Companies dedicate resources to protect themselves from external fraud, but are sufficient resources devoted to internal fraud? To put it another way, are sufficient resources devoted to the prevention and detection of such things as asset misappropriation, corruption or financial statement fraud?
In the Association of Certified Fraud Examiners (ACFE) 2020 Global Study on Occupational Fraud and Abuse, the ACFE determined in its study that a single case of occupational fraud cost the victim organization an average of more than $1.5 million, the typical fraud case lasted 14 months before detection and caused a median loss of $8,300 a month. Certified Fraud Examiners further estimate that organizations lose 5% of their revenues each year to fraud.1
The American Institute of Certified Public Accountants (AICPA) states it is often the employees working the longest at a business who are the most likely to commit fraud.2 The ACFE further states the longer a fraud perpetrator works at the company, the more damage that person’s scheme can cause. If the fraudster’s tenure was less than a year, the scheme had a median loss of $50,000, and if the fraudster had a tenure of over 10 years, the scheme had a median loss of $200,000.3
The ACFE determined that there are three primary categories of occupational fraud.4
- Asset Misappropriation – An employee stealing or misusing the employing organization’s resources. (86% of the cases studied had a median loss of $100,000.)
- Corruption – Includes offenses such as bribery, conflicts of interest, and extortion. (43% of the cases studied had a median loss of $200,000.)
- Financial Statement Fraud – The perpetrator intentionally causes a material misstatement or omission in the organization’s financial statements. (10% of the cases studied had a median loss of $954,000.)
Occupational fraud cannot only impact a company in a direct financial loss but also affects the morale of its employees. It affects the organizations’ day to day business operations and is a distraction from the goal of enhancing profitability.
For these reasons, companies should dedicate appropriate resources to having internal controls in place to prevent occupational frauds from occurring and detecting occupational fraud in its earliest stages.
Example of Occupational Fraud
Accenture addressed an example of Asset Misappropriation and Financial Statement fraud with a client in the healthcare industry.
A Vice President in the company seemingly had great sales numbers; he was in charge of delivering services for home attendants and nurses who worked on an hourly basis. These employees had the option to work up to a certain number of hours a week and their work was paid for by the state.
The employees at times did not work the applicable number of hours allotted to them. The Vice President, noting this, substituted the real timesheets for fictitious timesheets he created to show the employees had worked to the applicable number of hours allotted to them. He did so to create additional unearned revenue for the company which, in turn, fraudulently increased the Vice President’s income as it was based on the revenue he brought to the company. The additional unearned revenue over time was for millions of dollars.
When the fraud was discovered, Accenture assisted the company by improving their controls to avoid a similar situation occurring in the future.
After the Fraud is Discovered
When occupational fraud is discovered, it is expected the fraudster would suffer consequences. It is also expected the employer would attempt to collect every dollar stolen. To do so incurs costs; the need to retain counsel and forensic accountants to do at least the following:
- Locate and evaluate relevant documents to prove the fraud.
- Develop an analysis to quantify the loss.
- Prepare a report which would withstand analysis if challenged in court.
Depending on various factors including the length, the complexity and the amount of the scheme and the volume of documents to be located and analyzed, such investigations may run into five and even six figures and take months. There is also no assurance that the employer would recover the entire or even a substantial portion of the sum stolen by the employee.
We should also consider how the fraud impacts honest, hardworking employees who worked with the fraudster and had no knowledge of the fraud.
Employees are surprised when they discover that a colleague participated in internal fraud, also known as occupational fraud. They may think, “I created a bond working with this person for so long, and the person cleared a background check before being hired. This person is not capable of fraud.” Fraud may not even be considered when it comes to a colleague.
The Department of Justice notes that with fraud victimization, trust in one’s own judgment and trust in others may be shattered. One may feel a sense of betrayal, especially if it is someone you know. 5
Thoughts that may come to mind include:
- Could I have done anything differently to spot the fraud?
- Will my employer or my fellow employees blame me for what happened?
Employees would have to carve time out of their busy day to meet with their employer, attorneys and forensic accountants to develop information to assist with the investigation. The impact of the fraud would result in distraction from the day-to-day tasks otherwise devoted to generating profit for the company.
The company also may have to consider reputational risks and damage to its corporate image.
Correcting Internal Controls
Once the fraud is detected, companies would need to address corrective actions to strengthen internal controls.
It first would involve learning how the fraud took place, then analyzing all relevant departments that were impacted of the scheme and had no knowledge of the fraud. What role did they play in the scheme? How were the controls in place insufficient to prevent the scheme? Then it would involve making changes to the existing controls to prevent repetition.
But how would a company know that was the only kind of fraud to which the company was susceptible? How can the company prepare itself against the perpetration of a different type of scheme in the future?
Companies are well advised to take a proactive preventative approach to fraud versus an after the fact corrective one. It’s far easier to keep the horse in the barn than to have to chase it down across open fields after its left through an open barn door. This means identifying internal control weaknesses, developing adequate internal controls, maintaining them, reviewing them on a consistent basis and monitoring trends in the industry to stay ahead of new methods to engage in fraudulent conduct.
This is an area in which outside experts can provide added value.
Outside experts who are trained to assist with fraud prevention provide added value in helping its clients examine the sufficiency of internal controls on a regular basis, make recommendations for the enhancement of those controls and do so in a manner which will not change the culture a company has worked so hard to build.
Outside experts can help implement a proactive preventative approach for your company that is data driven. Having a data driven approach will seek to help your company spot inconsistencies sooner. It is important to note that the finding of an inconsistency does not mean a fraud took place. Further review is required. But implementing a questioning mindset will limit opportunities of fraud in the future.
No matter what controls are in place, one cannot guarantee occupational fraud will not occur at your company. But the preferred situation is to have taken appropriate proactive measures, using experienced outside experts if needed, to try to prevent occupational fraud, to detect it at its earliest stages, to limit damage exposure, to reduce diversion of resources and to protect against reputational harm.
- Report to the Nations – 2020 Global Study on Occupational Fraud and Abuse, page 4.
- Report to the Nations – 2020 Global Study on Occupational Fraud and Abuse, page 39.
- Report to the Nations – 2020 Global Study on Occupational Fraud and Abuse, page 10