Reduce Occupational Fraud to Save 5% Annually in Revenue
Ron Steinkamp, Partner, Advisory Services at Brown Smith Wallace, has more than 20 years of experience in internal audits and fraud prevention and detection. In the following interview, he shares the latest facts and figures on occupational fraud, which were recently detailed in the Association of Certified Fraud Examiners' 2014 Report to the Nations on Occupational Fraud and Abuse. The report found that trillions of dollars of revenue are lost to fraud worldwide every year.
Steinkamp reviewed the report highlights with us and provided his thoughts on what organizations can do to recognize and prevent fraud.
What is occupational fraud?
The ACFE's definition is it's the use of one's occupation for one’s own personal enrichment through deliberate misuse or misapplication of the employee's or organization's resources or assets. Basically, it's an employee taking advantage of an organization.
There are three primary categories, the first being asset misappropriation. That is where an employee might steal an organization’s funds, inventory or an asset. The second category is corruption, and that's where an employee uses his or her influence in a business transaction in a way that violates his or her duty or the trust of the employer, and that employee gains a direct benefit. Those are things like bribery, kickbacks and conflicts of interest. The third category is financial statement fraud, and that's where an employee intentionally causes a misstatement in a financial account or report.
What are some conclusions from the study?
The ACFE does this study every couple of years. That 5 percent average loss per organization has held steady for a number of years now, and that's really based on revenue. If applied to gross world product, that amounts to a potential fraud loss of $3.7 trillion annually. You're talking about a lot of money here.
Asset misappropriation is the most common form of occupational fraud. Of the cases ACFE reviewed, asset misappropriations made up 85 percent, but it's the least costly, so the median loss they saw there was about $130,000. Financial statement fraud is the least common―it's less than 10 percent of their cases―but it costs the most. The median loss there was close to $1 million. Corruption falls somewhere in between in terms of frequency as well as the median loss, which is about $200,000.
What can an organization do to prevent and/or detect fraud?
What the ACFE found is that the most common way an organization can detect fraud is through tips. It could be employees, vendors or outsiders who let the company or the organization know that they think fraud's occurring. A key way organizations receive tips is through fraud-reporting hotlines. That could be a phone number, could be a website – some way to report possible occurrences.
Anti-fraud controls and internal controls help reduce the risk of loss and the duration of that loss. What's interesting is that a lot of companies think, “Well, we're going to recover this money if fraud should occur," but ACFE found that close to 60 percent of organizations had not recovered any of their fraud losses, so it's critical to have those controls in place.
It's important to have proactive detection measures in place like a fraud hotline, management review procedures and an internal audit function. Internal audit is critical to finding fraud and being there to help investigate. The ACFE found internal audit to be a very important component as well as just monitoring what's going on in the organization. They also recognized the importance of implementing surprise audits.
The ACFE also suggested doing a fraud risk assessment. That's how an organization identifies where fraud can occur and whether they have some controls in place to prevent and detect fraud.
What are the red flags of fraud?
With red flags, we look at what we call the fraud triangle. There are three areas, and the first is pressure. These are the warning signs you want to look out for: somebody with high personal debt, somebody who is living beyond their means, gambling, substance abuse and things of that nature. The second area is opportunity: If we have inadequate controls in place, we're giving someone the opportunity to commit fraud. And then there's rationalization. Most people aren't going to commit fraud unless there's some rationalization they use to justify it.
How can an organization develop an anti-fraud culture?
Some anti-fraud controls that ACFE saw as critical were having an anti-fraud policy – making sure management firmly reviews procedures and trains employees on how to recognize fraud, what to look for, and what to do if you suspect fraud.
Fraud is something that should be taken very seriously. It should be understood that it's not allowed, that there are repercussions and that we as an organization take it seriously. And financially, what company wouldn’t want to add up to 5 percent to their revenue total?