ARE WE DOING ENOUGH TO PREVENT FRAUD?
Do you think you have a thorough understanding of how your company policy and controls are working? Dont even contemplate answering, but think again for you are in for a shock.
In 1999 speakers at the ACFE Conference in Las Vegas raised various points on how policies, controls, statutory rules and regulations could help to prevent fraud. One such focus is SAS 82 this establishes who is responsible for preventing and or detecting fraud.
One of the speakers Sue Hampton cfe gave the following conclusion;
"To assess the integrity of an organisation, one needs to look at management climate. If management is committed to, and conducts itself in an ethical manner so will the rest of the employees. This commitment to integrity can be demonstrated in many ways both in actions and attitudes. The responsibility is on management to take the element of opportunity out of crime."
All well and good, but to promote the preventive culture we have an up hill struggle as managers cause four times more losses by fraud than other employees.
Should we trust the managers alone to deal with fraud prevention issues?
Fraud is still the fastest growing crime in the world, resulting in substantial losses across all economic activity effecting both the individual, national governments and everybody in between. The European Commission for example reported fraud-related losses in 1998 of $6 billion. The UK Central Government completed a survey in 1997, across 60 departments, 31 of which recorded almost 2000 internal cases of fraudulent activity, resulting in losses of $11 million. These cases included theft of assets, falsification of documents, theft of cash, encashment of cheques and dishonestly making overtime and travel expenses claims. The most notable reasons why the frauds happened were a failure to observe controls in most instances or a complete lack of control in others.
One of the major problems in fighting fraud is resistance from the management within an organisation. Viewed as a victimless crime, many managers regards fraud as an inescapable way of life where the effort required to thwart it far outweighs the benefits of doing so. This is partly due to a lack of understanding of the full ramifications of fraudulent behaviour.
For example, it can be shown that a $10,000 loss to a company that turns over $100,000 actually equates to a loss of some $72,000 when considering costs of generating replacement revenue and loss of interest earned as well as interest incurred.
You must also remember FRAUD is a wider issue than just monetary loss.
In 1997, The Institute of Chartered Accountants of England & Wales (ICAEW) inaugurated a Fraud Advisory Panel - 12 months research concluded
- no-one takes particular responsibility for detecting/preventing fraudulent behavior
- detection of fraud is seen as a burden
- little training in fraud prevention exists even amongst accountants
The ICAEW recommend training programmes amongst the main preventers of fraud, i.e. the managers of purchasing & supply, personnel and development & risk assessors. As yet there is little evidence that even this illustrious body has made any in roads into undermining the prevailing attitude that-
fraud is something that happens to somebody else, not me
Some of the problems encountered revolve around the culture, which was identified by Edgar Schein who stated that;
"Members of the line organisation are tempted to falsify and distort information to avoid punishment for being found out and to avoid having the boss swoop down on them. They put effort into hiding problems and imperfections."
These are the conditions that fraudsters thrive on.
THE NEED FOR CULTURAL CHANGE is required, moving away from detection as this is seen by the managers as a burden, then clearly what is required is PREVENTION. So that losses are not incurred in the first place, thus allowing managers to get on with running their companies, so that precious resources can be directed towards growth.
Research has been carried out by Amarlis Limited. One of the first companies to address prevention rather than detection as a cure and to provide a comprehensive review of how a company operates.
The research was based around a questionnaire designed to establish the level of awareness of potential and/or real problems within a company. This study was conducted at all levels, directors, managers and employees. Its raison detre is to assist in creating a better working environment rather than to conduct a witch hunt. Once completed (anonymously), the questionnaires are analysed and reported on with recommendations for training in areas of controls and policies where they exist and the implementation of such where they do not.
The following are key findings from 250 returned questionnaires. The industries examined include Accountancy, Banking, Civil Service, Manufacturing and Law Enforcement.
- Only a quarter of respondents had been informed of the risk of fraud within their company
- less than 50% identified expenses as an area open to fraudulent activity.
- over 90% of respondent agreed that misrepresentation of information on a c.v. constituted fraud, less than half said the same about invoice overpayments or non-payment of valid debt.
- over two thirds had never had any training in the prevention of fraud although almost half had been personally a victim. Indeed over three quarters were not even aware if their companies had any policies concerning fraud.
However, the most telling evidence lies in the last two questions. Three quarters of respondents gave a definite YES when asked if they thought their company should participate if a service were on offer to both further educate and assist in reducing the risk of fraud.
From the answers the issues are clear and it focuses the attention on how adequate or inadequate controls and policies are in combating fraud risks.
A comparison exercise was carried out on 100 ACFE delegates attending the Orlando conference in August 2001.
The following is a selection of questions and answers with comparisons
Note: figures in brackets are the ACFE delegates answers.
Have you been informed of the risk of fraud to your Company? Yes 24%(78%%) No 76%(22%)
In which of the following areas do you know the company has written procedures?
(Sample of answers)
a) Expenses 44% (83%) e) Document Security 10% (54%)
b) Cash Collections 19% (63%) f) Debt recovery 9% (36%)
c) Computers 25% (72%) g) Stores 4% (39%)
d) Cheques 20% (51%) h) Temporary employees 11%(48%)
Do you consider information about fraud found within your company as: -
(a) Internally sensitive? Yes 57%(66%) No 22% (25%) Dont Know 22%(9%)
(b) Competitor sensitive? Yes 53%(44%) No 18% (38%) Dont Know 28%(19%)
In your opinion could the following be fraud: -
a) The Non Payment of a valid debt?
Definitely 12% (40%) Probably 31% (27%) Dont Know 27% (14%) Probably Not 17% (17%) Definitely not 14% (3%)
b) Invoice Overpayment?
Definitely 11% (42%) Probably 37% (33%) Dont Know 33% (14%) Probably Not 13% (10%) Definitely not 6% (1%)
c) False Accounting?
Definitely 64% (80%) Probably 33% (17%) Dont Know 2% (3%)Probably Not 1% (0%)Definitely not 0% (0%)
Definitely 20% (41%) Probably 33% (43%) Dont Know 26% (14%) Probably Not 17% (2%) Definitely not 4% (1%)
e) Mistakes in expenses claims?
Definitely 15% (29%) Probably 48% (35%) Dont Know 17% (20%) Probably Not 18% (8%) Definitely not 2% (8%)
f) Mistakes in overtime claims?
Definitely 19% (34%) Probably 52% (39%) Dont Know 7% (14%) Probably Not 20% (5%) Definitely not 2% (7%)
g) Misrepresentation of info in a CV?
Definitely 54% (81%) Probably 38% (11%) Dont Know 6% (6%) Probably Not 1% (1%) Definitely not 1% (0%)
Do you accept the following at face value?
a) Documents:- Sometimes 73% (5%) Always 22% (74%). Never 5% (21%) Not Applicable 0% (1%)
b) New Employees:- Always 15% (3%) Sometimes 65% (53%) Never 11% (41%) Not Applicable 9% (3%)
(c) New Client:- Always 9% (4%) Sometimes 64% (55%) Never 19% (35%) Not Applicable 9% (5%)
(d) Office Services:- Always 12% (7%) Sometimes 59% (60%) Never 11% (28%) Not Applicable 18% (4%)
(e) Out-Services cleaning/security:- Always 13% (6%) Sometimes 50% (41%) Never 16% (49%) Not Applicable 20% (4%)
(f) Outsourcing work:- Always 12% (6%) Sometimes 49% (49%) Never 17% (41%) Not Applicable of 21% (4%)
(a)Have you personally been a victim of fraud? Yes 40% (49%)
(b)Could it have been discovered earlier? Yes 12% (32%)
(c)Could it have been prevented? Yes 16% (72%)
(a) Has your Company ever been victim of fraud? Yes 23% (91%)
(b) Could it have been discovered earlier? Yes 9% (74%)
(c) Could it have been prevented? Yes 16% (70%)
Have you received any training in how to prevent or detect fraud?
Less than 6 months 12% (59%)
More than 6 months 10% (31%)
More than 2 years 7% (3%)
Never 70% (6%)
Does your Company have a policy about:-
Fraud Awareness Yes 11% (59%)
Fraud Prevention Yes 6% (56%)
Fraud Training Yes 6% (3%)
Dont know 76% (21%)
In relation to Amarliss findings there is a need for a concerted effort by everybody to address the Prevention ethos and make it a necessary criterior in any business model. The ACFE and other professional organisations must create the need for Cultural change.
Amarliss ethos is Its not what you know its what you dont that counts
Could the above information and assessment address the gaps in your understanding about Fraud Prevention and associated risks.
Further information and more detailed results contact Amarlis or Tom Craig