Who are the Fraudsters in Your Organization?
We know the prevalence of occupational fraud is very high, costing organizations of all kinds an average of 5% from top line revenue every year. But what this means is that the importance of preventing these human risk frauds has a high payback, as well.
Owners and managers—employers generally—have a very strong incentive to discover every clue that exists within their own organizations to root out risky people, or at least to make it difficult for them to perpetrate frauds.
Occupational fraud is an intentional, hidden crime, sometimes not detected until years after it starts. Therefore, in order to know where to look within the organization for the potential perpetrators even before the frauds are discovered, it will help to know what characteristics fraudsters are likely to have. In other words, knowing what fraudsters are like can help improve the detection of hidden frauds, or to prevent them in the first place.
The 2014 update of the Association of Certified Fraud Examiners (ACFE) Report to the Nations includes a long section that describes the perpetrators in the 1,483 cases that were included in the report. For the most part, these findings have been consistent over the past three reports (2010, 2012 and 2014), meaning that occupational fraud continues to be a credible threat.
Nevertheless, the data on perpetrators does suggest some weaknesses in organizations’ defenses where alert managers could improve fraud prevention or detection.
Position: Frauds are perpetrated by people at every rung of the organizational ladder. However, there are important differences between them.
- Employees committed 42% of reported frauds, compared with 36% for managers, and about 19% for owners/executives.
- The median value of a fraud committed by an owner or executive was $500,000, or about 4 to 6 times more loss than frauds by employees ($75,000) or managers ($130,000).
- Fraud detection took substantially longer for owners/executives, 24 months, compared to 12 months for ordinary employees and 18 months for managers.
An obvious implication of these findings is that the higher you go in an organization, the greater your access to assets and the more you are able to deflect controls and efforts to investigate. It is imperative to have sound controls in place at all levels, but it is especially critical to avoid giving higher-level employees the ability to execute both ends of any kind of transaction.
Numbers of perpetrators: An added challenge to controls occurs when two or more perpetrators collaborate to defeat them. Median losses mount rapidly from a median of $80,000 for a single perpetrator to $550,000 where five or more are working together. Frauds committed by teams of two or more were much more likely to involve corruption or non-cash frauds because those crimes require cooperation. External third party audits should be routine and frequent.
Demographic characteristics: Losses tend to be higher the older the fraudster, which correlates with the fact that older people are likely to be higher in the organization. Similarly, frauds committed by men are more likely to involve the relatively more costly crimes of corruption or financial statement fraud. Both of these findings are consistent with the fact that men are more highly represented in higher positions.
Tenure: Relatively few frauds are committed by people in their first year on the job, but the proportion jumps rapidly in the one to five year category. New hires will have been screened, so that the number of employees with a relevant criminal history should be small. In fact, the ACFE data suggests that only a small minority of reported fraudsters had a prior record.
However, fraudsters are often people with lengthy service who have become trusted in the organization—trusted enough to gain access to assets. The highest proportion of fraudsters is in the one to five year group, but as we have seen, the longer the tenure, the higher the median loss when a fraud is committed.
Function: The highest proportion of frauds occur where people have access to assets: accounting, operations, sales, and among executives/upper management. Organizations will obviously want to ensure that these areas are carefully organized to remove opportunities for fraud to occur.
The ACFE report reinforces the persistent need for managers to develop strong internal controls and to use third party audits to complement them. These audits should be routine and frequently conducted. The best way to avoid the losses of occupational fraud is to prevent them.