Lessons in Occupational Fraud and Fraud Prevention
Occupational fraud is a huge drain on organizations’ resources, costing an estimated global loss of $3.7 trillion dollars annually. And according to the Association of Certified Fraud Examiner’s (ACFE) 2014 study, just 14% of defrauded organizations are able to fully recover their losses.
Fraud is a very real threat to the bottom line of almost every organization in our economy. But it can be prevented, or at least mitigated.
There are 3 steps in setting up a fraud prevention program in your organization:
- Understand what fraud is and how it is likely to emerge.
- Identify potential sources of fraud in your organizations.
- Take steps to prevent fraud through processes or controls.
Ultimately, a healthy anti-fraud corporate culture that permeates from the top down will make your organization more crime resistant. This will take time to nurture, and it will take continuous effort to sustain, but in the end you can make occupational fraud an extinct disease in your workplace.
Understanding Occupational Fraud
ACFE defines occupational fraud as: The use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets.
All occupational fraud includes 4 elements. It is clandestine (you may not detect it easily); it involves a violation of the perpetrator’s fiduciary responsibility to his or her employer; it is intended to materially benefit the perpetrator; and it imposes costs on the employer. In other words, it is a crime against property that violates the trust an employer or organization puts in a person.
Occupational frauds take many forms, from petty theft to sophisticated swindles that cost millions. They can be classified into 3 categories:
- Asset Misappropriations: Fraudsters steal or misuse an organization’s assets.
- Corruption: Perpetrators use their organizational position to extract a personal material benefit from a business transaction involving their employer.
- Fraudulent statements: The perpetrator falsifies the organization’s financial statements to divert assets for personal gain.
These categories can be broken down into very detailed subtypes, but they are a good general description of the kinds of crimes to guard against. While the number of crimes of asset misappropriation may be very large (for example, padding expenses or stealing inventory), the most costly type of fraud is financial statement fraud, with a median loss of $1 million according to the 2014 ACFE study.
As the Lowers Risk Group’s occupational fraud infographic shows, these crimes can be found in organizations of all sizes and types. Although fraud is somewhat more likely among certain types of organizations (e.g., for-profit suffer more than non-profit, and banking/financial services organizations experience the highest number of cases) or occupations (e.g., accounting or sales), it is an equal opportunity threat in the sense that it can occur anywhere and anytime factors combine to create the opportunity.
Reducing the Risk of Fraud
At the risk of oversimplifying, we offer some best practices for fraud prevention that can help mitigate risks due to both human and organizational sources:
- Separate purchasing, A/P, and vendor management roles
- Scrutinize processes/decisions continually
- Perform thorough background checks
- Evaluate code of ethics and policies on fraud
- Look at internal/external audit programs
- Leverage Sarbanes-Oxley work
- Educate audit committee and boards
- Provide annual training programs
- Integrate fraud monitoring into an Enterprise Risk Management (ERM) program
- Implement a whistle blower policy
- Discuss SAS 99 with the external auditors
- Deploy technology solutions: Access controls, transaction monitoring, data access/mining
Setting the “Tone from the Top”
All of these activities will help to prevent fraud, and they will work best when they become standard elements of your corporate culture. We have often emphasized the importance of having transparency about fraud, with the expectations for zero tolerance for fraud extending all the way from the C-suite to the copy room. There can be no exceptions.