Fraud is big business. Companies are most at risk of fraud from their employees, since they have access to information and assets. On average, companies lose 5% to 6% of their revenues to internal fraud. This means that a company with sales of $50 million is likely losing $2.5 million to $3 million each year to employees with sticky fingers. In this age of amazing shrinking profit margins, 5% or 6% could mean the difference between being in the red or in the black.
You might be thinking that your company has never had that much stolen in one year. Correction: You don’t know if you’ve had that much stolen by employees. Companies can’t quantify exactly how much has been stolen from them, because they simply are not aware of all the frauds committed.
The average is 6 percent, and it’s based upon a consideration of the known and unknown frauds in companies. Don’t get caught in the trap of thinking that your company is much better than average. As managers of companies, you may like to believe that you’re doing better. But some companies are doing better, and some are doing worse. Assume that your company is losing 6 percent, and try to improve on that.
Fraud committed by employees comes in all shapes and sizes, but generally falls into three categories. Asset misappropriations are the ones we hear about most often. These include theft of inventory, theft of money and theft of anything employees can get their hands on.
The less commonly occurring frauds include corruption and financial statement frauds. Corruption includes participation in bribes and kickbacks, and it is common for vendors to bribe employees to help them get favorable contracts or terms. Financial statement fraud centers on the manipulation of financial statements in order to create a financial opportunity for an individual or entity. It is easily the most expensive type of fraud, with the average scheme creating fraud losses in the millions and tens of millions of dollars. In the case of legends like Enron and WorldCom, those losses can rise into the billions.
Hunting Down the Thieves
Companies these days are determined to go after fraudsters with an arsenal of trained investigators. Investigations serve two very important purposes. First, they send a message to other employees that the company is serious about finding fraud and doing something about it. Second, an investigation helps the company learn about the weaknesses exploited by dishonest employees.
While investigations are very useful, they are still not the best way to reduce fraud losses. Recovery from fraudsters is generally very low, so performing an investigation with the intent of recovering ill-gotten gains is misguided.
To cut fraud losses, I recommend that companies invest in a comprehensive fraud prevention program. This will cost money up front, but that investment is easily recovered by a reduction in the company’s fraud risk. Consider even a 10 percent reduction in the risk of internal fraud for the $50 million company. That’s $300,000 saved in one year alone.
Weapons Against Fraud
An effective fraud prevention program has three major components: education, investigation and proactive prevention. Studies have found that internal frauds are most often discovered through tips from employees, customers, or vendors. Since employees are inclined to report misdeeds, company-wide education of employees is an integral part of a fraud prevention program. I recommend broad-based fraud education for all employees. More specific anti-fraud training should be presented by department and by position within the company.
While fraud prevention efforts are aimed at stopping theft, the need for investigations will never be completely abated. Ongoing investigations are important deterrents to fraud, but should not be the main focus of a prevention effort.
The most extensive part of a comprehensive fraud prevention program is the creation and implementation of proactive preventive techniques. These policies and procedures should go above and beyond traditional internal controls and government regulations, and should have a specific purpose relative to the prevention of fraud.
Development of a good fraud prevention program is serious business. For maximum effectiveness, I recommend the involvement of an anti-fraud expert. Those who have investigated hundreds of frauds are in the best position to develop the most relevant controls.
An effective program can be implemented efficiently with the right people and the right expertise. It may be complex and time-consuming, but the cost and pain to implement effective anti-fraud controls is small in comparison to potential and actual fraud losses.
The Best Defense
We’ve all heard that the best defense is a good offense. If management sees the signs that something is out of order, you should follow up. Management should trust their instincts enough to look into any situation that makes you uncomfortable. Hopefully, with a shift toward more proactive fraud prevention, those situations will occur more infrequently.
The process of fraud prevention really never ends. Even with the successful implementation of a comprehensive fraud prevention program, the work is not done. A company committed to fraud prevention will continuously monitor and improve the control policies and procedures.