Occupational fraud is an increasing concern for many organizations. According to the Association of Certified Fraud Examiners’ (ACFE) 2016 Report to the Nations on Occupational Fraud and Abuse, the typical organization loses 5% of its annual revenue to fraud. If applied to the 2014 Gross World Product, this translates to a potential fraud loss of nearly $3.7 trillion. The median loss caused by occupational fraud found from their study was $150,000. Additionally, 23.2% of cases involved losses of $1 million or more. According to the report, small businesses, government and public administrations are commonly victimized and 58% percent of the victimized organizations did not recovered any of their losses due to fraud and only 12% made a full recovery.
In most cases, fraud is perpetrated by members of upper management and the accounting department. These employees tend to be highly trusted individuals. This makes sense when you consider these employees have been granted access to your organization’s assets.
Only through diligent and ongoing effort can an organization protect itself against significant acts of fraud. According to the ACFE, there are three primary categories of occupational fraud that all employers should be aware of: asset misappropriations, corruption schemes, and financial statement fraud. Key principles for proactively establishing an environment to effectively manage an organization against such fraud risks include:
Principle 1: As part of an organization’s governance structure, a fraud risk management program should be in place, including a written policy (or policies) to convey the expectations of the Board and senior management regarding managing fraud risk.
Principle 2: Fraud risk exposure should be assessed periodically by the organization to identify specific potential schemes and events that the organization needs to mitigate.
Principle 3: Prevention techniques to avoid potential key fraud risk events should be established, where feasible, to mitigate possible impacts on the organization.
Principle 4: Detection techniques should be established to uncover fraud events when preventive measures fail or unmitigated risks are realized.
Principle 5: A reporting process should be in place to solicit input on potential fraud, and a coordinated approach to investigation and corrective action.
When performing risk assessments, use the fraud triangle - incentives, opportunities, and rationalizations – as an effective framework for identifying areas of elevated risk. For example, if any employee is going through difficult financial times, there are greater incentives for fraud. Weak controls provide opportunities for potential fraudsters. And a loose ethical atmosphere can result in fraudsters rationalizing their acts. Responding to these threats by being proactive can help reduce the risk of fraud.
The following is not a comprehensive list, but we suggest you consider implementing the following controls as a way to reduce your company’s exposure to fraud.
- Conduct background checks on prospective personnel. Thoroughly check references and scrutinize all dates and time gaps in resumes. Have employees bonded if they have access to cash or work in financial functions.
- Send bank and credit card statements straight to the top. The organization’s Finance Director/Superintendent, manager or an audit committee member should be the first to review all bank account entries and canceled checks. Someone without authority to issue checks should reconcile bank statements and review them for forged or altered checks. Before paying credit card bills, support each charge with an original receipt.
- Review documentation for all check requests. Compare original vendor invoices, purchase orders and receiving reports for agreement on quantities, brands, product descriptions and services requested. All should be stamped "paid" and marked with the related check number.
- Monitor cash receipts and deposits independently of employees recording them. Have someone not involved in making deposits or recording accounts receivable open the mail, count money received and report totals to the Finance Director/Superintendent or other official who compares the reported amount to the amount deposited.
- Reconcile accounts receivable and accounts payable monthly. Have the Finance Director/Superintendent, manager or audit committee member review and clear all exceptions. In particular, scrutinize reductions in receivables that were posted to cash.
- Check out first-time vendors. Someone independent of buying and payment processing should review all entries for new suppliers. That person should call to verify the supplier’s name, address and federal tax identification number.
- Restrict authorization and access to finances. Ensure that only appropriate employees can make transactions or have access to assets, documents and records. Password protect computer files and set dollar limits on check authorization. Other safeguards include dual custody of cash receipts or cash on hand and ensuring cash and financial documents are secure.
- Make employees take vacations. Especially require personnel in accounting, human resources and cash handling functions to take one or two weeks off each year, preferably at the end of an accounting cycle. Cross-train employees so that someone else can do their job and double check their work during the vacation.
- Watch for red flags in employee behavior. They can include substance abuse, gambling, change in lifestyle, extramarital affairs, living beyond one’s means, possessiveness of work, high personal debts, high medical bills, peer pressures or simply dissatisfaction with work. Failure to employ anti-fraud controls will increase your vulnerability to fraud.
- Establish a fraud reporting hotline. Tips are the most common method of initially detecting fraud for any organization. For organizations without a hotline, tips account of 28.2% of all frauds detected; but for organizations with a hotline, tips account for 47.3% of all frauds detected. That is, when hotlines are not employed, other, less-effective, means of detection (such as by accident or from confessions) are relied on more heavily.
For additional information regarding fraud, please visit the Association of Certified Fraud Examiners website (www.acfe.com). You can access the full 2016 ACFE Report to the Nations by clicking on Fraud Resources and then click download the Report to the Nations.
This letter is not a substitute for a comprehensive evaluation of your organization’s fraud risk. In fact, the ACFE report states that external audits provide limited usefulness as a means of uncovering fraud.
Please give us a call at (207) 781-3445 if you have any questions regarding your exposure to fraud and how you can reduce your risk.