This is a notice for site visitors.

The Latest

War Story No. 102

102A: Voicemail-Email Fraud, Investment Advisory Services

Wealthy shipping magnate John Urich had established a trust to care for his disabled wife in the event of his death. Urich’s CPA, Greg Roberts, provided tax and investment advisory services to Urich, while the trust department of Commercial Fiduciary Bank provided trustee services.

At one point Roberts received an email message from Urich requesting a transfer of approximately $200,000 to a foreign account. Roberts called Urich to verify the request and left a message in Urich’s voicemail. Minutes after leaving the message, Roberts received a message from Urich’s email account confirming to request. Roberts then advised Urich to send an investment direction letter to the trustee at Commercial Fiduciary Bank, while Roberts forwarded instructions to the trustee regarding the transfer of funds.

When the trustee received an investment direction letter with Urich’s signature on it, he followed the instructions provided by Roberts and transferred the $200,000 into the foreign account. Shortly after that, Roberts received a call from Urich stating that he had not authorized the transfer of funds, and that Urich was expecting Roberts to replace the $200,000 that Urich claimed had been stolen by a hacker via an elaborate phishing scheme.

Where did Roberts make a wrong turn?

  1. Roberts should have more carefully screened and investigated Urich’s background as a new client when he was first engaged by Urich to provide investment advisory services.
  2. Roberts should have used a better spam filter to catch fraudulent email messages being sent by hackers and scammers.
  3. Roberts should have spoken directly with Urich in detail about the transfer, making sure that he was speaking with Urich, by recognizing Urich’s voice and by asking Urich to confirm information that only Urich would know and that a hacker would not have access to.
  4. All of the above.



Incorrect. While all significant engagements and clients should be screened thoroughly, including background investigation reports, the client was not the problem in this situation.


Incorrect. Spam filters might catch some fraudulent email messages using slightly misspelled addresses (e.g., “” instead of “”), but that was not a factor in this situation. The client’s voicemail and email accounts had been hacked and commandeered by a scammer who was sending fraudulent messages from the client’s legitimate email account. In this situation the CPA did not realize that the client’s voicemail messages were being delivered to the client’s email account, enabling the hacker to receive and confirm messages. It is also wise to check senders’ email addresses, and to check the web addresses of links by hovering over the links with the cursor without clicking on them. Also, treat any attachment you didn’t request as highly suspect. Do not open it.


Correct. Phishing or social engineering schemes can be highly sophisticated, employing high-grade counterfeit documents. In this situation, the scammer copied an older investment direction letter from the client’s email account, updated it with a current message, and forged the client’s signature on the letter. In other cases, high-grade counterfeits have been made of checks and insurance policies. Scammers will sometimes set up phone lines that rout calls to scammers posing as employees who are vouching for validity of counterfeit checks. Transfers of funds should be verified by a phone call directly to the client by someone who knows his or her voice. A phone call can confirm information that only the client would know and that a hacker would not have access to. Also, Data Breach Coverage provides protection against losses stemming from data security being compromised by hackers. For more information regarding such coverage contact your agent or CAMICO Insurance Services.


Incorrect, as explained in the preceding.

102B: Fee Dispute, Audit Client

A longtime nonprofit audit client needs federal grants to sustain their organization. With no explanation, upon receiving their audit report, the organization paid only $20,000 instead of the $35,000 owed for the audit services.

After numerous failed efforts to collect and learn why full payment had been withheld, the auditor ultimately disengaged from the client. Without considering the engagement letter clause calling for both mediation and arbitration for fee disputes, the firm engaged an attorney to pursue collecting the $15,000 balance. The client then countersued, claiming negligence by the auditor and a refund of the audit fees.

Which of the following best describes how you would address the preceding collection issue?

  1. We recognize the possibility that the terminated client might countersue, but we are entitled to our fees and would choose to sue to collect our outstanding fees.
  2. We would monitor the balances due from our clients. Any client with fees outstanding 90 days or more would receive written notification that our services would cease until we received payment of the outstanding balance and a substantial retainer. We would disengage if the client didn’t timely comply.
  3. Our engagement letters contain clauses initially calling for mediation to resolve all disputes, and binding arbitration for fee disputes only. If faced with this scenario, we would inform the client in writing that, unless paid within 10 days, we will initiate mediation or binding arbitration to settle the matter. We’d also promptly terminate our audit relationship.
  4. We would take no action and hope the client will ultimately pay the outstanding balance.
  5. None of the above.


1. Incorrect.

This may end up costing the firm more money than the fees owed to them, as the cost of suing for fees and the almost guaranteed countersuit can be expensive, including deductibles and co-payments, and there is no guarantee there will even be collections at the end.

2. Correct. (#3 is also correct.)

This is the best approach to nip fee collection issues in the bud. Keep up with the firm A/R on a regular basis and document with the client what you will be doing per the signed engagement letter that both sides agreed upon. The services can continue if the payment conditions are met. Avoid waiting until right before deadlines or due dates when stopping work, as this could lead to a breach of contract suit brought by the client.

3. Correct. (#2 is also correct.)

Using the mediation and arbitration process to settle fee disputes is more effective than litigation, though there is no guarantee the whole amount owed will be collected. Clients will sometimes see what is in front of them and pay some or all of the fee. The auditor must be concerned about the independence issue that may arise when the client doesn’t pay the fee in full.

4. Incorrect.

CAMICO’s experience is that this approach gets many firms in trouble with regards to fee collections. The firm or a particular member of the firm might be too concerned about client service and not losing the client. The amount due therefore rolls forward and grows to an amount the firm will never collect. This can cause financial stress on the firm and even break firms apart. It can also cause independence issues for future audited financial statement services to the client by the firm.

5. Incorrect,

as explained above.

War Stories are drawn from CAMICO claims files to illustrate some of the dangers and pitfalls in the accounting profession. All names have been changed.

Share this article