We’ve all heard so much in the news about fraud over the last several years. Not a day goes by that we don’t hear about an executive caught with his hand in the cookie jar, a company that failed to follow proper accounting rules, or a compensation structure that led someone to cheat with the numbers.
In some ways, I think people are becoming immune to fraud. The cases don’t seem as significant as they would have been five years ago. They’re not as shocking as they used to be. It is sad that fraud is becoming more commonplace. And the more we hear about fraud, the more I think companies run the risk of not taking it seriously.
Most importantly, I think people are running around with some big misconceptions about employee fraud. If they mistakenly believe their company is not at risk, they are probably not actively preventing fraud. Companies must know the truth about fraud and its perpetrators in order to actively protect themselves.
The following are five of the fraud myths that I regularly run into in my fraud investigation practice. Whether owners and executives actually utter these out loud or not, merely buying into these myths mentally can be a recipe for disaster.
1. Our company does not have an internal fraud problem.
While companies would like to believe they have good employees and adequate controls to prevent fraud, the fact of the matter is that 45 percent of companies will be significantly affected by fraud, according to one international study. A separate study estimates that the average internal fraud will cost $159,000, and that almost one-fourth of fraud cases will cost companies over $1 million each.
Companies cannot afford to ignore the risk of fraud and the likelihood that fraud is occurring internally. It is too expensive, particularly when one considers the fact that there are many indirect costs of fraud, including investigation and legal costs, employee attrition, and decreased employee morale.
Actively fighting fraud means implementing policies and procedures that prevent and detect fraud. Anti-fraud professionals who are experienced with the common methods of fraud can be invaluable to this process. Whether a company gets there with employees or outside consultants, it is important to secure company information and assets to prevent internal fraud.
2. Most people are honest and won’t commit fraud.
This is a dangerous approach to take to the business of fraud. It is true that most people are generally honest. But to rely on this instead of putting controls in place to prevent fraud is a big mistake.
While it’s wise to hire those with a track record of honesty, past behavior doesn’t necessarily predict future behavior. Almost 88 percent of employees and executives who commit fraud against their employer have never before been charged or convicted of a fraud-related offense. This means it’s nearly impossible for companies to predict who is going to commit fraud and when they are going to do it.
It is a fact that honest people can and do commit fraud. Outside pressures can cause people to behave in ways they normally would not. Things that could push someone toward fraud include addictions, divorce, overwhelming debt, and gambling problems. When pressures like this are present, it’s difficult to predict who will commit fraud.
In the end, those who commit fraud come from all walks and ways of life. From clerks to executives, no one is immune. Thieves come from all social classes and all economic backgrounds. If given a strong motivation and ample opportunity, anyone can commit fraud against her or his employer.
3. If our company follows government regulations, we will be protected against fraud.
Unfortunately, the current accounting rules and regulations do not really provide protection against fraud. Sarbanes-Oxley is probably the most widely-recognized regulation dealing with fraud. It has had some positive effects because it has forced companies to review and document their policies and procedures.
Companies have spent enormous amounts of money on implementing Sarbanes-Oxley, and it’s probably discouraging to admit that even such an extensive project isn’t really preventing fraud. The regulation forces management and the board of directors to accept responsibility for issuing accurate financial statements, however, it doesn’t really ensure that companies have fraud prevention procedures in place.
In order to effectively prevent fraud, companies must create and implement policies and procedures specifically designed to deter and detect fraud. Again, this should be accomplished with the help of an anti-fraud professional who is experienced in the methods used by corporate fraudsters. A good fraud prevention program will actively prevent and detect fraud while still complying with the applicable regulations.
4. Small frauds aren’t important enough for management to worry about.
Virtually every big fraud started out as a small fraud at one point. Whether it is a minor theft of cash or a financial statement manipulation intended to cover up a substandard quarter, what starts out as a small fraud can quickly grow into a major fraud scheme. A theft of $500 may not seem significant enough for management to devote time and effort to the problem. But what if an employee was stealing $500 a week for three years? Suddenly, there is a theft of over $75,000, which could be very material to the company.
It’s important for companies to take small frauds and ethical lapses seriously. Not only does management want to cut off frauds while they are in their early stages, they also should be sending a message to employees that dishonesty is not tolerated. A zero tolerance policy is a necessary part of any good fraud prevention program.
It may be expensive to monitor and investigate smaller thefts from the company. However, in the long run, the cost will be worthwhile because the company will have stopped frauds from growing into the hundreds of thousands and millions of dollars. Therefore, an effective fraud prevention program will contain components that help the company discover fraud early.
5. Fraud will be detected by our auditors.
History has shown us that a company’s independent auditors cannot be relied upon to find fraud. This is true primarily because audits are not designed to detect fraud. They are designed to give “reasonable assurance” that the numbers shown on the financial statements are materially accurate.
Because fraud involves the active concealment of the truth, it makes it difficult for auditors to discover. Further, auditors have a tendency to become complacent with their clients. They see the same things year after year in the audit, and they may stop paying close attention. Employees who are concealing a fraud may also be comfortable with the auditors and know what procedures are coming. If that’s the case, count on the employees to be very careful with the fraud as it relates to those expected procedures.
Auditing rules have attempted to address how auditors approach the potential for fraud within companies. While the current rules are somewhat better than those of several years ago, a traditional independent audit still cannot be relied upon to detect fraud. Executives who believe differently are setting their companies up for disaster.
Preventing fraud in companies all comes back to active prevention techniques and educating employees about fraud. First, owners and executives must be aware that they are very much at risk of experiencing internal fraud, and that the statistics show that the losses can be expensive. Then they need to take decisive action in formulating a fraud prevention program.
Education of everyone is still a very important part of fraud prevention. No company is immune to the problem, and no employee is completely free from the possibility of committing a fraud one day. After owners and executives appreciate the true magnitude of the problem, it will be through action that fraud will be prevented at their companies.