Fraud exists everywhere and you need to be aware so as to not be conned. A con is the art of persuading someone by deception to do something. Discovering fraud in corporations and society in general needs specific skills, particularly as malicious individuals have become increasingly resourceful in covering their tracks.
It is clear that no one is immune to being defrauded. You need to apply many principles in the way you operate to minimize risk. Risk can’t be eliminated entirely. Even with the best controls in place and segregation of duties, people will still find ways to overcome them or collude to circumvent them.
Preventing all known fraud schemes simply is not enough; you need to think like a crook to catch a crook. Catching a fraudster is not as simple as people think; investigations and interrogations need to be planned and performed appropriately.
Thousands of types of fraud may appear within corporations or against a corporation. You need to have a system in place that will mitigate your risks.
Occupational fraud is expensive. It is estimated at around 5% on annual revenues, that if extrapolated could result in a $4 trillion fraud loss annually according to a report by the Association of Certified Fraud examiners (ACFE). Certified Fraud examiners (CFE) can assist in mitigating the cost of employee fraud not only by testing for fraud, but also by establishing accurate procedures to enable employees of the company to assist in such a process.
Below you can see the ‘fraud triangle’, originated from Donald Cressey and defined as “the three factors that must be present at the same time in order for an ordinary person to commit fraud; Pressure, Opportunity, and Rationalization”.
These are the conditions that need to be present to create an environment that enables fraud. Many options exist on how to monitor and mitigate all three factors. Instead of analyzing these now we will review examples of simple frauds and how they may be revealed.
Fictitious employee schemes are the fraud when an additional employee is added to the payroll. This may occur with the owner’s consent to decrease taxes or without the knowledge of the owners with the intent to defraud. Fictitious employees may be detected with the use of various methods. The fraudster may cover his tracks and remove your ability to detect the fraud with the use of some of these tests. However, if you perform enough tests any fraud will be uncovered.
1) Test all bank accounts linked to employees for duplicate entries, if a bank account is present twice in the list it means both salaries are being delivered to the same person (you need to ensure all salaries are deposited in accounts or mark checks for deposit only).
2) Test all addresses, people adding fictions employees may use the same address or a P.O. Box.
3) Check surnames and try to trace the relationship of the individuals.
4) Announce a problem with the payroll system and have everyone come personally to collect their salary. Upon arrival, you should request the ID and job department.
These are some of the many tests you could perform to discover if the company is only paying individuals that actually work for the company.
Many companies focus on various theft threats that may incur in a company but usually tend to miss one very important area: theft of intellectual property. This is becoming one of the most prominent and rising threats for organizations. It may not occur as often as other frauds but when it does it can have devastating effects on corporations.
Imagine a company leaking its list of suppliers or debtors in seconds; a staff manual; Its trade secrets; Its plan to enter new markets or line of products; It most profitable product line.
This type of information may, when received by competitors, have a much greater effect on the company than a fictions employee or an employee stealing a laptop or overcharging their expense account.
Detection of Intellectual Property theft is much harder as in some cases nothing truly goes missing. If no controls and procedures are in place the company will only discover the theft when the competitor has access to any information taken and is already acting based on its acquisition. At that point, most of the damage is already done and different policies need to be set in place to discover what the competitor has and how to mitigate the risk.
The difference between the two types of frauds we reviewed is that with fictitious employees, detection techniques may be enough. Once the fraud is committed, if procedures are in place to detect it, then any harm is minimal. In the case of intellectual property theft, prevention techniques must be implemented in addition to detection. This is because we want to prevent it from happening in the first place, not just catch the perpetrator once fraud has occurred.
Fraud has been here since the beginning of time and the art of the con is first described when the snake gave the apple to Adam and Eve. Fraud will not stop any time soon and you will never be totally immune to it. What you need to understand is that you must be vigilant and proactive in your corporation in order to avoid both internal and external threats. Seek knowledge and help from specialists and always remember that you need to think like a crook to catch a crook.
by George Loizou, MSA, CFE, CM, CPA, Managing Director, Palema