VP of Sales embezzles 1.5 million from Denison Yacht Sales...

One of the reasons I don't trust broker escrow accounts. When I sold one of my boats in 2010 the buyer's broker took off with the buyer's down payment and his slip rental pre-payment for a year. Yes, these accounts are bonded but only with $10k or so. You are pretty much on your own if the broker has any financial issues. I always use 3rd party escrow companies.

I'm amazed at the lack of controls in many family businesses. Since they don't have public reporting like filing with the SEC and don't require certified audits (although don't understand their banks not requiring them), they think they don't need to spend the money on controls. It should be impossible for any one person in a company to embezzle large amounts. There should be checks and balances and only by coordination with those checking on one should it be wildly possible.

I think of controls not just to prevent wrong doing but to put all employees beyond the suspicion of wrong doing. I have the same level and type controls in our business today that I had when I worked for a public company. I trust our staff but not enough to give anyone unlimited ability to steal. Every dollar is accounted for and every transaction reviewed.

When I read a story like this, my suspicious self surfaces and I always wonder then what else is going on inside the company.

As to trusting deposits in escrow, I can't imagine ever doing so with any company that had something like this happen.

Strange comments from company prez makes me wonder. But they'll probably keep barn door locked from now on.

Many co op deals done over the years with brokers where I find it incredible that the Buyer would trust them with their deposit. These are mostly small shops, one man operations. Not in this case. A lot of dough passes through Denison. I guess the best friend factor played a large part. Inexcusable practices, still.

I don't see a need for any sophisticated controls to prevent clowns from punk'ing companies like this. It's called "not giving a sole signatory right of execution to people who have no business having one", and it's pretty much a default option on any corporate bank account.
Or a more advanced but still nowhere near "paying for independent audit"-level technique of getting monthly or quarterly bank statements and reviewing those. Might not prevent a single erroneous transaction but sure stops any ongoing BS.
Heck, an EU (soon not ) will see where it goes then) bank my company uses demands at least a basic paperwork for every transaction, making this garden variety fraud unlikely by default. How in the name of His boundless love can that transfer even happen: "From: client escrow account. To: personal account of employee. Reason: blow and hookers (I guess)"?

I'm part of a large NFP historical organization with lots of member driven events. NOTHING happens with only one signature.

In today's world, huge amounts of funds are moved around with no signature at all, simply an internet transaction. In our company it happens. However, every transaction requires supporting documents and is reviewed by multiple people. Our key people are able to handle some very large transactions without our knowledge or approval. However, any over a certain amount are automatically highlighted and reported to us and we can drill down on any transaction. We also, even though my wife and I own 100%, do have an internal audit department. The head of internal audit reports to us, not to the CEO or anyone in the company, just like a public company where they typically report to the head of the Audit Committee of the Board of Directors.

It's easy for privately owned companies which don't require external audits to get sloppy. However, we've seen huge embezzlement's from government entities, large corporations, and non-profits. Before everything was computerized, it was simply requiring additional signatures. Now, you can put the same control on electronic transactions. For instance, our system still essentially requires the additional signature. Our accounts payable department releases checks or payments to be sent. Well, they require the approval of the Controller, who can't release payments, and above certain levels of the CFO or even CEO's.

The kind of act in this thread is one that everyone above the guilty employee plus a few others in key positions should be terminated. Problem is they're the owners.

Too much trust of a friend? Always a potential problem so you have the controls as if you don't trust them. I have always said "internal controls are not to catch you but to put all employees above the suspicion of impropriety." Think of it as "I can prove I didn't, because I don't have the capability."

Ok, funniest embezzlement I ever heard of. Public company and old time CEO, father of the President and VP's as it was a family business. It was a billion dollar business and he was so strict that no check over $10,000 without his signature. The CFO was very resentful of his limited power. So, how did his assistant embezzle at least $300k and more likely double that? Well, she'd been there forever and her trusted her so. She was his right hand person. She was the one things were routed through and he trusted her with his personal bills as well. Still he signed everything, but she would prepare all the checks with the supporting documents and he'd sign. He charged nearly everything to American Express so those bills were extremely large with personal and company travel. He didn't review the detail of his own bills much as surely he didn't need to question his own expenditures. Oh but years ago, she had an Amex bill and decided to include it in his payment. At first, just her normal travel, not much. But then, it worked so well. So, over the years, she got braver. Buy new furniture for her house, put on Amex and include in the check he signed. Rent a car, easy. So, as her Amex credit worthiness built up so, why not buy a car on her card. Yes, he paid for it. So, the tightest man you'll ever see, the one who checked everything the company paid, didn't check his own personal expenditures well. No prosecution as the CEO of a public company isn't about to admit publicly to such happening.

All our signatures today are electronic but same principle. Shows up on your "desktop" to be approved and you sign in and do it. Actually takes away any excuses and, done right, eliminates the possibility of not doing it. On paper, someone could still process things. On the computer system, it won't happen until it has the approvals needed. However, can approve wherever one is.

Lots of ways to scam. Could be fake vendors, fake invoices, fake vendor credits, padded invoices, fake employees, padded hours, taking cash while re-depositing a previously bounced check and on and on and on. I watch key performance indicators carefully and seek to understand the trial balance and cash flow.

and ALL of those rely on the scammer having either sole operating right for the monies, or having all the co-signers/controllers "in" (or totally asleep at the wheel).

As long as small transactions are regularly reviewed and big ones disallowed altogether without a sign-off of several people checking it out - the "best" one can do is skim some pocket change off travel money. Definitely not in the millions.

There really aren't any sophisticated secrets and "systems" necessary to keep company's accounts under control. Plain old eyes, common sense and very basic features every bank offers by default (e.g. spending caps and requirement of multi-signatories above certain amounts)

The only complication "online" adds is that it becomes possible to "hack" a senior's authentication. However, once again, it rarely if ever at all really is a "hack" - mostly just people sticking a password to their monitor, having it at "qwerty" or their kid's birthday (which everybody around the office knows) and stuff like that. Which shouldn't be happening anyways, even with no bad seed inside.

My friend had a small business. He had a trusted secretary. Sh'e been with him for years.

He had a written contract/agreement with his bank, " No checks unless HIS signature was on them" No stamps of his signature, no co-signors, no partners etc etc.

She had a stamp of his signature made.

She got him for about $50,000.00 overall before he caught on.
Didn't take her long either.
She disappeared.
Cops told him sooner or later they'd catch her on a warrant by way of speeding ticket or parking violation but they'd get her one day.

That was at least 10 years ago, she is still in the wind.

Moral of the story- Trust but verify.

As O.B. said, it's not that he doesn't trust his people but it makes it better for all parties when you have a good system in place that is checked by others.

Banks don't check signatures. Stamps or no stamps, they don't check. Now, we're seeing the ability to photograph checks on your phone to make a deposit. It's like endorsements. Are they checked? No.

Now most transactions have no signatures, are electronic. Controlling access is the first part of security. Reviewing all transactions is the second part. Had your friend only taken 2 minutes or 5 minutes a day to just look at all the transactions to hit the account yesterday, it couldn't have happened.

In today's world, whether personal or business, you should be reviewing all transactions. I recently had an $85 credit card charge with people I'd never heard of. Found and reversed immediately. $85 is no big deal, but had that gone through you can rest assured there would have been far larger transactions behind it.

Checks and balances. That's all that is needed.

Agreed.
In his defense, this was long before the electronic jazz we have today and he simply trusted this woman and just got complacent.
It'll never happen again, to him anyway......

Anybody who thinks they have it nailed down to where it cannot happen to them is likely at high risk.

Unless YOU are the accountant, the accounts payable clerk, the client service person in charge of setting up clients and issuing credits, the payroll clerk, the information technology professional, then you are at risk. Heck, the Iowa lottery was scammed for years by the IT guy who was responsible for some of the code. https://www.cbsnews.com/news/eddie-tommy-tipton-brothers-accused-of-multi-state-lottery-scheme/

The scammer doesn't need to issue himself a check, all he needs to do is manipulate the system so that a check or credit is automatically cut and everything seems normal. It could be inflated hours or a fake employee or a bogus credit for a client or they guy opens a business with the same name as the client who gets a $50k check each month and he just grabs their check on the way out the door.

I keep close tabs on the numbers but I will not be surprised when I find the next scam.

I have a bit of inside information that might help clarify a few things. This embezzlement case happened over 4 years ago, but the story resurfaced due to the court conviction of the individual that committed the fraud. It is noteworthy that not one client lost money, nor were any closings delayed. Denison put new accounting and yacht closing teams in place as well as instituted a radical series of checks and balances. An unfortunate blip for a company with an impressive $ales history.

I have been around businesses in some sort of distress for over 15 years now, as an anti-crisis consultant/manager and then as a buy-side professional.

I've seen things you people wouldn't believe. An entire set of double documentation to make a % of inventory disappear at the warehouse with none the wiser, including the warehouse keeper. I watched a steel net soldered far down the factory drainage pipe to catch pieces thrown into it. All this memories...
errm, belay that! ))

You make it sound difficult and scary. it's not. 99% of all the problems are prevented with basic "access-control and check-ups" measures, and if not, pop up on a routine self-audit. Even the sophisticated schemes ultimately relies on something simple being unchecked. (In the first instance it was a quirk in the system whereupon "the office" sees one numbers total, gets "all received in full" signal from the warehouse and is happy, especially considering warehouse people are trustworthy. And they are, but they get a different set of numbers, so when they say "all received in full" they mean a smaller amount listed in their part of documents.
You know who was the perp? Yeah, one guess. CEO. Noone else could make such a "double")

My message here is, don't think control is something "complicated" requiring special skills. (Yeah, I'm down-selling my former profession, basically.) Just be checkign that noone has more rights than he should, and always read accounts and keep tabs on cash flows.