In my last insight on the topic of Fraud (which you can read here), I outlined the new “failure to prevent fraud” offence in the UK, and how to implement a fraud prevention framework.
In this latest insight, the finer points of fraud prevention measures are highlighted.
Did you know that the three points of our triangular logo represent the behaviours of an individual committing fraud, these traits are motivation, rationalisation and opportunity.
Understanding the most common methods in how fraud is discovered, as well as looking into the behavioural traits of fraudsters, can both be the foundation for implementing effective fraud prevention and detection measures.
Reporting Fraud – Hotlines or Online?
Interestingly, a recent fraud report shared by the Association of Certified Fraud Examiners (“ACFE”), highlighted that 42% of reported fraud cases were actually discovered by “tips” from employees, customers, partners and competitors. This reinforces the need for organisations to implement anti-fraud awareness measures, not only on how to spot a fraud, but by giving them the tools and mechanisms to report suspicions of fraud.
The sooner a fraud is reported, the quicker it can be investigated, stopped and the perpetrators dealt with.
In cases where a reporting mechanism was used to report fraud, the use of telephone hotlines has declined substantially over the last few years; yet there has been a significant rise in fraud reporting via email and web-based/online platforms.
If an organisation only has a telephone reporting hotline, then it should consider other email/web based alternatives. If your organisation has yet to implement such reporting measures, then as these findings demonstrate, use a combination of online, electronic forms and telephone hotlines.
It is also imperative employees are taught how to communicate concerns or suspicious activity through the correct reporting channels. Equally, organisations should make it clear to employees that suspicious activity will be evaluated in a confidential, prompt and through manner.
Organisations should extend these reporting lines and communication channels to external parties such as customers, vendors and competitors.
Behavioural Red Flags
When an individual is engaged in workplace fraud, they will often display certain behavioural traits that tend to be associated with fraudulent conduct. Of the 85% reported fraud cases, it was revealed fraudsters exhibited at least one behavioural red flag. Worryingly, it was identified that 51% of the perpetrators exhibited multiple behavioural red flags.
It is not uncommon for a workplace to be a stressful or pressurised environment, however, having an understanding and being able to recognise behavioural red flags can help organisations detect fraud and mitigate losses. Red flags displayed by fraudsters include the following:
- Living beyond one’s means. Look out for individuals with lifestyle changes, purchasing of expensive cars, houses, holidays, and/or luxury goods, even private school education for children, all of which are beyond their normal income expectations.
- Check for financial difficulties or a history of debt, be aware of any arising financial problems, consider addictive behaviours such as gambling, or drug addiction.
- Look for an unusually close association with a vendor/customer, could they be receiving a bribe, financial favour or kickback.
- Does an individual appear to have a character which is irritable, suspicious, intimidating or defensive, sometimes bullying in the workplace.
- Look for individuals with excessive control issues, an unwillingness to share duties, refusal to take holidays, working out of normal hours or weekends.
- Look for traits such as a “wheeler-dealer” attitude involving shrewd or devious behaviour
- Has an individual been denied or overlooked for a promotion or raise in salary, received poor performance evaluations, demoted, or even complained openly about lack of authority or inadequate pay?
Understanding the most common types of fraud in the workplace, can also assist in developing fraud prevention and detection strategies.
- Asset Misappropriation: Of the three primary categories of workplace fraud, asset misappropriation is by far the most common, occurring in 89% of the cases in the study. Asset misappropriation involves an individual stealing or misusing an organisation’s resources and include theft, skimming, forgery, invoice fraud, payroll fraud, expense fraud and resource misuse.
- Corruption: Corruption schemes are the next most common form of workplace fraud; with 38% of reported cases involving some form of corrupt act. Types of corruption include conflict of interest, bribery, illegal gratuities, kickbacks and extortion.
- Financial Statement Fraud: The least common, but most costly form of workplace fraud is financial statement fraud, which occurred in 10% of reported cases. Types of financial statement fraud include fictitious reporting, concealments, overstatements, timing differences, improper asset valuations.
How to Implement Anti-fraud Measures
There are various ways in which to implement strong anti-fraud measures. Apply the following controls in all areas of your organisation, from finance and accounting departments to procurement and vendor onboarding functions as well as sales and operation teams.
Segregation of Duties
Segregation of duties is a key risk management tool that can be used to reduce the risk of fraud and errors. It involves assigning specific tasks and responsibilities to different individuals, groups, or departments. For example, someone responsible for authorising a purchase should not also be responsible for receiving and recording the purchase. This ensures that any errors or irregularities are caught before they can cause harm to the organisation.
Organisations should also consider implementing internal controls, such as requiring dual authorisation for certain transactions, or regularly monitoring transactions for irregularities. These controls can help to further reduce the risk of fraud and errors.
Applying access controls will help protect financial systems from unauthorised access, preventing errors and fraud by restricting access based on employees’ job responsibilities and the principle of segregation of duties.
To prevent access control failures, organisations should implement access control measures with clearly defined roles and responsibilities for each user. This system should include a variety of authentication methods such as passwords, biometric scans, and two-factor authentication, as well as permission and access control policies.
Additionally, organisations should monitor and audit access control systems to ensure compliance with security policies and detect any suspicious activities. Finally, organisations should also implement a strict process for granting, revoking, and modifying access privileges.
To successfully commit a fraud in the workplace, perpetrators are willing to devote a significant amount of time and effort to execute the fraud, and not be caught.
One way to deter fraud in the workplace is for the organisation to implement a policy of mandatory holiday/vacation time for its employees. During the employee’s absence, other staff members can watch out for any suspicious activity or discrepancies in financial records.
This helps to create an environment of accountability for all employees, making it less likely that an employee will commit fraud. Additionally, the fear of being caught during their absence may deter employees from even considering any impropriety.
Including false information in an application is fraud. Let that sink in. Performing background checks when a new employee is poised to join an organisation is an essential anti-fraud measure. Yes, not all people will have a criminal, or fraudulent past; however, background checks is a proactive approach and helps mitigate the risk of hiring dishonest employees who could potentially engage in fraudulent activities within the organisation.
Not only does pre-employment screening act as a deterrent for dishonest individuals applying for positions within your organisation, but it also sets a positive culture for all employees, knowing that an organisation has a zero tolerance to fraudulent behaviour and looks to save the organisation from fraud losses.
Organisations should also consider extending their background checks to third parties including vendors and suppliers.
Do you need help implementing fraud prevention measures?
If you need help with implementing an anti-fraud framework, we can help guide you through the process. Implementing effective fraud prevention procedures is not only ethically sound, but it is also beneficial for the anti-fraud culture across all organisations.
Do you have a suspicion of fraud in the workplace?
The detection of corporate fraud usually arises from an internal audit finding, anonymous tip off, suspicion, complaint, whistle-blower or allegation. In our experience, suspicions of fraud are normally well founded, irrespective of the source.
Contact us immediately if you have a suspicion of fraud, and we will help you set out clear objectives in an investigation plan, and:
- determine the finer details of the suspected fraud, look to identify those involved and understand the mechanics of the fraud
- perform thorough investigations, both in the interest of the victim and to clear innocent people under suspicion
- identify and recover assets lost to fraud and prevent further losses
- provide accurate evidence to help establish proof of loss, guilt and personal gain
- review and implement measures to prevent fraud from occurring again
Whatever the investigation, each case must begin with the intention and preparation that it could end in litigation.
Neil Miller, CFE