The Association of Certified Fraud Examiners, a global organisation dedicated to fighting fraud and corruption within organisations has recently released its 2018 Report to the Nations on Occupational Fraud and Abuse. This report, a survey of in excess of 1500 organisations globally affected by fraud, once again points out the need for organisations to focus on the prevention of fraud.
Occupational fraud—fraud committed against the organisation by its own officers, directors or employees—constitutes an attack against the organisation from within, by the very people who were entrusted to protect its assets and resources. Every business is vulnerable to the threat of fraud, and whilst we often operate in a “high trust” environment, it is also timely to remember trust is not a control—it is an emotion. Whilst trust in our employees is a good thing, that trust must be buffered by a suitable control environment as even the most trusted of employees can succumb to external pressures and defraud the organisation in which they work.
The importance of organisations implementing an effective fraud and corruption control framework is once again reinforced by the finding detailed in the report. Some of the key findings are as follows:
Internal control weaknesses were responsible for nearly half of the reported frauds
Fraudsters who had been at their company longer stole twice as much
A majority of the victims recovered nothing
The median duration of a fraud scheme was 16 months
Tips are by far the most common initial detection method
Organisations with hotlines detect fraud by tips more often
Small businesses lost almost twice as much per scheme to fraud
Data monitoring/analysis and surprise audits were correlated with the largest reductions in fraud loss and duration.
It is important that we take time to periodically review our fraud and corruption control framework to ensure that it meets the needs of the organisation. This is particularly relevant for small businesses, and more so for those small businesses that have grown rapidly where perhaps the control framework has not kept pace with that growth. These tend to be the organisations where there are high trust models. It is not uncommon following the detection of a fraud scheme to hear the words (in relation to the fraudster)— “they are the last person I would have expected to have done that.”
Therefore, if you haven’t reviewed your control framework in recent times perhaps it is now timely to do so. Here are some things to think about when doing so:
Is ongoing anti-fraud training provided to all employees of your organisation?
Is an effective fraud reporting mechanism in place (including an anonymous independent reporting mechanism)?
Do you have proactive anti-fraud measures in place? Such as, surprise fraud audits, data analytics, and the conduct of periodic fraud risk assessments — to name a few
Is the management climate/tone at the top, one of honesty and integrity?
Are strong anti-fraud controls in place and operating effectively? Have they been tested?
Given that our main method for the discovery of fraud is a tip, and that fraud schemes generally take a long time to uncover, it is important that we focus upon fraud prevention in our organisations. And remember, trust is not a control – it is an emotion.
Our Forensic and Risk Services team are available to assist with any issues or enquiries you may have – call +61 2 8346 6000 today.