David Tresch, the former Chief Information Officer of Mayer Brown, was arrested on charges of embezzlement. Mr. Tresch was responsible for the approval of payments to vendors – one of which he had an ownership interest in. In May of 2011 Mayer Brown decided to stop using that vendor, but the payments David Tresch sent to them did not cease. It is alleged that nearly $1M in payments were falsely sent to the vendor, most of which were kicked back to Tresch.
This situation reveals four key points a firm’s must consider in their risk management program to prevent similar situations:
- A firm must have a segregation of duties in vendor payments. The same person who approves the payment should be different from the person balancing the books and the person reviewing invoices.
- A firm should maintain an updated approved vendor list. Once a firm decides to disengage from a vendor, they should be removed from the vendor list and no further work or payments should be approved
- A firm should require that employees of the firm disclosure any interests or familial relationships in a vendor the firm does business with.
- A firm should maintain employee theft(fidelity) insurance for situations like these. It is also important to review the policy form to make sure that “officers, directors and partners” are not excluded from coverage.
If you have questions about how your firm can better protect itself from situations such as these, contact Calculated Risk Advisors today.