How Organizations Respond to Fraud

By Lowers & Associates,

How Organizations Respond to Fraud

You discover your erstwhile trusted employee has been skimming funds to support a gambling habit. What do you do?

Your first response is possibly unprintable, and understandably so. Your cooler head will prevail, and look at a small series of options for recovery, and maybe a dollop of justice. If there are losses, especially substantial losses, you will look at the circumstances of the fraudster carefully and evaluate the alleged crime for prosecution. You will look into the possibility of recovery and what the sources of recovery might be. The disruptive impact of being the victim of a crime might very well turn your thoughts away from revenge to the more practical goal of remediation.

The case studies analyzed in the 2018 Report to the Nations on Occupational Fraud and Abuse suggest a range of options organizations choose in the wake of a fraud. The Report, a study published every other year by the Association of Certified Fraud Examiners (ACFE), includes actions both through internal mechanisms and through external legal channels.

How are fraudsters punished?

It will come as no surprise that 65% of the fraudsters were simply terminated. 12% of organizations agreed to a settlement with the perpetrator and 11% of organizations say the perpetrator was no longer with the organization.  What you might not expect is that 6% of organizations took no action and another 8% put the perpetrator on probation or suspension. The methodology of the study asks participant organizations about their biggest fraud case in the recent past, so a no action result suggests there are some very complicated circumstances below the surface. At the least, these widely disparate outcomes imply that organizations conduct an investigation of the fraud, and the evidence might point to a prudent course of action other than termination.

The perpetrator’s position in the company impacts their punishment.

The perpetrator’s role in the organization clearly modifies the organization’s response. An owner or executive is much less likely to be terminated (44% compared with 65% overall), and also much more likely to receive no punishment (12% compared with 6% overall). 72% of ordinary employees who committed a fraud were terminated.

Law enforcement is not always involved.

In the legal realm, uncertainty is increased by the fact that the alleged fraudster is innocent until proven guilty. The outcome of a civil action or criminal prosecution is not a given. Still, in 2018, 58% of frauds were referred to law enforcement and 23% resulted in a civil suit—the majority of these legal actions were resolved favorably to the victim.

Legal uncertainty abounds.

Yet the legal uncertainty is reflected in the fact that 12% of fraud cases are settled by agreement even before any legal action is taken (18% of owner/executive cases). In the group of civil cases, 27% are settled by agreement.  And, fully 15% of civil cases result in a judgment for the alleged perpetrator.

The risks deter some organizations from taking legal action. 38% of these organizations cited bad publicity as the main reason, and other risks might also impose costs. Compounding the reasons to avoid legal action is the fact that in 53% of cases the victim recovered nothing, zero dollars. The more victims lose, the smaller the proportion they recover.

It is clear that organizations look at the cost-benefit value in deciding on what course of action to take in response to a fraud. Revenge may feel good, but it doesn’t serve the organizations’ interests.

 

  Category: Occupational Fraud
  Comments: Comments Off on How Organizations Respond to Fraud

Top 7 Risk Management Articles from 2017

By Lowers & Associates,

High reliability organizations, active assailant risk management, and healthcare security are just a few of the topics that dominated the Lowers & Associates Risk Management Blog in 2017.

Here we provide a summary of our 7 most-read articles from 2017.

1. 5 Principles of High Reliability Organizations

High Reliability Organizations (HROs) are anomalies. They exist in the kind of very complex, fast-evolving environments where you would expect chaos to prevail. But it doesn’t. HROs are able to cope successfully with unexpected conditions. That’s what makes these unusual organizations so attractive to researchers. What can we learn from them?

Read the full post >

2. When Active Assailant Situations Become Known-Unknowns

Not long ago, most Americans regarded active assailant incidents as black swan events, unpredictable and largely indefensible. However, with the increasing frequency of these events, the time is at hand when venue owners, employers, and operators of gathering places need to evaluate and mitigate the risk of these incidents, or potentially face legal consequences. And the number and type of venues at risk may increase.

Read the full post >

3. Test Your Fraud Knowledge

In case you’re thinking fraud is not an issue in your organization, you should know that extrapolating from actual fraud cases examined in 2016 and reported to ACFE, organizations worldwide lose 5% of topline revenue to fraud. Virtually every type of organization from business, government to non-profit sectors is vulnerable to fraud.

Read the full post >

4. Slideshow: What Makes a High Reliability Organization?

High reliability organizations (HROs) operate within challenging conditions. Think of air traffic control, aircraft carriers, and nuclear power plants for clear examples of such conditions. Mistakes in these settings often have catastrophic consequences. Yet they seldom fail.

Read the full post >

5. 7 Ways to Test the Reliability of Your Organization

If you are a manager in an organization, especially one that faces a complex, dynamic environment, you should be interested in learning how the principles of the High Reliability Organization (HRO) can help you. Your aim should be to develop an organization that moves continuously toward greater reliability of critical outcomes, using every failure as an opportunity for improvement.

Read the full post >

6. 18 Fraud Facts to Drive Your 2018 Fraud Prevention Plan

When it comes time to review your fraud risk management and prevention plan, it pays to have some hard statistics in front of you. This slideshow features 18 facts straight from the ACFE’s bi-annual Report to the Nations on Occupational Fraud and Abuse. The report can help you understand and respond to the threat of organizational fraud in your company, and the facts presented can serve as benchmarks for your organization while helping to uncover areas you may have failed to address.

Read the full post >

7. 3 Key Components of an Effective Healthcare Security Program

We make many assumptions about our healthcare. We assume our doctors and nurses are well trained and know what they are doing. We assume that the ER is open when we need it and the facility where we receive care is clean as well as safe and secure. While legitimate expectations, they are not always the case. When it comes to healthcare security, having an effective program requires planning, training and consistent implementation. Our latest whitepaper, 3 Key Components of an Effective Healthcare Security Program, walks through the most critical aspects of healthcare security and introduces some ways to ensure your program delivers.

Read the full post >

We look forward to continuing to deliver valuable content you can use to better protect your people, brands, and profits in 2018 and beyond. Happy new year!

 

  Category: Risk Management
  Comments: Comments Off on Top 7 Risk Management Articles from 2017

Why Now is a Great Time for a Fraud Prevention Check-up

By Lowers & Associates,

The ending of one year and beginning of a new year is a great time to give your organization a fraud prevention check-up. This natural time of reflection and renewal provides an opportunity to better protect your organization from the risks of fraud.

The Association of Certified Fraud Examiners (ACFE) suggests that a fraud check-up can save your company from disaster. Wondering how? Consider that fraud can be catastrophic, some can even put you out of business overnight. Even if survived, a major fraud can damage your company’s reputation so severely that it can be difficult, if not impossible, to recover. Performing a fraud check-up can help you pinpoint opportunities to rid your organization of fraud. It can expose your company’s vulnerabilities and allow you to take a more proactive approach to risk management.

If you’re still questioning the importance of a fraud check-up, consider the 18 fraud facts highlighted in our latest slideshow, which come from the ACFE’s Report to the Nations on Occupational Fraud and Abuse:

 

Tips for performing a fraud prevention check-up

The ACFE put together this fraud prevention check-up document that walks you through 7 key areas of fraud prevention. It includes fraud risk oversight, ownership, assessment, risk management policy, process, and environment-level anti-fraud controls, along with assessment factors for each. You can use the check-up to obtain a broad idea of your organization’s performance with respect to fraud prevention. Your scores/assessments across the various criteria can expose gaps that should be closed promptly in order to reduce losses and cut your risk of future disaster.

It is important to note that the ACFE recommends the check-up be performed as a collaboration between objective, independent fraud specialists, and people within the organization who have extensive knowledge about its operations.

We invite you to request a conversation with a Lowers & Associates Certified Fraud Examiner.

How Anti-Fraud Controls are Evolving

By Lowers & Associates,

Occupational fraud awareness is the focus of Fraud Week but it’s also a rising concern of organizations year-round. At least that’s the message in the data from the Association of Certified Fraud Examiners: 2016 Report to the Nations on Occupational Fraud and Abuse.

The report compares the implementation of a wide range of anti-fraud controls across reported cases, and finds that every single type of control was more prevalent in 2016 than it was in 2010. This is true even for very widely used controls like more traditional types of financial audits and management review. An important example is the external review of financial statements, the single most common anti-fraud tool, whose implementation rate increased .08% to 81.7%.

Workforce Participation is Key

More interesting, is that the types of controls that have increased the most are those that leverage workforce participation and cultural restraints. The implementation rate for a hotline increased 8.9%, anti-fraud training for employees increased 7.6%, the establishment of an anti-fraud policy by 6.8%, and a code of ethics, already high, increased 6.3%.

It’s useful to think of the anti-fraud policy and code of ethics as part of the cultural framework, the stated intentions for acceptable behavior. These standards have to be demonstrated from the top down, and built into expectations for every employee. They have to be used when fraud is detected to devise an appropriate sanction in response, without equivocation.

Hotlines and Anti-Fraud Training are On the Rise

The largest rates of implementation increase for hotline and anti-fraud training for employees reflects actions taken to facilitate the cultural shift. Unlike the cultural standards that justify these tools, but which exist primarily in the beliefs of employees, hotline and training are concrete policies an organization can implement and measure. The connection between hotline and fraud detection is a fact: 39% of frauds detected come via a hotline. Training is less obvious, but it moves directly against the efforts of potential fraudsters to make up rationalizations for stealing. Training helps remove excuses, and clarifies the intentions of cultural policies.

Given the performance of hotlines, it is no wonder they are being adopted by many organizations. The key to this performance is availability, security, and privacy. The employee who reports suspicious behavior via a hotline has to feel secure, that it will be taken seriously and that it will not jeopardize his or her social standing in the enterprise.

Anti-fraud training helps employees interpret the code of ethics or anti-fraud policy in the context of their working lives. It may teach them how to recognize suspicious behavior or patterns of abuse, and how to report them. The ACFE report is full of “red-flag” behaviors that can indicate fraud or abuse, and employees who recognize these are better able to multiply the strength of the fraud prevention effort.

It is encouraging that so many organizations both recognize the threat of occupational fraud and take steps to prevent it., The fact is, that organizations of all types worldwide lose about 5% of topline revenue to fraud means the fight is far from over. In fact, given that fraud is an individualized crime, the effort to prevent it can never succeed completely. But it can win many battles, perhaps one that saves your organization.

5 Basic Fraud Steps Every Organization Should Take

By Lowers & Associates,

Almost every organization is vulnerable to occupational fraud and abuse, and the impact of fraud can be costly. The 2016 Report to the Nations by the Association of Certified Fraud Examiners (ACFE), indicates that the worldwide loss to fraud across all organizations is 5% of topline revenue. Based on reported cases of fraud, the median cost per case was $145,000, and some others were much more.

As part of the International Fraud Awareness Week for 2016, ACFE published 5 Fraud Tips, a one-page summary of steps an organization can take to reduce its vulnerability. Implementing these steps cannot guarantee your organization won’t suffer occupational fraud, but it will certainly improve the odds.

1. Be Proactive

Top management needs to put in place policies and procedures that set a tone from the top against fraud. This may include a code of ethics taught to every employee, with on-going follow up training that emphasizes the danger and unacceptability of fraud. Traditional financial controls should be in place and reviewed on a regular basis, possibly with an independent internal audit function. Fraud prevention will be enhanced through organizational structures like effective separation of duties.

2. Establish Hiring Procedures

The person you hire may be a future fraudster. The hiring process is an opportunity to look into the background of an applicant to look for factors that may indicate risk. Where it is legal, and following best practice guidelines strictly, employers can run a variety of background checks to get a fuller picture of an applicant’s character.

3. Train Employees in Fraud Prevention

Employee training can go beyond the code of ethics. Employees are on the frontline of fraud, working with others every day and working with the systems and controls that are potentially vulnerable to fraud. These employees need to be aware of the signs of fraud both in evidence (such as breeches of a control), and in the behavior of their colleagues. One of the most difficult factors of fraud to combat is the pressure employees may feel to look for ways to commit fraud.

4. Implement a Fraud Hotline

A straightforward way to improve fraud detection is a fair and anonymous hotline for reporting potential frauds. A tip has long been the most important source for fraud reporting, and the hotline can facilitate it.

5. Increase the Perception of Detection

Fraudsters’ number one concern is getting caught. An anti-fraud culture in which there is regular training, communication, and discussion about fraud makes it clear to the potential thief that he or she will be under surveillance. When fraud does occur, the organization has to act decisively to prosecute, sending the message that the crime will have consequences.

Taking these steps can reduce the risk of occupational fraud. In the long term, the improved channels of communication up and down the organization may also help establish a happier workplace, which is a further barrier to fraud.

 

  Category: Fraud Prevention
  Comments: Comments Off on 5 Basic Fraud Steps Every Organization Should Take