Free parking - includes related article - Fraud Findings

Internal Auditor, Dec, 1992 by Robert W. Rudloff, Jr.

In a certain city, hotel customers could park free in parking garages owned and operated by the hotels. Some hotels leased parking spaces from others in order to accommodate their guests and to remain competitive.

At one hotel, the general counsel was notified by the State's Attorney General's office that they had received a reliable tip that the parking facility's cashiers were billing the hotel for more cars than the hotel had actually parked. Internal audit was notified immediately.

* The System

The hotel's valet parking attendant could leave the parking facility without paying the normal $5 parking fee. The valet attendant would give the parking cashier the stub from the hand tag -- the pre-numbered tag that hangs in the car's window -- in lieu of the fee. The parking facility would bill the hotel every two weeks based on the number of cars parked, an amount determined by the number of ticket stubs submitted with the parking cashiers' daily sales.

* The Investigation

No one fully understood how the theft was occurring. The internal auditors did a preliminary review of the payments to the parking facility. Every bill was supported by the stubs from the company's valet tags, although the auditor had the feeling that some of the stubs didn't look quite right.

After the internal auditor talked to the parking department manager (who approved the parking facility's bills for payment), the auditor quickly learned that if there were fraudulent charges, there was no mechanism in place to detect them. Ticket stubs were submitted by the parking facility every two weeks along with their bill, but nobody reviewed the stubs to make sure they were legitimate. The parking department just counted them and compared their count to the amount on the bill.

To verify that a scam was taking place, the internal auditors developed an investigative strategy. They determined that parking facility management was not involved in the fraud and obtained their cooperation.

The internal auditors started parking their cars in the parking facility. After a few hours, they retrieved their cars and left the lot, paying the normal $5 fee. The auditors always made sure they had a $5 bill so the cashier would not necessarily have to open the cash drawer. But before leaving the lot, the auditors made a copy of their parking ticket so that they could later find out how the cashier rang up the sale.

When the auditors followed up on how their parking tickets were handled by the cashier, they found that 10 of the auditors' 25 parking tickets were charged to the hotel, even though the $5 fee had been paid. A scam was definitely in process!

Because the hotel was using so many different lots, the valet parker wrote a separate location code on the ticket when the car was parked. To determine the extent of the fraud, the auditors reconstructed three months of parking tickets and stubs -- 75,000 tickets -- and compared their results to the parking facility's bills. The auditors found that 15,500 of the 75,000 were billed by the parking facility; but based on the hotel's copy of the original parking stubs, 3,200 cars (or $16,000 in fees) were for cars the hotel had parked somewhere else.

The auditor's suspicion about the stubs that didn't look right was confirmed. On some of the tickets returned by the parking facility with their bills, the location code had been changed.

* How Did it Happen?

Once the state was convinced there was enough evidence, the two cashiers were confronted and interrogated. The cashiers admitted that the scam had been going on for more than a year and a half. But how did they do it?

The parking lot cashiers were buying used ticket stubs from the hotel's valet parkers. They had convinced the valets that they were participating in a competition within the parking lot to see who could accumulate the most parking stubs, for which the cashiers were paying the valets 25 cents each. The unsuspecting valets were more than happy to help. The valets even found a way to get blank parking tickets to the cashiers, for which the cashiers offered a premium.

The parking cashiers then changed the location code (or wrote one on the blank ticket) and, when a cash-paying customer left the garage, the cashier would put one of the hotel's parking stubs in the cash drawer and the $5 in his pocket.

This fraud escaped detection because of several factors:

* The hotel used the same parking tickets for this facility as for all the others, and no one cared what happened to the used stubs.

* No one thought to examine the stubs carefully to make sure they were legitimate or to question the ones that "didn't look right."

* The stock of blank parking tickets was not controlled and no one noticed when 50 or 100 tickets were missing.

* Conclusion

In the end, the hotel lost more than $110,000, all at $5 a time. The hotel implemented badly needed controls, including control over blank tickets and destruction of used ticket stubs. They varied the color of the tickets for each parking lot. The hotel didn't get a refund from the parking lot (they were victims, too!) but they did get an equitable amount of future free parking to offset the loss.