casino.com - casino poker

To investigate, the internal audit department received about 30 food-and-beverage comps to use in a sting operation over a two-week period. Authorized by several different executives, some of the comps had designated dollar amounts while others were unlimited. The internal auditors, posing as typical casino patrons, visited the restaurant on varying shifts and days of the week. Their only restriction was that they were required to use significantly less than the full value of the comp.

After each visit, the auditors recorded the time; server's name; comp-slip number; items ordered; check total; and, if possible, the guest check number. The auditors would also leave the restaurant without signing the guest check. The following day, the auditors would pull their guest check from the accounting department. If the amount was consistent with the previous day, they made a copy and retained it for their files. However, if any alterations were made to the amount, they retained the original check and replaced the accounting department file with a copy.

At the end of two weeks, the problems were clear: In the 30 visits to the restaurant, three servers had misused eight checks. Further investigation revealed that when the servers obtained an underused comp ticket, they would use one of two methods to falsify the records and pocket the unused portion. The easiest way was to switch the comp ticket with a higher-dollar guest check that was paid with cash. The server would settle the check, apply the first guest's cash payment to the smaller check, and pocket the difference. To accomplish the second--and more difficult--technique, the servers would transfer items from a check paid in cash to the comp check and pocket the amount transferred.

Both methods could have been averted if there hadn't been such a widespread lack of controls. The restaurant's system allowed servers to ring and void the items on the guest checks, make check-to-check transfers, and handle check settlements. Had segregation-of-duty controls been in place, such as hiring a cashier to handle check settlements, this type of fraud could have been deterred.

In addition, the comp slips, although serially prenumbered, were not cross-referenced to the guest checks to prevent switching. In a manual comp system, the host should write the comp ticket number on the guest check. Some casinos have implemented adhesive comp slips that can be attached permanently to the guest check to prevent switching.

Finally, the restaurant's guest-check procedures enabled servers to leave checks open for an indefinite amount of time, making them easier to manipulate. Restaurant management should print an open check report to review for checks left open--and vulnerable--longer than normal.

Once the internal audit team assembled the evidence, the case was presented to the gaming authorities. The servers were subsequently arrested--at work and in front of their co-workers--with the intent of using this situation as an example to others. Although the total amount of the theft was not discovered, there was a measurable change in revenues in the three months that followed the arrests. The restaurant's total food and beverage revenue remained about the same, but the ratio of comp-to-cash sales significantly increased, with a higher percentage of sales coming from cash. Interestingly, the other restaurants in the casino realized the same benefit.

LAS VEGAS CHAPTER

UNUSED CREDIT

An auditor on a routine store audit was talking to the store's manager about how well the audit was progressing. Coincidentally, a customer approached the counter during their conversation and told the cashier that her statement did not reflect her last payment. The manager had left the counter to receive a delivery and the cashier was not sure how to handle the situation, so the auditor came over and explained to the customer that the company would research her payment to see what had occurred. He asked her for copies of her receipts and cancelled checks, which she had agreed to provide.

The auditor then asked the cashier and assistant manager to pull the activity register, payment register, and copies of the deposit slips for the day in question. When no record of the payment was found, they expanded their review to a few days before and after the date on the receipt. Still finding no record, the auditor took over the research, reviewed the previous 30 days, and noted several discrepancies between names on the payment register and those on the deposit slips.

The following day, the auditor asked the credit manager for help with the customer's account. She explained it away as a misposting. The auditor then told her that he had tried to verify that they were simply mispostings and, in the process, had found several other questionable items totaling more than $20,000. At that point, the credit manager broke down crying and said she needed extra money for family problems. Had that been true, the auditor realized, the credit manager could have taken advantage of the company's long-standing practice of loaning loyal employees money for just such a situation. Although the credit manager knew about the program, she chose not to use it.

The credit manager also told the auditor that she had records at home detailing all misappropriations. To avoid prosecution, she agreed to surrender all her records and pay restitution. In the end, she was terminated and left in worse financial shape than before her days of crime began.

CENTRAL FLORIDA CHAPTER

AN UNSUPPORTED STRUCTURE

The auditor had performed a quick analysis of expense codes to determine which ones would be included in the audit of expenses paid by the branch office. One of the three largest variances was for monies charged by attorneys outside the company--legal fees. When the auditor saw this, he wasn't particularly surprised because legal fees fluctuate wildly from one year to the next and consequently are difficult to budget.

Nevertheless, in a quick review of 30 items, the auditor began to notice that almost half of the items did not have support. When he asked the supervisors about this problem, he learned that attorney bills were run through an online process that reviewed bills for propriety. The bills were originally sent to employees who were responsible for review and payment. They would scan the documents and submit them electronically to the review service. Once the review was complete, the employees would be notified and would pay the bill. They would then transfer the electronic documentation to the company's electronic database, which is what the auditor was reviewing.

Although the auditor was able to find all documentation in the review service's database, he realized that the supervisors, who were usually strapped for time, probably weren't taking the time to look up the support. When the auditor began asking how the supervisors completed their file reviews, he discovered that looking up support in two different places was more work than most supervisors felt they had time to do.

As a result, all employees were reminded of the need to ensure that proper documentation appeared in the company's database, and supervisors were instructed to document any exceptions. But perhaps more importantly, management stressed to supervisors that a complete review was impossible without looking for all documents. The department is now going back through the previous year's files to determine whether part of the budget variance stems from payments that were duplicated because backup support was not found in the company records. The auditor did an excellent job of looking beyond the financial aspects of the audit and into the operations that supported the control structure.

PHOENIX CHAPTER

"Roundtable" has always been a favorite among our readers--a forum for sharing audit information and findings and learning from others' experiences. But just as the profession is evolving, so too are the types of stories readers enjoy and value. As a result, Internal Auditor is encouraging the submission of audit stories that reflect the new age of internal auditing--those that emphasize best practices, use of technology, and value-added results.

Please send your stories to:

J. MIKE JACKA, Farmers Insurance Group

18444 N. 25th Ave.

Phoenix, AZ 85023-1296 USA

Fax: +1-602-863-8588

E-mail: mike_jacka@farmersinsurance.com

CONGRATULATIONS TO THE CENTRAL FLORIDA CHAPTER for submitting the April 2004 winning "Roundtable" story. In "Right Controls, Wrong Culture," the annual task of auditing military club systems was delegated to the U.S. Army Audit Agency. Standard audit procedures at the time were to review various reports generated by the clubs, including cash count sheets, physical inventory counts, and reconciliation reports. Because the cash reports never varied, the inventory was never short, and there was never an unexplained variance in any reconciliation, the auditors conducted some additional testing.

Auditors stationed at the clubs found rigged shot glasses and hamburger meat filled with cereal. It quickly became apparent that the staff was conspiring to skim approximately 20 percent of the sales. They were pocketing every fifth sale without ringing it up in the cash register. They also made sure that all cash counts, reconciliation reports, and inventories agreed to the item. The auditors recommended more supervision by the club custodian and encouraged better customer awareness of club operations.

Internal Auditor awards a gift certificate to the affiliate, chapter, or individual submitting the best "Roundtable" story in each issue. Individuals interested in claiming the certificate should contact their affiliate president. Each submission is worth five chapter achievement program (CAP) points and furthers The IIA's motto of "Progress Through Sharing."

EDITED BY J. MIKE JACKA

casino.com - casino poker

Menu