Published on: 01 Jul 2016
What’s one way of increasing the chances of getting hold of someone’s password?
Does it involve the use of the very latest supercomputer? Does it involve some clever IT geeks hacking into a computer for you?
Or does it involve chocolate?
A recent bit of research published in the journal Computers in Human Behaviour attempted to find out how people are obligated by the kindness of others. Or in other words, if someone does something nice for a person, how likely is it that the person will be nice back to them?
The researchers in Luxembourg conducted a survey of random people in the street asking them about internet security including questions about passwords.
Some of the people interviewed were given chocolate and some weren’t.
30% of those that were not given chocolate revealed their passwords which to me is a surprisingly high percentage and just goes to show that quite often human stupidity is the weakest link in internet security.
For the people who were given chocolate at the beginning of the interview the figure rose to 44% and if the chocolate was given just before the question on passwords was asked an incredible 48% gave their passwords! Yes, nearly half of the people asked their passwords as part of a survey told a complete stranger their password if they had been given chocolate.
Andre Melzer, the author of the study said that “when someone does something nice for us we automatically feel obliged to return the favour”.
So, in conclusion, if someone walks up to you in the office and offers you a piece of chocolate be careful what you say…
Published on: 06 Nov 2015
If a company outsources jobs, in some situations it can be seen as good business practice but if an individual outsources his own job then what is that seen as?
Outsourcing is where a company gets another organisation to undertake a job or business function that would have previously been completed in-house. This is often done for cost saving reasons and an illustration of outsourcing would for example be getting another organisation to maintain your payroll.
I’ve never heard of an individual outsourcing his own job though but that has just changed.
Verison is one of the leading telecoms companies in the US and their security team provided details of a case study where an employee by the name of “Bob” who was a top developer had actually outsourced his own job to China without his employers knowing about it.
In other words, he had received his salary from his employers but had personally paid for somebody else to do his job at a cheaper rate without his employer knowing about it!
He was paid in excess of USD 100,000 for his job and yet he was paying a Chinese consulting firm less than 20% of that to do the job for him.
According to Verison a typical day for Bob was:
9:00 a.m. – Arrive and surf Reddit for a couple of hours. Watch cat videos (!!)
11:30 a.m. – Take lunch
1:00 p.m. – Ebay time.
2:00 – ish p.m Facebook updates – LinkedIn
4:30 p.m. – End of day update e-mail to management.
5:00 p.m. – Go home
Despite not actually doing any of the work himself his performance reviews were excellent and he had been regarded as the best developer in the building.
So, in summary – he was paid a pretty good salary and all he did was play around on the internet.
All his real work was outsourced by him to a Chinese company. He paid them whilst his employer paid him 5 times the amount that he had paid the Chinese company.
Bob has now lost his job but it does raise an interesting debate as when a company outsources it’s seen as a clever move but when an individual outsources their own job they end up losing that job.
Anyway, whilst you’re thinking of that particular point I’d like to mention that the next blog article will be written by a Chinese company but please don’t tell my employer.
Meanwhile I’m off to watch some cat videos…
Published on: 20 Mar 2015
We’ve all made typos in the past but I bet your typo wasn’t as expensive as this one.
Typos, where you misspell a word or put in a wrong word by mistake, are fairly common. This particular typo though was incredibly costly as it resulted in a company going out of business, 250 people losing their jobs and the government having to pay £9 million in compensation.
Back in 2009 Mr Davison-Sebry, the MD and co-owner of Taylor and Sons Ltd was enjoying a holiday in the Maldives when he received a phone call asking why his company had gone into receivership.
Receivership is very often the first stage of a company going out of business. It typically occurs when a company is suffering financial difficulties and an independent “receiver” is called in to run the company instead of the directors.
Taylor & Sons Ltd was a successful company. It had been established back in 1875 and was doing very well so why the call to the MD asking why his company had gone into receivership?
Well it turns out that Companies House (the organisation in the UK that publishes official notices about companies) had issued a notice saying that Taylor & Sons Ltd had gone into receivership.
Unfortunately for all of the people involved with Taylor & Sons Ltd, it was a typo by Companies House and the company that had actually gone into receivership was Taylor & Son Ltd and not Taylor & Sons Ltd.
Companies House rectified their “one letter mistake” within a few days but it was too late. There was a snowball effect as one supplier after another heard about it and despite being told that Taylor & Sons Ltd was financially secure, they terminated the orders and cancelled the credit agreements.
Within 3 weeks all of the company’s 3,000 suppliers had cancelled agreements and would not supply the company anymore.
The end result was that Taylor & Sons Ltd lost all of their suppliers and as a result couldn’t produce anything for their customers so they ended up going out of business.
The end of a 140 year-old company and all due to a one letter type.
The directors were understandably unhappy about this and took Companies House to court where they were recently successful in their case and won nearly £9 million in damages.
That was probably the most expensive one letter typo in history.
Published on: 23 Jul 2013
GlaxoSmithKline (GSK) is one of the world’s leading pharmaceutical companies. Last year its global revenues were £26 billion and their net income £5 billion. Their drugs include the anti-depressant Paxil (worldwide lifetime sales to date over $12 billion) and the diabetes drug Avandia (over $11 billion).
It seems that all is not well for the company in China though and they appear to have undertaken some less than honest business practices.
It’s just been reported that the company has allegedly been paying bribes and these bribes are pretty significant. Over £300 million in bribes to be precise.
They are accused of paying £323 million in bribes to doctors and other officials in China since 2007 to persuade them to prescribe GSK drugs to their patients. They appear to have paid these bribes in order to win market share and agree higher prices for their drugs.
The Authorities claim the transactions were disguised as payments to “travel agents” who were middlemen who organised “conferences” for doctors. Instead of this money being spent on conferences though it seems that it was given illegally as bribes.
The Head Office of GSK is understandably taking this pretty seriously and the head of their emerging markets department, Abbas Hussain was quoted as saying “We have zero tolerance for any behaviour of this nature.”
He went on to say “I want to make it very clear that we share the desire of the Chinese authorities to root out corruption wherever it exists. We will continue to work together with the [Chinese Ministry of Public Security] and we will take all necessary actions required as this investigation progresses.”
With a reference to their internal controls he said “Certain senior executives of GSK China who know our systems well appear to have acted outside of our processes and controls which breaks Chinese law”.
Somehow, I think GSKs internal control procedures need to be revisited urgently to make sure this doesn’t happen again.
One thing’s for sure though is that this is certainly going to cause a headache for the company and I’m not sure one of their headaches tablets will get rid of the short term pain of this.
Published on: 09 May 2013
Ernst & Young has just released their report on their 2013 Fraud Survey covering Europe, Middle East, India and Africa.
There were some interesting, and some would say disturbing findings.
20% of the employees who were surveyed were aware of financial manipulation in their own company in the last 12 months. If you move higher up the management chain the percentage becomes higher with more than 40% of board and senior manager level individuals who were surveyed saying that sales or costs had been manipulated at their company.
When it comes to the subject of bribery, 57% of all respondents feel that bribery and corruption are widespread in their country, which rises to 67% in rapid-growth markets.
One very interesting issue when it comes to bribery is that of a compliance perception gap between management and employees.
According to EY, “While the majority of respondents are aware that their company has an anti-bribery/anti-corruption (ABAC) policy, the survey shows many organizations have a significant perception gap between senior management and employees when it comes to the relevance and effectiveness of this policy. 60% of directors and senior managers believe that their company would support people who reported cases of suspected fraud, bribery or corruption, whereas only 34% of other employees agree.”
60% vs. 34% – quite a big perception gap!
The full EY report can be found here.
Published on: 23 Apr 2013
An ex-partner at KPMG has been a bit naughty. In fact, he’s been more than a bit naughty as he’s been accused of insider trading.
Insider trading is the illegal activity of using information which isn’t in the public domain to make a personal gain or avoid a personal loss.
Scott London was a partner at KPMG in the US and led their LA audit practice. Two of their major clients were the nutrition supplement giant Herbalife and the leading footwear company Skechers.
It’s been alleged that Mr London passed on price sensitive information to a golfing friend of his who then subsequently made more than $1.2 million in illicit trading of shares ahead of merger or earnings announcements (in other words, the golfing friend bought shares at a low price knowing that the share price would increase as soon as the information he was secretly given was released into the public domain).
The US Securities and Exchange Commission charged Mr London and his golfing buddy with insider trading on non-public information.
As soon as KPMG found out about this Mr London was fired and quickly became an ex-partner in the firm.
A statement from Mr London was published in the Wall Street Journal where he apologised “for any harm that results to KPMG”. He went on to say that “I regret my actions in leaking non-public data to a third party regarding the clients I served for KPMG”.
It’s not looking very good for Mr London as the authorities will no doubt come down heavily on him.
It’s unfortunate for KPMG as well as due to Mr London’s illegal activities their independence on the audits of Herbalife and Skechers had been compromised. As a result they have resigned as auditors of both Herbalife and Skechers.
Published on: 12 Apr 2013
It doesn’t matter if you’re a famous film star or not. If you don’t pay your taxes you could get into a lot of trouble.
Wesley Snipes, the famous star of films such as the Blade Trilogy and White Men Can’t Jump hasn’t starred in any films during the last 3 years.
And the reason why?
Well, the reason is that he’s been in jail since 2010 after not paying tax on $37 million of earnings.
Despite being able to defeat terrorists and vampires in his films he was unable to beat the US tax authorities and was convicted of federal tax evasion. The photo of Mr Snipes above is his mug shot courtesy of the United States Marshals Service.
For the last 3 years he has had to swap film premieres and glamorous parties for the confinement of a US prison cell.
It’s an interesting point but people often get the terms “tax evasion” and “tax avoidance” confused and think they are the same thing.
In fact the two phrases mean different things and in the UK for example tax evasion is where a person evades paying tax by illegal ways such as non declaration of income. Tax avoidance on the other hand is where a person minimises his or her tax liability in a legal way (whether or not it is in an ethical way though is a different matter altogether!).
Mr Snipes was convicted of tax evasion back in 2010 and has just been released from prison although he remains under house arrest until July when he will be free to start his film career again.
One thing he should probably do first though before he starts his film career again is to find a good tax accountant to make sure that he settles all his tax liabilities correctly on any of his future earnings and doesn’t evade any tax.
Published on: 13 Mar 2013
We all know that the pharmaceuticals industry is big business.
The industry is facing considerable challenges however, with a large proportion of the “blockbuster” drugs due to come off patent in the next few years.
Drug companies are all too aware that they might well need a big breakthrough soon in order to sustain their historical levels of shareholder return.
A lesser known threat to the industry, and more direct threat to us individually, is the rapid growth in fake prescription drugs. Patents protect a patent holder against a legitimate business from copying their product. It’s not much use against criminality.
Fake Gucci handbags may be an annoyance to Gucci, but nobody dies when they are purchased. Fake drugs can be sufficiently dissimilar to the real product to allow diseases to build up resistance to the genuine drug. An overdose may be fatal in the short-term; an under-dose may be fatal in the longer-term.
So there’s a significant incentive for all concerned to maintain integrity in the production and logistics chain that gets the genuine drugs to those in need. Countries where prescription drug usage is culturally common and poorer countries are probably most at risk.
A Ghanaian company, mPedigree, has come up with an ingenious and simple solution. Working in conjunction with bona fide drugs manufacturers, it assigns a code to each packet of pills. This is then added to the box, in the form of a scratch card.
When customers buy the product, they scratch off the scratchcard style covering on the box and then send a free text message / sms with that code. If the product’s codes are genuine, a text message is immediately sent back to verify their authenticity. If not, the customer knows that they have just been sold a potentially dangerous dud.
Of course, there will be risks to this process, such as criminal elements infiltrating the process of allocating codes, but this is a smaller risk to contain than the wider risk of fake drugs, but this is a process that an auditor could even give an assurance opinion on.
Given the worldwide very high penetration of mobile phones and the cheapness of text messages, this is a fascinating solution to a big problem. Maybe in future it could be refined to also warn if drugs are genuine but beyond their sell by date (time expired drugs can also become dangerously lacking in efficacy).
What a wonderful, simple idea.
Published on: 28 Feb 2013
But how far can this computer use go? Will they be able to predict when accounting fraud is going to take place as opposed to tracking transactions that have already occurred?
The film Minority Report starring Tom Cruise was based around software that could predict when a crime was going to happen and the culprits would be arrested before they actually committed the crime. Although this film seemed well and truly within the realms of science fiction, two police forces in the UK have recently begun trials of a sophisticated computer software package which aims to predict where and when future crimes are likely to occur.
The software is known as Crush (Criminal Reduction Utilising Statistical History) and is used to identify potential crime hotspots based on a variety of data including crime reports, offender profiles and strangely enough even weather forecasts.
Once these upcoming crime hotspots have been identified then the police can allocate resources accordingly.
The system is produced by IBM and the UK tests are based on a successful roll out of the software in the US by the Memphis police force which resulted in a reduction of serious crime by 30%.
Back to auditing though and will the next step be predicting when a fraud is likely to occur using statistical analysis based on industry, profit movements, director’s personal life and spending habits (plus the weather of course)?
Given the reliability of some computers though, one thing for sure is that is if you happen to live in a town called “Syntax Error” then you may have a surprise visit from a Tom Cruise lookalike with a briefcase and a calculator.
Published on: 29 Oct 2012
One of the general duties of company directors is to exercise reasonable skill, care and diligence.
Three directors by the name of Robin Reichelt, Stephen Nathan and John Gibbs were clearly not exercising any of these attributes though.
Whilst on the face of it their plan to reclaim VAT on the purchase of a hotel sounded ok, in reality there were a number of things which didn’t quite work or to put it more bluntly, a couple of things which were completely illegal.
The background to the situation was that one of their group companies sold a lease to a central London hotel to another of their group companies.
The company that “sold” the hotel went into liquidation after selling it and the company that bought the hotel then submitted a claim for a refund of over £200,000 of related VAT.
The whole thing was completely illegal however as not only did they not pay the VAT in the first place (so had nothing to claim back) but the hotel didn’t even belong to the group company that had claimed it had sold it!
So, in summary they claimed to have sold a hotel that they didn’t even own to another group company and claimed back VAT that had never been paid. What could possibly go wrong??
Well, they will have several years in jail to contemplate what went wrong and to plan their next great money making idea…