Fifty Shades of Fraud: Part Three

 

By Ben P. Lee, CPA, CFE, CFF, CGMA, CGFM, CGFO

Managing Member, Coastal CPAs, LLC 

In Parts I and II I discussed cases that I had investigated and served as an expert witness. In this article I will discuss how to deter fraud in your organization, regardless of its size or number of employees. The best deterrent – A FRAUD PREVENTION PROGRAM.

Is someone eating your cheese? It is highly likely!

Every year the Association of Certified Fraud Examiners issues its worldwide “Report to the Nations”. It is the most comprehensive and widely quoted source of occupational fraud data in the world. Below are listed a few facts from the “2018 Global Study of Occupational Fraud and Abuse” (an analysis of 2,690 cases of fraud investigated between January, 2016 and October, 2017):

  • 2,690 real cases resulting in $7 billion + in total losses
  • Median loss per case $130,000
  • 22% of cases – losses of $1 million +
  • Median duration of a fraud scheme – 16 months
  • Tips from employees was before the common initial detection method
  • Organizations with Fraud Prevention Programs had lower fraud losses and quicker detection

The ACFE has typically found that organizations lose 5% of revenues each year to fraud. That is cheese you could have been eating.

A Fraud Prevention Program is the best investment that an organization can make.

Don’t let yourself get caught up in thoughts like:

  • This would never happen to me or my organization
  • My organization is too small to need fraud prevention
  • We have very good controls already
  • All my employees are good people
  • I trust all my employees

Prevention activities are intended to secure the organization and its processes against fraud. Who is responsible? It is management’s responsibility to design and implement controls to prevent and detect fraud. Management should set the proper tone and establish controls to prevent, deter and detect fraud. The internal and external auditors are NOT responsible for fraud prevention.

Every organization has internal controls but they don’t all have fraud prevention!

So what makes up a “Fraud Prevention Program”? Listed below are a few components to build a fraud prevention program:

  • Implement background checks on all employees
  • Implement a Fraud Risk Assessment Process
  • Implement regular Fraud Awareness Training
  • Ensure that your Tone at the Top is one of honesty
  • Have an Accountability Matrix
  • Implement a Code of Ethics
  • Implement a Reporting Mechanism (hotline)
  • Implement Continuous Controls Monitoring (CCM)
  • Implement Proactive Anti-Fraud Policies

Trust

Let’s get back to this important word. Yes, we all trust our employees, but we must verify that trust. This second step of verification of trust is commonly the window that is left open. I have worked on hundreds of fraud cases where the fraud has already been detected by accident or a tip. My first question to management is “How did this happen”? Response: We trust them. However, there was no verification of that trust.

In the broadest terms, fraud means obtaining something of value or avoiding an obligation by means of deception.

“The intensity of desire and the perception of opportunity are personality variables. The balance between desire and opportunity moves. Temptation to steal fluctuates with individual temperament and situation” (Nettler 1974).

Motivation is therefore a combination of an individual’s personality and the situation in which they find themselves. Conversely, psychological factors will influence the way a person interprets the situation they are in and this, in turn, will influence the actions they choose to take.

Psychological Factors in Fraud

At first glance, a psychological explanation for fraud would appear simple – greed and dishonesty. Such an explanation is, however, overly simplistic. There are many in society who are aggressively acquisitive, but generally law abiding. Moreover, not all dishonest people commit fraud. To date, behavioral scientists have been unable to identify a psychological characteristic that serves as a valid and reliable marker of the propensity of an individual to commit fraud. (Australian Institute of Criminology)

The Fraud Triangle

American Criminologist Donald Cassey developed a theory – known as the Fraud Triangle - that explains the factors that lead to fraud and other unethical behavior.

When businesses and organizations understand the Fraud Triangle, they can more effectively combat criminal behavior that negatively impacts their operations.

UNDERSTANDING THE FRAUD TRIANGLE

The three factors that make up the fraud triangle are:

  1. Pressure. Most individuals require some form of pressure to commit a criminal act. This pressure does not need to necessarily make sense to outside observers, but it does need to be present. Pressures can include money problems, gambling debts, alcohol or drug addiction, overwhelming medical bills, etc. Greed can also become a pressure, but it usually needs to be associated with injustice. “The company has not been paying me what I am really worth,” for instance.
  2. Opportunity. An opportunity to commit the act must be present. In the case of fraud, usually a temporary situation arises where there is a chance to commit the act without a high chance of being caught. Companies that are not actively working to prevent fraud can present repeated opportunities to individuals who meet all three criteria of the fraud triangle.
  3. Rationalization. The mindset of a person about to commit an unethical act is one of rationalization. The individual manages to justify what he or she is about to do. Some may think they are just going to borrow the stolen goods, or that they need the money more than the “big” company they are stealing from.

USING THE FRAUD TRIANGLE

The fraud triangle provides a useful framework for organizations to analyze their vulnerability to fraud and unethical behavior, and it provides a way to avoid being victimized. Almost universally, all three elements of the triangle must exist for an individual to act unethically. If a company can focus on preventing each factor, it can avoid creating fertile ground for bad behavior.

RELIEVE PRESSURE

Organizations only have so much impact on the personal lives of customers and employees. An organization should try to identify any possible pressures that the organization could relieve in order to deter the criminal acts.

MINIMIZE OPPORTUNITY

Organizations should always be looking to minimize the opportunity for fraud and unethical behavior. Working with a Fraud Consultant can help organizations analyze operations and risk, review internal controls, address any current or future vulnerabilities and develop fraud prevention policies and procedures.

TARGET RATIONALIZATION

One way to prevent fraud is to keep individuals from ever being able to rationalize the behavior in the first place. Organizations can create a “zero tolerance” policy towards fraudulent behavior, and remind employees and customers of this policy on an ongoing basis. Organizations can also make employees know the cost of fraud to customers and other employees. The continuing focus on the organization’s Fraud Risk Policy will minimize any unethical behavior.

In closing, the biggest and best deterrent provided by the Fraud Prevention Program is “the fear of getting caught”.