Trends & Developments - February 2014 - Occupational Fraud – Still a Big Issue for Business
Occupational fraud, also known as employee theft, fraud or embezzlement, generally reflects the full range of willful employee misconduct through which businesses lose money. In simple terms, it is when someone through a deliberate process misuses or misapplies the resources or assets of a business for their own personal benefit. Generally, most frauds go undetected and are uncovered either by accident or as the result of a whistleblower.
Occupational fraud is nondiscriminatory, but smaller entities are generally more at risk than larger ones. Research shows that occupational frauds occur across a wide range of industries and geographic regions. This is not surprising given the fast pace of today’s business world. Owners and management are busy running day-to-day business operations and focusing on bottom lines and department performance, and often do not have time to be proactive with fraud risk management and prevention. As a result, they generally become aware of a fraud loss after a breach when it may be too late to do anything. Oftentimes, they are surprised and find out that the person responsible for the theft is a long-time employee who is well-liked and trusted. Even worse, they find out the perpetrator is relative or close childhood friend.
When a fraud is suspected or reported, it is important to initiate an investigation in a timely, efficient, and appropriate manner. The goal is to be in front of the issue, as that can make the difference between major losses and possible recovery. Being proactive and responsive can stop the financial damage and, in some cases, minimize the damage.
Most recent estimates from the Association of Certified Fraud Examiners’ Report to the Nation indicate that a typical organization loses 5% of its revenues each year to occupational fraud. In dollars, that corresponds to projected annual losses in excess of $3.5 trillion worldwide. The ACFE study indicates that the median occupation fraud loss is approximately $140,000, with more than 20% of the cases having over $1 million in loss. That is a significant amount of money and indicates the need for constant evaluation of an entity’s internal controls and risk assessment plans.
All instances of occupational fraud and abuse can be classified into one of three major categories:
- Asset Misappropriations: Schemes that involve the theft or misuse of an organization’s assets (can include cash and non-cash schemes).
- Corruption: Schemes in which a person uses his or her influence in a business transaction to obtain an unauthorized benefit contrary to that person’s duty to his or her employer.
- Fraudulent Financial Reporting: Schemes that involve the falsification of an organization’s financial statements to make it appear more or less profitable.
Most frauds schemes involve efforts at concealment and, as a result, many frauds are never detected. For the ones that are, the full amount of losses incurred are generally never fully quantified. As a result, the total damages suffered as a result of a fraud loss most times is, at best, an estimate.
Detecting fraud can come from a variety of sources, including an internal audit, an internal or external whistleblower, surveillance, or even by accident. However, the most common source is usually whistleblower tip from a fellow employee. The means of detection also correlates closely with the likely loss and resulting recovery. Frauds detected by internal controls or internal audits generally result in far smaller losses than frauds detected by external or reactive measures such as a whistleblower tip.
Why does it happen? Current research on the psychology of people who perpetrate fraud shows that there are three factors that, when combined, make it easier for a person to commit occupational fraud. This is commonly known as the Fraud Triangle.
- Perceived financial need,
- Perceived opportunity, and
- The perpetrator’s ability to rationalize or justify the illegal conduct.
Most fraudsters typically have at least one of these three traits and often all three. Generally, a combination of the factors increases the risk of a potential fraud. Research shows that people in a business with more seniority and more responsibility generally have greater propensity to commit larger frauds while lower-level employees by comparison have lower loss levels associated with their fraud.
What is important to note is that of the three factors, research indicates that reducing or eliminating the opportunity for a person to commit fraud is generally the most effective way to reduce fraud risk.
All prevention plans begin with an effective compliance program. Effective compliance programs generally share some common themes such as establishing clear standards for conduct; requiring due diligence in hiring; describing expectations, responses, and disciplinary actions for misconduct; and providing for periodic assessment—all tailored to the specific business and/or industry. The program should include fraud-specific prevention and detection policies. The program should also be proactive and include items such as periodic analytical reviews, employee job or duty rotations, and internal audits – both routine and surprise.
As always, management can increase effectiveness through appropriate oversight. If those at the top don’t take the plan seriously then how can management expect the rest of the employees to adhere to the plan?
Since the tone in any organization is supposed to be set at the top, this means more than just lip service oversight. It means training employees and furthering their fraud awareness education on a regular basis. It means fostering a culture requiring compliance with the fraud prevention program, and maintaining a policy known to all that fraud will be detected and will not be tolerated. Lastly, all effective compliance programs have a system for reporting fraud – the most effective ones include an anonymous hotline or web-based portal for reporting a suspected fraud. Since most tips come from within, it makes sense to set up an anonymous reporting system that allow employees to do so effectively and without fear of repercussion. These outlets are generally one of the best guards against fraud. To many organizations, planning for, setting up, and maintaining a fraud detection and deterrence system may appear challenging, but these steps have the potential to effectively minimize fraud risk and save a business heartache and thousands of dollars if not more in the long run. While each organization will need to do a cost benefit analysis for the plans and procedures they want to employ, research shows that a comprehensive plan that is enforced and monitored greatly reduces the risk of a fraud being perpetrated.
Unfortunately, research indicates that fraud has been a “growth industry” over the years. In addition, it is extremely costly and can have serious implications, sometimes crippling businesses and in some cases causing organizations to fail. Proper planning today can help your business avoid becoming a statistic in the next study.
Summary of Findings from the ACFE 2012 Report to the Nation
- The median loss caused by the occupational fraud cases in our study was $140,000. More than one-fifth of these cases caused losses of at least $1 million.
- The frauds reported lasted a median of 18 months before being detected.
- As in previous studies, asset misappropriation schemes were by far the most common type of occupational fraud, comprising 87% of the cases reported; they were also the least costly form of fraud, with a median loss of $120,000. Financial statement fraud schemes made up just 8% of the cases in the study, but caused the greatest median loss at $1 million. Corruption schemes fell in the middle, occurring in just over one-third of reported cases and causing a median loss of $250,000.
- Occupational fraud is more likely to be detected by a tip than by any other method. The majority of tips reporting fraud come from employees of the victim organization.
- Corruption and billing schemes pose the greatest risks to organizations throughout the world. For all geographic regions, these two scheme types comprised more than 50% of the frauds reported.
- Occupational fraud is a significant threat to small businesses. The smallest organizations in the study suffered the largest median losses. These organizations typically employ fewer anti-fraud controls than their larger counterparts, which increases their vulnerability to fraud.
- As in prior research, the industries most commonly victimized in the current study were the banking and financial services, government and public administration, and manufacturing sectors.
- The presence of anti-fraud controls is notably correlated with significant decreases in the cost and duration of occupational fraud schemes. Victim organizations that had implemented any of 16 common anti-fraud controls experienced considerably lower losses and time-to-detection than organizations lacking these controls.
- Perpetrators with higher levels of authority tend to cause much larger losses. The median loss among frauds committed by owner/executives was $573,000, the median loss
caused by managers was $180,000 and the median loss caused by employees was $60,000.
- The longer a perpetrator has worked for an organization, the higher fraud losses tend to be. Perpetrators with more than ten years of experience at the victim organization caused a median loss of $229,000. By comparison, the median loss caused by perpetrators who committed fraud in their first year on the job was only $25,000.
- The vast majority (77%) of all frauds in the study were committed by individuals working in one of six departments: accounting, operations, sales, executive/upper anagement, customer service and purchasing. This distribution was very similar to what was found in the 2010 study.
- Most occupational fraudsters are first-time offenders with clean employment histories. Approximately 87% of occupational fraudsters had never been charged or convicted of a fraud-elated offense, and 84% had never been punished or terminated by an employer for fraud-related conduct.
Trends & Developments - February 2014