INSIGHT – The Magazine of the Illinois CPA Society – January/February 2008
By Sheryl Nance-Nash
“Fraud is a cancer to corporate America. You never feel like your company will be affected, but it happens every day to some company,” says Lance Randolph, a certified fraud examiner (CFE) with CBIZ Accounting, Tax & Advisory Services in Cleveland, Ohio.
It’s especially real for the banking and financial services industry, according to the 2006 Association of Certified Fraud Examiner’s (ACFE) Report to the Nation on Occupational Fraud & Abuse, which reported 14.3 percent of incidents in this sector.
While you may assume that accounting firms are more aware of fraud and therefore more aggressive in preventing and detecting it internally, “The sad truth is that they can fall prey to fraud just as easily as any type of company. In some instances, accounting firms even let down their guard because they believe the firm’s experience with fraud will inherently protect it. This puts them at an even higher risk,” says Tracy Coenen, CPA/CFE with Sequence Inc. Forensic Accounting in Milwaukee, Wisc.
Miscalculating can be costly. According to the ACFE, the typical organization loses 5 percent of its annual revenue to occupational fraud, or a rough total of more than $650 billion, based on the 2006 US gross domestic product.
Asset misappropriations comprise 91.5 percent of all cases of occupational fraud and abuse. “Asset misappropriations can be described as any fraud scheme that involves the theft or misuse of an organization’s assets. Within this category, 88 percent of cases relate to cash—currency, as well as checks and money orders,” says Ken Berry, CPA/CFE, managing director of Conway MacKenzie & Dunleavy, a turnaround management firm in Birmingham, Mich.
Despite increasingly stringent legislation, such as the Foreign Corrupt Practices Act and Sarbanes-Oxley, and despite the increases in SEC enforcement efforts, financial statement fraud remains a public concern. The Deloitte Forensic Center’s Ten Things About Financial Statement Fraud—an analysis of hundreds of SEC enforcement releases issued from 2000 through 2006—confirms as much. The most common fraud schemes, according to the report, were revenue recognition (41 percent), improper disclosure (12 percent), manipulation of expenses (11 percent); manipulation of assets (8 percent); manipulation of reserves (7 percent) and manipulation of liabilities (7 percent).
What was most surprising about Deloitte’s findings? “The number of fraud schemes utilized. In many cases, it wasn’t just one person at a company doing something, but many complex fraud schemes involving numerous employees,” says Corey Martens, partner with Deloitte FAS Forensic & Dispute Services in Chicago.
But despite what may seem daunting challenges, fraud is a foe you can fight.
Count on Culture
The most important part of fraud deterrence and prevention starts at the top. “Executives, officers and directors of a firm must clearly communicate a zero-tolerance policy for fraud and then lead by example,” says Berry.
“An entity’s management sets the trend by which all others follow. No employee can be expected to follow company policy or obey laws if their leaders are not doing the same,” he explains.
An employee code of conduct can help promote a culture that is defined by ethics and integrity. “By advising employees about what they can and cannot do, you lay a foundation which reinforces compliance with government laws, rules and regulations. Employees must understand that there is a zero-tolerance policy for improper behavior, and discipline must be fair, appropriate and consistent for all employees,” says Berry.
What’s more, “Prevention is a state of mind,” says Pam Verick Stone, director, Protiviti Financial Investigations & Litigation Consulting in Menlo Park, Calif. “It comes by building a culture, ethical and open, where people are free to raise issues and concerns or complaints.”
Review the ‘Fraud Triangle’
Robert Kardell, CFE, management consultant in BKD, LLP’s Forensics & Dispute Consulting Group (Omaha office), refers to “perceived opportunity, rationalization and perceived pressure” as the “fraud triangle.” There are steps to take to reduce the risk of fraud at each of these three corners.
“To reduce perceived opportunity, a company could engage in a series of fraud-awareness training sessions for employees. If they see that the company is actively searching for fraud it will lessen the perceived opportunity,” says Kardell. If you want to ensure that there’s little room for rationalization, treat employees well. “A disgruntled employee is the first to rationalize taking money from a company that he or she sees as being in the wrong,” he explains. To deal with perceived pressures, consider an employee assistance program. “If there is someone with whom to talk about issues and problems affecting their work, it will make them more productive and you may get resolution,” Kardell advises.
Watch for Red Flags
“If there have been changes in an employee’s behavior or lifestyle, or, for example, if an employee works unusually long hours and doesn’t take vacation, those could be clues,” says Martens. Furthermore, excessive complainers and those who say they feel unappreciated by management could be vulnerable to committing fraud.
Be especially leery of substance abusers, since there’s a strong link between fraud and addiction, says Doug Thorburn, author of Drunks, Drugs & Debits: How to Recognize Addicts and Avoid Financial Abuse (Galt Publishing, 2001). “If corporations were aware of the behavioral clues to addiction, they could weed out 80-90 percent of the fraud,” he contends. According to Thorburn, signs of early-stage substance addiction include, “Egomania, habitually blaming others for problems, a ‘rules don’t apply to me’ attitude, disparaging others and always thinking they’re right.”
Educate Employees Because employees are often those who bring fraud to light, it’s critical to school them in what to look for and procedures to follow if suspicions are raised. Anonymous fraud hotlines are extremely effective. “They can cut fraud by 50 percent,” says Wendy Katz, CPA, principal of Business Consultants and Accountants for the Chicago office of SolomonEdwardsGroup.
Check & Double Check
While background checks before hiring and promoting are a given, there are other checks and balances to put in place. For starters, segregate duties that touch upon sensitive or confidential areas of business, be vigilant of business activities, and be well-informed about common fraud schemes. Fictitious vendors, for example, are very common, says Randolph.
“Before a company writes a check for an invoice it should be clear about who it is writing that check to,” he explains. Don’t assume that information from a W-9 is legitimate. That form can be forged, so there can be a legitimate number for a fraudulent business. “Call the phone number, go to the address, check it out,” he advises.
Deploy Detection Tools
Try as you may, it’s hard to be 100-percent certain that you can prevent fraud. Detection, therefore, is key.
Powerful technology is a must, and there are numerous tools that can help with detection, says Katz. “You can use programs that do continuous monitoring and analyze anomalies—what’s different compared to company history, industry standards, and more,” she explains.
Know, however, that one size does not fit all. Look for anti-fraud programs and controls that are best suited to your organization and the types of risk you are most likely to face, says Martens. What’s more, don’t implement technology that is overly complicated. “It won’t get used because companies won’t invest the time and resources to train people to use it properly,” says Kardell.
Aside from technology, use your common sense. Be mindful of departments that always outperform expectations, says Verick Stone. If a department “overrides controls, know why,” she explains. If there is rapid or significant resource turnover within a department, there could be reason for suspicion.
Most importantly, don’t give up the fight. “So much fraud goes undetected that we don’t know what we don’t know. The numbers could be even more staggering, given fraud’s insidious nature,” says Verick Stone. “Be vigilant; people will always try to game the system. The trouble is, fraud risk evolves. As soon as you put in a control, someone will begin to look for a way around it.”