7 Must-Haves for Occupational Fraud Prevention

By Lowers & Associates,

7 Must-Haves for Occupational Fraud Prevention

As the ACFE’s 2019 Fraud Awareness Week comes to a close, it’s a good time to create your plan for fraud prevention in the year ahead. These seven fraud prevention strategies, drawn from the 2018 Report to the Nations by the Association of Certified Fraud Examiners (ACFE), will go a long way in fortifying your organization against the conditions that can facilitate occupational fraud at the workplace.

1. Tone from the Top

A robust anti-fraud program that is embraced from the top of the organization to the bottom creates a culture of honesty and fairness. A solid program starts with a code of ethics, signed by all employees, and continues with anti-fraud policies, training, internal controls, and periodic employee surveys which help gauge the extent to which employees believe management acts with honesty and integrity. Many organizations also include fraud prevention objectives as a part of their employee performance goals.

2. Anti-fraud Training

Practical, hands-on training that educates employees on how to detect fraud, what to look for, how internal controls work, and how to report fraud are instrumental to any anti-fraud program. For instance, make employees aware of the research that demonstrates how fraudsters attempt to conceal their activities, such as through the creation of fraudulent documents, altered accounting transactions, or fraudulent journal entries.

3. Clear Reporting Methods

Fifty-three percent of fraud cases in the ACFE’s 2018 Report to the Nations were reported by employees, and the research also revealed that hotlines were effective in encouraging such reporting. So, whether you create a dedicated fraud hotline, or rely on emails, web forms or in-person reporting, do be sure that all employees know their options for reporting suspected fraud.

4. Proactive Detection

Commit to having anti-fraud efforts remain at the forefront of your organization. This means sending out regular messages to the team, conducting surprise audits, performing regular account reconciliation, and implementing continuous monitoring software to detect anomalies. Organizations with proactive detection methods like these caught fraudulent activities months earlier than those with passive detection. For example, frauds detected actively by IT controls tended to last five months and cause a median loss of $39,000, compared to schemes detected passively (e.g., through notification from law enforcement), which tended to last two years and cause a median loss of almost $1,000,000. If you’re not sure where to start, begin with a fraud risk assessment to identify and mitigate any vulnerabilities you find.

5. A Strong Auditing Team & Internal Controls

The one-two punch of a strong auditing team and solid internal controls will mean the difference between sleeping well at night or potentially having massive losses. Your auditing team should have adequate resources and authority to operate effectively and without undue influence from senior management. In addition, the ACFE’s 2018 study found that weaknesses in internal controls were responsible for nearly 50 percent of all fraud cases! Anti-fraud controls are paramount to preventing or detecting fraud. Here are a few of the most important controls:

  • External audits of financial statements
  • Internal audit department
  • Management certification of financial statements
  • External audit of internal controls over financial reporting
  • Management review
  • Reporting hotline
  • Code of ethics and anti-fraud policy
  • Proper separation of duties
  • Job rotations

6. Diligent Hiring Practices

Background checks should always be a part of any hiring practice, and attention to criminal history, credit reports, and reference checks are particularly important in the context of preventing fraud. However, since 96 percent of fraud perpetrators in the AFCE study had no prior fraud conviction, the next step is understanding the behavioral red flags associated with fraudsters. Eighty-five percent of perpetrators displayed at least one of these red flags: living beyond means; financial difficulties; unusually close relationship with vendor/customer; control issues, unwillingness to share duties; divorce/family problems; and a “wheeler-dealer” attitude.

7. Employee Support Programs

Employee support programs are valuable for a variety of reasons, but in the context of occupational fraud, they can help address some of the underlying issues that present themselves as “red flag behaviors.” An open-door policy that welcomes employees to speak freely about financial, family or addiction pressures can help alleviate them before they become acute or lead to destructive behaviors.

The most cost-effective way to limit fraud losses is, of course, to prevent fraud from occurring. With these strategies in-hand, your organization will be off to a strong start. If you’d like an experienced team to help create an anti-fraud program or investigate suspected fraud, please reach out at any time.

Recovering Fraud Losses: What the Numbers Reveal

By Lowers & Associates,

Recovering Fraud Losses: What the Numbers Reveal

Losses from occupational fraud topped $7 billion in 2017, according to the Association of Certified Fraud Examiners’ (ACFE) most recent global study on occupational fraud and abuse, 2018 Report to the Nations. The median loss for all cases in the study was $130,000 USD, yet a full 22 percent of companies lost $1 million or more. To add insult to injury, only 15 percent of businesses that experienced fraud were able to fully recover their losses.

Recovering Fraud Losses: What the Numbers Reveal

The common theme in the report is that, while it’s often worthwhile to pursue remedial action against perpetrators, victims will usually not be made whole. Here are three factors negatively impacting these recuperation efforts.

1. Failure to Report

After a fraud has been discovered and investigated, a case might proceed to prosecution, civil litigation, both, or neither. In its annual study, ACFE researchers tracked the percent of cases that were referred to law enforcement or resulted in a civil suit being filed for each year dating back to 2008. They found that the rate of criminal referrals has been gradually decreasing over that time, from 69 percent in 2008 to 58 percent in 2018. In contrast, the rate at which civil suits are filed has stayed consistent, ranging from 22 percent to 24 percent within the same timeframe.

There are many reasons why victim organizations might decide not to refer cases to law enforcement and therefore forego any additional recuperation of the loss that may result. The top five cited reasons are:

  1. Fear of bad publicity: 38%
  2. Internal discipline sufficient: 33%
  3. Too costly: 24%
  4. Private settlement: 21%
  5. Lack of evidence: 12%

2. The Greater the Loss, the Less Likely the Recovery

There is an inverse relationship between the amount that victim organizations lose to fraud versus what they are able to recover. So, even if the organization decides to pursue legal action, they are not likely to achieve full recovery. Here’s how the numbers panned out:

  • Losses of $10,000 or less had a 30% chance of recovery
  • Losses of $10,000 to $100,000 had a 16% chance of recovery
  • Losses of $100,001 to $1,000,000 had a 14% chance of recovery
  • Losses of $1,000,000 or more had an 8% chance of recovery

3. Desire to Avoid Fines

A third reason recovery efforts can be hampered is the knowledge that organizations may receive monetary fines from authorities for having inadequate controls in place and thus enabling fraud to occur.

Of the three types of occupational fraud – asset misappropriation, corruption, and financial statement fraud – the latter had the greatest likelihood of fines, at 17 percent. And, fines were imposed regardless of the size of the loss. For example, organizations that lost $10,000 or less were fined 14 percent of the time while those that lost $1,000,000 or more were fined 20% of the time.

At a median of $100,000 per fine, these penalties were no small matter.

An Ounce of Prevention

Given that recovery is an uphill battle, the takeaway is this: organizations should do what they can to prevent fraud from happening in the first place. Internal controls, codes of ethics, recognizing red flag behaviors, and the availability of reporting mechanisms are all tried-and-true methods for realizing that goal.

2018 Fraud Week Wrap-up: Fraud Prevention Tips and Information

By Lowers & Associates,

This Saturday, November 17, 2018, will conclude the Association of Certified Fraud Examiners’ 2018 International Fraud Awareness Week. Serving as a global effort to minimize the impact of fraud by promoting anti-fraud awareness and education, we were proud to join Fraud Week as an official supporter.

Your risk of organizational fraud is much higher than many managers and leaders realize, as demonstrated by the ACFE’s 2018 Report to the Nations on Occupational Fraud and Abuse. With a median loss of $130,000 per case, and with cases lasting a median of 16 months, fraud presents a risk to organizations large and small.

In support of Fraud Week, we produced several informational articles, which are summarized here for easy reference:

How Organizations Respond to Fraud

You discover your erstwhile trusted employee has been skimming funds to support a gambling habit. What do you do? The case studies analyzed in the ACFE’s 2018 Report to the Nations suggest a range of options organizations choose in the wake of a fraud. Typical responses include actions both through internal mechanisms, and through external legal channels.

Read the full post >

Benchmarking Fraud: How Does Your Organization Compare?

The ACFE’s 2018 Report to the Nations on Occupational Fraud and Abuse offers a treasure trove of data you can use to assess how your organization’s fraud profile stacks up against other organizations in terms of industry, size, and location. What can the lessons and benchmarks embedded in the report teach you about your own organization’s risks? How can you become better protected?

Read the full post >

Who’s Putting Your Organization at Risk of Fraud?

Many times, occupational fraud is committed by an employee or third-party partner who is experienced and trusted. Which of your employees—or leaders—is likely to flip over to the dark side? And why? The 2018 Report to the Nations on Occupational Fraud and Abuse provides valuable information on these questions. Based on data from almost 2,700 cases of occupational fraud submitted by Certified Fraud Examiners (CFEs) worldwide, the selected cases aggregate a huge amount of descriptive information that managers can use to detect fraud sooner.

Read the full post >

The Red Flags of Fraud You May Not Know

Much is written about the common behavioral red flags of fraud, but there are other red flags organizations should be aware of when it comes to predicting and preventing fraud. So-called human resources-related red flags and non-fraud-related misconduct can offer valuable insight to those responsible for anti-fraud programs.

Read the full post >

If there’s one takeaway from Fraud Awareness Week we hope you gleaned, it is the importance of early fraud detection and proactive prevention. Your organization is not immune to fraud, no organization is. The difference is how your organization deals with this reality in order to protect people, brands, and profits from unnecessary loss.

The Red Flags of Fraud You May Not Know

By Lowers & Associates,

Fraud Red Flags

It would be really good to know who in your organization is most at risk of perpetrating a fraud. You could then take steps—counseling, reviewing controls, rotating jobs—to protect against that risk.

Theoretically, the Fraud Triangle does a good job of stipulating who might be a fraud risk. It says people are more likely to commit an occupational fraud when they have motivation, opportunity, and a rationale to excuse their crime. The rationale is an individual factor which organizations cannot address in advance, but there can be indicators based on motivation and opportunity.

The 2018 Report to the Nations on Occupational Fraud and Abuse contains some concrete information that is consistent with this theory. In research for the Report, the Association of Certified Fraud Examiners (ACFE) identified 17 behavioral “red flag” traits that might be associated with a perpetrator of fraud. These are primarily indicators of motivation or pressure that may cause a potential fraudster to flip into active fraud.

85% of the fraudsters in the 2,690 cases ACFE reviewed had at least one of the red flags, and 50% had more than one. They are at least somewhat predictive.

The most common red flags have to do with financial difficulties (motivation, pressure). Since 2008 when the first edition of the Report was published, the six top red flags, in order, have consistently included:

  • Living beyond one’s means
  • Financial difficulties
  • Unusually close association with a vendor or customer
  • Control issues, unwilling to share duties
  • Divorce/family issues
  • “Wheeler-dealer” attitude

Much is written about these common behavioral red flags of fraud, but there are other red flags organizations should be aware of when it comes to predicting and preventing fraud. So-called human resources-related red flags and non-fraud-related misconduct can offer valuable insight to those responsible for anti-fraud programs.

Human Resources-Related Red Flags

According to the ACFE’s 2018 report, 39% of fraudsters had experienced some form of HR-related red flags prior to or during the time of their frauds. The most common of these red flags were negative performance evaluations, and fear of job loss.

Non-Fraud-Related Misconduct by Perpetrators

According to the ACFE report, 45% of fraud offenders had committed some form of non-fraud workplace violation, which could potentially indicate a link between occupational fraud and other forms of workplace misconduct. The most common non-fraud violation was bullying or intimidation, which was observed in 21% of all cases.

To anticipate occupational fraud, the organization has to be well acquainted with its members at all levels of authority. Regular or routine evaluations (background checks, interviews, work reviews) would help to identify individuals at risk, and help them avoid failure. A fraud prevented saves the organization from damage to people, brands, and profits.

  Category: Fraud Awareness
  Comments: Comments Off on The Red Flags of Fraud You May Not Know

Benchmarking Fraud: How Does Your Organization Compare?

By Lowers & Associates,

benchmarking your controls

The Association of Certified Fraud Examiners 2018 Report to the Nations on Occupational Fraud and Abuse offers a treasure trove of data you can use to assess how your organization’s fraud profile stacks up against other organizations in terms of industry, size, and location.

The Report is based on case data reported from Certified Fraud Examiners (CFEs) from all over the world. It lends itself to benchmarking your organization because it allows you to compare your own experiences against the medians reported from broadly similar organizations. Perhaps most important, you can learn about how other organizations responded to fraud.

Your risk of fraud.

Industry sector makes a big difference in the incidence and cost of fraud. Private, for-profit companies have the highest incidence and the highest median loss, where not for profits have much smaller losses and fewer frauds overall. In between are publicly traded companies and government agencies. An interesting comparison is between private vs. public for-profit businesses, with the private ones suffering higher losses. In general, private businesses face less scrutiny than public ones.

One counter-intuitive finding is that defrauded small organizations (less than 100 employees) suffered losses almost twice as high as large organizations (100 or more employees) in absolute terms. It’s not likely that the difference is attributable to the amount of money available—larger organizations offer fatter targets.

Among all types of fraud risk, corruption is one of only two types of fraud that is significantly more likely in large organizations (the other being non-cash fraud), perhaps because size offers more opportunities for small organized cliques to penetrate weak points, or due to a larger network of connections. Corruption is prevalent in almost every industry type, with the lone exception of professional services.

Your fraud prevention measures.

The presence of anti-fraud controls, such as surprise audits, proactive data monitoring/analysis, codes of conduct, etc. is shown by the ACFE Report to reduce the medial losses associated with fraud. It is perhaps predictable that small organizations in the study were far less likely to have a full range of anti-fraud controls in place. They tend to have only the basics, such as internal audits, management review, and external reviews of financial statements. Right on cue, 42% of frauds in small organizations were caused by lack of internal controls, compared with only 25% for larger organizations which tend to have a far more complete and robust set of controls in place.

One important anti-fraud control is the presence of a tip line. This was present in a little over 20% of small organizations, but fully 80% of large ones. The reason the disparity is important is that tips are the most common way a fraud is detected.

Fraud is a threat to all types and sizes of organizations, but two tendencies in the data stand out.

  • First, large organizations deploy more controls, and ACFE finds that every type of control tends to depress fraud.
  • Second, large organizations are more likely to experience fraud by corruption, which is an intentional organized attack at the weak points in an organizations’ links between units, internal or external.

The good news is that controls do work. Small organizations that may not have enough control due to cost or scale need to find ways to implement variations of these controls. The potential payoff from fraud averted or detected quickly is too large to not implement the controls.

What can the lessons and benchmarks embedded in the ACFE’s Report to the Nations on Occupational Fraud and Abuse teach you about your own organization’s risks? How can you become better protected?

  Category: Occupational Fraud
  Comments: Comments Off on Benchmarking Fraud: How Does Your Organization Compare?