COVID-19 and the Fraud Triangle

By Lowers & Associates,

COVID-19 and the Fraud Triangle

In our work in high risk industries, we routinely uncover fraud and asset misappropriations. While it may seem counterintuitive, with the US and global economy currently at a standstill due to COVID-19 shelter at home directives, organizations should be on high alert for occupational fraud during this time. The Fraud Triangle provides a framework for explaining why this is.

Formulated in 1953 by criminologist Donald Cressey, the Fraud Triangle theorizes that fraud occurs when the fraudster feels financial pressure, they are presented an opportunity, and/or the person can rationalize the theft.

With record numbers of Americans filing for unemployment and organizations operating with skeleton crews, the circumstances are ripe for fraud to take place.

A “Perfect Storm” of Conditions

Today, with organizations shut down to outside visitors (including, in some cases, outside auditors) as well as many employees, we are seeing a virtual petri dish for fraud. Two corners of the Fraud Triangle – opportunity and rationalization – are getting bent pretty hard. The third corner, incentive, in the form of extreme pressure, is bent even further. People have less supervision, more opportunity, and way more financial pressure.

So while you’re dealing with this pandemic and the resulting disruption, now more than ever is the time to be vigilant.

Opportunity

The coronavirus pandemic has driven unprecedented change in the workplace. Many employees are either laid off, have taken a pay cut, and/or are working remotely. Those who remain, whether at the workplace or from home, may be working with less supervision than before. In fact, we are seeing many instances where key risk management procedures like dual controls have been weakened or suspended entirely. For example, instead of having two or more employees independently evaluate and compare financial records, now only one employee may be responsible. Or, that supervisory signature normally required on certain transactions? It’s no longer practical given our remote locations, so we’ll just “do it this way” in the interim.

Sound familiar? The problem in these scenarios is that one small transgression that goes unnoticed has a way of snowballing into full-blown fraud.

Rationalization

When opportunity and incentive exist, people are better able to rationalize their fraudulent behavior. That couldn’t be more true than during this pandemic.  “I have to do this to provide for my family. I’ll pay it back later. My employer deserves it for laying me off.” These are some of the underlying rationalizations that turn a fraudster’s underlying thoughts into an actionable theft.

Incentive/Pressure

Financial difficulties are at the top of the list in terms of the pressures that can motivate people to commit acts of fraud. At no other time in modern history have so many people been under such financial strain as they are today.

At the highest of levels of unemployment following the 2008 financial crisis, there were 15.3 million jobless Americans. By the third week of April 2020, 26.5 million workers had filed jobless claims as a result of the coronavirus. An estimated 33 million people are currently unemployed, representing nearly 21 percent of the workforce and the highest unemployment level since 1934. Many who remain employed have agreed to accept pay cuts, work reduced hours, or take unpaid furloughs.

While the $2 trillion stimulus bill, Coronavirus Aid, Relief, and Economic Security Act (CARES), provided some short-term relief, it is likely not enough to stem the extreme financial worry being felt by many who don’t know how they’ll pay next month’s mortgage or cover their car insurance premium.

The pressure is extreme.

The Takeaway? Stay Vigilant

It may be tempting for organizations to be complacent when the world seems at a standstill, but the time to be diligent is now. Businesses should be on “high alert” and taking measures to ensure they’re keeping their operations secure. That includes double checking that access to IT systems and software has been blocked for furloughed employees or that virtual private networks (VPNs) have been created for remote workers. Internal controls should also remain in place, even if they have to be modified temporarily. For example, regularly scheduled phone calls or video conferences send the message that you’re still monitoring employees’ activities. Finally, if you haven’t already done so, it’s a good time to do an updated risk assessment for the entire organization. Asking your team where new vulnerabilities might exist, whether internal controls are still functioning as intended, and what gaps have been created are all part of mitigating the risk potential associated with the Fraud Triangle.

If you’d like help conducting any of these assessments, please reach out to us.

Why Fraudsters Do What They Do

By Lowers & Associates,

Most managers and owners eventually discover a case of fraud and abuse in their organization. The fraudster is often a trusted, long-time employee or manager who had or created access to some of the organization’s assets, and helped him or herself to it.

Why does this happen?

The answer is not simply greed, but most, maybe even all, people want things and want more things. There are studies that show an amazingly high proportion of employees or managers have taken small things from their organization. However, there is a line between this petty theft and intentional fraud that a few people cross over.

The Fraud Triangle: A Model for Understanding Fraud

The fraud triangle, created by criminologist Donald Cressey, lays out the three factors that make up a true case of fraud. Like all crime, fraud requires both motive (called “pressure” in most discussions of the fraud triangle) and opportunity. Cressey named two of the legs of his triangle after these, but added a third element—rationalization—that is needed to account for the fact that occupational frauds can go on for a very long time before being discovered. The rationalization allows the fraudster to dull the pain of remorse and carry on as if nothing were wrong.

It’s difficult to explain the incidence of fraud by opportunity. Of course, the crime cannot occur without opportunity, but the same circumstances are available to other people in the organization who do not yield to the temptation. Even the fraudster may be exposed to the opportunity for many years before stepping across the line.

The key to the fraud is pressure. There are as many sources of pressure as there are fraudsters, but the most typical one is financial. Fraudsters may suddenly need money they cannot get quickly enough by saving, perhaps for a debt or loss, or to compensate for a bad investment. Of course, greed plays a role when a desirable lifestyle cannot be supported by income. Some fraudsters may simply feel entitled by a real or perceived slight, by being passed over for a promotion, or other personal affront.

If the pressure is the motivation, then rationalization allows the fraudster to continue to live as a thief. The purpose of rationalization is to justify bad behavior, so it will frame the behavior as a righteous act. For instance, the fraud may be seen as a response of a mistreated small person against a cold, uncaring corporation. Whatever the specifics, think of the fraudster as believing that their gains are just deserts.

Most financial and organizational controls like segregation of duties are aimed at known opportunities. These are generally well known, documented, and taught. However, occupational fraud is almost always done by an insider who knows the controls very well. So, the motivational component is key, and neither internal controls nor external audits are designed to assess motivation.

How well do you know your employees?

16 Fraud Facts to Fuel Your 2016 Prevention Planning

By Lowers & Associates,

fraud week

As we look toward 2016, we thought it might be useful to get a quick big picture on organizational fraud for context. We have been posting about the causal factors driving fraud and urging you to develop an effective risk-based prevention program. Now, here’s the why: 16 facts about fraud drawn from the 2014 ACFE Report to the Nations that should make it relevant to you. … Continue reading