The Association of Certified Fraud Examiners’ (ACFE) “2012 Report to the Nation” is one study that describes the losses that an entity may experience as a result of fraud: A typical organization loses approximately 5 percent of its annual revenue to fraudulent acts.
Small businesses often suffer disproportionate fraud losses, as the “median loss suffered by organizations with fewer than 100 employees was $190,000 per [fraud] scheme, says James P. Martin, managing director for Cendrowski Corporate Advisors LLC.
“In today’s environment, companies of all sizes need to consider the risk of fraud and take proactive measures to help mitigate the risks that they face,” says Martin.
Smart Business spoke with Martin about how a to take proactive measures to protect a business and help it fight fraud.
What can companies do to help mitigate the risk of fraud?
Fraud is not a random occurrence; it happens in situations in which conditions are right for it to happen. Identifying the root causes of fraud and removing the potential for fraud is called fraud deterrence.’
There are procedures can be applied in any organization to help alleviate the growing threat of fraud.
What is fraud deterrence?
The term ‘fraud deterrence’ refers to a systematic approach to identifying and removing the causal factors of fraud; it is not simply a plan focused on earlier fraud detection. Fraud deterrence is based on the premise that fraud occurs when the conditions are right for it to occur, more specifically, in situations in which there is motive, opportunity and rationalization for a fraudulent act.
These three elements, comprising the ‘Fraud Triangle,’ are the focus of fraud deterrence, as the removal of any one of these element will reduce the opportunity for fraud to occur. In this manner, fraud deterrence centers on the premise that the causal factors of fraud can be recognized and proactively reduced in an organization.
How do the causal factors of fraud work?
It is through the implementation of strong internal controls that elements of the fraud triangle — the causal factors of fraud — are reduced. To illustrate the deterrence actions, consider a familiar example relating to fire deterrence and response:
Fire extinguisher = remediation
- The fire has already happened.
- Minimize the damage by quickly controlling the fire.
- The longer the response time, the greater the damage that will occur.
Smoke detector = earlier detection
- Earlier detection, before fumes can even be smelled.
- Detects nothing until the event actually happens.
- By the time the detector is activated, there has been a fire.
Removal of causal factors = deterrence
- Removal of flammable materials
- Removal of sources of ignition (e.g. not allowing smoking, flammables away from a flame source such as a water heater)
- Increasing awareness of risk of fire (e.g. Smokey the Bear)
Deterrence of the fire event, just as in the case of fraud, is effected by the removal of causal factors without waiting for a warning sign that something has gone wrong. Of the three elements of the fraud triangle, ‘opportunity’ can be most directly addressed by the organization through improvements in the internal control structure.
What improvements can help eliminate opportunity?
First and foremost, make sure that cash is well controlled, and that starts with the bank account. The bank reconciliation should be performed by a person not involved with collections or disbursements. The bank statement should always go to a person not involved with any of those functions; in the case of a small business, the statement should go to the owner.
The statement should be reviewed for unexpected activity, including looking at the payee of each check, before a copy is provided to the person doing the reconciliation. Likewise, cash collections and deposits should be independently counted and verified. Basic diligence of cash can prevent many fraud schemes.
Would the deterrence activities also identify the need for further investigation?
Yes, fraud deterrence initiatives frequently move to detection activities: Fraud deterrence identifies an opportunity that could allow a fraud to occur; detection activities are performed to determine if anyone has exploited that opportunity.
Fortunately, fraud deterrence, and the resulting understanding of the opportunity for fraud, provides a clear roadmap for where such detection activities should be applied. Clearly, an organization that has instituted fraud deterrence activities has a greater defense against fraud than one that has not actively identified and eliminated the opportunity for fraud in its organization.
James P. Martin, CMA, CIA, CFE, is managing director for Cendrowski Corporate Advisors LLC. Reach him at (866) 717-1607 or [email protected]
Insights Accounting is brought to you by Cendrowski Corporate Advisors LLC