You’ve seen the data before: Organizational fraud is a huge annual cost. Managers want to reduce the costs, so the real questions are to learn why fraud occurs and what to do about it.
The most compelling explanation for organizational fraud is the Fraud Triangle, as summarized in our recent infographic. Frauds occur when there is opportunity, one or more employees are under perceived financial pressure (incentives exist), and they can rationalize their fraudulent behavior. These 3 factors correspond to the legs of the triangle.
Control the Opportunities to Reduce the Chances of Fraud
In our experience, organizations can reduce the probability of organizational fraud by just removing one of those legs of the triangle. There are things you can’t control, such as employees’ spending habits, but if you remove the opportunity for employees to get their hands on an asset without the potential of getting caught, then you’ve reduced that probability by 50 percent. … Continue reading
It’s that time of year when we have resolved to do better. Most business owners or managers have probably resolved to increase revenue and profits in the New Year. We urge you to include improving your risk management performance, too. By identifying and mitigating the risks you face, those bottom line resolutions you make are more likely to come true. You need to reduce losses as well as increase revenue.
First, Have a Risk Management Plan
The first resolution has to be to have a risk management plan, and implement it. We sometimes get so immersed in our own work that we forget that there are managers and companies who do not take adequate steps to identify and manage the risks to their businesses. And others have a mistaken belief that they have a risk management plan just because they bought some insurance.
Some recent research by Chubb Group of Insurance Companies shows that both public and smaller private companies have significant gaps in risk management. A 2012 survey of public companies found that 2 out of three companies still do not have cyber insurance even though an electronic breach of data was seen as the most pressing risk. Similarly, 42% of these companies reported experiencing an employment practices liability event, yet some of them still do not have risk management tactics in place to mitigate this risk.
A related study conducted in 2013 found that smaller private companies may have invested even less in risk management despite the fact that 1/3 of them experienced a loss event in the past 3 years. Those that do take risk mitigation steps, like background screening, often mis-use the tactics. Some key findings from that research include:
Most firms believed their general liability insurance protected them from most of the risks they face, including cyber losses, fiduciary liability, and employment practices liabilities.
42% of the companies had broad exclusionary policies toward criminal backgrounds, exposing them to legal action by the EEOC or other agencies.
68% of companies use social media, but only 12% have usage policies for employees.
Many companies use cloud providers for data storage, but only half of these have plans in place for cyber breaches.
According to ACFE estimates, fraud costs organizations fully 5% of annual top-line revenue. This enormous cost is serious enough, but it is compounded by the fact that fraud is a hidden crime that erodes an organization’s capacity from within.
Consequences can go beyond monetary losses to inflict damage on morale, trust and transparency. These kinds of costs endure far beyond the triggering event.
Recognition is the First Step in Fighting Fraud
In 1973, criminologist Donald Cressey first published his theory about fraud, highlighting the now famous “fraud triangle”, which says fraud occurs when the fraudster feels financial pressure, his or her organization presents an opportunity, and the person can rationalize the theft.
The first few words of his hypothesis capture the essence of this crime, and why it is difficult to confront: “Trusted persons become trust violators…” In other words, there is an internal conversion that turns an employee (at any level) into a thief.
The value of the fraud triangle is that it helps us to look at the objective factors that have to be present for fraud to occur. Recognizing these objective factors helps to define actions you can take to help prevent fraud, partly through organizational policy controls and partly through managing the relationship with employees to encourage openness and trust.
Our latest infographic summarizes the factors that must be present for fraud to occur, and gives you a few ideas about how to combat it.
The first question on the mind of business owners, executives, and managers whose organizations have been victimized by fraud is how. Understanding the factors that cause an individual to commit an act of fraud can help companies avoid becoming repeat victims and put systems in place to prevent such acts from occurring.
Occupational fraud is defined as “the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets.” Occupational fraud schemes are clandestine. They violate the perpetrator’s fiduciary duties to the victim organization. They are committed for the purpose of benefiting the perpetrator. And they cost victim organizations assets, revenue, and/or reserves. In fact, U.S. companies will lose 5% of their annual revenue to occupational fraud this year.
For good reason, prevention of occupational fraud is at the center of enterprise risk management strategies. … Continue reading