Organizations around the world are losing an estimated 5 percent of their annual revenues to internal theft, according to the premier study on occupational fraud published by the Association of Certified Fraud Examiners (ACFE).
The biennial 2014 Report to the Nations on Occupational Fraud & Abuse includes data compiled from 1,483 cases of fraud investigated globally between January 2012 and December 2013.
According to the ACFE, occupational frauds can be classified into three primary categories: asset misappropriations, corruption and financial statement fraud. Asset misappropriations, including cash skimming and fraudulent disbursement are the most common, occurring in 85 percent of the cases studied. These types of fraud are also the least costly, causing a median loss of $130,000. In contrast, financial statement fraud—overstating or understating revenue or assets—was found in only 9 percent of cases, but caused a median loss of $1 million. Corruption schemes such as bribery and bid rigging fell in the middle in terms of both frequency (37 percent of cases) and median loss ($200,000).
The median loss caused by workplace frauds was $145,000, according to the report. There were losses of at least $1 million in 22 percent of the cases studied. The median amount of time from when the fraud commenced until it was detected was 18 months.
“The longer frauds last, the more financial damage they cause,” said Andi McNeal, CFE, director of research for the ACFE. “Proactive detection measures such as hotlines, management review procedures, internal audits and employee monitoring mechanisms are vital in catching frauds early and limiting their losses,” she said.
The ACFE presented a few recommendations for employers to be better protected from the risk of fraud:
Establish a fraud hotline. Tips are consistently and by far the most common detection method, according to McNeal. Over 40 percent of all cases in the report were detected by a tip, which is more than twice the rate of any other detection method. The majority of tips come from employees of the victim organization. The study found that organizations with hotlines detected frauds in half the time of organizations without, and experienced frauds that were 41 percent less costly. “There are several providers of hotline services that can help implement an anonymous tip-reporting system for businesses of all sizes and industries,” McNeal said. It would also be advantageous to circulate a whistle-blower policy for employees, she added.
Be aware of red flag behaviors. The AFCE found that more than 90 percent of fraud perpetrators in the study cases displayed certain common behavioral indicators. Some of these are: living beyond one’s means (44 percent), having financial difficulties (33 percent), keeping an unusually close association with a vendor or customer (22 percent) and exhibiting control issues with an unwillingness to share duties (21 percent). In 92 percent of the cases studied, at least one common behavioral red flag was identified before the fraud was detected, according to the report.
The vast majority of workplace thieves are first-time offenders, McNeal said. Only 5 percent had been convicted of a fraud-related offense prior to committing the crimes identified in the study. Eight out of 10 fraudsters have never previously been punished or terminated by an employer for fraud-related conduct, according to the report.
Not surprisingly, 77 percent of the frauds studied were committed by individuals working in one of seven departments that deal with financial assets: accounting, operations, sales, executive/upper management, customer service, purchasing and finance.
The industries with the most reported frauds continue this trend, and include banking and financial services, government and public administration, and manufacturing. The mining, real estate, and oil and gas industries had the largest reported median losses.
The most costly frauds were perpetrated by individuals with higher levels of authority. Owners and executives only accounted for 19 percent of all cases, but caused a median loss of $500,000. Employees, conversely, committed 42 percent of occupational frauds but only caused a median loss of $75,000. Managers ranked in the middle, committing 36 percent of frauds with a median loss of $130,000.
Don’t rely on external audits. External audits of financial statements are the most commonly used (81 percent) fraud detection tool, but are among the least effective controls in combating occupational fraud, according to McNeal. “External audits were the primary detection method in just 3 percent of the fraud cases in the study,” she said. “Seven percent were detected by accident. A robust anti-fraud program with a reporting system for tips is needed for better protection,” she said. Only 54 percent of the organizations victimized by frauds in the study had a hotline in place, and only 10 percent provided rewards for whistle-blowers.
McNeal said that many of the most effective anti-fraud controls are being overlooked, for example, proactive data monitoring and analysis—used by only 35 percent of organizations that experienced fraud in the study. Other less-common controls, including surprise audits, a dedicated fraud department or team and formal fraud risk assessments showed reductions in fraud damage, according to the report.
A note on background checks: “While background checks can be useful in screening out some bad applicants, they might not do a good job of predicting fraudulent behavior,” McNeal said. “Most fraudsters work for their employers for years before they begin to steal, so ongoing employee monitoring and an understanding of the risk factors and warning signs of fraud are much more likely to identify fraud than pre-employment screening.”
Focus on prevention, not recovery. Most respondents (58 percent) noted that there had been no recovery of losses to date. That number was 49 percent in 2012. Only 14 percent of organizations victimized by fraud had made a full recovery, according to the report. “It is clearly more cost-effective to prevent fraud with proactive controls, rather than to hope to recover losses after the fact,” McNeal said.
Roy Maurer is an online editor/manager for SHRM.
Follow him @SHRMRoy