Oversight is needed to mitigate occupational fraud

Business owners, board members and other key stakeholders should give more consideration to what their organization is doing to prevent fraud, says Laurie A. Gatten, CPA, CFE, a director at Barnes Wendling CPAs.
“It’s concerning when I begin initial discussions with owners or other key stakeholders regarding internal controls, and when I ask them how they identify risks of fraud and what measures are put into place to mitigate those risks, the answer returned is, ‘That’s why you’re here as our auditor,’” she says.
Smart Business spoke with Gatten about occupational fraud and the internal controls that can mitigate it.
What is occupational fraud and what forms does it typically take?
Occupational fraud is the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of an organization’s resources or assets. It can be as simple as theft of company supplies or as complex as sophisticated financial statement fraud or corruption.
Asset misappropriation, corruption, and financial statement fraud are three types of occupational fraud. Asset misappropriation is by far the most common, but the least costly with a median loss of $114,000. The least common type of scheme, but most costly, is financial statement fraud with a median loss of $800,000.
What are the signs that fraud is occurring?
In most cases, fraudsters display at least one behavioral red flag and sometimes they exhibit multiple red flags.
The six most common red flags are:
  Living beyond their means.
  Financial difficulties.
  Unusually close association with vendors or customers.
  Control issues and an unwillingness to share duties.
  Divorce or family problems.
  A ‘wheeler-dealer’ attitude.
The leading detection methods are tips from employees or others, internal audit, and management review and oversight. More than half of all tips are provided by employees, but tips can also come from people outside of the organization, such as customers, vendors, and competitors.
What should happen once fraud is detected?
Once fraud is suspected or determined to have occurred, the perpetrator should be immediately removed from his or her position. The company should consult legal counsel and a certified fraud examiner. The attorney will assist on human resource and other legal matters, while the certified fraud examiner can quantify the losses, present investigation findings, and assist in developing proper controls to deter future fraud.
What steps can companies take to mitigate occupational fraud?
The first step an organization should take is actually implementing a fraud mitigation strategy. It’s really important for everyone to understand that management is responsible for implementing a sound internal control structure. While having an external audit is one way to measure a certain amount of effectiveness of a fraud mitigation strategy, the auditors cannot be part of a company’s internal control structure.
How can an organization test its fraud mitigation strategy to ensure it’s effective?
The best way to test the effectiveness of a fraud mitigation strategy is to have an ongoing monitoring process in place to evaluate it.
There are several measures to incorporate into a monitoring process, but most important are:
  Establishing a third-party hotline where suspicious activity can be reported without reprisal. Ensure all employees are aware it exists and know how to access it.
  Communicating anti-kickback policies to vendors, customers, and other outside parties.
  Jobs rotations, mandatory vacations, and determining if proper segregation of duties is in place.
Everyone in an organization is busy and it is easy to let certain internal controls go by the wayside. Continuous monitoring is key to ensuring the internal controls structure remains strong and is effective.
Insights Accounting is brought to you by Barnes Wendling CPAs