Earmark CPE

Earn CPE Anytime, Anywhere

Fraud

Deloitte’s $440,000 AI Fabrication Scandal Exposes the Accounting Profession’s Deepest Fears

· ·

A startup founder discovered $2.1 million in embezzlement by his co-founder in just 18 minutes using Claude AI. The company’s internal auditors, external auditors, and even the CFO had completely missed it. Meanwhile, Deloitte was forced to refund the Australian government hundreds of thousands of dollars after delivering a report filled with AI-generated fabrications.

In this episode of The Accounting Podcast, hosts Blake Oliver and David Leary dig into these stories. They explore how AI is both exposing massive frauds and creating embarrassing failures, examine the chaos from the government shutdown, and question whether traditional accounting services still matter when 86% of major companies use broken charts that nobody even notices.

When AI Catches What Humans Miss (And Creates What Shouldn’t Exist)

The accounting profession is experiencing an AI identity crisis. On one hand, artificial intelligence can spot complex fraud that teams of professionals completely miss. On the other hand, professionals are using it to generate work that looks legitimate but is actually riddled with fabrications.

Let’s start with Deloitte’s spectacular failure. The Big Four firm charged the Australian government $440,000 AUD (about $290,000 USD) for a 237-page report on welfare compliance systems. The problem? It contained over 20 AI-generated errors, including completely made-up quotes from federal court judgments and references to non-existent academic papers.

Chris Rudge, a Sydney University researcher, spotted the errors immediately. One fabrication attributed a non-existent book to constitutional law professor Lisa Burton Crawford on a topic completely outside her field. “I instantaneously knew it was either hallucinated by AI or the world’s best kept secret because I’d never heard of the book, and it sounded preposterous,” Rudge said.

Even after getting caught, Deloitte insisted its findings and recommendations were still valid. This prompted Australian Labor Senator Deborah O’Neill to observe that Deloitte has “a human intelligence problem.”

But here’s where it gets interesting. While Deloitte was using AI to create fake references, a startup founder used it to uncover real fraud. He exported his company’s QuickBooks data into Claude AI and asked one simple question: “What’s wrong with this picture?”

In just 18 minutes, the AI found what everyone else had missed: 17 fake companies routing $2.1 million to his co-founder’s personal accounts through shell companies. The AI spotted patterns humans overlooked, including fake vendors paid on 23-day cycles while real vendors were paid on 28-day cycles, and payment amounts that followed Fibonacci sequences, which humans subconsciously create when making up numbers.

The founder has since turned this into a business, selling AI-powered fraud detection prompts for $10,000 each to 47 clients. He’s probably making more money from his fraud-detection business than from his original startup.

As Leary points out, this creates both an opportunity and a threat for accounting firms. “The real risk of AI taking accounting jobs isn’t that AI will take the job away. Clients are just going to say, ‘I can do that myself. I don’t need to pay somebody $400,000 to do a half-assed ChatGPT thing.’”

Government Shutdown: When Critical Systems Break Down

The conversation then turned to the government shutdown’s impact on air travel and tax services. The situation has become genuinely dangerous, with cascading failures that reveal how fragile our systems really are.

Air traffic controller-related delays jumped from a typical 5% to 53% as workers called in sick rather than work without pay. Oliver experienced this firsthand when his flight was delayed for hours with no official explanation, though flight attendants privately blamed air traffic control shortages.

The scariest incident happened at Burbank Airport in Los Angeles, where the tower went completely unmanned. “When that happens, there is a backup procedure, which is that the pilots have to do their own air traffic control,” Oliver explains. “They get on a shared frequency and have to communicate with each other. There’s no intermediary. So that not only slows things down. It also creates risk. There’s a huge risk of these planes crashing into each other because they miscommunicate.”

The economic impact is staggering. The US Travel Association estimates $1 billion in weekly losses to the travel economy. Over 750,000 federal workers have been furloughed, while more than a million work without pay. For TSA screeners earning an average of $51,000, the situation is untenable. “If they don’t get paid, they are not paying their bills,” Oliver notes. “They’re going to go drive for Uber to pay the bills.”

The IRS shutdown creates serious problems for accountants. Nearly half of IRS staff have been furloughed. While electronic returns continue processing and automated refunds still flow, human support has collapsed. Phone support is essentially gone, paper returns sit unprocessed, and audits have stopped. Yet interest and penalties continue to accrue, and all deadlines remain in effect.

Adding to the chaos, Trump fired over 4,100 federal workers instead of furloughing them. The Treasury alone lost 1,446 employees, including about 1,300 IRS workers. “It’s the first time in modern history that mass firings have happened during a funding lapse,” Oliver observes.

The administration also created a new “CEO of the IRS” position to bypass Senate confirmation, appointing Frank Bisignano, former CEO of Fiserv, who still owns about $300 million in company stock. This creates obvious conflicts of interest, especially since Fiserv is involved in launching digital stablecoin initiatives. “This is why you have to have hearings. You can’t just appoint somebody to a position,” Leary emphasizes.

When Independence Becomes a Joke

Next, Oliver and Leary discussed how financial entanglements are destroying audit independence while regulators focus on trivial violations.

Take BDO’s current crisis as an example. The firm took a $1.3 billion loan at approximately 9% interest from Apollo Global Management to finance its employee stock ownership plan. The debt forced the company to lay off employees, freeze travel, and conduct emergency cost reviews across all divisions.

But while BDO was giving First Brands a clean audit opinion, Apollo was actively shorting the company. First Brands collapsed months after BDO’s clean audit. “If I’m BDO and I audit a company that is being shorted by a company I took a $1 billion loan from, where’s the independence?” Leary asks. “What is the fraud triangle? Opportunity, rationalization, and financial pressure. All the parts of the fraud triangle are here.”

Meanwhile, EY is celebrating a “dramatic audit quality turnaround,” with its deficiency rate dropping from 46% in 2022 to below 10% in 2025. They achieved this miracle by firing 132 public company audit clients. In other words, the problematic audits didn’t disappear. They just moved to Deloitte and KPMG. “Have we actually achieved anything here? Or have we just shifted the bad audits somewhere else?” Oliver wonders.

The hosts also discussed a new scheme where crypto promoters target CPA firm clients. The Truevestment Bitcoin Legacy Fund wants CPAs to help raise $150 million from their clients, which institutional investors will then match before merging into a Nasdaq entity—essentially a SPAC wrapped in Bitcoin speculation.

The marketing compares buying Bitcoin today to “buying the Dow at 900.” But as Leary points out, when the Dow was at 900 in the mid-1960s, it consisted of companies like AT&T and General Electric—”companies that made things” and created real value, not speculation.

Why Nobody Cares About Financial Reports Anymore

Perhaps the most damning revelation from the podcast’s recent news roundup is that 86% of major companies are using broken charts in their financial reports. A CPA Journal study found bar charts with misleading axes, pie slices that don’t match percentages, and deliberate distortions to exaggerate performance. Of 1,584 charts reviewed, 12% had fatal flaws that completely misrepresented the data.

“The fact that so many of them have errors and nobody’s pointing them out indicates to me that nobody’s reading them,” Oliver observes. Indeed, 10-K filings get downloaded an average of just a few dozen times.

The hosts even shared a bizarre example where social media bots criticizing Cracker Barrel’s new logo caused the stock price to tank. According to Wall Street Journal data, 44.5% of posts about the logo change were from bots. “Maybe nobody cares about your charts because nobody even cares about the financial statements,” Leary suggests.

What This Means for Your Firm

The key insight from Hector Garcia stuck with David: “AI is never going to do perfect accounting, but it’s going to do it good enough.” For most clients, “good enough” financials that they can generate themselves might be perfectly adequate.

Accounting professionals can embrace AI for meaningful fraud detection and insights, or watch clients realize they can generate “good enough” work themselves. As this episode of The Accounting Podcast makes clear, the traditional value proposition of professional accounting services is crumbling. The firms that survive will be those that identify and deliver human value that transcends what AI can do: strategic insight, ethical judgment, and genuine expertise that no algorithm can replicate.

Listen to this episode to understand not just the challenges facing accounting, but what you need to do differently starting today.

The Shadow Economy of Stolen Points That Nobody Talks About

· ·

While you carefully track every penny in your bank account, there’s $100 billion sitting unprotected in forgotten loyalty accounts worldwide. That eye-opening number comes from Kim Sutherland, global head of fraud and identity at LexisNexis Risk Solutions, who recently joined host Caleb Newquist on the Oh My Fraud podcast to discuss the growing threat of rewards and loyalty fraud.

This episode is a perfect companion to the show’s previous exploration of reward program fraud cases, with insights from someone whose team analyzes 120 billion transactions annually. Sutherland pulls back the curtain on how loyalty programs—those everyday rewards we collect at coffee shops and airlines—are a prime target for sophisticated fraud operations.

The $13 Billion Digital Currency You’re Ignoring

The global loyalty management market now exceeds $13 billion, and it’s everywhere you look. As Sutherland explains, “Almost every type of company you interact with has some type of a program to reward their existing customers.” From airlines and credit cards to restaurants, hair salons, auto mechanics, and even schools, businesses use these programs to strengthen customer relationships.

The average person belongs to anywhere from 16 to 20 loyalty programs, but they actively monitor only a fraction of them. This gap creates a perfect opportunity for fraudsters. “They understand the value of each of those rewards points, and they pay more attention to the ones you’re not paying attention to,” Sutherland warns.

These aren’t just marketing gimmicks anymore. “Loyalty points are a form of digital currency,” Sutherland says. People treat them like savings accounts, letting balances grow and planning vacations around accumulated miles. However, your bank account has federal protection and robust security. Your coffee shop points? Not so much.

When Newquist mentions his Starbucks app, calling it “a mini bank within that company,” he highlights a crucial point. These companies handle customer funds and issue digital currency but operate without the strict oversight required of traditional financial institutions.

The dark web has turned these points into a tradable commodity. Sutherland says stolen points have specific dollar values attached and are bought and sold alongside other illegal goods. It’s not just individual criminals either. Fraud has become a business with specialized roles, training programs, and sophisticated operations.

How Criminals Harvest Your Digital Rewards

Account takeover leads the fraud playbook, and it’s devastatingly simple. While you legitimately earn points through purchases, criminals break into your dormant accounts. They either transfer your points to accounts they control or drain them for purchases before you notice.

Because loyalty accounts lack the security of traditional financial accounts, “there is more opportunity for someone to do an account takeover,” Sutherland explains.

The numbers are alarming. Sutherland reports nearly 100% year-over-year growth in loyalty-based fraud across different industries and regions. On the dark web, these stolen points trade like currency. And fraudsters operate like niche service lines—some steal data, others monetize it, and still others provide technical infrastructure.

Synthetic identity fraud takes things to another level. Criminals combine pieces of real information, such as your name, someone else’s address, another person’s phone number, to create fake identities. These synthetic identities can operate for years, building credit and accumulating points across dozens of programs.

“The real problem with synthetic identity fraud is, even if your name had been used, you may never know you were part of the creation,” Sutherland warns. There’s no real victim to report the crime, making detection extremely difficult. These fake identities might start with a jewelry store loyalty program, build credibility, then work up to valuable airline or credit card rewards.

Insider threats add another layer of risk. Travel agents booking trips might divert clients’ points to personal accounts. Employees with system access could redistribute points. Third-party agents in real estate or auto sales can siphon off points customers never knew existed.

The technical sophistication is striking. Fraudsters use device farms—racks of phones running automated scripts—to manage thousands of fake accounts. They employ burner phones, throwaway email addresses, and test security responses by making small account changes before executing major thefts.

The Impossible Balance Between Security and Convenience

“The best form of authentication is one a consumer uses,” Sutherland observes, highlighting the core challenge facing businesses. Companies must balance three competing priorities: privacy, security, and convenience. For consumers, convenience almost always wins.

Unlike employees who follow whatever security protocols their employers require, consumers simply abandon programs that make redemption difficult. As a result, even if businesses implement bank-level security, doing so could destroy the convenience that makes these programs attractive.

The solution Sutherland recommends is passive security measures that work in the background. Companies embed sophisticated tools in mobile apps that analyze device behavior without disrupting user experience. Is the device jailbroken? Has it been associated with previous fraud? Is it moving naturally, or is it part of a static device farm?

Despite technological advances including biometric authentication, AI fraud models, and emerging digital credentials, Sutherland says, “The biggest challenge is still identity verification.” After 20 years of trying, verifying that someone is who they claim to be remains unsolved.

Fighting Back Through Collaboration

Forward-thinking companies now treat loyalty fraud as a brand reputation issue rather than a compliance checkbox. “It is truly trying to ensure that consumers can trust what they’re doing,” Sutherland explains, noting that customers immediately take to social media when something goes wrong.

The response has become increasingly collaborative. Organizations create “fusion centers” where fraud, cybersecurity, and anti-money laundering teams work together. Through LexisNexis’s proprietary network, businesses share fraud intelligence across industries and borders. For example, banks in Singapore share patterns with UK retailers and major financial institutions collaborate on emerging threats.

This cooperation is essential because, as Sutherland notes, “Fraud does not stay within any country. We see the same fraudsters transacting in the US and in France and in South Africa.”

Companies focus on key vulnerability points, particularly when customers change account details. Something as simple as updating an email address or phone number can trigger an account takeover if proper verification isn’t in place. Yet each additional security step risks losing customers to competitors.

What This Means for Accounting Professionals

With $100 billion in unused points, nearly 100% annual growth in loyalty fraud, and criminals operating sophisticated international networks, this is an emerging category of financial crime that could impact your clients.

For businesses, a major loyalty breach can lead to financial loss and potential brand devastation in an era of instant social media backlash. For individuals, compromised loyalty accounts often serve as gateways to broader identity theft, especially through synthetic identity techniques.

Most concerning is that companies can’t simply apply traditional banking security models to loyalty programs. The convenience consumers demand conflicts with the security these digital assets require. As programs expand into every corner of commerce and younger generations treat points as legitimate currency, the attacks will continue.

Accounting professionals should recognize loyalty programs for what they’ve become: an unregulated digital currency that criminals actively exploit. While we’ve been protecting traditional accounts, fraudsters have built infrastructure to harvest value from the rewards programs we ignore.

Listen to the full Oh My Fraud episode with Kim Sutherland to learn specific red flags for loyalty fraud, discover emerging authentication technologies that could protect clients, and understand why those forgotten rewards programs might be your clients’ biggest vulnerability. Because in a world where your morning coffee purchase contributes to a $13 billion shadow economy, treating digital rewards with the same seriousness as traditional currency is just professional prudence.

Your Crypto Loss Might Not Be Deductible (Even Though Your Neighbor’s Is)

· ·

When someone loses $100,000 to a cryptocurrency scammer, the financial blow is devastating. But finding out whether that loss is tax-deductible means navigating rules written decades before anyone imagined digital theft.

In this episode of Tax in Action, host Jeremy Wells, EA, CPA, tackles a confusing area of tax practice: theft losses. While theft has existed forever, the digital age creates entirely new ways for criminals to steal—from “pig butchering” scams to romance frauds—that challenge how we apply old tax laws to new crimes.

The Three Categories That Determine Everything

Before helping clients who’ve been scammed, tax professionals need to understand which of three categories their loss falls into. This distinction can mean the difference between a valuable deduction and no tax relief at all.

Under IRC Section 165, losses fall into three buckets. Losses from a trade or business and losses from transactions entered into for profit—even outside a business—are generally deductible. However, personal losses not connected to business or profit-seeking are the problem area.

The Tax Cuts and Jobs Act eliminated personal casualty and theft losses for 2018 through 2025. The only exception is losses from federally declared disasters. As Wells explains, this even includes theft during disasters, like the looting that happened after Hurricane Katrina when “there was just a general lack of any sort of law enforcement.”

This means two neighbors could lose the same amount to the same scammer, but only the one who was investing for profit gets a deduction. The retiree who sent money for personal reasons? They’re out of luck.

The Three-Part Test Every Practitioner Must Know

Beyond figuring out the category of the loss, Wells explains that courts have developed three essential criteria for any theft loss claim.

First, the theft must have occurred under state law where the loss happened. This requirement isn’t in the tax code or regulations; it comes from court cases trying to define “theft” when the IRS never did. The 1956 Edwards v. Bromberg case said federal courts must look to state law, but as Wells notes, that creates “probably about 50 different definitions, one for each state.”

Second, you must be able to determine the amount lost. For cash or stocks, this is straightforward. But for jewelry or collectibles? You’ll need insurance records, appraisals, or reasonable estimates. Proving value becomes nearly impossible without documentation from before the theft..

Third, you need to know when the taxpayer discovered the loss. This is crucial because it’s not when the theft happened, but when the victim realized it. Wells emphasizes: “That could be the same day, maybe a few hours later. It could be a few days later. It could be weeks, months, or even years later.”

The courts are clear about one thing: simple disappearance isn’t theft. Wells shares the Allen v. Commissioner case, where someone lost jewelry in a museum. Despite searching everywhere, publishing newspaper ads, and filing police reports, the court denied the deduction. Why? The taxpayer couldn’t prove someone actually stole it rather than it just being lost.

Timing Is Everything (And It’s Complicated)

The timing of theft losses works differently than most people expect, especially with digital assets and cryptocurrency.

A theft loss is deductible in the year you discover it; not when it actually happened. But Wells stresses a major catch: if you have a “reasonable prospect of recovery” through insurance or lawsuits, you can’t claim the loss yet. You must wait until you know with “reasonable certainty” whether you’ll be reimbursed.

“It’s not that you go ahead and claim it, and then wait until you receive the reimbursement,” Wells clarifies. “You have to wait until the outcome of that process is actually either known or within a reasonable certainty.”

With cryptocurrency scams, you might have three different dates spread over years: when the theft occurred, when you discovered it, and when you know recovery is impossible. Each delay pushes your potential deduction further into the future.

When Corporate Fraud Doesn’t Count as Theft

Surprisingly, even massive corporate fraud doesn’t create theft losses for shareholders. Wells uses Enron as an example. Investors lost everything due to “fraudulent and illegal activity,” but for tax purposes, these remain capital losses, not theft losses.

The 1975 Payne v. Commissioner case established this rule. Corporate executives don’t have “specific intent to deprive that particular shareholder” of their money. Even when executives commit crimes that destroy your portfolio, you haven’t been “robbed” in the tax law sense.

This distinction matters enormously for crypto investors. When an exchange halts withdrawals or a platform gets “hacked,” you need to determine whether it’s actual theft (potentially deductible if for profit) or platform failure (capital loss at best).

Five Modern Scams and the Profit Motive Test

In 2025, the IRS Chief Counsel addressed five common scams that don’t fit the traditional Ponzi scheme mold. The key factor? Whether victims had a profit motive.

Deductible scams (entered into for profit) include:

  • Pig butchering scams work by “fattening up” victims. Scammers start with small investments that show big returns. Victims invest more and more until the scammer disappears with everything. Because victims expected investment returns, the loss is deductible.
  • Compromised account scams involve criminals convincing victims their accounts need securing. Since victims move investment funds expecting to preserve them, the profit motive remains intact.
  • Phishing scams use fake websites to steal login credentials for investment accounts. Again, the investment nature preserves deductibility.

Non-deductible scams (personal losses) include:

  • Romance scams create fake relationships before asking for funds, often for medical emergencies. There’s no profit expectation; just personal generosity. As Wells emphasizes, “There’s no expectation of profit here. So that makes the theft loss nondeductible.”
  • Kidnapping scams involve fake ransom or bail demands. These are fear-motivated, not profit-motivated, making them personal and nondeductible.

The cruel irony? Two victims could withdraw the same amount from identical IRAs and send it to the same overseas account. But only the one expecting investment returns gets a deduction. The one motivated by love or fear gets nothing—plus they owe tax on the IRA withdrawal.

Lessons from the Experts Who Got It Wrong

Wells ends with a humbling case: Booth v. Commissioner. The taxpayer bought Civil War-era land rights that turned out to be invalid, then got sued after selling them to someone else.

Eighteen Tax Court judges split 10-8 on whether this was theft loss or capital loss. The Ninth Circuit reversed them, saying it was both. When Wells polled tax professionals, only 13% got it right.

“There are a lot of smart tax people out there and they can disagree and they can even be wrong,” Wells reflects. “The important part is that we keep thinking about these issues.”

What This Means for Your Practice

For tax professionals dealing with theft losses, three things matter most:

  1. Document profit motive upfront—not after the loss. The client’s intention when entering the transaction determines deductibility.
  1. Track timing carefully. Discovery dates and recovery efforts affect when (or if) clients can claim losses. This might mean waiting years.
  1. Know the current guidance. The IRS issues new interpretations as scams evolve. What wasn’t deductible yesterday might be tomorrow.

The collision between 1950s legal precedents and 2020s digital crimes creates daily challenges. While the basic rules haven’t changed in 70 years, applying them to cryptocurrency scams and online fraud requires both historical knowledge and modern insight.

For clients devastated by digital-age theft, understanding these rules helps you identify opportunities where they exist and provide clarity where they don’t.

Ready to master these distinctions? Listen to Jeremy Wells’ complete analysis in this episode of Tax in Action, where he breaks down additional examples, Form 4684 reporting details, and why even seasoned professionals struggle with these issues.

Your Airline Miles Are Worth $74 Billion and Hackers Know It

· ·

Ever check your airline miles balance and think, “I should probably use those someday”? Well, fraudsters aren’t waiting. While you casually ignore those reward points, criminals are actively hunting for these digital treasures that have somehow become worth more than the companies that create them.

In this episode of Oh My Fraud, host Caleb Newquist explores the surprisingly vulnerable world of loyalty and rewards programs, revealing how the points flooding your inbox have become prime targets for fraud schemes that affect everyone from frequent fliers to wholesale club members.

The Accidental Billion-Dollar Asset Class

When United Airlines started tracking customers in the 1950s, it gave out plaques and promotional materials—basically corporate swag. Fast-forward to today, and rewards programs look entirely different. American Airlines generated $6.5 billion from its AAdvantage program in 2023 alone—not from selling tickets, but from selling miles.

The economics are almost absurd. As Newquist points out in the episode, airlines create miles for about half a cent each. They’re database entries. Then they turn around and sell these digital tokens to credit card partners for two to three cents per mile. That’s a 400% to 600% markup on something that costs virtually nothing.

“The hilarious thing is that these aren’t tangible,” Newquist observes. “They’re just made up. They’re just digital assets created out of thin air.”

The combined loyalty programs of United, American, and Delta are worth $73.8 billion. Think about that: these made-up points are sometimes worth more than the airlines themselves. And McKinsey estimates 30 trillion unredeemed miles sit in passenger accounts globally. That’s enough for every airline passenger on Earth to take a free one-way flight.

But here’s where things get dicey. Despite sitting on this massive pile of value, major airlines, including Southwest, American, Frontier, and Alaska, don’t offer two-factor authentication for account access. These companies spend millions on aircraft safety but can’t implement basic security that’s been standard in banking for over a decade.

When Your Miles Take an Unexpected Trip

The human cost of this security gap becomes painfully clear through recent victims’ stories. In July 2024, multiple Alaska Airlines customers woke up to drained accounts. One victim lost 150,000 miles, worth about $1,900. Another reported on Reddit that hackers stole over 200,000 miles. The points were being used to book luxury hotels in Abu Dhabi.

Gabrielle Bernardini, a writer for The Points Guy, discovered her Southwest account had been hacked when she received an email confirming a Hampton Inn reservation in Kalamazoo, Michigan—a booking she never made. The fraudster burned through 17,100 points, worth about $240.

Through persistence, Bernardini got her points back. But Southwest made it clear they were only doing it as a “gesture of goodwill” and a “one-time exception.” Their actual policy? “Southwest is not responsible for unauthorized access to a member’s account and will not replace stolen points.” Newquist confirmed that’s still the policy today.

Clint Henderson’s American Airlines nightmare went even further. Fraudsters drained hundreds of thousands of his AAdvantage miles for car rentals. Recovery meant jumping through incredible hoops. American required a new email address for his new account and demanded a PDF or screenshot of his police report. When Henderson went to file the police report, the NYPD’s online system was down. He had to visit a precinct physically, then was told that he couldn’t have a copy of his report until a detective intervened the next day.

Even with proof of fraud, the car rental company that accepted the stolen points simply refused to refund them. Henderson eventually got his miles back from American, but the whole ordeal revealed just how messy these situations can become.

From Sam’s Club to the Gas Pump

The problem isn’t limited to airlines. In May 2024, Sacramento County authorities arrested 38-year-old Inam Rasool after discovering he’d been systematically draining other customers’ Sam’s Club accounts. What started as an attempt to leave with $1,000 in unpaid merchandise turned into something bigger.

Store personnel began monitoring his return visits and uncovered a sophisticated operation. Rasool used stolen Sam’s Cash rewards to buy merchandise, resell it online. When police searched his home, they found over $25,000 worth of electronics, medications, pet food, hygiene products, supplements, and snacks. They also found shipping supplies, a computer, and a label printer for his online sales operation.

Meanwhile, in Peters Township, Pennsylvania, 18-year-old Paul Kostanich was hitting Giant Eagle fuel perks accounts. Video showed him visiting gas stations almost daily, holding his phone to barcode scanners to activate stolen points from different accounts. He admitted to hacking about 20 accounts and faced 58 charges, including identity theft.

One victim’s reaction captured the general disbelief, “I could never imagine someone hacking a Giant Eagle Perks card. I mean, really?”

Why This Keeps Happening

The problem is, rewards programs were never designed as financial assets—they’re marketing tools that accidentally became valuable. As Newquist explains, “They’re just a marketing gimmick developed by corporations that they hope will get us to spend more money with them. And it just so happens that they’re very, very good at doing that.”

From a corporate perspective, the math works out. If rewards fraud costs the industry $1 to $3 billion annually, but these programs generate over $70 billion for just the top airlines, that’s less than 5% lost to fraud. For many companies, it’s just a cost of doing business, especially when they can push losses onto consumers through terms of service that disclaim responsibility.

This creates what Newquist calls a perfect storm for fraudsters. You’ve got valuable assets with minimal protection, companies that won’t pursue prosecution, and victims left holding an empty bag while corporations point to fine print.

Protecting Your Points (Since No One Else Will)

So what can you do? Newquist offers practical advice with characteristic honesty.

First, change your passwords for rewards accounts. “I know you’d have to be a cerebral freak to generate a different password for virtually every account.” But at least make them different from your banking passwords.

Second, use two-factor authentication wherever it’s available. “Is it tedious? Yes. Does it save your bacon 99.9% of the time? Also, yes.”

Third, consider a password manager. Yes, the big ones have been hacked, but the benefits of managing unique passwords outweigh the risks.

Finally, actually check your accounts occasionally. Don’t be obsessive, but treat them with the same attention you’d give a bank balance.

The Bottom Line

Those rewards points you’ve accumulated aren’t just marketing fluff; they’re real value with real vulnerabilities. Companies have created a $74 billion economy from thin air, then washed their hands of responsibility when that value gets stolen.

For accounting professionals, this is a masterclass in risk transfer. For everyone else, it’s a wake-up call. In a world where teenagers systematically drain fuel perks and hackers book Abu Dhabi hotels with your miles, ignorance is an invitation.
Listen to the full episode above for Newquist’s complete investigation, including more cases and why he thinks these programs are essentially “legal money laundering” schemes. And maybe check your rewards balances while you’re at it. Just in case someone in Abu Dhabi isn’t already enjoying them.

From Vanishing Jobs to Work Slop: Inside Accounting’s AI Reality Check

· ·

The accounting profession faces a stark reality-check as entry-level auditor positions have declined by 43% since January, and a third of accountants admit they cannot identify AI-generated fake receipts. 

In episode 455 of The Accounting Podcast, hosts Blake Oliver and David Leary address the growing evidence that AI is disrupting accounting more rapidly than most firms can keep up with. From vanishing entry-level jobs to the rise of “work slop” (low-quality AI output that wastes time and money), the profession is struggling with changes that are both promising and perilous.

The Tech Stack Problem Nobody Wants to Talk About

Before diving into AI’s disruption, Oliver shared a surprising statistic: only 37% of accounting firms require their clients to use their technology stack. That means 63% let clients choose their own tools, creating a mess of incompatible systems and inefficient workflows.

“It’s one of the things we did in my firm that was a differentiator and allowed us to scale quickly,” Oliver explained. “It reduced training time. It increased the speed at which we worked.”

The reluctance to standardize reveals a deeper problem in the profession: firms are so afraid of losing clients that they sacrifice efficiency and scalability. Yet Oliver found the opposite: “The ones that were willing to make that shift ended up listening to us about other things, too. So you might want to consider requiring clients to switch as, like a testing mechanism to see if they’re actually going to be a good fit.”

This standardization challenge becomes even more critical as firms try to implement AI. Without consistent data inputs and workflows, automation becomes nearly impossible.

The Vanishing Entry Level: A 43% Wake-Up Call

The most alarming news Oliver shared was the 43% drop in entry-level auditor job postings since January, based on a study of 126 million job postings. Meanwhile, senior positions requiring ten or more years of experience increased by 6%.

“These firms are extremely shortsighted,” Oliver argued. “They are just trying to juice profits and revenue in the short term. And the easiest way to do that is to replace your entry-level people with AI.”

The vulnerability of these positions is clear. As Oliver explained, “The stuff an entry level auditor does is so basic, like cash confirmations. You can have an AI agent doing cash confirmations all day long. It’s not complicated.”

The fear extends beyond auditing. Nearly half (45%) of accounts payable professionals now fear layoffs in 2025, up from 27% last year. These workers see AI agents matching invoices, approving bills, and processing expense reports—tasks that once required human oversight.

Leary raised an important question: Are firms actually succeeding with AI, or are they cutting staff first and hoping to automate later? In Oliver’s view, the automation is working well enough to justify the cuts. But this creates a long-term problem. Without entry-level positions to train tomorrow’s senior accountants, where will future leaders come from?

Work Slop: The $200 Hidden Cost of Bad AI

A new Harvard Business Review study coined a term for low-quality AI output: “work slop.” And work slop is expensive. Each incident wastes nearly two hours and costs about $186 per worker per month.

Forty percent of workers report receiving work slop in the past month. More than half feel annoyed when they get it, and 42% view the senders as less trustworthy.

“Every time one coworker gives another coworker slop, it costs your company 200 bucks,” Leary emphasized. But, “Employees who turn out work slop probably already did work slop before. They just did it at a much slower volume.”

The hosts shared their own experiences with work slop. Job applicants submit unedited ChatGPT responses. Guest pitches reference the wrong podcast. Some candidates even feed interview questions into AI during live video calls.

“It looks good,” Oliver said about typical work slop. “Like if you look at the email, it’s nicely formatted and it looks good and then you actually read it and you realize that it’s garbage.”

The paradox is striking: 97% of firms admit they’re not using technology efficiently, yet 86% believe AI-using firms have a competitive advantage. The gap between aspiration and execution means firms produce more low-quality work faster rather than better work more efficiently.

The Fraud Detection Crisis

Perhaps most concerning is accountants’ declining ability to spot fraud. Thirty-two percent admit they can’t recognize AI-generated fake receipts. Another 30% are seeing more fraudulent receipts than last year, and 42% suspect colleagues have submitted fake or altered receipts.

“If you want to see just how difficult it is or how easy it is to make one, just go and ask ChatGPT to make you a receipt,” Oliver challenged listeners.

Leary noted that expense fraud isn’t new. After all, people used to pick a receipt up off the ground at McDonald’s. But AI changed the game. Now anyone can generate perfect forgeries on demand.

Oliver explained that current AI models don’t understand physics, so shadows and lighting in fake images often don’t match reality. But detecting these requires expertise most accountants don’t have.

“When nothing is physical anymore, how do you, as an auditor or an accountant, rely on a scanned document?” Oliver asked, highlighting a fundamental challenge for the profession.

Solutions Emerging from the Chaos

Despite the challenges, practical solutions are emerging. Zapier announced a “human in the loop” feature that pauses automated workflows for human review at critical points. “Don’t try to automate the whole workflow,” Oliver advised. “Try to automate one task in the workflow.”

Keeper launched a new AI product that converts payroll reports and settlement statements into journal entries—a task that previously required complex spreadsheets and manual work. At $50 per client per month, it represents the kind of targeted automation that actually works.

Even Drake Software, long criticized for being behind the times, launched cloud-based tax software. While limited to certain forms, it signals that even legacy providers recognize the need to modernize.

These tools show that successful AI implementation isn’t replacing humans entirely. Instead, it augments specific tasks while maintaining human oversight for quality and judgment.

Looking Ahead: A Profession at a Crossroads

The accounting profession faces interconnected challenges that require more than technological solutions. The 43% drop in entry-level positions poses a threat to the talent pipeline. Work slop erodes trust and efficiency. Fraud detection capabilities are falling behind those of fraudsters.

Yet there are opportunities within these challenges. Firms that thoughtfully integrate AI, maintain human oversight, and invest in training the next generation will have an advantage over those who chase short-term profits by cutting entry-level positions and blindly implementing AI.

As Oliver noted about his own firm’s success, standardizing technology, requiring client buy-in, and focusing on quality over quantity created real competitive advantages. The same principles apply to AI adoption. Success requires strategy, not just software.

To hear Oliver and Leary’s complete analysis of these shifts in accounting, including their discussion of H-1B visa changes, Trump’s latest tariff threats, and more practical insights for navigating AI’s impact, listen to the full episode of The Accounting Podcast. Their unfiltered weekly discussions provide essential perspective for anyone trying to understand where the profession is heading and how to thrive despite the uncertainty.