where it resides, how many users it has, what package or suite is it, and what year the version is.
Understand how QuickBooks works. Pedneault said he chooses to close everything and start with a blank screen when he opens a file instead of using the default navigational screen. He prefers to see everything as a list, which is essentially what Quickbooks provides. You can see lists of bills, vendors, payments, employees and more. He also clicks a box to “Include Inactives.” He wants to see even things that are no longer active on the lists.
Recognize user access. Users can enter, change, void and delete transactions. Users can also compress data, which shrinks entries and removes critical information like history that you can’t ever get back. This is also important information to know if a user has done in an attempt to hide something. “Don’t get blinded by what you see,” he said. “Look behind the curtain. It doesn’t mean there aren’t users just because they were deleted. Why did [someone] delete a user? Someone can cover their tracks by attempting to delete their user profiles.”
Think like a fraudster. As most of us know, an embezzler or fraudster could be anyone. Pedneault encouraged attendees to think about where you would hide things if you were committing fraud. What loopholes would you take advantage of? Would you hide folders or files? Would hide half of a hard drive?
Think about the reliability of what you are seeing or finding. Because you can run customized reports in Quickbooks that means a user can choose what they want you to see. “Reports can have everything or nothing,” he said. “I’m a fraudster I don’t want you to see the things I don’t want you to see. Everyone thinks that when you get a profit and loss report, you are getting everything. Your job is to run a full profit and loss report without any filters on and compare.”
Identify where to look within QuickBooks. Pedneault advised attendees to not just think about the present or current dates. He said to look in the past to get a full picture. You can pull information as far back as the program was created.
Think about what else can be done. Pedneault shared a story of how they discovered embezzlement within a family-owned manufacturing company. After discovering money missing for products they knew had sold, they noticed a slight difference in the font on the company logo that was on a receipt from a separate Quickbooks program entirely. The mother/daughter schemers had kept two sets of books, but this tiny slip up exposed the fraud.
The opportunities are endless with any software program that is created to be helpful and not harmful. Fraudsters come to learn the ins and outs of the tools they use and will undoubtedly exploit them. We have seen this with virtually everything: smart phones, credit cards, social media and bank accounts. The list goes on and on of things that make our lives smarter and faster, but also open us up to be vulnerable. But as Pedneault said about dealing with Quickbooks files, “Don’t just take a blind approach.” The same could be said for all of our interactions.