Fraud Prevention Archives

For four to five straight years, an audit team meticulously completed their control testing checklists, dutifully checking every box and signing off on every procedure. Their work papers looked pristine. Their compliance documentation was flawless. And all the while, an employee was systematically committing fraud right under their noses.

When questioned about the controls they’d supposedly tested year after year, these auditors couldn’t explain how a single one actually worked. They had fallen into what CPA Sam Mansour calls “the checklist trap”—a dangerous mindset where the very tools designed to ensure audit quality become the biggest threats to it.

This eye-opening example comes from a recent Audit Smarter podcast episode where host Sam Mansour digs into the mechanical box-checking that passes for diligent auditing in too many firms today. While audit checklists are useful tools for quality control, they become dangerous crutches when auditors stop thinking beyond the boxes they’re checking.

When Good Tools Become Dangerous Crutches

Checklists start life as helpful guides. They’re designed by experienced professionals who’ve seen common audit problems and want to prevent them. They’re meant to be guardrails, keeping auditors on track while still allowing room for professional judgment and client-specific thinking. But somewhere along the way, these helpful tools can become dangerous.

The transformation happens gradually. As Mansour explains, “If the checklists say to go look at an area, you go look at that area. If they’re silent on a specific area, then you just don’t even consider going in there. So basically, instead of it being a helpful guide, it becomes a literal crutch.”

What starts as a helpful framework eventually limits an auditor’s perspective to what’s written on forms.

The checklist mentality is particularly dangerous because it feels so professional. Auditors complete every step, sign off on every procedure, and produce work papers that look thorough. The documentation appears complete and compliant. But underneath the surface, there’s no critical thinking.

Consider the real-world example from the podcast: auditors who marked controls as “tested” year after year, checking all the right boxes and completing all the required procedures. Their checklists were perfect. Their sign-offs were current. But when questioned about how these controls actually worked, they couldn’t provide a single coherent explanation.

“There were severe control issues at the client which allowed for fraud to occur,” Mansour explains. “And it just wasn’t discovered by the audit team. The person committed fraud for four or five years. And I think the auditors just kept coming in and checking that box.”

The consequences were predictable and severe. The fraud continued undetected, not because the checklists were inadequate, but because no one was thinking beyond them.

This creates blind spots where fraud and errors can flourish. As Mansour notes, “Checklists are designed kind of as a textbook solution. The checklists don’t necessarily catch everything..”

The Hidden Forces That Kill Critical Thinking

The checklist trap isn’t the result of lazy auditors or character flaws; it’s the predictable outcome of systemic problems that even dedicated professionals can’t overcome through willpower alone. When we look beneath the surface of mechanical box-checking, we discover forces that make thoughtful auditing nearly impossible.

The most damaging culprit is budget pressure created by systematic underbidding. As Mansour explains: “Some firms tend to price engagements very low. And so let’s say, for example, your budget is $5,000 for an engagement, when really it should be $15,000.”

The math is brutal. If your firm targets $150 per hour but you’re forced to complete work in one-third the appropriate time, you’re effectively working for $50 per hour while still being held to $150-per-hour quality standards. This creates an impossible situation where taking time to truly understand complex checklists is financially unsustainable.

The cultural reinforcement runs deep. In many firms, the message from leadership focuses on completion rather than understanding: “Make sure you fill out these checklists, make sure they’re done correctly, make sure every box is checked.” This message, coupled with crushing deadlines and impossible budgets, transforms checklists from investigative tools into speed tests.

“A lot of times, unfortunately, in public accounting, that kind of curiosity, that dialog is seen as a waste of time because it takes up billable hours,” Mansour observes. The system rewards speed over understanding and punishes the curiosity that leads to quality work.

The training gap makes things worse, particularly for new auditors who find themselves drowning in technical terms they never learned in school. Mansour recalls his own experience: “I actually remember sitting there, looking at my computer, looking at my screen, and thinking, oh my gosh, I had no freaking clue what I’m doing.”

When new auditors are handed complex checklists filled with unfamiliar concepts but given no time to learn, mechanical completion becomes their only survival strategy. The system even punishes the behaviors it claims to want. Mansour describes being criticized early in his career: “The criticism that I used to get is look at this person next to you, how quick they are.”

While his colleague was flying through checklists, Mansour was taking time to understand the work and feeling “so far behind” and “so dumb” as a result. The irony? Years later, Mansour had surpassed his speedy colleague in seniority, proving that thoroughness ultimately beats speed. But how many talented auditors give up or develop bad habits before they can prove this point?

This creates a cycle where underbidding forces rushed work, rushed work requires increased checklist dependency, and checklist dependency reduces the quality that justifies higher fees. Breaking free requires systematic change.

Breaking Free: The Strategic Approach to Better Auditing

The path out of the checklist trap isn’t about abandoning structure or telling auditors to simply “think more.” It requires systematic changes that address the root causes we’ve identified. Forward-thinking firms are implementing coordinated solutions that transform their economic models, training approaches, and cultural expectations.

The foundation starts with honest pricing. Firms must have the courage to move their fees to industry-standard levels, even if it means difficult conversations with clients. As Mansour explains, when firms properly price their engagements and explain the increases, the client, a lot of times, will stay. Because if they ask around, they’ll find those fees are industry standard, and what they were getting with you was really an unreasonable deal.

Adequate pricing creates the breathing room necessary for thoughtful analysis rather than mechanical box-checking. With realistic budgets in place, firms can modernize their training by focusing on the “why” behind procedures rather than just the “what.”

Effective training requires creating psychological safety for new auditors to admit knowledge gaps. Mansour offers this advice to entry-level staff: “Look, if you don’t know it, you’re better asking the questions now. Because if I hear you asking in 12 months or 24 months those questions you should have asked in the first two, three, four months, I’m going to be very concerned.”

The shift requires moving beyond speed-focused metrics to value-based evaluation. Instead of comparing new auditors to experienced colleagues on time alone, managers should emphasize quality development first. As Mansour learned through experience, “You’re better off going slow and then picking up the speed later. Whereas if you start out with the speed to impress people, it’s difficult, I found, to pick up the quality.”

Practical implementation involves several concrete tools. Firms should customize audit programs for each engagement rather than using generic templates. Modern audit software can generate tailored checklists based on client-specific risk assessments. Adding professional judgment prompts throughout checklists helps auditors think beyond simple completion.

Mansour suggests incorporating “memory joggers,” brief explanations of how conclusions were reached. For example, when testing missing check numbers in a sequence, document not just what was done, but why. “We decided to test missing check numbers because we noticed irregularities in the sequence that could indicate control weaknesses or potential fraud.”

Successful firms also restructure their wrap-up meetings to discuss what was done and why it mattered. “We could say that we audited a specific area. But why did we choose to audit that area, especially if it’s not something we typically do?” Mansour asks.

The red flags that indicate continued checklist dependency are easy to spot. Work papers that remain essentially identical year over year signal mechanical copying rather than thoughtful analysis. Missing documentation of key discussions suggests auditors are focused on completion rather than understanding. Outdated information, like wrong contact names scattered throughout documents, reveals the copy-paste mentality that characterizes checklist traps.

Teams that successfully break free demonstrate clear evolution in their work. Their audit programs adapt as clients change and grow. They identify new risks and modify procedures accordingly. Most importantly, they can articulate the reasoning behind their decisions.

As Mansour’s technical reviewer wisely noted: “When the peer reviewers come in, they have a checklist, and their checklist is checking in on your checklist.” Understanding that audits exist within layers of professional oversight reinforces why thoughtful checklist use serves everyone’s interests better.

The Choice Between Clerks and Professionals

When auditors become mechanical box-checkers rather than analytical investigators, the tools that promise consistency and quality destroy the very thinking that makes work professional in the first place. Clients deserve better.

This isn’t about individual auditors lacking motivation or intelligence. It’s about good professionals working within systems that punish the curiosity and analytical rigor their profession demands. When firms underbid engagements, create crushing time pressures, and reward speed over understanding, they train their staff to stop thinking.

On the other hand, firms that properly price their services, invest in real training, and create cultures that reward analytical thinking avoid the checklist trap and position themselves as the strategic partners their clients need.

The goal is to use checklists as launching points for professional judgment rather than substitutes for it. The firms that learn to balance structure with thinking will build stronger relationships, deliver higher value, and attract the talent that drives long-term success.

The complete roadmap for avoiding checklist dependency is available in the full Audit Smarter podcast episode, where Mansour provides detailed implementation strategies, specific examples of cultural transformation, and the exact frameworks successful firms use to turn checklist-dependent teams into strategic thinking powerhouses.

Because in the end, the choice is simple: Continue training clerks who check boxes, or develop professionals who think, analyze, and protect the interests they’re hired to serve.

Could your most trusted employee be secretly siphoning company funds?

In a recent episode of the Oh My Fraud podcast, fraud investigator Kelly Paxton shares how seemingly reliable staff—often overlooked for potential misconduct—can exploit organizational blind spots.

According to the Bureau of Labor Statistics, nearly 90% of bookkeepers in the United States are women. While many people assume women are less likely to commit fraud, Paxton warns that it’s not gender but position and access that matter most. By trusting certain employees implicitly and failing to establish strong controls, businesses inadvertently cause serious financial losses.

As Paxton’s cases illustrate, ignoring stereotypes and adopting “trust but verify” strategies are crucial steps toward preventing fraud.

Kelly Paxton’s Path to Fraud Investigation

Kelly Paxton did not start out in law enforcement. She began her career in financial services as a commodities and bond trader. One day, a U.S. Customs agent called her brokerage firm asking about a suspicious client. Kelly alerted the agents, which led to a deeper conversation—and ultimately, a job offer. She joined U.S. Customs and conducted investigations into money laundering, narcotics, and other major crimes before moving into background checks for federal agencies.

Her investigative focus shifted when she joined a local sheriff’s office and noticed that nearly all the embezzlement suspects she encountered were women. Wanting to understand why, she discovered criminologist Kathleen Daly’s 1989 work referencing “pink collar crime,” a term describing embezzlement often perpetrated by those in bookkeeping or finance positions. Paxton’s takeaway: Access plus trust is the real key—90% of bookkeepers may be women, but it’s the opportunity that matters most.

Understanding Pink Collar Crime

Pink collar crime typically involves smaller amounts stolen over extended periods—fraudsters who make subtle “lifestyle” upgrades rather than lavish purchases. This can happen when the organization deeply trusts an employee. In many cases, they’re seen as family, invited into the home, and never suspected of wrongdoing. Victims are often embarrassed when they discover the truth and hesitate to report it—what Paxton calls “no victim shaming”: the more we shame victims, the less they come forward.

Key characteristics include:

Position-based access: Bookkeepers and finance staff control incoming or outgoing funds.
Incremental theft: A pattern of small transactions that grow larger over time.
Rationalization: Fraudsters may plan to “pay it back” but rarely do.
Deep trust: Employers assume loyal staff, especially women, “would never steal.”

When Pink Collar Crime Turns Deadly: “Red Collar” Cases

Most pink-collar crimes involve embezzlement without violence. However, some cases escalate to “red collar crime,” where financial fraud intersects with homicide. As Paxton explains, desperate fraudsters may resort to extreme measures when they fear exposure.

The Lori Isenberg Case

One chilling example is Lori Isenberg, a nonprofit executive director in Coeur d’Alene, Idaho. Her organization provided housing for low-income individuals—hardly the type of place where you’d suspect significant embezzlement. Yet over three years, Lori allegedly stole between $500,000 and $2.5 million by creating fake accounts, forging checks, and misusing her daughters’ and husband’s names.

When investigations closed in on her scheme, Lori took drastic action. In February 2018, on the same day local news broke a story about her suspected fraud, she took her husband out on a boat trip in the freezing Idaho winter. He mysteriously fell overboard and drowned. An autopsy revealed a lethal dose of Benadryl in his system. Lori claimed it was a suicide attempt gone wrong—an explanation contradicted by digital evidence showing she researched how to drug someone with Benadryl.

After disappearing for four months, Lori was eventually caught and accepted an Alford plea, which essentially concedes that a jury would likely find her guilty without formally admitting guilt. She received 30 years for second-degree murder, with an additional 5 years for her financial crimes, making it highly unlikely she will ever be released. The Lori Isenberg case underscores how far a fraudster might go to avoid being exposed—a stark reminder that misplaced trust and weak internal controls can have devastating consequences.

The Role of Trust, Bias, and Access

Society is conditioned to trust women—parents instruct children to seek a “nice lady” for help if they’re lost, for instance. This assumption carries over into workplaces, where female employees handling finances often face less scrutiny.

Paxton recalls her own days in U.S. Customs: “You put two women in a Honda Accord, and no one thinks anything is unusual. You put two men in a Ford Focus, and they’re pegged as cops.” Similarly, a “helpful bookkeeper” can escape suspicion for years.

What About Sentencing?

Sentencing for embezzlement and related fraud varies widely:

Federal Cases: They follow sentencing guidelines based on dollar amounts and other factors.
Local Cases: Judges can have broad discretion. Some jurisdictions impose tough sentences, while others might view fraud as a “civil matter,” limiting law enforcement intervention unless there are other serious elements (e.g., homicide).

This inconsistent approach can embolden perpetrators who believe they can dodge severe penalties—until a high-profile case, a dogged investigator, or a high-stakes victim (like a large corporation) brings full prosecution.

Avoiding Blind Spots: Trust but Verify

Rather than assuming anyone is “too nice” or “not smart enough” to steal, Kelly Paxton encourages businesses and nonprofits to focus on position-based controls:

Segregate Duties: Ensure no single person handles every financial task.
Surprise Audits: Don’t just check large transactions; occasionally review smaller ones.
Vendor Verification: Confirm that vendors and accounts are legitimate, especially if newly created.
Encourage Transparency: Cultivate a culture where employees and clients can report suspicious activity without fear.
No Victim Shaming: Publicizing embezzlement—when safe to do so—helps others learn and prevents repeat offenders from quietly moving on to the next company.

Learn More from Kelly Paxton

Kelly Paxton now hosts the Fraudish Podcast (formerly Great Women in Fraud), interviewing fraud investigators, victims, and even fraudsters themselves. She also covers topics like red-collar crime, employee embezzlement, and how biases impact investigations. Her new book, Embezzlement: How to Detect, Prevent, and Investigate Pink Collar Crime, is available on Amazon.

For a deeper look at Lori Isenberg’s story—and other fraud sagas—listen to the full episode of Oh My Fraud. You can also earn CPE credit by downloading the Earmark app and completing a short quiz related to the episode.

When Auditors Become Robots: The Hidden Cost of Mechanical Box-Checking