Perpetrators of fraud have plenty of schemes to choose from when cooking up their crimes. The fraud schemes range from petty theft by lower-level employees, all the way up to management cooking up stellar financial statements to dupe investors and lenders.
Fraud prevention policies and procedures sometimes have a tendency to focus on the smaller thefts. While those types of defalcations occur most often, they are not the most expensive. The financial statement frauds are the most devastating monetarily, and therefore must be fought aggressively.
Another mistake made by companies attempting to begin proactive fraud prevention is an “all or nothing” attitude. While the best fraud prevention programs are extensive in terms of procedures, costs, and timelines, this should not deter companies from implementing basic procedures. Even if a company cannot implement a comprehensive fraud prevention program due to cost or staff limitations, management should still make some basic improvements.
Some of the more obvious policies and procedures that can influence the level of fraud in companies include the following:
- Incentive programs such as stock options based upon financial statement results or bonuses based upon sales goals can encourage unethical behavior. Managers and executives have been known to record sales prior to their completion, in order that the current period’s results are inflated. This affects later accounting periods, however, and such a fraud may balloon quickly. Incentive programs should be balanced to create high performance, but not encourage cheating.
- No audits may be a recipe for disaster. While audits generally don’t detect fraud because they are not designed to do so, the performance of audits can have a significant deterrent effect on employees. If employees and managers know that this level of oversight is present, they may be less likely to act unethically.
- Relying upon regulations to solve a company’s problems is foolish. Regulations such as Sarbanes-Oxley have caused companies to critically review their processes, and as a result, management has made changes that have created efficiencies. However, the regulations don’t address true fraud prevention. Companies that substitute compliance with regulations for real fraud prevention are doing the wrong thing.
- Absence of formal budgeting and evaluation processes are also a cause for concern. Budgeting helps a company to control its expenses, and also provides a benchmark against which to measure performance. Significant deviations from the budget may indicate problems, including fraudulent behavior. Formally evaluating a company’s results and comparing those results to budgets and forecasts provides additional oversight of employees. Again, employee knowledge that controls exist may help deter fraud.
- Significant growth between reporting periods should be investigated. When a company is consistently outpacing the market or showing continued double- or triple-digit growth, scrutiny is warranted. Even in the case of a top performer, there is only so much growth that can consistently occur. It is important to investigate the growth skeptically to avoid another WorldCom or Enron.
Companies must take steps to aggressively prevent fraud, and must eliminate policies and procedures that may encourage fraud. Legal counsel can be instrumental in identifying risky areas and helping to develop appropriate courses of action.
For example, risks in the area of hiring and firing employees must have the input of a labor and employment attorney to ensure that remedies are legal and defensible.
Litigation attorneys may be able to assist with the development of an investigation policy and work plan, since they may be using the investigation results in court. In-house counsel will be able to address daily operational issues and their legal implications.
Real World Solutions
While companies have only minimal control over motive and rationalization of would-be fraudsters, management can take aggressive steps to reduce the opportunities for fraud. Many solutions are available, but it is important to first work on mending the policies and procedures that are the most broken and that will have the greatest positive impact on the company.
It’s easy for accountants and auditors to get caught up in the hype of discussing “internal controls.” That’s a snoozer for most executives, managers, and attorneys. Instead, think first about real-life solutions like those listed above when beginning to attack the problem of internal fraud. Analyzing the problem to death gets a company nowhere, while action on easy-to-address items gets the ball rolling toward more effective fraud prevention.