In an age where corporate transparency and financial accuracy are paramount, the world of accounting investigations becomes more intricate with every new allegation. Allegations often arise unexpectedly, sometimes via whistleblowers, who shed light on questionable accounting practices or potential fraudulent activities. These claims can have serious implications, not just for the company involved, but also for its stakeholders, regulators, and the general public.
Enter Brian Loughman of Floyd Advisory, an expert with over three decades of experience in the field of accounting investigations. With his unique skillset and profound insights, Brian has assisted countless investigative counsels in addressing and resolving whistleblower allegations.
We sat down with Brian to delve deep into the nuances of these accounting investigations, from initial strategies after whistleblower revelations to recognizing potential red flags that may indicate accounting inconsistencies. We hope you enjoy this fascinating interview.
When assisting investigative counsel, how do you ensure seamless communication and coordination to achieve the right outcome for your client?
Typically, we are retained by investigative counsel in these matters and therefore, the attorney-client privilege doctrine applies to our work (as we act as an agent of counsel).
Counsel is often retained by the Audit Committee. We are also independent of the subject company. Maintaining privilege is a key objective throughout the process, and we have developed applicable protocols and practices to ensure the privilege is maintained and that an unintentional waiver does not occur. In addition, our professionals are trained on typical privilege issues so they can flag those for counsel if they arise in the field.
I have been doing this work for over thirty years and I find that you can never communicate too much with counsel (and other stakeholders) as the process unfolds. We often establish (at least) daily team calls in the early stages of an investigation with the legal team. This helps ensure that there is clarity of purpose and roles, and clear communication around focus and priorities. As the matter progresses, teams of attorneys and forensic accountants are usually “paired up” and deployed to workstreams and the communication process may become more decentralized on a day-to-day basis. But a full team call is still beneficial on a regular basis. It is also important to have a senior team member focus primarily on ensuring that the overall process is moving expeditiously, and to manage “roadblocks” or challenges in real time.
Oftentimes it is beneficial to have regular status updates with key stakeholders. It is key to ensure that the external auditor is briefed on the status of the investigation and is given ample opportunity to comment on the adequacy of scope. This is especially true if there are upcoming filing deadlines for financial reports that may be impacted by an ongoing investigation. There will sometimes be tension between the auditor’s information requests and the goal of maintaining privilege. In my experience, seasoned investigative counsel can navigate this issue successfully and ultimately the investigation will be completed, and the auditor will be able to opine on the financial statements within a reasonable timeframe.
Can you outline the key steps you would take when initiating an accounting investigation based on whistleblower allegations?
Counsel will often take the lead with document preservation and the suspension of routine destruction practices. Our initial role would be to review and understand the accounting and internal control allegations raised in detail and to develop a preliminary understanding of the universe of potential issues raised. If the whistleblower has come forward, we would seek to interview them as soon as practicable.
During the investigation, counsel will take steps to provide overall context for employees to help reinforce the need for confidentiality and to maintain privilege. In interviews, counsel will provide specific instruction about not discussing interviews with others. Often, company management will be keen to determine the identity of the whistleblower. Sometimes this may be part of an effort to evaluate the whistleblower’s credibility. Counsel will need to ensure that all applicable whistleblower protection laws are observed.
Once we have framed out our preliminary understanding of what the whistleblower is saying, we would then create an “issues matrix” that captures all concerns raised and lists the investigative work steps that we would take with the objective of evaluating each allegation and determining whether it has substance. The goal is to validate or refute each item based on the facts and to determine next steps accordingly. We also assess the likely materiality of the allegations and consider whether other aspects of the entity’s financial reporting process could be impacted (even if not directly addressed by the whistleblower).
Our workplan would include assisting on tasks that are usually led by counsel, such as interviews and electronic discovery, as well as tasks we would lead on, like forensic accounting work on the books and records and assessment of any potential internal control weaknesses, as applicable. In most cases, the company will have an internal team that can help get the forensic team oriented and gain efficient access to records and relevant personnel.
This can be a senior person in the office of the General Counsel or Internal Audit Department or sometimes a senior accounting executive.
We would also attend an initial meeting with the external auditors, so they can begin to fulfil their obligations related to the investigative process. In some matters, the company may retain crisis management consultants and/or a public relations firm to handle external communications (if the matter is publicly known). Sometimes we have been asked to help educate the communications team on the details of the accounting issues and associated risks to help them frame their approach.
In the context of accounting investigations, what are the typical red flags that might prompt further scrutiny?
When evaluating whether there are red flags present, it is important to understand the “normative model” of the company and, to some extent, the typical industry practices. For example, a division of the company may utilize an older general ledger system that requires a lot of manual journal entries to close the books each quarter.
Usually, the presence of a lot of manual journal entries is a common red flag as it may suggest inappropriate management override of controls or an attempt to “manage earnings.” On the other hand, if the practice is well known and visible to the company accounting team and external auditors, then it is likely to be worthy of some review but may not be a serious red flag.
Industry practices can also be relevant when assessing the likelihood of red flags being present. In some technology sectors, it is common for buyers to wait until near the end of the company fiscal quarter before they seriously negotiate a purchase of software (as they feel they will get a better deal). This can result in many sales being closed in the last few days of the reporting period. This may be a red flag and would require some review and analysis, but given the prevalence in the industry, it may not be a dispositive red flag.
The above is not intended to suggest that red flags do not merit scrutiny and analysis, especially if raised by a whistleblower. Rather the goal is to highlight that the context applicable to a potential red flag is very important and needs to be a part of the investigative analysis.
Some examples of typical red flags that can arise include:
Lack of sufficient internal controls over financial reporting related to revenue recognition – In this example, consider a business that manufactures complex medical equipment (e.g., sonogram machines, MRI machines, etc.) These items have hardware and software components. Often, the sales team will be keen to offer incentives to customers to encourage them to purchase the machine. These incentives can include free software upgrades in the future or other benefits that are not yet fully known or available (but are anticipated). These can impact the accounting treatment for revenue recognition purposes and there should be internal controls in place to ensure the details on concessions are tracked and recorded. If those controls are weak or not present, then that is a red flag requiring further analysis and review.
Management overriding internal controls over financial reporting over bad debt reserves - many companies use a formula-driven approach to the calculation of bad debt reserves. This is a function of the aging of the accounts receivable. Often, a progressive percentage reserve is applied to the total accounts receivable amount aged over the usual collection terms, and this formula will be documented in the accounting policies and procedures manual or monthly closing binders. The reserve may be calculated and recorded on an automated basis, or a calculation performed and recorded by a member of the accounting team. When you see additional entries recorded to reduce this calculated reserve, or it never being recorded at the calculated amount, then that can be a red flag that can suggest improper management influence over the reported results.
Disconnect between the reported results and actual experience – In this example, you can have a division or a subsidiary and the recent financial reports show that it is performing to plan and generating profits. When you talk to the team at the entity, you learn that cash flow is very tight, and they need frequent help from head office to meet expenses. This is a red flag that merits further review. Sometimes the explanation may be that major customers are late paying their invoices or there are other legitimate reasons for delays in payment (e.g., waiting for an engineering certificate of completion). An analysis should be performed to ensure that the reported results are accurate.
Overly complex and opaque monthly closing process with insufficient division of duties – This is a red flag that can often be present in smaller entities. It can also be present when there is only one qualified accounting person who is assisted by a team of clerks who do not understand financial reporting. The severity of the risk would depend on the specific facts and circumstances present.
Could you share an example from your past experience where you successfully identified and addressed an accounting issue raised through a whistleblower allegation?
In one case, a whistleblower who was working in the warehouse and logistics area, was concerned about slow-moving inventory, and pointed out that there were large quantities of materials lying around for extended periods of time with no apparent sales activity. Our work determined that an appropriate reserve for obsolete and slow-moving inventory had been established by the accounting team. It just wasn’t visible to the whistleblower and was not an issue.
In another case, an anonymous whistleblower alleged that the profits and cash were overstated at a small European subsidiary of a public registrant. This subsidiary had historically not been subjected to a full internal or external audit due to its immaterial nature. When we started to investigate, it became clear early on that there were numerous unsupported entries recorded by the controller locally, prior to the results being included in the consolidation process. This activity had taken place over several years and was ultimately material to the overall entity and a restatement was required. In addition, the controller had obtained and manipulated an electronic copy of a bank confirmation to fraudulently support the overstated cash balance.
What role does technology play in your investigative process, and how do you leverage it effectively?
Over the years, technology has continued to play an ever-increasing role in the investigative and forensic accounting process. Thirty years ago, I remember doing investigations where the team would routinely print out most of a custodian’s emails and read them for relevance. Thankfully, we have made significant progress since then. At the same time, the volume of data has exploded, and you cannot investigate without using a variety of analytical tools and technology to increase efficiency and help reduce or eliminate non-relevant information.
We review emails and other electronic communications (internal messaging software, other messaging applications – if available) in our investigative work. We work with counsel to generate a list of search terms that are responsive to the whistleblower allegations and help review the resulting documents to inform our work. For this process to be efficient, you need to be very thoughtful with the search terms and go through an iterative process to ensure you are not generating too many false positives. I have seen clients leverage various technologically assisted review tools and in general, these are very helpful and increase the efficiency of the process.
My experience, especially internationally, is that many people will use non-business platforms to communicate in the ordinary course (e.g., WhatsApp in Latin America, WeChat in China) as well as other encrypted or ephemeral messaging apps. These communications are often not available to review due to privacy rules or inability to access. I find that email review is generally still very helpful to the investigative process, but you need to keep in mind that if people don’t want their communications read by others, they have various options outside of the company systems.
There are also some useful tools that allow you to search unstructured data that may reside within the structured financial records. Many general ledger systems include the ability to comment on specific transactions. This can be manual journal entries or other transactions. These types of notes are often helpful when investigating the provenance of accounting entries, as the company staff tasked with the entry input may want to remember the item and include a comment to help identify it as an unusual entry.
As the investigative field has grown over the years, there are also some tools created for the forensic practitioner. These can be helpful and include powerful financial analytics tools, modeling and predictive tools, data visualization, blockchain analysis and other items. I have also seen some matters where it is helpful to scrape social media to see what commentary is made by relevant individuals and to consider that in our analysis. To date, I have not personally leveraged any generative AI tools in the investigative process. I believe there are various tools in development so we will see what the future holds in that regard.
How do you communicate your findings and recommendations to clients, and stakeholders (e.g. the external auditor)?
As mentioned above, it is critical to communicate with all stakeholders frequently. In most situations, that communication will be a live discussion on a zoom call and may involve sharing some applicable company documents. Often the ultimate client is the Audit Committee, and we would expect to brief the full committee regularly, with more frequent updates for the Chair. Working with counsel, we typically have fulsome discussions with the Audit Committee about our progress, estimated completion schedule, what we are finding and the likely nature of required remediation, if applicable.
After the initial meeting to introduce the forensic team to the external auditor, there will likely be a lot of interaction as the facts are developed. The level of interaction will depend on the nature of the whistleblower allegations that we determine to have substance. Sometimes, the allegations are wholly immaterial or do not have merit and the external auditors will want to understand the work that was done and have the company explain its determination and everyone moves on. When you have what appears to be material allegations that have substance and perhaps may implicate senior management, then I would anticipate extensive interaction with the audit team and a lot of requests for information that counsel will need to navigate. Ultimately, it is always important to keep the auditor “in the tent” as if there are material issues, the company will need to work towards getting the financial statements restated and filed as promptly as possible. Keeping the auditor up to date as facts develop and giving them time to analyze and reflect on what they feel they need to do is the best way to get the company beyond the investigative challenge and have its financial statements filed.
Given the potential for regulatory implications, how do you coordinate with regulatory authorities during an accounting investigation?
Counsel typically manages the process with the regulators and will inform our approach, but we will often be involved and can bring context to the accounting issues at hand as well as internal control over financial reporting and material weakness or restatement issues (if applicable). In my experience, when dealing with the Securities and Exchange Commission, there will usually be an accounting person assigned alongside the lawyers. We can help build a relationship with that person and provide relevant information if instructed by counsel to do so. Similarly, I have interacted with CPAs from the Federal Bureau of Investigation when engaging with the Department of Justice on certain matters.
About Brian P. Loughman
Brian P. Loughman is a Partner at Floyd Advisory. He has extensive experience advising outside counsel, executive management, and other stakeholders on a wide range of forensic and integrity related matters. Brian’s clients have included Fortune 500 companies, private entities and various law firms. He has managed numerous investigations and remediation efforts for audit committees, management, trustees, and outside counsel. Investigative topics have included accounting fraud and restatement issues; bribery and corruption; trade compliance; and occupational fraud and money laundering. Brian’s experience also includes leading cross-cultural teams investigating and remediating potential corruption violations in Asia, Latin America, Africa, the Middle East, Central and Eastern Europe.
Prior to joining Floyd Advisory, Brian was the Global Markets and Americas Leader for Ernst & Young LLP’s Forensic & Integrity Services practice. He was also a member of Ernst & Young LLP’s Americas Assurance Leadership team. He is a Certified Public Account in New York, Certified in Financial Forensics (CFF), and a fellow of the Institute of Chartered Accountants, Ireland. Brian has spoken extensively on topics including investigative and integrity issues, anti-corruption compliance, and other related issues. He is the co-author of “Bribery and Corruption – Navigating the Global Risks.”
About Floyd Advisory
Floyd Advisory LLC is a consulting firm providing financial and accounting expertise in the areas of accounting advisory, SEC reporting, transaction analysis, business strategy, forensic accounting, fraud investigations, and valuation. Our team has significant experience analyzing accounting transactions and guidance in various settings, including business disputes, board-level investigations, white-collar defense matters, and bankruptcy settings. We have the skills and credentials necessary to gain the respect and confidence of the executive suite, company boards, the courts, regulators, and law enforcement professionals.
Brian P. Loughman
Partner, Floyd Advisory
1 Penn Plaza, Suite 3310
New York, NY 10119
Tel: +1 646.449.7268
Email: bloughman@floydadvisory.com