FORENSIC AUDIT Club Rainbow,

Hotel Trinity
REPORT
XYZEE & ASSOCIATES, CHARTERED ACCOUNTANT
 XYZEE & ASSOCIATES
CHARTERED ACCOUNTANT
M-45, Basement, Malviya Nagar, New Delhi-110017
Email: sagarg.ca@gmail.com | Contact No.: +91+9971852073

18/02/2017

PRIVATE & CONFIDENTAL

Re: Forensic Audit Report of Club Rainbow

Attached is our report stating findings as identified during forensic audit of the Club records. We have conducted our
investigation pursuant to our engagement letter dated 15/01/2017 between the Hotel Trinity and our firm.

Our procedures were performed with the due diligence. Our conclusions and findings are in confirmatory of our
engagement letter. Our analyses and observations are based upon information provided to us as of the date of this report.
It is possible that additional information may become available following the date of our report and, if so, our analysis
and observations could be affected by such information.

We will be more than happy, to clarify doubt with regard to our submission.

For XYZEE & Associates

CA Sagar Gupta
Membership No. XXXXXX

Page 1|9
 Table of Contents

1 Introduction ................................................................................................................................................................ 3
2 Objective .................................................................................................................................................................... 4
3 Use of Report: ............................................................................................................................................................ 4
4 Scope of Forensic Audit ............................................................................................................................................. 4
5 Methodology .............................................................................................................................................................. 4
6 Key Findings .............................................................................................................................................................. 8
7 Conclusion & Recommendation................................................................................................................................. 8
8 Limitations ................................................................................................................................................................. 9

Page 2|9
 1 Introduction

1.1 Hotel Trinity is very prestigious hotel of South Delhi & was established in the year 1989. The main object of
this hotel is to offer the superlative standard of luxury and comfort to its customers. The hotel has 65 bay rooms
(including business suites, executive club room, deluxe rooms & standard rooms), one restaurant named
“UPTOWN” & a Club named “RAINBOW” (hereinafter referred as “Club” or “Rainbow”). The Club had total
membership of 3598 as on the date of this report.

1.2 The Club had accepted membership until year 2013 and then it had stopped accepting new members in order to
maintain standard of service.

1.3 The Club issued a membership card to its member, without which the person was not allowed to avail the
amenities and facilities of the club.

1.4 The club had a policy that on the death of any member, it would transfer the membership of the club in the name
of one child of such deceased member. To get membership transferred, the progeny of the deceased member had
to make an application along with copy of the death certificate of his/her parent. He/she also must give other
details like name, address, PAN, Occupation, email Id, cell no., and photograph in an application form.

1.5 The Club maintained all physical application forms in a box file which was kept by Mr. Jhanjhar, the club in
charge, in his office almirah and access to such office was restricted. The office gate was secured with biometric
lock which opened only with the thumb impression of Mr. Jhanjhar.

1.6 In case of any change in member due to death of any current member, the application form as submitted by
progeny, Mr. Shyam Kumar (IT Admin) used to enter the details in a master data file as maintained on server
system by him. The access right of such server were secured with user name & password.

1.7 Mr. Jhanjhar informed that the physical file of the original members who had enrolled up to the year 2013 were
missing and the hotel management had taken a note of it in year 2014 in a board meeting convened in the year
2014. But the membership data had been captured in software. They had not created new physical file of such
members. The physical records of members enrolling after the year 2013 had been maintained by Mr. Jhanjhar
in a file.

1.8 The Club team used to send several emails to its members informing them about various events, celebrations
etc. that used to happen in the club or the hotel and reminders for payment of annual membership fees were also
sent to the members through email.

1.9 On 17/12/2016, Mr. Surender Kapoor visited the club and informed Mr. Jhanjhar, that his father, Mr. Mohinder
Kapoor, who was the member of the club has passed away 4 months back. To substantiate his claim, he also
produced his father’s membership card which was issued by the club. Mr. Surender sought to be admitted as the
member of the club in place of his deceased father.

1.10 Mr. Jhanjhar checked for the name of Mr. Mohinder Kapoor in the records of members as maintained by him on
the basis of membership number (HTC/Mem./2183) appearing on the membership card as produced by Mr.

Page 3|9
 Surender. However, upon review of record, name of some Ms. Nirali Verma came up against the Membership
Number HTC/Mem./2183. Mr. Jhanjhar informed Mr. Surender Kapoor that no name like Mr. Mohinder Kapoor
is appearing in the records.

1.11 However, Mr. Jhanjhar suspected a foul play in this and asked Mr. Surender Kapoor to submit all necessary
details along with a copy of his father’s membership card and also requested him to visit again after few days.

1.12 Mr. Jhanjhar informed the management of the hotel about this incidence and the management decided to appoint
a forensic auditor to further investigate into this matter.

2 Objective

The Objective of the forensic audit were –

2.2 To check any cases of mismatch in the names of members as per membership register as maintained by the club
with the real names of members.

2.3 To point out flaws in the membership admission process and record keeping system

2.4 To suggest implementation of internal control wherever required.

3 Use of Report:

The forensic auditor is required to submit two original copies to the management of Hotel Trinity for internal
purpose only which cannot be used in any legal proceedings.

4 Scope of Forensic Audit

4.1 The forensic auditor shall find discrepancies appearing in the membership records and actual members.

4.2 The forensic auditor shall also find reasons for difference and confirm the exact number of members and their
identities.

4.3 The forensic auditor shall find weaknesses in the internal control system related to members and suggest
improvements.

4.4 Period covered in forensic audit will be last 3 years.

5 Methodology

Probability of phantom membership is an issue for concern for the Club. The purpose of this report is to validate
the exact membership.

Page 4|9
 To investigate the causes and reasons, the following methodology was adopted:
(i) The audit team took digital image of the server hard disk in presence of Mr. Jhanjhar & Mr. Kumar and two
court supervisors, Mr. Shinde and Mr. Nair. It was kept securely in sealed bag and signatures were taken of all
witnesses. The same were preserved with the audit team office in a safe locker.
(ii) The audit team also made clone of the hard disk so that it can be checked and verified later on.
(iii) A list of all present members was generated from the cloned hard disk.
(iv) As the original physical membership file was destroyed, Mr. Jhanjhar made available physical membership file
for all the members who had enrolled subsequent to their parents’ death. This file contained the following data:

Name Landline Numbers

(v) The audit team prepared an exhaustive list of members from the email sent box which were tabulated in MS
Excel. The data from email sent box had to be used since the original physical files of all members who had
originally enrolled were lost.
(vi) Using ‘find duplicate’ function of MS Excel, the duplicate membership numbers were highlighted and found,
the extract of which is as under:

Membership
Name as per Email List
Number
HTC/Mem./2145 Ms. Smriti Chopra
HTC/Mem./2490 Mr. Shyam Luthra
HTC/Mem./3184 Mr. Jogi Singh
HTC/Mem./2678 Mr. Dharam pal Gupta
HTC/Mem./1876 Ms. Lovleen Holla
HTC/Mem./479 Mr. Bharat Kumar Burman
HTC/Mem./2183 Mr. Surender Kapoor
HTC/Mem./1373 Ms. Divya Tripathi
HTC/Mem./2567 Ms. Ruhi Singh Rajput
HTC/Mem./479 Mr. Shaurya Bhushan
HTC/Mem./897 Mr. Ram pal Sharma
HTC/Mem./3184 Ms. Rupali Thakur
HTC/Mem./2183 Ms. Nirali Verma
HTC/Mem./1456 Mr. Nikesh Lalmani
HTC/Mem./1876 Mr. Sourav Luthra
HTC/Mem./3389 Mr. Bikesh Kumar Rathod
HTC/Mem./2490 Mr. Ravinder Luthra
HTC/Mem./3017 Mr. Gaurav Seth
HTC/Mem./1454 Mr. Ishwar Prasad Iyer

Page 5|9
 HTC/Mem./2356 Ms. Kavita Raj
HTC/Mem./1865 Mr. Raghu J. Gupta
HTC/Mem./1734 Ms. Nalini Dhar
HTC/Mem./3017 Ms. Ritu Dawaar
HTC/Mem./3289 Mr. Vinod Kumar Gupta
HTC/Mem./2089 Mrs. Shruti Verma

(vii) Then another excel file with only duplicate membership numbers and names against such membership numbers
was prepared.
(viii) We arrived at ‘Table -I’ stating details of all members who were deceased (column 1) and a list of the progeny
who had enrolled after the death of their parent (column 2) with a common key ‘membership number’.

TABLE – A
Column 1 Column 2
Duplicate Membership Number Name in Initial Email Name in Subsequent Email(s)
HTC/Mem./2490 Mr. Shyam Luthra Mr. Ravinder Luthra
HTC/Mem./3184 Mr. Jogi Singh Ms. Rupali Thakur
HTC/Mem./1876 Ms. Lovleen Holla Mr. Sourav Luthra
HTC/Mem./479 Mr. Bharat Kumar Burman Mr. Shaurya Bhushan
HTC/Mem./2183 Mr. Surender Kapoor Ms. Nirali Verma
HTC/Mem./3017 Mr. Gaurav Seth Ms. Ritu Dawaar

(ix) Then, from the physical file of members in column 2 of Table ‘A’, the death certificates of their parent were
retrieved, a list of such parents’ names, Table ‘B’ was made.

TABLE – B
Column 1 Column 2
Duplicate Membership Number Name in Subsequent Email(s) Name of deceased parent (from
death certificate)
HTC/Mem./2490 Mr. Ravinder Luthra Mr. Shyam Luthra
HTC/Mem./3184 Ms. Rupali Thakur Mr. Jogi Singh
HTC/Mem./1876 Mr. Sourav Luthra Mr. Krishan Luthra
HTC/Mem./479 Mr. Shaurya Bhushan Mr. Ravinder Bhushan
HTC/Mem./2183 Ms. Nirali Verma Mr. Deepak Verma
HTC/Mem./3017 Ms. Ritu Dawaar Mr. Gaurav Seth

(x) ‘VLOOKUP’ function of MS Excel was executed to find out uncommon names in Table-A column 1 and Table-
B column 2.
(xi) 3 uncommon names were found and were named in Table C.

TABLE – C
Duplicate Membership Number Names from Column 1 of Table Names from column 2 of Table B
A
Page 6|9
 HTC/Mem./2490 Mr. Shyam Luthra Mr. Shyam Luthra
HTC/Mem./3184 Mr. Jogi Singh Mr. Jogi Singh
HTC/Mem./1876 Ms. Lovleen Holla Mr. Krishan Luthra
HTC/Mem./479 Mr. Bharat Kumar Burman Mr. Ravinder Bhushan
HTC/Mem./2183 Mr. Surender Kapoor Mr. Deepak Verma
HTC/Mem./3017 Mr. Gaurav Seth Mr. Gaurav Seth

(xii) The details pertaining to the 3 membership numbers from Table C were retrieved from the cloned hard disk and
were recorded in a list called Table D.

TABLE - D
Duplicate Membership Name as per system Name of deceased Name ought to have
Number database parent of Column 1 as been of deceased
found in column 2 of parents as per column
Table B 1 of Table A,
(Column 1) (Column 2) (Column 3)
HTC/Mem./1876 Mr. Sourav Luthra Mr. Krishan Luthra Ms. Lovleen Holla
HTC/Mem./479 Mr. Shaurya Bhushan Mr. Ravinder Bhushan Mr. Bharat Kumar
Burman
HTC/Mem./2183 Ms. Nirali Verma Mr. Deepak Verma Mr. Surender Kapoor

(xiii) Interview

The audit team interviewed the club staff. For this purpose, a written permission of the management was obtained
and proposed to interview Mr. Jhanjhar, the manager and Mr. Shyam Kumar, IT administrator.

The team first interviewed Mr. Jhanjhar before the beginning the investigation. Mr. Jhanjhar informed that the
Club had lost the physical file of the membership forms long back in year 2014 but had updated records in system
software and hence shown his assurance. Club management had taken a note of it in year 2014 and it was
convened in the board meeting in year 2014. But the membership data was captured using software and hence
they had not created new physical file of original members. He also informed the procedure related to enrolling
the child of a deceased members whereby the deceased member’s son/daughter had to fill physical application
form giving his personal details and a photo in addition. The data in the physical form was then uploaded in
system by Mr. Shyam Kumar, the IT admin who alone had all admin rights to manage software and data.

He further narrated the story of the Mr. Surender Kapoor who approached him for membership enrolment in
place of his deceased parent. He handed over photocopy of the membership card obtained from Mr. Surender
Kapoor.
On making rowing inquiry Mr. Jhanjhar informed that the club regularly sends emails to members whose names
are in database in system software for regular updates about various events at the club and reminders for yearly
membership fees.

Second interview was taken of Mr. Shyam Kumar, an IT Person. He accepted that he had all the admin rights
over software and database. He also informed that he was a software programmer and very well understood the
Page 7|9
 schema structure of the database. During the interview he informed that before joining the Hotel, he was working
for another big IT company with better salary but for some personal reasons he left that job.

He informed that his duty includes software updates, regular back up of data, managing internet & IT Assets and
to resolve any difficulties arising in day to day activities of the Hotel, Club & Restaurant.

On confronting him with the statistical analysis as above, he accepted that he had tampered with the system
software by altering little bit of programming by which he could remove the name of the deceased members
from the system database and instead had inserted another person’s name who also was deceased. This he had
done in collusion with one Mr. Abhishek Sharma who incidentally met him few months before and induced him
to indulge in this name replacing activity. Mr. Abhishek Sharma provided the name of the deceased person who
are to be replaced in database. Once the data base is changed by him, Abhishek used to send the children of such
deceased persons so that they could fill new admission forms and get admitted officially. For doing this he was
offered an attractive incentive as the membership to the Club of Hotel Trinity is very prestigious and not available
any more to any outsiders.

6 Key Findings

The audit team made the following findings:

6.1. There was a difference in the name of deceased parents of 5 persons whose children had been admitted to the
membership in the place of their actual deceased parents.
6.2. These three members of the decease parents have been admitted recently.
6.3. The Club had sent emails to two persons with the same membership number. Six such instances were found. Out
of these six instances, in three instances, the name in the earlier emails and that in the death certificate submitted
to the Club was same. However, it was not so in the other three instances. This aroused suspicion. These three
names are as under:
a. Mr. Sourav Luthra
b. Mr. Shaurya Bhushan
c. Ms. Nirali Verma

7 Conclusion & Recommendation

7.1. There is every possibility that the software is tampered with to modify the database which is a serious breach in
system. The software needs to be thoroughly checked by an outside expert agency for any such bugs or
tempering.
7.2. The Club should re-prepare physical file with the details of the original members who are alive as well as
deceased.
7.3. Annual system audit is suggested so that so that there remains very less chance of such tampering.
7.4. The Club should not continue the same membership card year after year but should issue the card on year to year
basis on receiving membership fees.
7.5. Further independent investigation is called for on the conduct of Mr. Shyam Kumar and Mr. Abhishek Sharma.
7.6. System admin rights need to be taken away from Mr. Shyam Kumar until the full independent investigation is
over by Club.

Page 8|9
8 Limitations

Original physical membership records that were of the original members were not made available and hence we
could not check physical membership list with the system generated membership list.

For XYZEE & Associates

CA. Sagar Gupta

Page 9|9