Executives say poor internal controls contribute most to fraud
When corporate fraud occurs, it usually is an inside job made easier because the company had an insufficient prevention program, according to executives surveyed by the Big Four firm KPMG LLP. Approximately 42 percent of survey respondents said inadequate internal control was the primary contributor in the previous year to a fraud incident against their company.
"As companies emerge from one of the most introspective periods ever regarding the prevention and detection of fraud due to regulatory requirements that have been put into effect over the last few years, the 'human element' remains at the root of most fraud occurrences," said Richard H. Girgenti, lead partner for KPMG's Forensic practice. "Applying lessons learned from their efforts to implement controls over fraud risk could help boards, senior executives and others who have responsibility to manage the risk of fraud with early detection and prevention."
Focusing on the effectiveness of controls and implementing an enterprisewide anti-fraud strategy can boost a company's confidence that its control environment is adequately addressing the risk of fraud within the organization.
Girgenti noted that the survey showed employee collusion with third parties was cited by 35 percent of respondents as the second biggest contributor to fraud, and management override of internal controls came in third, blamed by 25 percent of those surveyed as a contributor to fraud.
And the industry or sector in which an enterprise operated apparently contributes to the factors that influence fraud. For instance, the KPMG survey found that:
Lax controls were blamed as the most significant reason for fraud in government, according to 75 percent of public sector executives;
Approximately 53 percent of consumer markets executives pointed to collusion between employees and third parties as the most frequent reason for fraud against their organization; and,
About 45 percent of industrial-markets executives said management override of internal controls was the root of fraud against their company.
"Globalization, a more-demanding investor community, and zero-tolerance policies from regulators demands that companies ensure that their controls are operating as they should," said Girgenti, noting that a strategic approach to fraud prevention, detection and response is essential.
"This process begins with an evaluation of the effectiveness of a company's controls, creation of a culture where employees feel comfortable reporting misconduct, and development of a robust monitoring system by internal audit and others that includes continuous auditing for fraud risks and the use of enabling technologies," Girgenti said.
The survey polled 138 chief executives, chief financial officers, internal audit directors/VP controls, compliance officers, corporate counsels and security executives/risk officers. The industries represented were consumer markets, healthcare and pharmaceutical, financial services, government and industrial markets, and information, communications and entertainment.