Developing an Effective Anti-Fraud Program
Fraud in business continues to be a problem for global companies. The 2014 Report to the Nations on Occupational Fraud issued by the Association of Certified Fraud Examiners (ACFE) indicates that organizations around the world lose an estimated 5 percent of their annual revenues to occupational fraud, according to a survey of Certified Fraud Examiners (CFEs) who investigated cases between January 2012 and December 2013. Applied to the estimated 2013 Gross World Product, this figure translates to a potential total fraud loss of more than $3.5 trillion (U.S.).
The Association of Certified Fraud Examiners (ACFE) published the results of the survey that includes data compiled from 1,483 cases of fraud submitted by CFEs globally.
Based upon the findings in the Report, the ACFE presents five of the top lessons business owners, directors and managers should heed to be better protected from the risk of fraud:
- Implement a Fraud Hotline. The most common way for fraud to be detected is by tip. Therefore, it is important for organizations to establish a hotline to encourage those with knowledge of a fraud to come forward and inform the appropriate person(s) in management. More than 40 percent of all cases were detected by a tip – with the majority of them coming from employees of the victim organization.
- Be aware of red flag behaviors. More than 90 percent of fraud perpetrators in the study cases displayed certain common behavioral indicators. Among the most common red flags: living beyond one’s means (43.8 percent), having financial difficulties (33 percent), keeping an unusually close association with a vendor or customer (21.8 percent) and exhibiting control issues with an unwillingness to share duties (21.1 percent).
- Don’t depend solely on external audits. External audits are implemented by a large number of organizations, but they are among the least effective controls in combating occupational fraud. Such audits were the primary detection method in just 3 percent of the fraud cases in the study. The reason is auditors do not investigate every transaction and they rely on management’s truthfulness in disclosing all the information that an auditor needs to meet his/her professional obligations and honor the public trust.
- Small business owner? Be vigilant. The smallest organizations in the ACFE study suffered disproportionally, with a median loss of $154,000 – higher than the overall median loss for fraud cases in the study ($145,000). These organizations typically employ fewer anti-fraud controls than their larger counterparts, which increases their vulnerability to fraud.
- Focus on prevention, not recovery. The process of recovering the losses from a fraud can go on for years. At the time of the survey, however, most respondents (58 percent) noted that there had been “no recovery” of losses to date. By contrast, only 14 percent of victim organizations had made a full recovery during the same period. It is clearly more cost-effective to prevent fraud with proactive controls, rather than to hope to recover losses after the fact. The key is to develop a corporate governance system that supports strong internal controls including an active board of directors and audit committee that oversees financial reporting. The audit committee should work directly with the external auditors to ensure that the financial statements are accurate and reliable and the information provided is done so with transparency.
Fraud will never go away entirely because all fraud begins with human frailty. Greed is a powerful motivating factor for those who are more likely to pursue their own self-interests rather those of investors and creditors. The best way to stem the tide is to set an ethical tone at the top that establishes an expectation for ethical behavior and spells out the consequences of deviating from those standards.
Blog posted by Steven Mintz, aka Ethics Sage, on June 12, 2014. Professor Mintz teaches at the Orfalea College of Business at Cal Poly, San Luis Obispo. He also blogs at: www.ethicssage.com.