By Dan Ramey
How much fraud is occurring in your organization? None, you say? Hold on before you commit to that answer! You might just be surprised at the amount – and the fact that it is probably going on without your knowledge or suspicion.
Fraud is prevalent in the business and nonprofit communities. The losses mount very quickly and can actually be detrimental to the ongoing life of an organization.
According to the Association of Certified Fraud Examiners’ (ACFE) 2010 Report to the Nations, occupational fraud results in the loss of 5 percent of an organization’s annual revenue, or approximately $2.9 trillion in losses based on the estimated Gross World Product. The median loss in the 2010 study was $160,000, with nearly one-quarter of the cases exceeding $1 million in losses. The study also found the median time for the scheme from the beginning of the fraud until detection was 18 months.
Nonprofit groups are not exempt from occupational fraud. The ACFE study found that 10 percent of frauds in the study were carried out inside these organizations with a median loss of $90,000. Of these cases, 15 percent involved corruption.
Another study published in the Nonprofit and Voluntary Sector Quarterly (December 2007), indicated that as much as $40 billion may have been stolen from charities and nonprofits in 2006. Examples of nonprofit internal fraud schemes involve as much as $3.6 million for a CFO to play the stock market, to a nonprofit employee who stole $40,000 over a three-year period. In the charity schemes, 97 percent of the cases involved loss through asset misappropriation.
Overall, 42 percent of detected occupational frauds produced no recoveries for the defrauded organization. So who perpetrates these schemes on businesses and nonprofits? Let’s take a look – I think you will be surprised.
It’s been proven that the longer a perpetrator is employed in an organization, the greater the loss to the organization. According to the ACFE’s study, male, white-collar professionals with a college degree accounted for 67 percent of the cases, with age 40 being the median age of the perpetrator. The perpetrators came primarily from four groups of employees: accounting, executive management, operations, and sales, while the largest frauds in terms of dollars were carried out by individuals in the upper management and executive levels.
The study also found that fraud schemes involving multiple people within a company are larger than those perpetrated by a single employee. For example, 40 percent of frauds in the ACFE’s 2008 study involved multiple people and resulted in almost five times larger frauds than the individually perpetrated fraud. To complicate the identification of a potential perpetrator, 86 percent of them were never charged or convicted of a prior offense per the 2010 report. Therefore, a background check would not have identified the perpetrator.
It is very hard to determine who is likely to defraud your organization. Past cases show it usually is the long-time employee you have placed the most trust in; you provided them with an opportunity due to their position and your confidence to embezzle from your organization.
The fraud triangle
There are three factors that result in a person committing a fraudulent act: Motive, Opportunity, and Rationalization – commonly referred to in professional circles as the Fraud Triangle. When perpetrators have these three factors come together, they are in a likely position to carry out a fraud scheme. This happens when there is a motive (huge credit card bills), opportunity (person responsible for accounts payable without the proper internal controls in place and appropriate oversight), and rationalization (“I didn’t get a big enough raise last year for all my long hours.”).
It is very important an organization develops the proper controls, policies, and procedures to mitigate the Opportunity aspect of the triangle. The Motive and Rationalization factors are obviously much harder to mitigate at an organizational level, but leadership should be aware of stress points and issues in their employees’ lives, and be in a position to appropriately counsel and support these employees.
Every organization needs to learn how to reduce the opportunity for fraud. The ACFE reports the most common methods of discovering fraud were 1) tips, 2) by accident, 3) through internal audit and established internal controls, and 4) external audit. Tips from employees, vendors, and customers made up more than one-third of the discoveries.
Culture and ethics
The most effective method of reducing fraud is to create a culture of integrity and high ethics among employees at all levels. This is started by the senior executive/owners setting the tone at the top regarding doing the right thing – always, without exception. Top executives also can hire and promote the right people based on skills and behaviors, not emotions. Developing a code of ethics/conduct for employees to adhere to also is critical to setting the tone at the top.
Since most frauds are found through tips from employees, companies should establish a hotline that employees, customers, and vendors can use to report potential fraud and other irregularities. The calls should go to a third-party service that will take the information, protect the caller’s identity, and forward to the appropriate person in the organization or specified outside interests – normally the person responsible for dealing with a fraud or employment issue. It is important that all calls be investigated to determine the actual situation. If employees don’t see a follow through on the hotline calls, it is of no value. Instead, a tone of acceptance is established by management.
Organizations can take other mitigating actions to reduce the chance for fraud. These include conducting in-house seminars about fraud, discussing potential areas of fraud with external auditors, performing an annual review of new vendors and service providers, and performing surprise audits in areas of high risk, such as cash and payroll.
Two significant activities required by the Sarbanes-Oxley Act to reduce the opportunity for fraud include reviewing your antifraud process and internal controls, and developing a strong oversight process. These activities go hand-in-hand, sending a strong message to potential perpetrators that you are doing everything you can to reduce the opportunity to commit fraud in your company.
As the public’s trust in the corporate business remains under scrutiny, companies and organizations must not only comply with regulations, but also realize a significant obligation to their stakeholders, employees, and other audiences. From the accounting perspective, an internal control review and/or a fraud prevention check-up by a professional would provide your organization with the necessary action plan to reduce the opportunity to steal hard-earned dollars from your organization.
While an internal review is a solid first step to reduce fraud, remember that anyone who works for an organization – no matter how small or large it might be – has a responsibility to their company and themselves. Be aware of any potential fraudulent activity and weaknesses in internal controls. Being a good corporate citizen is paramount to integrity and ethical behavior in today’s business marketplace.
About the author:
Dan Ramey, CPA, CIA, CFE, CFF, is a director of Internal Audit for PKF Texas. PKF Texas can provide assistance to companies looking to implement the techniques detailed in this issue
To listen to PKF Texas – The Entrepreneur’s Playbook tips go to pkftexas.com/ep .