Articles

The LabSolutions sentencing shows that a laboratory's most dangerous liability may sit entirely outside the lab itself -- in the broker contracts,…

Five public enforcement and oversight matters show what happens when the rollup thesis outpaces the legal and operational facts. Here is how to test the…

Healthcare revenue can look recurring, reimbursable, and scalable. The DOJ enforcement record shows why buyers need to test how that revenue is produced…

The public-data screen produces a ranked list of providers who bill far above their peers. It is tempting to read that list as a list of defendants. It…

When a real estate offering says your capital will improve a specific property, the diligence question is not whether the sponsor believes that. The…

The EquityBuild enforcement record is a diligence lesson about promissory notes, real estate collateral, title, lien position, and whether investor…

In the companion pieces, I showed who has won whistleblower cases with public data and how to build the screen that finds the lead. This article is about…

The Woodbridge enforcement record is a diligence lesson about real estate lending deals, borrower ownership, recorded collateral, and whether investor…

The NRIA enforcement record is a diligence lesson about promised returns, distribution sources, financial statements, and whether real estate project…

When a property-specific crowdfunding raise ends in a federal guilty plea, the lesson is not about real estate underwriting. It is about who controls the…

Five major SEC enforcement matters and the public record behind them reveal a repeating pattern: investor money moves before controls are tested.

What a 2017 DOJ settlement about hospital admission recommendations tells buyers about inherited billing risk, corporate integrity obligations, and…

When a hospital platform files for bankruptcy, the diligence failure is rarely a single bad decision. The Steward story shows how rent burden, deferred…

The Patient Care America settlement is a practical False Claims Act diligence case for PE-backed healthcare platforms: marketing economics, commission…

The Markovich prosecution shows why addiction-treatment buyers cannot stop at payer contracts and utilization reports. Patient recruitment, inducements,…

Behavioral-health and addiction-treatment buyers cannot underwrite Medicaid revenue from billing reports alone. The Arizona AHCCCS matter shows what…

Cerebral's non-prosecution agreement shows that buyer risk can exist even without a corporate indictment when internal business practices affect…

Telehealth buyers cannot treat prescription volume, prior authorizations, and patient growth as clean SaaS-style metrics. The Done case shows how a…

Conduit-style structures teach a broader diligence lesson: structure manages uncertainty; it does not eliminate it.

Credit, legal, and operations must reconcile; each workstream can be right alone and still miss the deal risk.

An invoice is not collectible cash; receivables diligence lives in the gap between face value and realized collections.

A good DDL is not clerical; it tests whether the seller understands its own business and whether the story can be evidenced.

Novel assets fail diligence when people underwrite the name of the asset instead of the mechanics underneath it.

The California Aspen Dental settlement announcement is a buyer-side warning for dental service organization rollups: the management agreement is not…

A practitioner’s guide to the most common analytical confusion in specialty finance and emerging-asset diligence By Noah Green CPA CFE, Sheepdog Prosperity Partners LLC The confusion In conventional credit analysis, cash flow...

A practical framework for analyzing unfamiliar collateral, specialty finance assets, and structured cash-flow transactions. Why the diligence frame must be built from the asset, not borrowed from the label.

A pool can look diversified until the top customers, channels, or end markets are mapped correctly.

Returns, credits, offsets, disputes, rebates, and chargebacks can destroy advance rates before credit loss is visible.

The FTC's USAP and Welsh Carson matter is the flagship public example for healthcare rollup diligence: the buyer has to test whether the platform's value…

In the companion piece, Catching Fraud With Public Data, I described outsiders — data-analytics firms like Lincoln Analytics, reimbursement analysts,…

Every recovery in this section — the cardiac-device case, the PPP affiliation suits, the Medicare outlier screen — started in the same place: a free,…

I am a CPA and a Certified Fraud Examiner, and most of my week is due diligence. This piece is about a weekend question I finally sat down to answer: how…

Articles 001-009 modeled discrete-state sequences in discrete time. The implicit assumption — transactions occur at evenly-spaced moments — discards the most diagnostic feature of period-end audit…

Revenue tracks accounts receivable until the collection cycle breaks. Cost of goods sold inversely tracks inventory changes until capitalizations distort the flow. Cash tracks operating expenses…

First-order Markov modeling assumes the next state depends only on the current state — what happened one step ago tells you everything you need to know about what happens next. For most...

Coarse-band threshold testing catches major asymmetric clusters but misses two refinements requiring dedicated analysis. Bimodality — where the amount distribution shows two distinct peaks at…

Benford's Law and first-order Markov anomaly detection are usually presented as separate tools. Practitioners run each in isolation, get two binary "deviation / no deviation" signals, and either use…

Management override of internal controls frequently manifests through journal-entry timing patterns. PCAOB AS 2401.A.5 identifies three temporal characteristics that elevate entries from routine to requiring substantive testing: entries posted on non-business days,...

The methodology articles in this sub-series have used Neo4j as the working substrate. The choice is not accidental — Cypher is the most mature graph…

Public-company restatements do not arrive at a constant rate. They cluster — temporally Sarbanes-Oxley wave 2004-2006, financial-crisis wave 2008-2010, revenue-recognition-standard wave 2018-2019…

The Neo4j sub-series up to this point has lived in the data-modeling and query-design layer. The methodology is correct; the queries make sense; the…

A disbursement file containing 5,000 vendor payments reveals its control architecture through statistical anomalies. The auditor observes 285 payments clustered in the narrow $9,500–$9,999 range…

The Cypher Patterns for Transaction-Graph Anomaly Detection article in this sub-series introduced cycle detection on transaction graphs for…

A static ownership graph answers "who owns what" — present tense, single snapshot. For most regulatory and audit work, that is the wrong question.…

Risk-based audit sampling under PCAOB AS 2315 directs the engagement team to allocate substantive procedures toward higher-risk accounts. The continuous version of that decision — how heavily, in…

PCAOB AS 2410 requires the auditor to obtain an understanding of the entity's related-party relationships and transactions. Management's representation…

Year-over-year percent change with a 10% threshold remains the most common analytical procedure on multi-period balance trends. The metric has known limitations the practitioner should account for: it is undefined when the...

The Schema Design for Sanctions Screening article in this sub-series handled the direct-match screening problem: counterparty name matches an SDN entry,…

The DD practice accumulates institutional knowledge in a specific shape: structured (CRM entries, ownership data, transaction records) plus unstructured…

A reconciliation account that should oscillate around its expected balance—intercompany clearing, suspense, accrued-payroll roll-forward—but instead wanders without bound has failed its control…

What you'll be able to do after reading this. Score your institution against a 10-dimension platform-comparison scorecard. Apply one of three elicited…

Vendor validation at engagement scale breaks when each lookup requires manual browser navigation. The auditor opens OpenCorporates, searches the vendor name, copies registration status, switches to EDGAR, runs full-text search, copies filing...

What you'll be able to do after reading this. Recognize the ontology pattern as the difference between a structured relationship database and a flat…

What you'll be able to do after reading this. Recognize the difference between a single-point risk rating and a risk trajectory, and what the latter adds…

What you'll be able to do after reading this. Recognize the situations where Quiver is the right tool and where Workshop is. Read a saved Quiver query…

Round-tripping and lapping share a structural feature that breaks both Article 001's first-order Markov framework and Article 003's two-regime Hidden Markov Model. The transaction population is…

What you'll be able to do after reading this. Recognize the decision boundary between no-code Pipeline Builder and code-based Code Repositories. Read a…

What you'll be able to do after reading this. Read an ActionType specification and understand what state change it captures. Recognize the bypass paths…

The vendor-employee address-overlap test addresses a specific control objective under ACFE Fraud Examiners Manual §3.5.2 and PCAOB AS 2401.A5: detecting unauthorized payments routed through…

What you'll be able to do after reading this. Read an AIP prompt specification and understand what structured output it produces. Recognize the four-gate…

What you'll be able to do after reading this. Recognize the design principles that distinguish a regulator-defensible investigator workflow from a…

Foundry Article 001 established that the ontology layer is the abstraction that insulates the analytical workflow from upstream schema churn. The ingestion layer is where that insulation is engineered. Pipeline Builder is...

The first-order Markov framework from Article 001 assumes the auditor can observe the state directly — an account class touched by a journal entry, a reconciliation status, a transaction…

A counterparty-risk investigation at a large financial institution does not begin with a question about a counterparty. It begins with the institution rebuilding its understanding of the counterparty from data scattered across...

The U.S. Treasury's Office of Foreign Assets Control publishes the Specially Designated Nationals and Blocked Persons (SDN) list as XML and CSV files containing tens of thousands of entries: individuals, entities, vessels,...

When utility costs scale with square footage, sales commissions track revenue, or freight charges follow tonnage shipped, the auditor needs more than ratio analysis to spot anomalies. PCAOB AS…

Article 001 used a graph to model ownership — relatively static data, where the diagnostic question is path traversal under a regulatory threshold. Transaction graphs are different in three operational respects. They...

An ownership chain that nests beyond three levels is the point at which the DD analyst's tooling has to change. This article walks the schema, loading, and Cypher queries for graph-based beneficial-ownership...

The first-order Markov apparatus from Article 001 worked cleanly on a 5-state synthetic dataset with 1,000 transitions and a known baseline. Production audit work breaks each of those assumptions.…

Duplicate disbursements erode 0.8–1.1% of organizational spending annually (ACFE, *Report to the Nations*, 2024 ed., p. 47). Excel's COUNTIFS function detects these control failures through systematic pairwise comparison: records matching on vendor...

Financial-statement auditors and DD analysts work with sequences: journal-entry posting streams, period-over-period account-reconciliation states, customer-vendor transaction chains, adjusting-entry…

The first-digit distribution of naturally occurring numerical populations follows a logarithmic pattern. Auditors leverage this pattern to screen transaction datasets for anomalies. The…

If your target bills Medicare, Medicaid, a federal contract, or a federal grant, the False Claims Act is a diligence category of its own — because treble…

Here is the scenario that should worry any buyer of a government-paid business. The target looks clean. The data room is complete. Litigation search…

Every buyer understands they are acquiring a company's assets and contracts. Fewer internalize that they are also acquiring its past conduct. When the…

The federal rule hands a prospective franchisee a disclosure document, not a verdict. This guide explains what the rule actually requires, why disclosure…

Franchise review, healthcare-regulatory review, and corporate setup are separate legal workstreams. A buyer should know which one leads before signing, before opening, and during operations.

The pandemic produced the cleanest data-miner cases ever filed, because it produced the cleanest dataset: the Small Business Administration published the…

If you want one story that proves an outsider with a billing rule and a claims dataset can do this — at scale, before the phrase "data miner" even…

Most case studies in this section are about a method that worked. This one is about a method that failed twice in federal court and then made history…

For most of the False Claims Act's modern history, the prototypical whistleblower was an insider: the billing manager who saw the upcoding, the program…

A public FTC settlement study on cleaning contracts, gross billings, and missing substantiation.

A public FTC settlement study on why childcare franchise buyers must verify earnings, timing, and management history before signing.

A public court-tested case study on why a buyer should treat off-document revenue and profit claims as a stop sign.

A public FTC case study on why buyers should test the substance of a relationship, not just the label the seller uses.

A 2026 FTC settlement shows why buyers must verify opening timelines, closed-unit contacts, executive history, and disclosure timing before signing.

A public FTC case study on refund promises, missing franchise disclosures, and buyers who paid before they could verify the system.

There is one skill at the center of this entire section: turning public government data into a defensible fraud signal. It is worth real money pointed in…

A freelance consultant grossing $80,000 a year asks her tax advisor whether she should set up an S-Corp. The advisor says yes. A second consultant…

A freelance designer measures her home office as 220 square feet in a 1,600-square-foot home, calculates a 13.75% business-use percentage, applies that…

A consulting-firm owner's tax advisor recommends the "Augusta Rule" strategy: have your S-Corp rent your personal residence for 14 days a year for board…

A small marketing agency has been paying its bookkeeper, a graphic designer, and a developer on Form 1099-NEC for four years. Each invoices monthly, each…

Two S-Corp owners run comparable consulting businesses with comparable $280,000 net income years. The first pays himself a $30,000 W-2 salary and takes…

A high-earning software engineer reads a Backdoor Roth IRA guide, contributes $7,000 to a traditional IRA as a non-deductible contribution, immediately…

A parent gifts $100,000 to an adult child. The child uses $100,000 to pay down a mortgage and that's the end of the tax story — no income to the…

A retiree turning 73 in 2025 logs into her brokerage account in October expecting to set up her first Required Minimum Distribution. Her custodian's…

A high-net-worth couple holding a combined estate of $14.5 million sits well within the elevated TCJA exemption that has applied since 2018 (IRC…

A taxpayer who opened a Roth IRA in 2018 with $5,500 of regular contribution did a $200,000 Roth conversion from her traditional IRA in 2022. Three years…

A taxpayer is indicted on a tax-evasion charge under IRC §7201. The mainstream coverage of the indictment focuses on the alleged conduct, the dollar…

A taxpayer who was the subject of a federal criminal tax case in 2022 — pleading guilty to two §7201 counts, serving 18 months, paying restitution —…

In April 2024, the United States Attorney's Office for the Southern District of California unsealed an indictment against Roger Ver — known in early…

A high-net-worth investor receives a pitch in 2018 for a syndicated conservation easement transaction. The pitch claims a $5-to-$1 deduction multiple —…

A small-business owner running a regional logistics firm filed an Employee Retention Credit claim in 2022 based on a promoter's pitch that "every…