The Southbourne Tax Group: Redovisning av halvsanningar

Oktober 2008: En rapport från en mäklarfirma på Satyam datorer ger en 'samla' rating, vilket innebär att den förväntar sig att beståndet att gå upp. Betyget baseras på företagets höga cash/marknaden cap baserat. Det IT-företaget hade rapporterat ett saldo av Rs 4.500 crore i slutet av räkenskapsåret 2007-08. Rapporten ger en ett år riktkurs på Rs 373 för beståndet. Lagret stänger Rs 273 dagen skrivs rapporten.

Januari 2009: Samma mäklarfirma släpper en hastigt-kompilerad rapport att avbryta den föregående rating. "Lågt Börsvärde, hög cash status som inte längre innehar," säger den. Den 7 januari 2009 medger grundare av Satyam datorer att blåsa kassa och banktillgodohavanden av Rs 5,040 crore, överdriva gäldenärers position (pengar lånade) av Rs 2,650 crore gentemot den faktiska siffran av Rs 490 crore och sekretessavtal eller underskattning av skulder värda Rs 1 230 crore.

Satyam redovisning bluff, en av de största i Indien, lämnade miljontals investerare i sticket, när aktien föll från Rs 179 till Rs 23 i en börsdagen.

Aktieanalytiker oförmåga att identifiera de "luckorna" i Satyam böcker och ring varning klockor visade sig vara kostsamma för investerare. Vetat investerare grunderna i läsning bokslut och tekniker som används av företag för att rapportera falska siffror, skulle de ha bett sin rådgivare några giltiga frågor om Satyam finanser.

The Southbourne Tax Group: Why Tax Refund Fraud Losses Are Growing Rapidly



Over the past five years, the IRS has been experiencing issues around identity theft. Evidence of stolen identity tax refund fraud, or simply tax refund fraud (TRF), began to emerge as early as 2004 when individuals began submitting fictional tax returns from prison. According to the Treasury Inspector General for Tax Administration (TIGTA), in 2004, prisoners submitted 18,000 returns, which cost U.S. taxpayers $68 million. In 2010, they submitted 91,000 returns, with a loss of $757 million. Over that time, the prisoners also increased the average amount of money they collected, jumping from $3,777 in 2004 to a staggering $8,318 in 2010. Their tax fraud scheme exposed a flaw within the tax filing system.

Organized criminal enterprises understand flaws in the tax filing and refund system that allowed them to exploit procedural weaknesses and reap large returns for their efforts. TRF has evolved into a sophisticated criminal enterprise process with organized fraud rings filing thousands of fraudulent tax returns annually.

Factors Leading to the Growth of Tax Refund Fraud

The advancement of technology has had implications across many facets of TRF. The increase in personal computing power of taxpayers, the evolution of the Internet since the early 1990s, the ability to electronically file tax forms and subsequent growth of third-party tax filing services and the ability to receive tax refunds via direct deposit (including prepaid debit cards) have all been major contributing factors to the growth of TRF. Additionally, the conversion of personally identifiable information (PII) to digital records has created an opportunity for cybercriminals to steal PII in large quantities, as evidenced by recent health care provider and government agency data breaches.

The IRS has offered and allowed direct deposit of tax refunds since the 1980s; however, it never built systems to confirm that deposits were being made to an account of the same name as the tax filer. In 2008, TIGTA reported that “the IRS has not developed sufficient processes to ensure that more than 61 million filing season 2008 tax refunds were deposited into an account of the name of the filer.” In fact, TIGTA found that the IRS was not in compliance with direct deposit regulations. The IRS claimed that it was the responsibility of the taxpayer to ensure compliance — which obviously played into the fraudsters’ hands.

The problem of multiple direct deposits to one account was evident in a 2012 report in which an analysis of 2010 data indicated that 4,157 direct deposit refunds totaling more than $6.7 million went to just 10 accounts.

A corresponding July 2012 TIGTA report recommended that the IRS limit the number of direct deposits to one account. The IRS agreed with that suggestion and instituted a limit of three direct deposits to one account for the 2015 filing season.

A New Trend Takes Hold

Around 2010, a new trend emerged centering around true identity theft. Based on lessons learned from the prisoner tax filing scam, organized criminal groups (OCGs) focusing on TRF began to emerge. OCGs from street gangs to international crime groups learned that they could make a lot money with little risk involved. The OCG would obtain true identity information about a taxpayer, which is otherwise known as “FULLZ” in Dark Web marketplaces. The OCG would then submit a tax return in the victim’s name with fictitious employment and wage documents to support it.

Since two returns cannot be filed for the same person in one year, once the victim would submit a true tax return it would be rejected, alerting them to the identity theft. One of the issues at hand is that the IRS does not reconcile wage documents from individual returns to those supplied from employers until six to nine months into the year. According to TIGTA, the IRS may have paid $5.2 billion in potentially fraudulent tax refunds on 1.5 million tax returns in 2010.

So Where Does One Get FULLZ Information?

FULLZ information is readily available from many places. These include data breaches, retail stores, health care records and more. Once cybercriminals get access to this data, they will then put the information into a website marketplace that allows fraudsters to access any of the data that is available for a price. Many of these websites are in what is known as the Dark Net or Dark Market. The Dark Net listings provide fraudsters with all the information they would need to execute TRF.

If you are a novice or would-be fraudster, there are websites that will provide a how-to tutorial for committing TRF. The pictures below are examples of a few websites that teach people each step of TRF, from getting a person’s PII and opening a bank account in that individual’s name to actually submitting a fraudulent tax return and receiving an illicit refund.

Another important thing to note is that rules, regulations and silos within companies hinder the organizations’ ability to effectively communicate, share information and limit the losses from TRF. However, the bad guys are not hindered by any such rules and regulations. They are free to communicate among themselves about successes, failures and other conditions that will help refine their processes to be more successful. This is usually done in Dark Net chat forums. In these forums, criminals are free to discuss what was successful and what was not.

Technology has made it increasing easy for fraudsters to commit their crimes anonymously. The Internet and phone channels provide areas that can be used to grant anonymity. On the Internet there are many products that provide virtual private network (VPN) services to hide the true identity and IP address of the bad actor; two of the best known are Tor and I2P.

Data Breaches Fuel the FULLZ Supply

All data breaches are not created equally. Some of the large retail breaches over the last 18 months, while significant, do not pose as much of an identity theft risk as the more recent health insurer and government data breaches. Some of the high-profile retail breaches involved payment card compromises, which would allow a fraudster to create and use counterfeit cards. Typically, card issuers will bear losses associated with counterfeit card use, sparing consumers any financial burden. However, data breaches that involve complete PII records of consumers present a high risk of identity theft and TRF.

Until recently, the compromise of full PII data often came from malicious insiders with access to consumers’ information. Insiders at banks, medical offices, schools and other organizations that possess PII help provide access for criminal enterprises. Large-scale data breaches at health insurers and government agencies have provided a tremendous supply of consumer PII to cybercriminals looking to execute TRF.

So far in 2015, more than 100 million PII records have been compromised through health care and government data breaches alone. For example, the IRS announced that the breach of its Get Transcript system may have included the PII of 334,000 taxpayers. Unlike payment card compromises, these breaches may have profound negative effects to individuals for years to come.

IRS Attempts to Control the Issue

In response to TIGTA’s direct deposit concerns, the IRS introduced limits on Automated Clearing House (ACH) deposits for the 2015 tax season. It implemented new procedures about how money would be sent to accounts by ACH and by check. For instance, a new direct deposit refund request limits the number of refunds that can be deposited into one bank account to three. After three deposits into one bank account, the IRS will convert any subsequent direct deposit refund requests to a paper check and mail the check to the taxpayer’s address. Also, the IRS is limiting the number of bank accounts among which a taxpayer can split one refund to no more than three.

These changes were implemented in an effort to curb TRF. However, the reforms did not achieve the intended result because fraudsters adapted their tactics to exploit systematic weaknesses. The issues that arose for the 2015 tax season are twofold:

1. Workarounds With Tax Preparation Services

The master accounts associated with tax preparation services are a weakness in the system to which fraudsters navigated once the IRS instituted the direct deposit limitations. When an individual files a tax return with a refund through some of the popular tax preparation services, the refunds are often routed from the IRS to the tax preparation company, which then sends it to the individual’s bank and account of record.

Through this method of filing, fraudsters were able to bypass the direct deposit limits. Refunds processed through master accounts do not contain robust event descriptions. The lack of event descriptions means the banks can’t detect and stop these refunds since they have no information from which to validate and match information to the bank account.

2. Financial Institutions Cannot Help Monitor for Fraud

The direct deposit limits took financial institutions out of the game with regard to being a detection point. An ACH deposit coming from the IRS to a bank contains a robust event description including the name, address and Social Security number of the beneficiary. Financial institutions were in a position to detect suspicious activity of multiple deposits going to one account for the benefit of individuals not named on the account.

As with many regulations and controls designed to stop fraud, there are unintended consequences. As a result of criminals’ ability to adapt to the ACH limitations, they found another way. Their new methods resulted in a higher success rate and increased losses to U.S. taxpayers.

What Does This Mean for the Future?

TRF is expected to increase dramatically for this tax season. According to the IRS, fraud losses will reach a staggering $21 billion by 2016, while just two years ago, losses were $6.5 billion.

Recent large-scale PII data breaches will contribute to the growth of TRF. Although the IRS is making changes to try to limit fraud, there are still structural weaknesses in the process that will allow this activity to continue.

Are There Solutions to the Tax Refund Fraud Issue?

No one solution will stop tax refund fraud, but it can be slowed down and its losses limited. The focus should be on better fraud detection capabilities. The detection process should be built like an onion with multiple layers and parties involved. Proposed cuts of the IRS’ budget by more than $800 million for fiscal year 2016 may make it increasingly difficult for the agency to create a better detection strategy, however.

Limiting the number of direct deposits to one account is a good start. However, financial institutions need to be brought into the detection loop. The refund process via master accounts must be enhanced to the point where the name, address and Social Security number of the beneficiary are included in the event description of the ACH transaction between the master account and the receiving bank. Once that is done, banks can build fraud strategies to identify multiple deposits to one account.

The IRS, financial institutions, tax preparation service companies and card companies should work together to devise and implement detection controls that may allow each party to potentially identify suspicious activity, raise red flags and halt the refund process to allow for identity verification. With a detection process that includes all these parties, there will be three different industries that can review refund transactions at different points in the process. This could significantly decrease the losses that are seen with tax refund fraud.


The Southbourne Tax Group: Beware the Latest Tax-Season Spear-Phishing Scam


You may have heard of the CEO scam: that’s where spear-phishers impersonate a CEO to hit up a company for sensitive information.

That’s what happened to Snapchat, when an email came in to its payroll department, masked as an email from CEO Evan Spiegel and asking for employee payroll information.

Snapchat’s payroll department fell for it. Ouch.

Here’s a turn of that same type of screw: the Internal Revenue Service (IRS) last week sent out an urgent warning about a new tax season scam that wraps the CEO fraud in with a W-2 scam, then adds a dollop of wire fraud on top.

A W-2 is a US federal tax form, issued by employers, that has a wealth of personal financial information, including taxpayer ID and how much an employee was paid in a year.

This new and nasty dual-phishing scam has moved beyond the corporate world to target nonprofits such as school districts, healthcare organizations, chain restaurants, temporary staffing agencies and tribal organizations.

As with earlier CEO spoofing scams, the crooks are doctoring emails to make the messages look like they’re coming from an organization’s executive. Sending the phishing messages to employees in payroll or human resources departments, the criminals request a list of all employees and their W-2 forms.

The scam, sometimes referred to as business email compromise (BEC) or business email spoofing (BES), first appeared last year. This year, it’s not only being sent to a broader set of intended victims; it’s also being sent out earlier in the tax season than last year.

In a new twist, this year’s spam scamwich also features a followup email from that “executive”, sent to payroll or the comptroller, asking for a wire transfer to a certain account.

The wire transfer scam isn’t tax-related: it’s just hitching a ride on the tax-related W-2 scam. Some companies have been swindled twice: they’ve lost both employees’ W-2s and thousands of dollars sent out via the wire transfers.

The IRS is telling organizations that receive the W-2 scam emails to forward them to Phishing IRS, with the subject line of “W2 Scam”.

If your business has already fallen for the scam, it can file a complaint with the Internet Crime Complaint Center (IC3), operated by the FBI. Employees whose W-2 forms have been stolen should review the recommended actions by the Federal Trade Commission or the IRS identity theft.

The IRS says that employees should also file a Form 14039 Identity Theft Affidavit (PDF) if their own tax returns get rejected because of a duplicate Social Security number or if instructed to do so by the IRS.

How to sidestep the scam

But before you even get to the sad state of having to file a report about getting ripped off, it’s better to avoid falling for the bait in the first place.

Unfortunately, that’s getting tougher as crooks get more and more cunning. Case in point: the carefully crafted, well-disguised attack that led to the hacking of Clinton campaign chair John Podesta’s Gmail account. The attack relied on a shortened Bitly link to mask nefarious HTML code.

Screenshots of the Bitly link used against Podesta show that even the longer links hiding behind rigged Bitly links can be made to look, to an untrained eye, like they’re legitimate.

One step that can protect against phishing attacks is to pick proper passwords. Even though strong passwords don’t help if you’re phished (the crooks get the strong password anyway), they make it much harder for crooks to guess their way in.

Use two-factor authentication whenever you can. That way, even if the crooks phish your password once, they can’t keep logging back into your email account.

Also, consider using Sophos Home. The free security software for Mac and Windows blocks malware and keeps you away from risky web links and phishing sites.


The Southbourne Tax Group: BBB Offers Tips on Filing Taxes, Avoiding Fraud

While all working citizens should have had their W-2 form delivered by now, it’s important for taxpayers to take time and use caution when selecting a tax preparer you can trust.

It’s important to avoid mistakes that could result in additional fees or even tax identity theft.

Unfortunately, identity theft is not the only thing to watch out for when enlisting the help of a tax preparer or tax software to file your taxes. BBB receives thousands of complaints from consumers against tax preparers every year.

In 2016, BBB received nearly 3,000 complaints against tax preparation businesses nationwide.

Common complaints state that the tax preparer made errors in their return which resulted in fines and fees. Other complaints allege customer service, billing and contract issues.

BBB offers the following advice when searching for a tax preparer:

* Look for credentials. Ideally, your tax preparer should either be a certified public accountant, a tax attorney or an enrolled agent. All three can represent you before the IRS in all matters, including an audit.

* Don’t fall for the promise of a big refund. Be wary of any tax preparation service promising larger refunds than the competition. Avoid any tax preparer who bases their fee on a percentage of the refund.

* Think about accessibility. Many tax preparation services only set up shop for the months leading up to the April 15 deadline. In case the IRS finds errors, or in case of an audit, make sure you are able to contact you tax preparer at any time of the year.

* Read the contract carefully. Read tax preparation service contracts closely to ensure you understand issues such as how much it is going to cost for the service, how the cost will be affected if preparation is more complicated and time consuming than expected and whether the tax preparer will represent you in the case of an audit.

* Ask around. Ask family, friends or co-workers for recommendations on filing your taxes, whether it’s through a CPA, tax preparation business or online tax service that allows you to file your own taxes. To find a BBB Accredited tax preparation business near you, go to bbb.org.

Tax season is also a busy time for identity thieves. Tax identity theft occurs when someone uses your Social Security number to get a tax refund, or a job.

According to the Federal Trade Commission (FTC), tax identity thieves get your personal information in a number of ways, including: going through your trash or mailbox; through emails asking for information, which appear to come from the IRS; employees at hospitals, nursing homes, banks and other businesses stealing data; and phony or dishonest tax preparers misusing confidential information or passing it along to identity thieves.

To lessen the chances of becoming a victim of tax identity theft, the FTC has the following advice, whether you choose to file your return yourself or use a tax preparer:

* File your tax return early. And do it before identity thieves have a chance to steal your information. Also, make sure your address is up-to-date so your W-2 doesn’t get lost in the mail or end up in the wrong hands.

* Use a secure Internet connection. If you file your return electronically, don’t use unsecure, publicly available Wi-Fi hotspots.

* Shred documents. This includes copies of your tax return, drafts or calculation sheets you no longer need. The IRS recommends that most people keep three years’ worth of tax returns in case of an audit. Keep hard copies and electronic files in a secure location.

* Check your credit report. To ensure your identity hasn’t been stolen or compromised, go to annualcreditreport.com to get your free credit report.


The Southbourne Tax Group: Accounting For Half-Truths


A report by a brokerage on Satyam Computers gives an 'accumulate' rating, which means it expects the stock to go up. The rating is based on the company's high cash/market cap ratio. The information technology company had reported a cash balance of Rs 4,500 crore at the end of the 2007-08 financial year. The report gives a one-year price target of Rs 373 for the stock. The stock closes at Rs 273 the day the report is written.

January 2009: The same brokerage releases a hurriedly-compiled report suspending the previous rating. "Low market cap, high cash status no longer holds," it says. On 7 January 2009, the founder of Satyam Computers admits to inflating cash and bank balances by Rs 5,040 crore, overstating debtors' position (money lent) of Rs 2,650 crore as against the actual figure of Rs 490 crore and non-disclosure or understatement of liabilities worth Rs 1,230 crore.

The Satyam accounting scam, one of the biggest in India, left millions of investors in the lurch, as the stock fell from Rs 179 to Rs 23 in one trading session.

The inability of stock analysts to identify the 'gaps' in Satyam's books and ring warning bells proved costly for investors. Had investors known the basics of reading financial statements and techniques used by companies to report false numbers, they would have asked their advisors a few valid questions about Satyam's finances.

Some would argue how lay investors could see red flags when experts failed to do so. It's a valid argument, though we believe that with a little bit of learning you can see what professionals cannot.

We discuss a few common forms of accounting frauds companies indulge in and signs that may alert you to wrongdoing -

FINANCIAL REPORTS

A company's financial health can be gauged through three statements - balance sheet, profit and loss account and cash flow accounts.

A balance sheet records a company's assets (land, machinery, inventory, cash balance, investments, loans given), liabilities (loans taken, income tax payable, tax liabilities) and owner's equity. It is generally prepared annually.

A profit and loss statement (or income statement) records a company's earnings and expenses. Any company whose shares are traded on exchanges is required to release its income statement every quarter.

A cash flow statement tells us where cash is coming from (inflow) and how it is being used (outflow). There are three types of cash flow-operating cash flow (sale of goods, revenue from services, interest/dividend received, payment for purchases, payment for operating expenses), investing cash flow (sale and purchase of assets, sale and purchase of debt/equity, loans advanced to others) and financial cash flow (issue of equity shares, borrowing, repayment of debt).

Notes to accounts are important as they detail the accounting policies followed, pension and other post-employment benefits and potential liabilities/losses.

MANIPULATION OF STATEMENTS

There are many items in financial statements for which companies use different policies. These are inventory valuation, investments and fixed assets, conversion of foreign currency and asset depreciation.

Companies often manipulate these to inflate revenue, assets, cash inflow and understate expense, liabilities and cash outflow in financial statements.

INFLATING EARNINGS

1) Lending to customers: Sometimes companies lend money to customers to buy their goods. This way they can report high revenue in the income statement and high receivables (treated as an asset) in the balance sheet.

2) Trade stuffing: Companies use this usually just before the end of a reporting period. They ship goods to customers even though the latter may not need them immediately. This increases sales ahead of the reporting period.

3) Understating provisions: Companies often allow credit sales on generous terms, sometimes even to customers with a poor credit history. Ideally, in such sales, the company should set aside a higher amount for bad debt provisioning. This amount is recorded as a liability. Understating such liabilities is another way of 'enhancing' the financial statement.

4) Round-tripping: This means getting into fictitious transactions with related parties to inflate revenue. In round-tripping, a company sells unused assets to a party with the promise of buying back at a later date at the same price.

UNDERSTATING EXPENSES

1) Spreading out expenses:According to accounting norms, if an expense has been made for acquiring an asset whose benefits the company will avail of over a long term, the expense is to be reported in the books in a spread-out manner over that period. The process is called capitalising. Companies often use this to delay recognition of short-term expenses.

2) Cookie jar accounting: Companies put aside money for possible loan defaults. Some companies, during periods of high revenue growth, increase the amount and release the same during periods of poor revenue, offsetting the impact of low sales growth. Among other common forms of financial statement manipulation are revaluation of assets, showing unrealised gains as profits and assigning higher values to fixed assets.

3) Off-balance sheet items: Some assets/liabilities or financing activities are not fully recognised in the balance sheet due to the complexity of transactions involved. These include pension assets and liabilities, assets and liabilities of joint ventures and unconsolidated subsidiaries and lease arrangements. These are recorded in footnotes of financial statements.

Many companies resort to off-balance sheet financing by way of entering into joint ventures, research and development partnerships and lease contracts. Floating special purpose entities or subsidiaries to expand business is another off-balance sheet arrangement.

As the liabilities/risk involved in such transactions are not reflected in the balance sheet, one may draw wrong conclusions about a company's financial health. It is, therefore, necessary to check the footnotes of financial statements.

RED FLAGS

Some manipulations we mentioned earlier are difficult to detect even for finance professionals. Here are some indicators of rot in a company's financial books.

Continuous high level of cash, cash equivalents and current assets: Satyam Computers showed high cash balance over the years. Later it turned out it had inflated cash and bank balances by as much as Rs 5,040 crore.

Reported earnings consistently higher than cash flow: If cash flow from operating activities of a company is consistently less than the reported net income, it is a warning sign. The investor must ask why operating earnings are not turning into cash.

Sudden increase in inventory/sales ratio: This indicates the company may be inflating assets such as inventories.

Spurt in other income: Revenue sources recorded under other income are non-recurring and may include earnings from asset sales and closure of debt or debt restructuring. However, sources of earnings are seldom disclosed under this head. A sudden spurt should raise eyebrows.

Frequent changes in policies: Earnings and assets can be inflated by alternative accounting policies. If one sees frequent changes in these policies, there may be something fishy about the company's books.

Financial ratios not in line with industry peers: This could be due to inflated earnings, asset valuation or understating of expenses and liabilities.

Too many off-balance sheet transactions: If a company has been expanding by creating special purpose entities and has entered into many lease contracts, it is possible a lot of liabilities are not reflected in its balance sheet.

We have seen in the past that many respected and renowned companies have been charged with manipulation of account books. Therefore, investors must stop treating financial statements issued by companies as gospel truth and scan them carefully to detect possible foul plays.