Could a lack of Segregation of Duties allow woman to steal millions from US army?
San Antonio Woman Accused of Stealing $103 Million from US Army
In a startling case that captured headlines, Janet Mello is currently facing charges of embezzling over $100 million from the Army. The story began when federal investigators, prompted by the IRS's detection of potential tax evasion, turned their attention to Mello, a civilian employee stationed at Joint Base San Antonio-Fort Sam Houston.
The accusations suggest that she orchestrated an elaborate scheme by creating a fraudulent shell company named CHYLD, with the primary objective of diverting funds allocated for a 4-H program supporting military families. Despite reporting meager profits in 2017, Mello failed to file subsequent tax returns for CHYLD. Prosecutors claim that, with an official government salary of $129,996, she managed to fund an extravagant lifestyle between 2017 and 2023.
Her alleged purchases include international trips, indulgence in high-end dining, acquisition of luxury jewelry, designer clothing, vintage and high-performance vehicles, and several million dollars' worth of real estate. The IRS, recognizing the contradiction between Mello's reported income and her opulent lifestyle, initiated a joint investigation with Army officials.
Exploiting what appears to be relaxed controls within the Army's Installation Management Command, Mello stands accused of diverting a staggering $103 million, originally intended for the 4-H program, to her company. The indictment further suggests that Mello abused her autonomy and forged signatures, taking advantage of the trust placed in IMCOM by the Defense Finance and Accounting Service (DFAS).
The investigation also revealed that Mello's alleged embezzlement gained momentum after organizational changes within IMCOM in 2019. These changes inadvertently granted her greater flexibility in her role, leading to a lack of necessary checks and audits by Army leaders.
The case of Janet Mello's alleged embezzlement spotlights the critical need for robust internal controls within every organization. Access governance and application controls are key in preventing and detecting fraudulent activities.
In Mello's case, loose internal controls contributed to her ability to divert funds.
- Tightening access governance could have limited her access to financial systems by defining and managing her access rights, significantly reducing the chances of secret fund diversion.
- Application controls could have imposed restrictions on transactions and activities within software applications. In this scenario, strong application controls could have identified anomalies in the payment requests submitted by Mello.
- Purchasing limits and multi-level approval processes might have stopped her ability to forge approvals and redirect funds to her shell company.
Regular audits and reviews of access permissions and financial transactions are also integral to a comprehensive control framework. Periodic reviews of Mello's activities, including spot-checks of financial transactions and vendor approvals, might have led to the earlier detection of her alleged fraudulent scheme.
A powerful combination of access governance and application controls is vital in preventing and detecting fraudulent activities. These measures limit access to critical systems and create a layered defense that can identify irregularities and unauthorized actions, ultimately safeguarding organizations from financial misconduct and fraud.