Article originally published on https://njbiz.com
Darryl Neier knows how faulty accounting and criminal fraud can occur in the for-profit corporate world for an average of 18 months before being detected.
He also knows how fraud in the nonprofit and social services sector can continue on for much longer, due to more trusting management, more reliance on volunteers and less financial expertise.
“Businesses and organizations both nationally and internationally are losing approximately 5 percent of their revenues to various cases of fraud, waste and abuse,” Neier said.
After 20 years with the Morris County Prosecutor’s Office, retiring as a detective sergeant involved in the detection and prevention of fraud in a variety of cases, Neier brought his investigative talents to Sobel & Co. in Livingston in 2002 to become principal of the firm in charge of the forensic accounting and litigation services group.
Over the past 14 years, Neier has compiled a team consisting of nearly 30 certified public accountants, certified fraud examiners and former law enforcement and investigative professionals — including former members of the Secret Service — with special competencies in the accounting and legal professions.
They work under three umbrellas: economic forensics, headed by the Sobel Tinari Economics Group, acquired in 2013; commercial damages and business valuations; and forensic accounting, covering everything from white collar crime investigation to mergers and acquisitions and more — such as monitoring the construction of One World Trade Center in New York to make sure the building went up without fraud, waste and abuse.
NJBIZ spoke with Neier about two new initiatives Sobel & Co. is now pursuing to combat issues that have cost global organizations millions of dollars: cybersecurity and counterfraud assessments.
Here’s what he had to say.
NJBIZ: Tell us about Sobel & Co.’s newest initiatives since January of this year.
Darryl Neier: We are highly involved in working on cybersecurity assessments of businesses to make sure they are as protected as they can be in both their policies and procedures. We then partner with other firms to make sure that they have the best technology available to prevent hacking from occurring. If there are already cyber and fiscal security incidents, we advise them on what they need to do to respond.
Counterfraud risk assessment is really a helicopter view of the organization. We rely on statistical models based on 15 years’ worth of global data in order to tell businesses what their costs of fraud are and make recommendations on how to adjust their policies and procedures or implement monitoring equipment to reduce that potential cost.
NJBIZ: How has your previous career in law enforcement benefitted you?
DN: Law enforcement was my first career out of college and it set me up nicely for my second career after I retired. It benefits me now to be able to understand what the government is looking for when reviewing financial documents and also know the information that the government is going to put forth in their allegations and complaints. I bring my investigative approach that I developed in law enforcement into the private sector to make sure that the scales of justice are balanced, that what the government is saying is in fact what it is. There are instances in which the government has been overreaching and we have had some positive impact for the client. There have also been instances in which the government was spot on and we have had to convince clients to take guilty pleas or face years in prison.
NJBIZ: How does an accounting firm approach cybersecurity as opposed to a technology company or law enforcement?
DN: It was important for us to put a multidisciplinary team together. Sobel & Co. is rather unique in that, within our forensic accounting group, we have people in place that have vast experience in government and federal law enforcement, in technology, in legal and so forth. We are looking at not only how cybersecurity affects accounting systems but also, are they taking credit cards? Are they compliant with the standards that are out there now? We take a holistic approach, looking at how cybersecurity might affect their policies and procedures and their fiscal security. Then we look at their technology and make sure that it is all put together properly
About the executive
Darryl Neier is an adjunct faculty member at New York University, instructing in financial investigations and compliance at the graduate level, and a certified instructor with the National White Collar Crime Center and the National District Attorneys Association, instructing federal, state and law enforcement agencies and other regulatory bodies throughout the U.S.
Neier holds a Master of Science in economic crime management from Utica College of Syracuse University and a Bachelor of Science in accounting from William Paterson University.
He is highly decorated, having received multiple commendations from the Morris County Prosecutor’s Office, the Federal Bureau of Investigation and the U.S. Secret Service.
NJBIZ: What is the biggest cybersecurity issue you’ve come across in your assessments?
DN: Unless they are in a regulated industry, a lot of businesses do not think a cybersecurity incident could happen to them. Policies and procedures are lax in a lot of companies when it comes to use of cyber. Their own employees are probably their own worst enemies in terms of what they click on and what they have access to in allowing malware to gain access to servers. The hackers that are out there are looking for companies that will have the information that they want to get after, whether it’s intellectual property or personal identifiable information.
The fact is, most companies haven’t even looked at their insurance policies in years. They don’t know what type of coverage they have, or if they even have cyberinsurance. Also, how does the company separate their servers in a way to afford the greatest protection? If hackers get into one location, can they access the whole network? Or, if there is a ransomware attack on part of a network, will it shut the whole company down? What is their cyber continuity plan?
NJBIZ: Why have you seen an increased need for counterfraud assessments?
DN: If businesses looked at fraud on a proactive basis rather than a reactive basis, they would have been able to make some changes. We just were involved in a matter where the company had a longtime employee that had grown through the company and was in charge of accounting. That employee wound up misappropriating over $1 million over a five-year period. This company didn’t have the policies and procedures in place that would have picked up on what this person was doing a lot sooner. While the company had an external auditor, they weren’t looking at specific things. The employee knew what they were going to look at and ask for and was able to cover tracks for quite a while. Unfortunately, this company’s crime insurance and dishonest employee insurance was not sufficient to recoup the total dollar loss. While the case was referred to law enforcement, law enforcement is not a collective agency.
It could also be as simple as knowing who to report fraud to if suspected, knowing where your business is lax and what the attitude toward fraud is in your company. There are very basic things a company can do to shore things up a little bit with their policies and procedures as well. At the end of the day, it may cost a business money in having an assessment done and an attorney review their policies and procedures, but it can save them quite a bit of money down the line.
NJBIZ: What kind of growth have you seen in the past six months regarding these new initiatives?
DN: We’ve worked with two municipalities in Connecticut on counterfraud assessments, and we have conducted a number of cybersecurity assessments in New Jersey for nonprofit organizations. We’ll be starting one shortly for a college.
NJBIZ: As more companies become global, have these issues increased your time spent away from New Jersey?
DN: In this global economy and commerce, we work all over the place. I’m working on an issue with various vendors and supply chains that are mostly out of Florida now, but we haven’t stepped foot in the state yet. We are able to do most of the preliminary investigations and analyses from New Jersey. We will then need to visit Florida and interview people before we report our findings to the board of directors, but we are able to work on many things all from one location.
NJBIZ: What advice would you give to new businesses or companies that are looking to acquire a business in terms of cybersecurity and fraud protection?
DN: Re-evaluate policies and procedures and make sure you have proper insurance; ensure you have the right analytic tools in place to ferret out cybersecurity and fraud issues within an organization; and speak to your attorneys and accountants about what more you can do to protect your organization. If you do not have the right people to ask, find them.
E-mail to: email@example.com