As auditors, we often hear about fraud after the fact. We’re asked to investigate what went wrong and how it happened. Organizations should not wait until after the fact to identify fraud. Through risk assessment and management processes, organizations can identify potential fraud and act to prevent it.
So, what is fraud? Merriam-Webster defines it as “intentional perversion of truth in order to induce another to part with something of value or to surrender legal right.” Fraud is not just embezzling funds; it is a term covering misrepresentation or concealment of material facts, bribery, conflicts of interest, theft of money and property and breach of fiduciary duty.
Fraud happens because of the three forces defined in Cressey’s Fraud Triangle: pressure/incentive, opportunity and rationalization. Pressures or incentives to commit fraud could include: loss of a job by a family member; reduced pay, benefits or insurance; additional responsibilities caused by a reduction in force; addictions and debt (potentially from mortgages, cars or credit cards). Cutbacks, or reductions in force, can create potential fraud opportunities. These opportunities happen because knowledge is lost, duties are less segregated, supervisory oversight is reduced, established controls are not used, IT security controls are overridden without detection and new vendors are not investigated. Fraud is often rationalized with thoughts like “they own me,” “I deserve it,” or “it’s not their money anyway.”
How do you identify potential fraudsters who are likely to be affected by these three forces? There are behavioral red flags, identified by The Association of Certified Fraud Examiners, which organization leadership can watch for. Leaders should pay close attention to employees exhibiting the following:
- Financial difficulties
- Living beyond means
- Control issues
- Wheeler-dealer attitude
- Unusually close association with vendor
- Job performance issues or suspiciousness
- Addiction problems
- Past employment-related problems
- Refusing to take vacations
- Complaining about inadequate pay
- Instability in life circumstances
Effective fraud deterrents can prevent fraud by limiting opportunities to commit it. Organizations should have written fraud policies that includes zero tolerance statements. All employees should review and sign-off on this policy and a copy of the signed policy should be kept in the employee’s personnel file. The fraud policy should include procedures for a reporting process including whistleblower protection and expectations of consistent and timely reporting of suspected fraud. Organizations should also have ethics and conflict of interest policies; these policies should be signed and stored in employee files as well. Fraud prevention also comes through training, including teaching employees how to recognize signs of fraud and how to handle dicey ethical situations. Policies are only effective if employees are expected to, and know how to, follow them.
Contact our Fraud Prevention Professionals
Worried that you may have some potential fraudster in your midst? Want to institute a fraud deterrent process, but don’t know where to start? Contact Rea & Associates. Our audit team will help you to put the processes that you need in place. Our certified fraud examiners will help you create effective fraud policies.