Payroll fraud accounts for about 9.3% of occupational fraud at a cost of over $300 million per year across all types of organizations. One of the most common forms of payroll fraud is the use of “ghost employees” to divert money to fraudulent identities. Like all organizational frauds, this is a hidden crime that can best be prevented by controls designed to expose all payroll transactions.
The Ghost in the Payroll Machine
A “ghost employee” exists only as an identity in payroll records, although the ghost may be a real person who does not actually work for the company. The ghost employee scam is only successful if the perpetrator has unmonitored access to company systems, so it is typically an inside job. The scheme works if:
- The ghost identity can be added to payroll records.
- The system has to be set up to make payments to the ghost, either for false time and/or wages, or for other types of payments, e.g., expense reimbursements.
- Payments made to the ghost must be concealed, especially from existing controls.
- Actual disbursement – the point of the fraud – occurs. … Continue reading
There are a couple trends in our current society that lead many to believe that risks from human capital are on the rise. You might refer to this as the “cultural context of risk.”[i] If indeed human capital risks are on the rise it makes sense that C-suites have a greater obligation to take action to identify, assess, and act to mitigate the risks they face.
One trend is exemplified in the increasing incidence of occupational fraud (see our graphic summary of fraud). The most worrisome aspect of this is that it may reflect a change in our culture toward less personal honesty or restraint – sociologists would refer to this as a decline in “social control” as opposed to the formal control of law enforcement. If this is true, employers face a permanently more difficult challenge in finding employees they can trust to work for the good of the organization.
The second trend may actually be part of a social response to the failure of social control. In place of allowing organizations to control their own behaviors, government has adopted some increasingly stringent regulations ranging from SOX, to the Fair Credit Reporting Act, to the Consumer Finance Protection Bureau. These legal controls create a rigid, maybe brittle, operating environment that exposes organizations to much higher risk for specific kinds of employee-based failures. … Continue reading
Most crimes of occupational fraud are motivated, at least in part, by some kind of financial pressure. And while committing a fraud, the perpetrator will frequently display certain behavioral traits associated with the stress or fear of being caught.
These “red flags” are behavioral and system-based clues that can be picked up by attentive managers, colleagues, internal auditors, or subordinates. In turn, these clues can put an organization “on notice” that a trusted individual may be engaging in some form of improper or fraudulent conduct.
The Association of Certified Fraud Examiners (ACFE) in its 2012 Report to the Nations pinpointed the most common behavioral red flags associated with occupational fraud. The ACFE examined the frequency with which certain behavioral red flags were identified during a fraudulent scheme. … Continue reading
U.S. organizations of all types lose about 5% of top line revenue to organizational fraud every year. We know that gets your attention, but what can you really do about it?
Simply put, proactive fraud prevention measures are necessary to limit organizational fraud. Many of the steps we can take are straightforward, including having published and promoted anti-fraud messages, encouraging and rewarding employee communications about fraud, and doing rigorous internal audits.
These steps are controls. Controls are familiar to every manager, especially in financial, auditing, or accounting occupations. They are procedural, orderly, systematic, and predictable.
Corporate culture is something different. It has an ethical dimension that goes beyond the imposition of objective controls. In a sense, it provides the environment of control.
This is why you need to care about the corporate culture: the environment of control is the context in which your procedural controls operate. If the environment of control is rotten, the procedural controls are irrelevant. … Continue reading
All organizations are vulnerable to occupational fraud, and that fraud costs an enormous amount of money ($652 billion a year in the US according to ACFE research as summarized in this occupational fraud infographic). As a result, a comprehensive fraud risk management policy is an essential component of an overarching enterprise risk management plan.
Your fraud risk management policy stems from the risk analysis that must underlie the policy. That is, identifying the concrete organization-specific fraud risks that must be mitigated.
Systematic planning and implementation across these five basic areas will put your fraud risk management program on the path to success.
1. Identify a “risk owner” in your organization.
Upper management must be engaged in policies aimed to mitigate risk. Part of this is that responsibility has to be clear – wishful groupthink won’t cut it. With respect to fraud risks in particular, a member of upper management should be charged to organize and carry out the risk analysis, including how identified risks should be managed. As with every important management function, this function will include process definition, goal setting, measurement, and reporting on a timely basis. … Continue reading