1. Phony Vendors
Property managers are often responsible for approval of vendor invoices. Real Estate companies, and by extension tenants, rely on property managers to ensure that the prices paid for services are appropriate and that the services are actually performed. In many cases these costs are passed on to the tenants in the form of CAM and tax charges and not subject to the same internal controls as general corporate expenses.
Claims Example
In one case, a property manager and a relative were in collusion. The relative submitted multiple invoices for providing services to the property which were approved by the property manager and then submitted to accounting for payment. Since the control for the payment was approved by the property manager and the ultimate expense was charged back to the tenants, it was not caught until several years later. The total discovered discrepancies were $270,000.
Risk Management Procedures
2. Padded Invoices
Unfortunately, given the growth of large real estate companies it has become more common for management, accounting and other processes to be far removed from the actual properties being managed. This separation creates opportunities for fraud and theft where proper controls are lacking. We have seen many cases where a property manager either adds a fee or percentage to the invoice or orders more work/goods than is necessary and pockets the difference.
Claims Example
In one example, a property manager colluded with a vendor for a 10% kickback on all invoices during several construction related projects. This company had an approval process for all vendors but relied on the property manager for approval of all invoices. In this case, the invoices were from a previously established vendor, they were approved by the property manager and then charged back to the tenants. Over a period of three years, it was estimated that the additional cost to the tenants was over $2.5M which has subsequently been recovered. One individual was sent to jail.
In another case, a property manager ordered additional and unnecessary equipment for a property, with each new equipment purchase. For example, two air conditioning units were ordered instead of one, two garbage cans, two drills, etc. Over the course of two years, it was estimated that approximately $250,000 of additional and unnecessary equipment was ordered.
Risk Management Procedures
3. Cyber Deception
The technology age has created efficiencies in the way real estate agents do business. They can send and receive invoices over the internet. They can make deposits, write checks and wire funds with relative ease. Unfortunately, these efficiencies have often come with limited controls. This creates significant opportunists for fraud and deception. A common claim today relates to a real estate agent being duped into wiring money to a fraudulent account. We are all familiar with the email from a Liberian consulate offering to share a $20 million dollar windfall, if you will only send him $1,000 to set up a transfer, or provide your bank account number so the funds can be wired to it. This scam has evolved significantly. Today, companies receive what appear to be valid invoices, wire transfer instructions or other correspondence, which then dupes an employee into sending money to a fraudulent account. This is a daily occurrence. Even companies with the most sophisticated controls have fallen victim to this type of scam.
Claims Example
A property manager received an invoice from an existing vendor that was approved for recently completed work. The invoice looks the same as all the other invoices they have paid and is even for the amount they were expecting. Except with this new invoice, the company is instructed to remit payment to a new bank account number as “apparently” the vendor switched banks. The property manager wires $75,000 to the new bank account, only to receive the correct invoice from the true vendor a week later. In this case, the vendor’s email was hacked. The thief knew about the invoice, intercepted the actual invoice, changed the payment instructions and sent the fraudulent email, making it look as if it was from the true vendor.
A title agent received a closing sheet from the seller’s attorney. The closing sheet had all the correct information as to borrower, property, rate, address etc. Included were wire transfer instructions with a note that they were updating the closing sheet to reflect the bank they had just switched to. The unsuspecting title agent wired $454,000 to the account indicated with the updated closing documents. The next day when the seller was looking for their funds, they discovered the mistake. In this case, the lawyer’s email was hacked. This gave the cyber criminal access to all the specific closing information needed to pull-off this scam.
Please note that in both of these examples the commercial crime policy did not cover the claim as the real estate company “voluntarily” wired the money to another party - no one had actually stolen the money from their account. There are policies that help cover some of this exposure, but it is a new and evolving risk that isn’t typically covered.
Risk Management Procedures
For more information on this topic, please contact one of our licensed representatives at 201-847-9175 or at info@axisins.com