NEC Fraud and Segregation of Duties

Just came across an article on CFO.com, which will make an easy case for the need of GRC software.

NEC  details major fraud http://www.cfo.com/article.cfm/9277053?f=rsspage

Fake orders resulted in $4 million in kickbacks. Meanwhile, internal investigations continue.

Officials at NEC Corp. said the company discovered that fraudulent transactions had been carried out by 10 employees taking part in a tax assessment during the seven-year period ending March 31, 2006. The Japanese company, which is already embroiled in a major accounting scandal, said that fraudulent transactions amounted to roughly $18 million, according to its U.S. regulatory filing.

The company explained that NEC employees instructed contractors to create fictitious orders using the names of subcontractors. NEC’s employees received about $4.1 million in kickbacks from the subcontractors, and used it for personal purposes, noted the filing. Altogether, 17 contractors and subcontractors were involved.

The company explained that the fraud was not discovered for some time because the system enabled validation of the orders through confirmation by the same employees that made the orders. In response to the controls deficiency, NEC established a system at the end of last year by which confirmation is carried out by a third-party administrative division, it added.

In addition, NEC is ensuring investors that “all of its employees are aware of and placing maximum priority on compliance.” The company also said it has established a variety of training opportunities, highlighting examples of misconduct. “NEC will continue to take every action possible to further strengthen countermeasures … to prevent a recurrence of these kinds of fraudulent transactions,” said the filing.

Reuters pointed out that last year the company restated its earnings three times. The first revision was required after the company discovered that an employee at a subsidiary had inflated sales figures, according to the wire service.

——————————————————————————————

This is a classic example of the need for segregation of duties (SOD) to avoid conflict of interests and prevent fraud.  For some companies, internal control is not considered as important as running business, until they find they actually suffer financial loss because of the lack of control. These kind of reports do capture CFO, CEO’s eyes and make them rethink about compliance. Product focusing on SOD, such as Virsa, Approva and LogicalApps is an easy sell! Even for companies in China, who are not listed on US stock market, will be easily convinced to buy, if the application can prevent the fraud and save them money. SOD is also a relatively mature catagory in GRC product family, because it was in demand before SOX was introduced.