The College Admissions Fraud Triangle [Infographic]

By Lowers & Associates,

Can the Fraud Triangle Help Us Understand How the Higher Ed Admissions Bribery Scandal Happened?


High-profile stories of fraud in corporate America are commonplace, but the details surrounding Operation Varsity Blues – the biggest college admissions bribery scandal of its kind to be prosecuted by the US Justice Department – reveal how fraud is an equal opportunity threat.

Pressures, opportunities, and rationalizations of all sorts combined to create a situation for coaches, parents, admissions personnel, and test administrators to deceive the admissions system. In total, $25 million was reportedly paid in bribes and 50 defendants were named in the case.

Criminologist Donald Cressey’s Fraud Triangle offers a framework for understanding the factors that lead people to commit fraud. In the infographic below, we use the fraud triangle as a model for understanding how the college admissions scandal happened.

Colleges and universities are not immune to fraud, and it’s imperative that administrators have protections in place to safeguard their reputations and resources. The infographic outlines a few key prevention measures.

Check out the full infographic here:

college admissions bribery scandal fraud

  Category: Fraud Awareness
  Comments: Comments Off on The College Admissions Fraud Triangle [Infographic]

College Admissions Scandal: Are We too Quick to Blame the Institutions?

By Lowers & Associates,

College Admissions Scandal

The college admissions scandal has caused quite a stir in the media over the last few weeks. The stories have varied, the fraudsters are unique to each situation, but in the end it’s the same old tale; the rich use money and power to influence the morally weak and advance those closest to them to undeserved positions of grandeur. The key in this case is that schools across the US are being brought down to the same level as the criminals and fraudsters that perpetrated the crime in the first place.

Yale University, founded in 1701, has graduated five U.S. Presidents, and prides itself on its motto, ‘Lux et veritas’ or in English “Light and Truth.” However, a Yale soccer coach was able to pull off a scholarship-based fraud in which a student was accepted without merit. Is this Yale’s fault? Perhaps in part, but I would like to blame it on a much larger, systematic fraud scheme that can easily be discovered and rectified with appropriate planning and execution.

Other schools were involved in Title IX fraud, SAT proctoring schemes, and direct fraud from payoffs or bribes. Each school left a back door open for a fraudster to come barging through and in the end, will be sued for millions of dollars. These lawsuits, some frivolous and others merited, will need to be tried and tested. What can your institution do to avoid situations such as this?

In our experience, fraud is perpetrated in larger educational institutions and corporations when the controls breakdown or are antiquated. There are simple ways to enhance controls and become a much more aware organization.

Some important tips that we feel will mature your organizational fraud prevention controls are below.

Enhance Internal Controls

When looking at sophisticated organizations such as a university, one might think that internal controls are deployed across the enterprise. However, this was not the case in athletics, where some of the fraud was perpetrated. Entities should implement enterprise wide systems of internal “dual control” whereby a minimum of two people are involved in the decision-making process/function. The purpose of dual control is to deter fraud, provide a properly documented audit trail, maintain quality assurance, and prevent extortion. This dual control process creates a system of “checks and balances” in which a single person (authorized person(s) within a department) does not have the sole authority to decide without the verification and approval conducted by a secondary and separate department (authorized person(s) within that department). This helps to mitigate the potential for collusion. These obvious changes can deter fraudulent actions and lead to much more effective fraud deterrence. Internal control is vital when trying to ensure that protocols and regulations are carried out according to policy.

Make your organizations aware, and force reporting

Create a fraud risk policy with demonstrative cases that establish consequences for perpetrators. It sounds simple, but this is a critical step in setting up the consequential deterrence that is sometimes needed to stop amateur fraudsters. If individuals in the organization are aware that management is looking for certain types of fraud, they might think twice before acting.

An additional aspect of organizational awareness is to implement reporting. In any instance where there is a violation of policies or an employee feels there is a violation by someone else, encourage reporting. Anonymous reporting/tip lines have historically been the number one means by which occupational fraud is discovered. These reports and tips need to be vetted and followed up to ensure there are consequences. As the fraud risk policy matures, there should be a noticeable difference that will help secure organizations from becoming victims of fraud.

Know Your People

Fraudsters tend to demonstrate behavioral traits that can indicate they have committed or are candidates to commit fraud. Comprehensive background screening can be the first step in ensuring that there are no concerns prior to offering employment. However, initial background checks are not enough.

Employers and leaders need to listen to what employees are saying. If there are divisional leaders, or in this case coaches and deans, that are deeply respected or far too entrenched in the internal control environment, they can create circumstances that could lead to fraud. For instance, USC, who saw their senior athletic director implicated, was victim to the college admissions scandal when the water polo coach recruited a student who didn’t even play water polo! Had USC screened each scholarship athlete and ensured there were controls and reporting in place, this could have been avoided. Now, USC is at the mercy of the judicial system.

In conclusion, it is amazing that these events transpired in today’s digital environment, but it clearly demonstrates a lack of understanding when it comes to the willingness of fraudsters to attain what they want. Legacies are now tarnished over the acts of bad actors and their accomplices.

Lowers Risk Group prides itself in delivering solutions to our clients that rectify these types of situations.

Contact us to learn more.

  Category: Risk Management
  Comments: Comments Off on College Admissions Scandal: Are We too Quick to Blame the Institutions?

The Red Flags of Fraud You May Not Know

By Lowers & Associates,

Fraud Red Flags

It would be really good to know who in your organization is most at risk of perpetrating a fraud. You could then take steps—counseling, reviewing controls, rotating jobs—to protect against that risk.

Theoretically, the Fraud Triangle does a good job of stipulating who might be a fraud risk. It says people are more likely to commit an occupational fraud when they have motivation, opportunity, and a rationale to excuse their crime. The rationale is an individual factor which organizations cannot address in advance, but there can be indicators based on motivation and opportunity.

The 2018 Report to the Nations on Occupational Fraud and Abuse contains some concrete information that is consistent with this theory. In research for the Report, the Association of Certified Fraud Examiners (ACFE) identified 17 behavioral “red flag” traits that might be associated with a perpetrator of fraud. These are primarily indicators of motivation or pressure that may cause a potential fraudster to flip into active fraud.

85% of the fraudsters in the 2,690 cases ACFE reviewed had at least one of the red flags, and 50% had more than one. They are at least somewhat predictive.

The most common red flags have to do with financial difficulties (motivation, pressure). Since 2008 when the first edition of the Report was published, the six top red flags, in order, have consistently included:

  • Living beyond one’s means
  • Financial difficulties
  • Unusually close association with a vendor or customer
  • Control issues, unwilling to share duties
  • Divorce/family issues
  • “Wheeler-dealer” attitude

Much is written about these common behavioral red flags of fraud, but there are other red flags organizations should be aware of when it comes to predicting and preventing fraud. So-called human resources-related red flags and non-fraud-related misconduct can offer valuable insight to those responsible for anti-fraud programs.

Human Resources-Related Red Flags

According to the ACFE’s 2018 report, 39% of fraudsters had experienced some form of HR-related red flags prior to or during the time of their frauds. The most common of these red flags were negative performance evaluations, and fear of job loss.

Non-Fraud-Related Misconduct by Perpetrators

According to the ACFE report, 45% of fraud offenders had committed some form of non-fraud workplace violation, which could potentially indicate a link between occupational fraud and other forms of workplace misconduct. The most common non-fraud violation was bullying or intimidation, which was observed in 21% of all cases.

To anticipate occupational fraud, the organization has to be well acquainted with its members at all levels of authority. Regular or routine evaluations (background checks, interviews, work reviews) would help to identify individuals at risk, and help them avoid failure. A fraud prevented saves the organization from damage to people, brands, and profits.

  Category: Fraud Awareness
  Comments: Comments Off on The Red Flags of Fraud You May Not Know

Who’s Putting Your Organization at Risk of Fraud?

By Lowers & Associates,

who's the fraudster?

Many times, occupational fraud is committed by an employee or third-party partner who is experienced and trusted. Which of your employees—or leaders—is likely to flip over to the dark side? And why?

The 2018 Report to the Nations on Occupational Fraud and Abuse provides valuable information on these questions. This tenth edition of the Report, published by the Association of Certified Fraud Examiners (ACFE), is based on data from almost 2,700 cases of occupational fraud submitted by Certified Fraud Examiners (CFEs) worldwide. While not a random sample, the selected cases aggregate a huge amount of descriptive information that managers can use to evaluate their own organizations.

Here are a couple of key takeaways about the question of “Who?” in the fraud equation:

  • Anyone and everyone is a potential fraudster, but organizations must be aware that those in long-tenured, high authority positions can present a greater risk. Fraud prevention programs have to recognize this fact and plan extensive monitoring and controls to mitigate the risk.
  • Identifying a potential fraudster can be difficult. Background checks can help, but some previous fraudsters may not have bad information in the public record. The fraud triangle of “red flag” factors on issues of motivation and opportunity may help to identify risks.

Longer-tenured, higher-authority = greater risk.

One hard lesson from the Report—which is consistent over all 10 editions—is that owners and executives are a big risk in terms of fraud. They commit only one-fifth of the total frauds, but the median loss when they do go off the rails is $850,000, more than 5 times greater than managers ($150,000 median loss) and 17 times greater than regular employees ($50,000 median loss). One reason people with greater authority cause more damaging frauds is that they are able to evade detection longer: owner/executives hide for 24 months; ordinary employees only 12.

Owners and executives have the most access to the organization’s assets, and also have authority over some of the controls and processes established to deter fraud. They are also more likely to collude with others, and their frauds are more likely to be discovered by an external auditor or law enforcement. This argues for putting a risk management plan in place before fraud occurs, and to make sure the plan includes provisions for monitoring executive behavior as well as extensive controls on regular operations.

47% of occupational frauds reported were perpetrated by people with six or more years tenure with the organization. These long-term employees also stole far more money. In aggregate, the long-term employees caused much higher total losses than those who were with the organization less than six years. The length of tenure increases loss in all types of jobs, but the higher the authority the greater the loss. Both authority and tenure operate to increase the losses.

Follow the money.

By department, the data tends to say, ‘follow the money’. The two biggest threats come from upper management and accounting (with the high authority individuals by far the bigger threat). The single most common type of fraud is corruption, which strikes hardest in executive/upper management, and purchasing. Both of these departments are likely to be linked to both internal and external networks, which may foster systematic (often collusive) corruption.

Occupational fraud is estimated to have cost over $7 billion dollars in 2017. The warning to organizations is clear. There is no absolute certainty about the likelihood of any given employee committing a fraud. The organization’s best response is systematic fraud prevention aimed at all levels and functions of the organization.

  Category: Occupational Fraud
  Comments: Comments Off on Who’s Putting Your Organization at Risk of Fraud?

Benchmarking Fraud: How Does Your Organization Compare?

By Lowers & Associates,

benchmarking your controls

The Association of Certified Fraud Examiners 2018 Report to the Nations on Occupational Fraud and Abuse offers a treasure trove of data you can use to assess how your organization’s fraud profile stacks up against other organizations in terms of industry, size, and location.

The Report is based on case data reported from Certified Fraud Examiners (CFEs) from all over the world. It lends itself to benchmarking your organization because it allows you to compare your own experiences against the medians reported from broadly similar organizations. Perhaps most important, you can learn about how other organizations responded to fraud.

Your risk of fraud.

Industry sector makes a big difference in the incidence and cost of fraud. Private, for-profit companies have the highest incidence and the highest median loss, where not for profits have much smaller losses and fewer frauds overall. In between are publicly traded companies and government agencies. An interesting comparison is between private vs. public for-profit businesses, with the private ones suffering higher losses. In general, private businesses face less scrutiny than public ones.

One counter-intuitive finding is that defrauded small organizations (less than 100 employees) suffered losses almost twice as high as large organizations (100 or more employees) in absolute terms. It’s not likely that the difference is attributable to the amount of money available—larger organizations offer fatter targets.

Among all types of fraud risk, corruption is one of only two types of fraud that is significantly more likely in large organizations (the other being non-cash fraud), perhaps because size offers more opportunities for small organized cliques to penetrate weak points, or due to a larger network of connections. Corruption is prevalent in almost every industry type, with the lone exception of professional services.

Your fraud prevention measures.

The presence of anti-fraud controls, such as surprise audits, proactive data monitoring/analysis, codes of conduct, etc. is shown by the ACFE Report to reduce the medial losses associated with fraud. It is perhaps predictable that small organizations in the study were far less likely to have a full range of anti-fraud controls in place. They tend to have only the basics, such as internal audits, management review, and external reviews of financial statements. Right on cue, 42% of frauds in small organizations were caused by lack of internal controls, compared with only 25% for larger organizations which tend to have a far more complete and robust set of controls in place.

One important anti-fraud control is the presence of a tip line. This was present in a little over 20% of small organizations, but fully 80% of large ones. The reason the disparity is important is that tips are the most common way a fraud is detected.

Fraud is a threat to all types and sizes of organizations, but two tendencies in the data stand out.

  • First, large organizations deploy more controls, and ACFE finds that every type of control tends to depress fraud.
  • Second, large organizations are more likely to experience fraud by corruption, which is an intentional organized attack at the weak points in an organizations’ links between units, internal or external.

The good news is that controls do work. Small organizations that may not have enough control due to cost or scale need to find ways to implement variations of these controls. The potential payoff from fraud averted or detected quickly is too large to not implement the controls.

What can the lessons and benchmarks embedded in the ACFE’s Report to the Nations on Occupational Fraud and Abuse teach you about your own organization’s risks? How can you become better protected?

  Category: Occupational Fraud
  Comments: Comments Off on Benchmarking Fraud: How Does Your Organization Compare?