I’m no fan of Sarbanes-Oxley because I believe it was ridiculously expensive, and hasn’t really produced any meaningful results. Fraud is just as rampant as before SOX became law, and the only thing companies have to show for it is a huge bill from auditors and consultants.

But let’s suppose for a minute that SOX really is a good thing because it forces companies to take a harder look at internal controls. As a small public company, Koss wasn’t yet subject to audits of their internal controls.

As a public company with a market cap well below $75 million, Koss is a non-accelerated filer and therefore not yet subject to Section 404(b) of the Sarbanes-Oxley Act, which requires an external auditor’s review of internal controls over financial reporting. The company must perform its own review of controls and assert in its financial statements whether those controls are adequate (that is Section 404(a) of SOX), but they are not required to get an auditor’s opinion on those controls.

And clearly Koss had almost no internal controls over the finance function.

My comments on the internal controls and Grant Thornton’s work:

Tracy Coenen, a forensic accountant and fraud examiner at Sequence Inc. who has been following the Koss spectacle closely, notes that Koss had no formal internal audit function, and that certainly could have been a red flag to Grant Thornton that the quality of controls would be suspect. But there’s no way to know from publicly available documentation what the auditor thought of Koss’s controls.

Coenen says the audit fees Koss paid to Grant Thornton were low enough ($151,300 in fiscal 2009 but only $71,400 in 2008) that one can’t help but wonder how much audit work actually occurred. Kyviakidis, on the other hand, says auditors have enough pressure about fees and legal liability these days that the amount paid may not reflect the amount of work that truly went into the audit.

Even if Grant Thornton had been required to take a harder look at the internal controls at Koss, I doubt that the fraud committed by Sachdeva would have been discovered sooner. Maybe it would have. But that’s not a foregone conclusion. Sachdeva likely knew exactly what the auditors were looking for each year, and hid her fraud accordingly.

This is a great time to talk about internal controls over fraud by executives. It’s certainly an issue that needs to be visited by all companies. It certainly is a huge problem, but I’ve always said that the problem of fraud is not going to be solved by regulations. It’s going to be solved by companies being proactive about preventing and detecting fraud. Shareholders and management need to force the issue so that companies are “encouraged” to police the issue of fraud by executives and make substantive changes that reduce the fraud risks and fraud losses.

A new essay recently posted on the False Profits Blog addresses a question many of you  have raised.

Why are multi-level marketing pyramids and financial ponzis able to ensnare so many people today? What is the power behind this Main Street epidemic?

This question goes beyond the lack of law enforcement, the failure of the FTC and SEC, or the difficulty of grasping “exponential expansion.”

The False Profit Blog ventures an answer: It is that pyramid schemes, operating as multi-level marketing, are a new form of fraud that public awareness and law enforcement have not caught up to. This new form of fraud is called “marketing fraud.”

Marketing fraud evolved from the earlier  stages of “product frauds” and “financial frauds.”  Its uses bogus or overpriced products and deceptive money transactions like older models of fraud do, but that is not the heart of this new fraud. The power of this fraud is in marketing. It employs the most powerful tools of business today — branding, positioning, community and identity — to swindle.

Like all powerful marketing, frauduklent marketing promises to fulfill basic and crucial needs, much more valuable  than just money or the hyped up benefits of products. The needs that these pyramid marketing scams claim to fulfill address people’s deepest longings and their greatest fears. The sophistication of the marketing program, complete with Washington DC lobbyists, trade association, “education” foundation, gifts to charity, celebrity endorsements, sports sponsorships, national conventions, and church affiliations – prevent many in the media and government from grasping the extraordinary deception or to accept the devastating financial consequences they inflict on millions of people. Even many of the victims cannot believe they were defrauded by an organization of such benevolent outward appearance. Many choose instead to take on personal blame for their misfortune rather than face this reality. Powerful marketing, whether in the employ of legitimate business or pyramid frauds, has the ability to transcend verifiable reality and hard cold facts with its own fictional narrative.

The blunt instrument used by marketing frauds to carry out their theft is the “endless chain” or “closed market” a.k.a. pyramid scheme.  This is a classic swindle but is now carried out within a  marketing program so powerful it leads the victims not only to fall into the financial trap but to to support the perpetrators against exposure and to enroll their  closest friends and relatives into the scam as well.

I will appreciate your comments and thoughts on the Blog.

Sincerely,

Robert L. FitzPatrick, Pres.
Pyramid Scheme Alert

The indictment is interesting. Not only did she use company funds to pay her American Express bill as we had heard, she’s also been accused of getting cashier’s checks from a bank account belonging to Koss, writing Koss checks to Petty Cash and keeping the funds, and using Koss traveler’s checks for personal purposes.

People are suggesting Sachdeva had some sort of sickness, an addiction to shopping. Her attorney is quoted:

“It is obvious there are some unusual facts and some unusual behaviors being alleged,” Michael F. Hart said in an interview. “We intend to show that mental health issues played a substantial role in Ms. Sachdeva’s conduct.”

My guess is that it was something else. I think she was reselling the merchandise paid for with money stolen from Koss.  There were massive amounts of clothes found in storage, including 461 pairs of shoes and 34 fur coats. The clothing she bought ranged in size from 8 to 14. She couldn’t have worn that range of sizes, but that range would have been perfect for someone retailing the merchandise. I bet we’re going to hear soon that Sachdeva was selling this merchandise to domestic and overseas retailers at a fraction of their wholesale value.

And what happened to all the money? The media and federal indictment report some of the personal use of the funds: travel, hotels, airfare, home renovations, personal services, and household furnishings. My guess is that there will be another use of the funds revealed soon. These things don’t seem to add up to all the money missing from Koss.

There still are no clues as to how Sachdeva hid the fraud from Koss management and Grant Thornton (the auditors). The indictment merely says:

(f) To conceal her fraud, Sachdeva made, and directed other Koss employees to make, numerous fraudulent entries in Koss’s books and records to make it appear that Sachdeva’s fraudulent transfers were legitimate business transactions.

(g) Sachdeva concealed, and directed other Koss employees to conceal, her fraudulent transfers, as well as the fraudulent entries in Koss’s books and records, from Koss’s management and its auditors.

There is no hint as to what kind of entries were made on the books to conceal the fraud. There is also no information regarding whether the employees knew that they were doing something wrong. (They may have just been doing their jobs, with no inkling that Sachdeva was directing them to do something shady.)

The fraud seemed to be going along fine until Sachdeva got too greedy. The amount of theft gradually increased each year, which probably made it easier to hide. Then in late 2009 (which is fiscal 2010 for Koss) she got greedy and stole much more in a six month period than she ever had in one year.  Of the $10 million she allegedly stole in late 2009, here are the wire transfers from Koss to Sachdeva’s personal American Express card that were listed in the indictment:

• September 4, 2009 $250,000
• September 10, 2009 $760,000
• September 17, 2009 $600,000
• October 22, 2009 $618,595
• October 27, 2009 $400,000
• December 15, 2009 $350,000

So that brings us back to the issue of the auditors again. How did they miss a fraud of this size? I’ve come up with at least one scenario under which it could have easily gotten past them. If Sachdeva booked the theft to cost of goods sold, any yearly increase in this part of the income statement could be explained by rising material costs, and the auditors would likely be no wiser.

On commenter on the site Going Concern agreed that it would be relatively easy to hide the fraud from the auditors:

Look, the Company’s total revenues were $38 million in FY ‘09 and net income was approximately $1.9 million. I am going to to a rough assessment that materiality was within the range of $90k to $200k.
A lot of chatter is coming out from a few people that they thought the fraud was based on posting low value, large volumes of expenditures to accounts where fluctuations/increases would not be observed during the fiscal year, and keeping the transactions off of the balance sheet (i.e.- all false entries recording the transactions were recorded as direct debits to expense and credits to cash, with no entries recorded in the last and first months of the year. Had they performed a test of details over the entries to test cost of goods sold, then in theory some of these would have popped up, and either Sue would have been forced to become an expert on photo-shop, or these entries would have hopefully triggered the need to bring in forensics.

• Safeguarding of Assets Fraud vs. Financial Reporting Fraud
Based on what the experts are saying about the nature of fraud (i.e. – cash outflows were recorded in the period incurred, and posted to expense accounts with large volumes of activity already in order to minimize the significance of these variances), this fraud technically was recorded to the financial statements, and accordingly, the net income, net change in cash and balance sheet at year-end were not misstated.

Misappropriation of assets, while both a theft of shareholder value, and a presentation issue in terms of classification of these costs, did not result in a misstatement of net income and EPS, which is typically the risk auditors are most concern about, restatements of EPS for a given year.

• Cost of Sales TW
I am suspecting that GT most likely tested COGS using some form of gross margin analysis. Often, teams will allow for a larger precision level if an appropriate level of balance sheet work is performed. If we assume that fraud truly started in 2005, then we can assume that margins back in 2004 and SG&A in 2004 were appropriate and sans fraud. If I assumed that the margins were the same throughout 2005 – 2009, and SG&A only grew by 4% (approximation of CPI over the period), this explains approximately $12.7 million of fraud.

This tells me the following that the Company’s management was cutting actual costs in a reaction to increased SG&A costs (in part due to fraud committed by Sue Sachdeva (allegedly)), only to have even greater volume of fraudulent expenditures posted to the P&L. This is funny both because Sue’s ability to increase the fraud in this scenario would be due in part to the even great cushion made available from the actual costs savings. But this is scary because is shows just how predictable auditors can be. I am guessing that there was a lot of “trend” analysis involved by the auditors, and that they used a lot of inquiry to get through this.

• Audit Fees – I am not sure how a public audit of an entity like this could be done at $50,000. I am betting that a large reason for this was because GT has a very simple approach towards auditing the income statement, and relied on balance sheet work. If you look at the Company’s balance sheet, this could easily be accomplished at year-end with likely small sample sizes, and minimal effort. I bet the audit team consisted of 1 Partner, 1 Concurring, 1 manager and a Sr. associate and a first-year or intern.

Trying to make enough money on this audit to justify the Partner’s take home would left little room for the team to spend extra time and effort to specifically test for inappropriate expenditures.

It’s easy to say that the auditors should have caught the fraud. That’s said all the time when a big fraud hits the media. But the fact is that audits rarely find fraud, and relying on the auditors to find fraud is silly. Sure, we can think of a bunch of ways that auditors could have found a fraud if they looked in the right places. But the auditors are not finding fraud. Let’s stop pretending that auditors do find fraud, because they don’t.

Accounting standards exist so that financial statements have some uniformity. Users of financial statements outside of the companies producing the numbers are able to compare financial statements and understand what the users mean because standards have … standardized… financial statements.

U.S. GAAP has been around for about 75 years. But in 2008 the SEC declared that companies would start switching to IFRS soon, with all companies using IFRS by 2016. Why the switch? Well some argue that there are two main reasons why we should switch to IFRS:

1. It is in the interest of international business. Financial statements for U.S. businesses will be easier to compare to businesses in other countries.
2. There are too many rules in GAAP. IFRS is “principles based,” which means there are fewer hard and fast rules, leaning more toward guidelines which management uses their judgment to apply.

The switch from GAAP to IFRS won’t be cheap. It’s estimated that it will take a company 2 to 3 years to make the transition, and it’s going to be an awful lot of work.

IFRS is easy to criticize. Allowing management more judgment in applying the principles to their company’s books leaves more room for financial statement manipulation. As a forensic accountant, I can certainly see how abuses may be more prevalent. Just look at GAAP-based financial statements – - the accounts most at risk for manipulation by shady executives are the ones in which management apply estimates and judgment.

Professor Albrecht says:

Switching the United States from U.S. GAAP to IFRS is desired in the U.S. only by large audit firms, CEOs of large multinationals, and SEC regulators and their staffs.  Investors, rank and file accountants and accounting professors oppose the move.  Audit firm principals and corporate executives stand to profit, one way or another, by billions and billions and billions and billions of U.S. dollars.  It is self-debasing greed.  It is avarice of the corrupted soul.

Let us not be fooled. Accountants and auditors are not in business for altruistic reasons. They don’t exist because of a great love for numbers and a deep desire to help craft the most accurate financial statements ever. They’re in business to make money. And make money they will if companies are forced to move to IFRS.

Large accounting and auditing firms are making scads of money. And this chart from The 2009 Big Four Firms Performance Analysis demonstrates it nicely.

Professor Albrecht notes that Sarbanes Oxley helped the accounting firms make a lot of money, but most of the revenue growth related to SOX was over by 2005. So what is behind the growth since then? Growth in consulting fees.

And what will drive revenue growth in the future? The adoption of IFRS. The amount of money to be made by providing consulting services to companies making the switch will be huge.

And will financial reporting improve? No. In fact, the reliability of financial statements from companies using IFRS will go down because it will be much easier to manipulate earnings.

For example, the company touts average income of $802.62 per North American distributor per month. But that’s very misleading. The income is very top-heaving, meaning a select handful at the top of the pyramid make a lot, and almost everyone else makes nothing. Further, this is gross income, not net. Associates have to pay all their business expenses out of this, leaving them with much less at the end.

And the truth is that Usana has an ugly history of manipulating the “earning” figures to make it look like distributors are earning more than they really are.  Take a look at the reality. The bottom 64% of associates make nothing. The bottom 92% of associates make $6 per week or less (still with that 64% making nothing).

Indeed, Usana is just like all other multi-level marketing companies: Almost everyone who participates loses money. It doesn’t take a lot of guesswork to figure this out. Usana’s own numbers prove this reality.

Following the first report, several updates were issued. It was determined that Usana executives and board members had been lying about their credentials. FDI demonstrated how little product Usana reps are actually selling. And FDI criticized Usana for knowing about illegal sales of its products in China (where multi-level marketing was illegal), and actively participating in the process.

Usana filed a lawsuit against Barry Minkow in late 2007, but eventually the lawsuit Usana filed against Minkow was settled. First the court made Usana pay Barry Minkow’s legal fees. It was clear that Minkow was winning the court battle. Then Usana came to its senses and dropped its lawsuit after agreeing to pay Minkow an undisclosed sum of money.

Little has been heard about Usana since, but it’s time to revisit the issue of sales in China. Right before the release of FDI’s report on Usana sales in China, the company acknowledged what a lucrative market China is:

For us, China is a wait and see, with the laws the way they are and currently they are throwing more laws and getting stricter.  We see that as a very difficult environment to be successful.  We are waiting to see if some of the other companies crack the code and come up with a way to be successful there.  We have not seen a lot of success from our competitors.  We do not want to jump into that situation that has not been successful for others.  So we are going to have things going slowly in the sidelines, keeping an eye on it and watch it till we believe it is a potentially successful market for us and then we will pursue with great speed.

Minkow released his report on illegal selling of Usana products in China, and Usana was unusually quiet about the issue. No press releases. No discussion of it on conference calls. The issue died rather quietly.

But new information suggests Usana is well aware of the illegal selling of its products in China. An internal compliance training document shows that Usana knows all about illegal sales:

IV. What is the biggest market that buys our products that we are not eligible to operate in?

i. Once again I couldn’t give you an exact answer on this. Since I work with our Asian markets, I know that a large sum of product ends up in China, but I’m sure product somehow gets shipped to other unauthorized markets as well…

Of course the company can distance itself from these sales by simply calling the participants “rogue associates”:

VI. Question #6: Which market experienced the greatest sales growth from 2007-2008, and by how much?
i. Answer: East Asia (Hong Kong mainly and a little Taiwan), increased by almost $13 million.
ii. Things to look out for – rogue associates in Mainland China, trying to order US product.

Is Usana doing anything to cut down on these illegal sales? It’s hard to know, but they certainly haven’t addressed the issue publicly. Why would Usana choose to not enforce the rules with its associates? Probably because the market in China is so huge and there is a lot of money to be made. The company doesn’t have to take any serious actions if regulators aren’t pushing the issue. They can sit back and collect their money, knowing that someday illegal sales in China might come back to bite them, but knowing that in the meantime they’ve made enough money from it to make whatever small punishment (if any) they receive worthwhile.

Why has Barry Minkow gone after multi-level marketing companies and why does he continue to go after MLMs? Because people are literally losing billions of dollars each year to these schemes which promise riches and deliver financial devastation to almost everyone who participates. People sign up with the intention of making money (maybe even just a little bit) and end up spending far more than they ever earn.

Are you one of those who thinks Barry Minkow is just a hack… a no good felon who is up to no good? His track record speaks for itself. He has been responsible for uncovering almost $2 billion of fraud for law enforcement and stopping fraudsters in their tracks.

Disclaimer: I have no inside knowledge of the situation at Koss. I have never worked for or with them, and I have never worked for or with Grant Thornton, the auditors. I haven’t seen anything other than what’s been released publicly by the press. I am merely speculating.

The contention has been made that the auditors should have found this fraud, as they are required to consider fraud in planning and performing their audits. Further, the fraud is at an estimated $31 million (my guess is it will end around $50 million), which is clearly material to Koss.  “Material” generally means it’s big enough to matter to the overall financial picture of the company. With annual sales hovering around $40 million a year at Koss Corp., $31 million (or more) stolen over a 5+ year period is certainly material.

So how did the auditors miss it? That’s easy. Three simple steps by Koss VP of Finance Sue Sachdeva could prevent the auditors from encountering evidence pointing them to the fraud.

Again, it’s important to point out that I have no idea whether the auditors failed in their role. I have no idea whether things were uncovered in their audits that should have been investigated further, and which would have exposed the fraud if they had been investigated.

For purposes of this discussion, I’m asking you to assume the auditors did the right thing. Assume they properly planned and carried out their audits, even in light of the poor internal controls it appears Koss had. Pretend the auditors were diligent and thorough. How, then, might Sachdeva commit her fraud so that no one would discover it?

All it takes are three steps to make this fraud nearly undetectable in a company in which the other members of the executive team aren’t paying attention. (And don’t worry, dear readers, that I may be giving away any secrets to committing fraud and covering it up. Any serious fraudster already knows these three things.)

1. Keep the fraud off the balance sheet.
2. Keep all transactions below the scope of testing by the auditors.
3. Don’t commit fraud during the last month of the fiscal year and the first month of the following fiscal year.

Can it really be this simple? Yes, and here’s how.

Keep the fraud off the balance sheet: The substantive testing of the auditors focuses very heavily on the balance sheet. Probably 80% or more of the auditors’ work is spent testing balances on the balance sheet. The focus on the income statement is minimal because the theory goes that if the balance sheet is right, the bottom line profit is also right and a lot of testing does not need to be done on the profit and loss statement.

How could Sachdeva keep the fraud off the balance sheet? We’ve been told she used company funds to pay her own massive credit card bills. The accounting entry would credit the bank account (so that the account will always be balanced to the bank statement and not draw attention) and debit an expense account. Normally, paying a bill would require using accounts payable, a balance sheet account. But by skipping that step and going right to the income statement, this generally keeps the fraud off the balance sheet.  (Except of course for the use of the bank account, which I’ll address in point #3.)

Where on the income statement do you hide the theft? Ideally you would split it up between a number of line items. Cost of Goods Sold is probably one of the best areas to dump the theft because it’s likely one of the largest line items, and everyone agrees that material costs can vary in manufacturing. It’s easy to explain away an increase in COGS. Payroll will be a larger item too, so some of the fraud might be dumped there. Generally, you should consider using 5 or 10 of the biggest line items which won’t draw scrutiny if they increase.

Here is how Koss has said Sachdeva’s fraud was broken out between fiscal years, based on information available last week:

2005 – $2,195,477
2006 – $2,227,669
2007 – $3,160,310
2008 – $5,040,968
2009 – $8,485,937
2010 – $10,243,310 (two quarters)

With the company selling about $40 million of products per year, you can see how easy it would have been to conceal $2 million or $3 million on the income statement. As long as that amount is broken up across several line items, it likely won’t be noticed.

The dollar figures in the last three years were obviously much larger and probably a bit more difficult to conceal.  But remember…. By 2007, $3 million in theft was concealed in the income statement. That means in 2008, only $2 million of the total $5 million stolen needs to be hidden. The first $3 million in theft would already be in line with the prior year’s expenses and wouldn’t draw scrutiny.

The same thing goes for 2009. Presumably $5 million in theft was already concealed in 2008 and integrated into the income statement. Only $3 million extra (of the $8 million total theft) needs to be concealed in 2009.

Keep all transactions below the scope of testing by the auditors: Most of the audit work involves testing transactions. They can’t possibly look at all the transactions for the year, so they examine transactions on a test basis. If the testing turns out right (the numbers were recorded correctly, they add up the way they should, and the accounting rules were followed when recording the transactions), then the untested items are also deemed to be correctly recorded.

The auditors rely heavily on their “scope.” They’ll determine a number which guides the transactions they’ll test. Let’s pretend that $50,000 is the scope on an audit. When testing transactions, the auditors are generally going to look at transactions $50,000 and above. Any transactions of an amount lower than this are almost certainly not going to be tested.

It’s simple math that guides the scope of the testing. By testing the larger dollar amounts, the auditors get greater “coverage” in their audit. They can say they tested ___% of the dollars on the balance sheet. The higher the percentage of dollars tested, the more thorough the audit work looks. So by testing larger dollar items, the auditors get better coverage.

A CFO or VP of Finance (and many others in the accounting department) are well aware of the scope of the auditors. The auditors are not supposed to tell the client what the scope is, but it’s pretty easy to figure out when every request for documentation is above a particular dollar figure.

Suppose the scope at Koss was $50,000 (again, this is a completely made up number). Sachdeva would have to keep her transactions well below that figure to almost guarantee herself that the auditors would not look at those transactions. So she either needs to do wire transfers to her bank account of less than $50,000 at a time, or if she does wire transfers at or above $50,000, the transfers need to be recorded on the books in pieces smaller than $50,000. Obviously, the lower she keeps the recorded transactions, the less of a chance of detection by the auditors. (And it’s also advisable to record these transactions as odd dollars and cents – - such as $27,352.23 – - rather than large round numbers like $30,000 which are more likely to draw the attention of the auditors.)

This is where it makes sense to split up the transactions between several expense accounts. Again, focus on the expense accounts for which an increase could be easily explained and unlikely to be examined further.

Don’t commit fraud during the last month of the fiscal year and the first month of the following fiscal year: I keep getting asked why the auditors didn’t see these apparently large transfers to American Express on the bank statements. The answer is simple: They most likely weren’t looking at all of the bank statements, which is common in an audit. When auditing a bank balance on the balance sheet, the auditor is trying to determine whether the ending balance on the financial statement is correct. The ins and outs throughout the year don’t matter because of other testing done during the audit (or so the theory goes). The test is whether or not the ending balance is fairly stated, so that auditors are only going to look at the last bank statement of the year.

They will also look at the first bank statement of the next year, as they will do some work related to checks written and deposits made at the very end of the year, but which didn’t clear the bank until the next month. There are some other tests in various parts of the audit that may require the auditors to look at that first bank statement of the year.

So the trick is to keep the theft off the last bank statement of the year, and the first bank statement of the next year.

A disclaimer again: I do not have any information about how Sachdeva committed her fraud or covered it up. I’m speculating liberally here, and offering my theory as to how it could have been concealed from the auditors.

Accountants cite lessons learned in Koss scandal

Koss Corp: Anatomy of an Alleged $31 Million Fraud

Fraud Case Feeds Sarbox-Exemption Critics

Koss Corp. Fires Auditor as Alleged Fraud Loss Widens to $31 Million

Video: Embezzlement Scandal Grows In Koss Case

Koss’s $20 Million Embezzlement Should Be a Wake-Up Call to Execs

Koss Embezzlement Highest of ‘09

Koss Financial Records Will Get More Scrutiny in 2010

I’m not saying that Grant Thornton did a bang-up job when it comes to Koss. I couldn’t possibly know that without knowing exactly how the fraud was carried out (Koss still hasn’t said) and without seeing GT’s workpapers and taking a good look at what they actually did. What I am saying is that audits have so little usefulness and are so awful at detecting fraud, that it’s a given that a woman like Sue Sachdeva would easily be able to get away with a massive theft.

How often do we see an executive running off with a company’s money while auditors were hovering? We see it all the time.  Enron, WorldCom, and Tyco brought fraud by management to light, and the problem still exists several years later. Legislation such as Sarbanes-Oxley hasn’t cured the problem, in fact, a recent study by the Association of Certified Fraud Examiners found that the problem is even worse than before SOX. This is a persistent problem, one that auditors clearly haven’t been able to eradicate, so to suggest that Grant Thornton should have stopped the fraud (when all the other large auditing firms have failed to find fraud at their clients too) is nonsense.

My respected colleague Francine McKenna did a great deal of research and writing about why Grant Thornton shouldn’t get a pass in the Koss case. She’s found a lot of interesting information about Koss Corp., its finance function, its auditors, and its management in general. But instead of proving why this makes Grant Thornton guilty, it only seems to prove my original theory: that management alone is to blame for this fraud.

Francine points out the following notable facts:

• NASDAQ, where Koss was listed, does not require an internal audit function in companies. Koss did not have internal auditors.
• Grant Thornton’s planning of their audit work  required them to assess the company’s internal audit function, or in this case, Koss’s lack of internal auditors.
• The auditors were required to adjust their substantive testing (read: do more) based on the risk factors Koss presented per SAS 109 (AU 314), Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement.

Clearly there were issues with how Koss was managed. Francine writes:

If they had performed a proper SAS 99 review (AU 316), Consideration of Fraud in a Financial Statement Audit, it would have hit’em smack in the face like a _______ . (Fill in the blank.) Management oversight of the financial reporting process is severely limited by Mr. Koss Jr.’s lack of interest, aptitude, and appreciation for accounting and finance. Koss Jr., the CEO and son of the founder, held the titles of COO and CFO, also.  Ms. Sachdeva, the Vice President of Finance and Corporate Secretary who is accused of the fraud, has been in the same job since 1992 and during one ten year period worked remotely from Houston!

How do you audit a company like Koss which apparently had little to no substantive internal controls over the financial reporting process? Well you could examine every single transaction for the year. But obviously no company is ever going to pay an auditor the type of fee it would require to do this. So the auditors instead do some “extra” testing. If the extra testing turns out okay, all is deemed happy in auditland.

Sounds laughable, doesn’t it? But that’s what auditing is, whether we like it or not. Audits test. Audits sample. They hope they catch the big stuff, but often they do not.  Check out the number of articles returned by Google for a search for “auditor” and “lawsuit” for the last year.

There were obvious problems with the finance function at Koss. But at the end of the day, an audit needs to be done and someone is going to do it. No matter how awful a company’s management is, there is always an auditing firm willing to step up to the plate. Trainwreck Overstock.com is a great example of this. After numerous instances of financial reporting irregularities were pointed out by a variety of journalists and bloggers, Overstock fired Pricewaterhouse Coopers (PwC) and hired Grant Thornton. More issues, and Grant Thornton was fired less than a year later. And KPMG has stepped up to take over this financial reporting mess.

How often do auditors make “Management Recommendations” to companies? Every single year, the auditors complete their work and tell their clients where they could improve. Probably on the most frequently recommended list are better internal controls, better segregation of duties, and better ways to prevent the head of the finance function from overriding controls. And often companies ignore these recommendations, citing the fact that they haven’t had any problems (yet!) or that changes would cost too much.

I could suggest that auditors “man up” and refuse to work with clients unless they became more diligent about their internal controls, but doesn’t often happen. Some auditing firm is all too happy to accept a client recently fired by their auditors. And the auditors are reluctant to tell one another the real reasons why they quit or were fired. It’s just not good for business.

Frankly, I don’t know why any accounting firms even do audits anymore, especially of publicly traded companies. There is not enough insurance in the world to protect them from situations like this. Grant Thornton’s reputation will be tarnished in the Milwaukee business community for years to come, and there will likely be effects in other markets as well. Is it really worth it to do audits when this type of liability exists?

The problem with blaming the auditors in this case is that if we do so, then we should blame the auditors in nearly every other corporate fraud. Why? Find me a company that does not let the CFO hold the keys to the kingdom? Find me a company in which the CFO or VP of Finance isn’t able to override almost all of the controls.

Instead, we still play this game of pretend. We wish that auditors could be good at finding fraud and that they would really provide value to a business. Neither is true, and what is required is either an acceptance of this truth or a fundamental change in thinking regarding audits. Let’s accept audits for what they are, or completely change the process if we want audits to do something useful, such as find fraud.

The bottom line here is that the management of Koss Corp., and specifically wonder boy Michael Koss, is solely to blame for the $31 million fraud committed by VP of Finance Sue Sachdeva. No one was stopping Koss from asking the auditors to do more work or from hiring other professionals that could help improve internal controls and find fraud. The auditors are going to get sued, and they’ll have a hard time walking away without any liability. That’s just the way the game goes. Fraud is found, auditor has professional liability insurance, auditor gets sued, insurance company pays out at least something.

So  make no mistake, I’m not absolving Grant Thornton of guilt in this situation. The chance of them having some liability is great. But the blame needs to be focused on management at Koss Corp. Audits aren’t going to start finding fraud on a wide scale any time soon. But management can do something about fraud if they choose to. Koss did not, and now they are paying the price. They put themselves into this situation, and they are to blame.

Following the release of FitzPatrick’s first report last year, Medifast management came out with bizarre statements. The most recent version of their statement was included in a 10-Q filed with the Securities and Exchange Commission on November 9, 2009:

An Independent Committee of the Board of Directors of Medifast was constituted to review the public allegations of a third party “Convicted Felon” on his website.  The Independent Committee of the Board of Directors of Medifast Inc. recommended that the Company make a formal complaint to the Securities and Exchange Commission and the Attorney General of Maryland as it pertains to the convicted felon Minkow and his ”for profit” company’s false and misleading claims against Medifast. There are currently no pending matters of a material nature related to any government investigation of the case involving Mr. Minkow, his company, its affiliates or associates. Any actions related to any government investigation pertaining to this complaint have been deemed confidential at this time.

The problem is that the allegations weren’t made by convicted felon Barry Minkow. The allegations were made by multi-level marketing expert Robert Fitzpatrick, who has researched hundreds of MLMs.  Minkow didn’t make any “false and misleading claims.” FitzPatrick made claims based on Medifast’s own published numbers, none of which the company has refuted in any forum.

The madness doesn’t stop there, however. In reaction to FitzPatrick’s most recent report, Medifast issued a press release entitled “Medifast, Inc. Comments on False and Misleading Allegations.” It states in part:

The independent Directors’ Committee, after investigation of facts and information concluded the allegations were false, misleading, and/or without merit. The same is true for the re-issue of the report posted January 8, 2010 – the allegations are false, misleading, and/or without merit.

Yet the company has not seen fit to point out what might be false or misleading about FitzPatrick’s report. They have the data at their fingertips that could supposedly refute any allegations made, yet the company declines to provide any specifics.

Why not? Because FitzPatrick printed the truth based on Medifast’s own numbers. Apparently it isn’t bad enough that the company doesn’t tell the whole story about the business to either stockholders or health coaches. Now they’re maligning an independent expert who merely used the company’s own data to show what an awful “opportunity” TSFL offers health coaches, and how heavily the company relies on the recruiting of coaches to grow revenue.

Barry Minkow has issued an invitation to Medifast executives. He’s inviting them to point out exactly what is false or misleading about FitzPatrick’s report, and to provide the documentation that proves their points.  Certainly if there really are material points that FitzPatrick has made which are false or misleading, the company would like to immediately identify them? And Minkow has even offered to retract his statements about FitzPatrick’s report and apologize to the company in return for them backing up their allegations about the report.

Those recruiting for MLMs are quick to tell you about how much you can make if you sell their product (often glossing over the fact that you’ll have to recruit new people into the scheme in order to have any chance of making a living), but they will never tell you that it’s next to impossible. They forget all the reasons why people in these MLMs are selling so few products and making so little money from selling.

Fitzpatrick clues us in:

The income opportunity, based on the plan’s structure, rules, bonuses and commission schedule, primarily depends upon endless chain recruiting of more “coaches”, not on retail sales of its products. The cost of selling, competitive factors, and the paltry 15-20% commission offered on retail sales make that option a myth and facade to obscure the recruitment pyramid. The income scheme is a classic “endless chain.” The report also raised the question of the plan’s legality, its jeopardy under California’s statute against “endless chain” plans, and the risk of its being challenged by other regulators or by consumers in court as a fraud.

And here’s my problem with MLMs in general, in the words of Fitzpatrick:

The pay plan pays far more – per sale – to those who recruit other coaches than to those who actually sell products to consumers, and the greatest share of all commissions is transferred to those in the top positions of the pyramid.

That’s right… recruiting pays more than selling. The upline is making way more money off the sale of products than those actually doing the selling.

And here are some hard numbers:

• Top 1%  (1.28) of coaches receive 28% of all commissions
• Top 4% (4.25) of coaches receive 43% of all commission
• Top 10% (10.56) of coaches receive 67% of all commissions
• Bottom 50% (51.11) of coaches receive 6% of all commissions

Check that out. The bottom half of coaches only receive 6% of all the commissions the company pays. The above statistics are typical for MLMs…. unless you can get into that top tier of the pyramid (and almost no one does), you aren’t going to make any money.