As businesses face the real risk of payment fraud, a 2012 Association for Financial Professionals survey shed light on the nature and frequency:

• Two-thirds of respondents were targets of attempted or actual fraud, while 28 percent reported increased fraud attempts.

•  Fraudulent checks were used most often, then automated clearing house (ACH).

•  The typical loss was $19,200 in 2011.

Kerri Werschky, retail and sales manager at First State Bank, relays the story of a business customer that had a former employee create bogus payroll checks on its account.

“Thankfully they were enrolled in Positive Pay and the system was able to recognize that the checks presented were fraudulent,” she says. “The checks totaled $35,000, which would have had a huge impact on our customer’s account and daily operations.”

Smart Business spoke with Werschky about ways to prevent check and ACH fraud.

Why are fraud losses on the rise?

Desktop publishing has made counterfeiting checks cheap and easy. The Internet has made it easy to commit fraud from international posts, often with organized rings in uncooperative counties. Cyber criminals can compromise large quantities of data with millions of potential victims for fraudulent checks with lottery scams, job postings and work-at-home opportunities. Faster check clearing has decreased the time it takes to identify and return checks.

What is your liability for check fraud?

Laws provide a negligence standard when determining loss liability, which means banks are not 100 percent responsible for the loss. Businesses have an obligation to inform the bank on a timely basis and limit the exposure. Your company must implement reasonable and adequate controls over bookkeeping processes, such as:

•  Maintaining sufficient controls for check storage, issuance and reconciliation.

•  Reviewing bank statements and reconciling accounts in a timely manner.

•  Using standard fraud protection offerings such as Positive Pay.

What is ACH debit fraud?

ACH debit fraud is a transaction initiated or altered in an attempt to misdirect or misappropriate funds. Any ACH may debit post to your account, with no authorization, if fraud prevention measures aren’t in place. One critical element of this fraud is that account and routing numbers can be obtained from any check.

What are some fraud prevention tools?

Work with your bank to prevent the sizable risk of payment fraud. Some tools are:

•  Positive Pay, which gives the ability to make pay or return decisions on checks presented against an account that doesn’t match. Check issuers provide a data file containing check amounts and numbers on a daily basis, and then receive a report detailing discrepant checks. Fraud is reduced through tighter controls and the ability to authorize payment or return the check prior to the return deadline.

Protection can also be extended to the teller line itself. If a check is not in the company’s Positive Pay file, the presenter is asked to contact the check originator.

ACH debit blocking service guards corporate accounts against unauthorized ACH debit transactions. Benefits include added security and fraud protection by eliminating outside access to your account, as well as staff spending less time reconciling and investigating debit transactions. Your company also can use filtering criteria, such as blocking all debits, blocking all over a certain dollar threshold, or blocking or allowing all except from specific originators.

How can you prevent check fraud?

Convert as many payments as possible to electronic delivery, while implementing fraud prevention tools. Use online reporting and services for faster reconcilement. Provide training to employees, along with segregated duties and a limited number of official signers. Update account and bank records as staff changes, and screen new employees. Control your check stock, while enforcing procedures. Use separate accounts for collection and disbursement activity and payroll and accounts payable disbursements, along with monitoring high-volume accounts and low-volume petty cash or emergency payments. Finally, know who you do business with, whether vendors, customers or maintenance staff.

Kerri Werschky is retail and sales manager at First State Bank. Reach her at (586) 863-9485 or kwerschky@thefsb.com.

For more information on First State Bank’s Positive Pay and ACH debit blocking, visit http://www.thefsb.com/cashmanagement.

Insights Banking & Finance is brought to you by First State Bank

Published in Detroit

It takes years for an owner to build a business, but only a few weeks for an unscrupulous employee to destroy all of that hard work by committing multiple acts of fraud. Approximately 75 percent of employees have stolen from their companies at least once over the course of their careers, according to the International Foundation for Protection Officers, and about half of those offenders will steal again.

The risk is greatest in small to mid-size companies with limited staff, where one person is solely responsible for processing financial transactions and signing checks.

“Executives are asking for trouble if they don’t background check prospective employees or segregate financial transactions because the accumulated losses from internal fraud are capable of bringing a small company to its knees,” says Charlie Ott, a vice president and regional manager for security at California Bank & Trust, a wholly-owned subsidiary of Zions Bancorporation.

Smart Business spoke with Ott about the growing risk of employee fraud and the most effective ways to prevent it.

What are some common types of internal fraud?

Trusted employees, with access to the company’s bookkeeping system and bank accounts, can siphon off funds by setting up phony vendors in the accounts payable module and paying erroneous invoices. Or, they may surreptitiously switch account numbers in the online bill pay system and use company funds to pay personal credit cards, mortgages and car payments. Some use software to replicate blank check stock or insert their name into the payee line. Other times, they submit phony receipts on expense reports or deposit company checks into their personal accounts.

Fraudsters spend every day looking for opportunities and honing their craft, and they’re bound to succeed unless you are vigilant and take a few preventative measures.

Which preventative measures are most effective?

Internal fraud starts with people. So even if you hire referrals from trusted employees or family friends, it’s critical to conduct several interviews, a background investigation and reference checks before extending an offer. Repeat offenders often target small businesses due to their lax vetting practices, and background checks aren’t that expensive when you consider what’s at stake.

Once you have established strong hiring practices, consider opportunity. Based on your business and accounting practices, where do opportunities exist for an employee to defraud your business? What controls are in place to deter employees from defrauding your business? You can mitigate opportunity by making it difficult for fraudsters to conceal their deeds, which is done by apportioning accounting and banking duties among several employees and conducting random checks on financial and banking activity. As an example, have one person open the mail and enter invoices into the system, another approve the payments, and a third person sign the checks, make deposits and reconcile the monthly bank statement. Finally, safeguard the company’s legal filings and resolutions so fraudsters can’t access sensitive company information and use it to open up a phony bank account. Typically, fraudsters test the waters by stealing a small amount of money to see if anyone notices, then they increase the frequency and volume of their illicit activities. Also, they typically act alone; rarely do they act in concert with someone else, as that raises the risk of getting caught.

Is there a way to minimize the risk of check fraud and counterfeiting?

Keep cancelled checks and blank check stock under lock and key, and only release small batches of checks as necessary. Take advantage of your bank’s fraud prevention programs like positive pay and reverse positive pay, which are specifically designed to spot and stop payment on counterfeit, altered or forged checks. Even if your company is small and writes very few checks, you can still look for altered, forged and counterfeit checks or account anomalies by using online banking to view activity and photos of cancelled checks. Finally, don’t let the bank statement sit on your desk; nip fraud in the bud by reviewing your statement the minute it arrives.

What can executives do to avert technology breaches and phishing?

Every company should have virus protection software and a firewall installed on its network, and executives should ask their banker about programs like Trusteer that are specifically designed to spot fraudulent or suspicious electronic banking activity. Keep hackers from gaining access to accounts by using a standalone computer to process banking transactions, utilizing dual authentication and having two people approve transfers of funds between accounts. Educate employees on the risk of phishing and fraudsters’ tactics so they aren’t duped into providing passwords or login information. Never allow multiple users to use the same password or logon name. Keep passwords under lock and key, changing them from time to time, especially when an employee leaves or takes on different responsibilities.

How can executives help prevent fraud?

Don’t be so consumed with growing your business that you overlook the need to establish rigorous accounting policies and procedures or communicate a zero-tolerance policy for deviations. Inspect what you expect by ensuring accounting procedures are followed and seek professional advice by commissioning an outside audit annually. Spot irregularities by reviewing accounting and banking activity at least once a week and ask questions so employees know you’re paying attention. Ask about a sudden increase in invoice activity, the addition of a new vendor or a large change in account balances. Spend time with employees and have lunch in the cafeteria occasionally because you might be surprised at what you learn by just hanging around.

While it may be impossible to eliminate internal fraud, you’ll be able to minimize it as long as you’re vigilant and take a few precautions.

Charlie Ott is a vice president and regional manager for security at California Bank & Trust, a wholly-owned subsidiary of Zions Bancorporation. Reach him at (510) 808-1644 or charles.ott@calbt.com.

Insights Banking & Finance is brought to you by California Bank & Trust

Published in Los Angeles

When times are tough, the temptation for employees to dupe the system and steal cash or assets increases. The economy is a key driver in fraud activity, and over the last several years, organizations of all sizes have been victimized.

So is the fraud environment improving now that there’s news of an uptick in the economy? Not yet, says Jason Buhlinger, a supervisor in financial advisory services at Brown Smith Wallace LLC, St. Louis, Mo.

“While there may be signs of the economy getting a little better, people still feel uncertain — and as long as that feeling is in the back of their minds, there is motivation and a rationalization to steal,” Buhlinger says.

Companies are running leaner, which means there is less management oversight at some firms, and others have eliminated internal audit personnel. One person may be doing the job of two or more employees, so the work force is spread thin. And that may mean that no one is watching should an employee decide to commit fraud.

“Imposing internal controls becomes harder to accomplish with less staff,” Buhlinger says.

Now is not the time to let your guard down as a business owner.

“The longer the economy trickles along, we’ll continue to see people who are looking for easy ways to get cash,” Buhlinger says.

Smart Business spoke with Buhlinger about the types of fraud being committed and how to establish strong internal controls to protect your business.

What specific economic factors drive individuals to commit fraud?

The recession began in December 2007, and at one point, the Dow Jones Industrial Average was down as much as 50 percent. People had to become more frugal. Those who planned on retiring early had to re-examine that goal as they watched their investment savings dwindle. And home prices dropped significantly in some areas of the country.

All of a sudden, the asset values that many people counted on were gone and they had to figure out a way to supplement that. This is where the fraud triangle comes into play — opportunity, rationalization and pressure. All three of these stress points have increased in the past several years, and this continues to be the case.

As long as people feel a sense of economic uncertainty, that can evolve into rationalization and pressure to find more money somehow. When the opportunity to commit fraud presents itself, rather than taking the higher moral road, as they might in better times, they justify the act and take that opportunity. Your organization can’t realistically eliminate all rationalizations and pressures, but it can manage the opportunity side of the triangle.

What types of fraud are most common today?

Asset misappropriation remains the most common type of fraud. That includes, but isn’t limited to, cash theft, payroll schemes and inventory theft, to name a few. A worker might file false expense reports and pocket the cash, or take product from a warehouse and sell it for a profit.

Stealing from cash registers $20 at a time can go unnoticed if proper controls aren’t in place. Asset misappropriation tends to involve smaller amounts of money, but those dollars add up over time.

What are the components of an effective fraud awareness program?

Organizations need to take a proactive approach to prevent fraud. Owners need to be involved in the financial aspect of the business rather than passing that role off entirely to a manager. For example, we recently handled a fraud case in which a CFO had complete financial control of the company and could take whatever he wanted. If their company had implemented the critical concept of segregation of duties, it would have been more difficult for him to pull off fraud.

Segregation of duties is critical to prevent fraud, and this can be a challenge in small businesses. That’s why owner involvement is critical at every level of a business, from reviewing financial statements to checking in at the cash registers. It also helps if organizations provide a way for employees to anonymously report fraud through a tip line or even a simple suggestion box.

By keeping fraud at the forefront of your business, you will discourage those who are teetering on the edge of committing fraud. And with internal controls in place, you will be more likely to catch fraud early before it causes significant damage to the business.

How can a business be proactive about creating a culture of honesty?

It’s important to create a fraud prevention program and talk about it regularly with employees. Hold quarterly meetings to discuss fraud and internal controls. Let everyone know your organization has a zero tolerance policy. By making employees aware that fraud is on the radar and no one is going to get away with it, you decrease the rationalization and opportunity for fraud to occur.

Begin a fraud prevention program to learn what areas of your business are susceptible to fraud. A risk assessment will help you zero in on entry points for fraud so you can watch those areas carefully.

A certified fraud examiner (CFE) can help you get that fraud policy on paper, and it’s a good idea to incorporate it into your employee handbook. Secure a commitment in writing from every employee that they understand the policy and the ramifications if fraud is committed.

 

Jason Buhlinger, CFE, AVA, is a supervisor in financial advisory services at Brown Smith Wallace, St. Louis, Mo. Reach him at  (314) 983-1310 or jbuhlinger@bswllc.com.

Insights Accounting is brought to you by Brown Smith Wallace LLC

Published in St. Louis

Your parts distributor has always been reliable, offering you prices that its competitors couldn’t beat. It was a great deal for you — until the distributor went bankrupt.

You find another supplier and move on. But months — or years — later, you are called on by a bankruptcy trustee that has been appointed to oversee the bankruptcy case. The trustee says that the commodity you were purchasing was priced much lower than market rate. And because the trustee’s job is to collect funds in this case, he’s delivering you with a lawsuit to charge you with paying the difference between your below-market prices and the market rate for those years you purchased the commodity.

“Increasingly, customers of bankrupt businesses are being caught by surprise with fraudulent transfer claims asserted by bankruptcy trustees, who claim that they received a deal that was too favorable,” says Alan Koschik, co-chair of the Commercial & Bankruptcy Practice Group at Brouse McDowell. “These claims seek to renegotiate sale transactions long after they took place and create a new layer of uncertainty for certain business transactions.”

Smart Business spoke with Koschik about how businesses can help protect themselves against fraudulent transfer claims.

What are fraudulent transfers and when do they most commonly occur?

Technically, a fraudulent transfer claim is a transfer of property that is made with the intent to hinder or delay a creditor, or put property beyond their reach. In typical cases, a debtor might transfer his home or savings accounts to another person, an insider such as family or a spouse.

Fraudulent transfer claims most often arise in these familiar situations: transfers to insiders, as described; so-called upstream guaranties of a corporate parent’s debt by a business that ultimately cannot pay its creditors; and leveraged buyout transactions that cause an insolvent debtor to take on too much debt while permitting former equity holders to cash out of the business.

What is surprising about the new class of fraudulent transfer claims?

The new class of claims is distinctly different from these typical cases. They do not involve insider transactions, or extraordinary transactions. The claims are being charged against customers that have engaged in day-to-day business transactions, such as simply buying a commodity a company sells.

The customer isn’t trying to defraud or hinder anyone; it simply wants to buy the product and the seller (debtor) is offering an attractive price. However, bankruptcy trustees are seeking to change the price term of regular sales transactions long after they were completed by arguing that the value paid was less than ‘reasonably equivalent.’ Litigation ensues and usually involves an expensive debate about the sufficiency of the price.

What typical business transactions could lead to fraudulent transfer claims?

Sales of commodities are the most typical sales that can trigger a fraudulent transfer claim because a bankruptcy trustee has access to pricing information. Commodities are traded in a variety of exchanges, so trustees can look up idealized prices and make comparisons to prices actually paid to the debtor, the business that went bankrupt. Then, the trustee can calculate the difference and come up with a figure that he contends the customer should have paid.

The trustee justifies this based on commodities prices, charging that the debtor would have collected X more dollars if it had charged the reported market price. Commodities are more likely to be subject to a pricing comparison and lead to a fraudulent transfer claim than, say, accounting or legal services that are typically considered unique and less likely to have a non-negotiable ‘market price.’

In case of a lawsuit, what defenses can a business raise?

These new fraudulent transfer claims can be challenged with the argument that non-insider customers that negotiate at arm’s length set their own market price and should not bear the burden of guarantying the debtor-seller’s debts to its creditors. The customer shouldn’t have to help pay the vendor’s debt just because it was offered a lower price on a commodity during a regular business transaction.

A non-insider customer’s negotiated price should be considered to be ‘reasonably equivalent value’ by definition and the trustee’s claim should fail. However, the problem is that litigation is a lengthy, costly process, and customers frequently end up paying more in a settlement.

How can businesses protect themselves against fraudulent transfer claims?

If your business purchases commodities, dig deeper when vendors offer a surprisingly low price. Why is the price so low? How long has the company been in business? Are you aware of the financial state of the vendor’s business? Is it in trouble? How much lower than market rate is this vendor charging?

While it’s prudent in business to seek out vendors with competitive prices, if a deal seems too good to be true, it just might be. That said, if you move forward with a vendor offering a price you can’t resist, engage in a futures contract or swap agreement. These transactions are common in the commodity trade, and there are safe harbor defenses built into the bankruptcy code regarding futures trading.

It’s a good idea to consult with your attorney if you engage in commodities purchases to discuss pricing and the potential risks associated with fraudulent transfer claims. Then protect your business by making decisions not based solely on cost.

Alan Koschik is co-chair of the Commercial & Bankruptcy Practice Group at Brouse McDowell. Reach him at akoschik@brouse.com.

Insights Legal Affairs is brought to you by Brouse McDowell

Published in Akron/Canton

You may think that your employees would never steal from you, but how well do you really know and trust the people who work for you? One-third of all employees steal from their employers, and it is estimated that the average loss for an act of employee fraud is in excess of $175,000, says Andrew Rowles, client adviser at SeibertKeck Insurance Agency.

“Even the best internal controls can fall short of preventing an employee from committing a dishonest act if he or she is determined to do so,” says Rowles.

Employee crime and theft have dramatically reshaped business in corporate America.  For example, on Sept. 9, 2011, Carla Jean Johnson was sentenced to 120 months in federal prison for her conviction of wire fraud that cost her employer $977,418. Columbia Lloyds Insurance Co. paid the company’s claim to cover the controller’s embezzlement.

Smart Business spoke with Rowles about why it’s worth investing $5,000 in premiums to protect your assets and ensure that employee fraud doesn’t put you out of business.

What constitutes employee theft, and what company assets are most at risk?

Employee theft can be classified into two major categories: theft of property and misappropriation of funds. Theft of property can include office supplies, inventory, work in process or scrap that belongs to the company. Misappropriation of funds can include the use of accounting records to disguise or redirect accounts receivable, misuse of credit cards, payroll fraud, outside businesses paying kickbacks or other unauthorized transactions.

What protections do general insurance policies offer companies against employee theft?

A standard ISO property policy will pay for a nonemployee stealing from your organization, but what if it is internal? A majority of today’s insurance carriers offer a crime policy to cover business assets that are stolen by an employee.

When purchasing a policy, keep in mind how the policy defines an employee and who is excluded from coverage. Crime causes a greater amount of commercial property losses than any other type of property losses. Current estimates are as high as $50 million annually in the United States for employee dishonesty losses alone. Employee dishonesty is just one of many types of commercial crime exposures that you should consider.The fundamental Crime Insurance parts are:

  • Employee theft
  • Forgery or alteration
  • Inside the premises — theft of money and securities; robbery or safe burglary
  • Outside the premises — messenger
  • Computer fraud and funds transfer
  • Money orders and counterfeit paper currency

What types of policies protect employers specifically against employee theft, and how do they differ from general policies?

Commercial crime insurance coverage can be written as a part of your commercial package insurance policy or as a separate standalone policy. The advantage of a stand-alone is that you can customize forms and coverage to meet your business’ specific needs and may be an option if the commercial package insurance company is not in a position to offer you the amount of crime insurance that you need.

There are two policy forms used by carriers to offer employee theft coverage.  Selecting the correct form is important and the forms differ in the premium charged for coverage.

  • Discovery form. The discovery form covers losses that are identified, or discovered, during the policy period, even if the loss happened some time before.
  • Loss sustained form. The loss sustained form will cover only losses that occur during the policy period and up to 12 months after the policy expires. Keep in mind that employee theft can take time to discover. This form could expose you to the risk of financial loss spread over multiple years.

What types of fraud can occur with employee pension or 401(k) plans, and how can they be prevented?

In 1974, the Employee Retirement Incomes Security Act (ERISA) established insurance guidelines to protect the assets of any employer-sponsored pension, profit sharing, or employee welfare plan. ERISA requires that 10 percent of any benefit plan assets be covered by insurance to protect the plan(s) from employee dishonesty. Coverage protects the participants and beneficiaries from dishonest fiduciaries who handle the plan assets.

There are two ways to provide such coverage, either by endorsing the crime policy or purchasing a separate bond through your insurance company. Keep in mind that it is important to regularly review your plan and review the information provided by your administrator.

What procedures can an employer implement to reduce the risk of employee theft?

In a slow economy, businesses have experienced stalled growth, reduced revenue, liquidity concerns and implementing procedures to reduce theft becomes a higher priority as a loss becomes more certain. A business owner should look into implementing loss control procedures to protect the company’s assets. Here are a few examples:

  • Isolate duties — splitting the job of taking money in and sending it out for deposit. Books kept by one person should be reconciled by another.
  • Require countersignatures on all checks.
  • Perform background checks.
  • Establish a code of conduct.
  • Implement whistleblower and hotline programs.

Nearly every business needs to consider purchasing a commercial crime insurance policy, although determining as to what limit can be difficult. Companies should consider the financial impact of an employee theft claim and discuss this with their accountant, attorney and insurance agent.

Andrew Rowles is a client adviser at SeibertKeck Insurance Agency. Reach him at (330) 867-3140 or arowles@seibertkeck.com.

Insights Business Insurance is brought to you by SeibertKeck Insurance Agency

Published in Akron/Canton

You may think that your employees would never steal from you, but how well do you really know and trust the people who work for you? One-third of all employees steal from their employers, and it is estimated that the average loss for an act of employee fraud is in excess of $175,000, says Marc McTeague, president of Best Hoovler McTeague Insurance Services, a member of the SeibertKeck Group.

“Even the best internal controls can fall short of preventing an employee from committing a dishonest act if he or she is determined to do so,” says McTeague.

Employee crime and theft have dramatically reshaped business in corporate America.  For example, on Sept. 9, 2011, Carla Jean Johnson was sentenced to 120 months in federal prison for her conviction of wire fraud that cost her employer $977,418. Columbia Lloyds Insurance Co. paid the company’s claim to cover the controller’s embezzlement.

Smart Business spoke with McTeague about why it’s worth investing $5,000 in premiums to protect your assets and ensure employee fraud doesn’t put you out of business.

What constitutes employee theft, and what company assets are most at risk?

Employee theft can be classified into two major categories: theft of property and misappropriation of funds. Theft of property can include office supplies, inventory, work in process or scrap that belongs to the company. Misappropriation of funds can include the use of accounting records to disguise or redirect accounts receivable, misuse of credit cards, payroll fraud, outside businesses paying kickbacks or other unauthorized transactions.

What protections do general insurance policies offer companies against employee theft?

A standard ISO property policy will pay for a nonemployee stealing from your organization, but what if it is internal? A majority of today’s insurance carriers offer a crime policy to cover business assets that are stolen by an employee.  When purchasing a policy, keep in mind how the policy defines an employee and who is excluded from coverage. Crime causes a greater amount of commercial property losses than any other type of property losses. Current estimates are as high as $50 million annually in the United States for employee dishonesty losses alone. Employee dishonesty is just one of many types of commercial crime exposures that you should consider.The fundamental Crime Insurance parts are:

  • Employee theft
  • Forgery or alteration
  • Inside the premises — theft of money and securities; robbery or safe burglary
  • Outside the premises — messenger
  • Computer fraud and funds transfer
  • Money orders and counterfeit paper currency

What types of policies protect employers specifically against employee theft, and how do they differ from general policies?

Commercial crime insurance coverage can be written as a part of your commercial package insurance policy or as a separate standalone policy. The advantage of a stand-alone is that you can customize forms and coverage to meet your business’ specific needs and may be an option if the commercial package insurance company is not in a position to offer you the amount of crime insurance that you need.

There are two policy forms used by carriers to offer employee theft coverage.  Selecting the correct form is important and the forms differ in the premium charged for coverage.

  • Discovery form. The discovery form covers losses that are identified, or discovered, during the policy period, even if the loss happened some time before.
  • Loss sustained form. The loss sustained form will cover only losses that occur during the policy period and up to 12 months after the policy expires. Keep in mind that employee theft can take time to discover. This form could expose you to the risk of financial loss spread over multiple years.

What types of fraud can occur with employee pension or 401(k) plans, and how can they be prevented?

In 1974, the Employee Retirement Incomes Security Act (ERISA) established insurance guidelines to protect the assets of any employer-sponsored pension, profit sharing, or employee welfare plan. ERISA requires that 10 percent of any benefit plan assets be covered by insurance to protect the plan(s) from employee dishonesty. Coverage protects the participants and beneficiaries from dishonest fiduciaries who handle the plan assets.

There are two ways to provide such coverage, either by endorsing the crime policy or purchasing a separate bond through your insurance company. Keep in mind that it is important to regularly review your plan and review the information provided by your administrator.

What procedures can an employer implement to reduce the risk of employee theft?

In a slow economy, businesses have experienced stalled growth, reduced revenue, liquidity concerns and implementing procedures to reduce theft becomes a higher priority as a loss becomes more certain. A business owner should look into implementing loss control procedures to protect the company’s assets. Here are a few examples:

  • Isolate duties — split the job of taking money in and sending it out for deposit. Books kept by one person should be reconciled by another.
  • Require countersignatures on all checks.
  • Perform background checks.
  • Establish a code of conduct.
  • Implement whistleblower programs.

Nearly every business needs to consider purchasing a commercial crime insurance policy, although determining as to what limit can be difficult. Companies should consider the financial impact of an employee theft claim and discuss this with their accountant, attorney and insurance agent.

Marc McTeague is president of Best Hoovler McTeague Insurance Services, a member of the SeibertKeck Group. Reach him at (614) 246-RISK or mmcteague@bhmins.com.

Insights Business Insurance is brought to you by SeibertKeck Insurance Agency

Published in Columbus
Saturday, 30 June 2012 21:00

The impact of fraud on organizations

The Association of Certified Fraud Examiners’ (ACFE) “2012 Report to the Nation” is one study that describes the losses that an entity may experience as a result of fraud: A typical organization loses approximately 5 percent of its annual revenue to fraudulent acts.

Small businesses often suffer disproportionate fraud losses, as the “median loss suffered by organizations with fewer than 100 employees was $190,000 per [fraud] scheme, says James P. Martin, managing director for Cendrowski Corporate Advisors LLC.

“In today’s environment, companies of all sizes need to consider the risk of fraud and take proactive measures to help mitigate the risks that they face,” says Martin.

Smart Business spoke with Martin about how a to take proactive measures to protect a business and help it fight fraud.

What can companies do to help mitigate the risk of fraud?

Fraud is not a random occurrence; it happens in situations in which conditions are right for it to happen. Identifying the root causes of fraud and removing the potential for fraud is called fraud deterrence.’

There are procedures can be applied in any organization to help alleviate the growing threat of fraud.

What is fraud deterrence?

The term ‘fraud deterrence’ refers to a systematic approach to identifying and removing the causal factors of fraud; it is not simply a plan focused on earlier fraud detection. Fraud deterrence is based on the premise that fraud occurs when the conditions are right for it to occur, more specifically, in situations in which there is motive, opportunity and rationalization for a fraudulent act.

These three elements, comprising the ‘Fraud Triangle,’ are the focus of fraud deterrence, as the removal of any one of these element will reduce the opportunity for fraud to occur. In this manner, fraud deterrence centers on the premise that the causal factors of fraud can be recognized and proactively reduced in an organization.

 

How do the causal factors of fraud work?

It is through the implementation of strong internal controls that elements of the fraud triangle — the causal factors of fraud — are reduced. To illustrate the deterrence actions, consider a familiar example relating to fire deterrence and response:

Fire extinguisher = remediation

  • The fire has already happened.
  • Minimize the damage by quickly controlling the fire.
  • The longer the response time, the greater the damage that will occur.

Smoke detector = earlier detection

  • Earlier detection, before fumes can even be smelled.
  • Detects nothing until the event actually happens.
  • By the time the detector is activated, there has been a fire.

Removal of causal factors = deterrence

  • Removal of flammable materials
  • Removal of sources of ignition (e.g. not allowing smoking, flammables away from a flame source such as a water heater)
  • Increasing awareness of risk of fire (e.g. Smokey the Bear)

Deterrence of the fire event, just as in the case of fraud, is effected by the removal of causal factors without waiting for a warning sign that something has gone wrong. Of the three elements of the fraud triangle, ‘opportunity’ can be most directly addressed by the organization through improvements in the internal control structure.

What improvements can help eliminate opportunity?

First and foremost, make sure that cash is well controlled, and that starts with the bank account. The bank reconciliation should be performed by a person not involved with collections or disbursements.  The bank statement should always go to a person not involved with any of those functions; in the case of a small business, the statement should go to the owner.

The statement should be reviewed for unexpected activity, including looking at the payee of each check, before a copy is provided to the person doing the reconciliation. Likewise, cash collections and deposits should be independently counted and verified. Basic diligence of cash can prevent many fraud schemes.

Would the deterrence activities also identify the need for further investigation?

Yes, fraud deterrence initiatives frequently move to detection activities: Fraud deterrence identifies an opportunity that could allow a fraud to occur; detection activities are performed to determine if anyone has exploited that opportunity.

Fortunately, fraud deterrence, and the resulting understanding of the opportunity for fraud, provides a clear roadmap for where such detection activities should be applied. Clearly, an organization that has instituted fraud deterrence activities has a greater defense against fraud than one that has not actively identified and eliminated the opportunity for fraud in its organization.

James P. Martin, CMA, CIA, CFE, is managing director for Cendrowski Corporate Advisors LLC. Reach him at (866) 717-1607 or jpm@cendsel.com.

Insights Accounting is brought to you by Cendrowski Corporate Advisors LLC

Published in Chicago

Greed and the breakdown of internal controls have led to a global economic panic, and fraud is suspected to be behind a large portion of it. Fraud can be perpetrated not only by internal employees but also by customers and vendors, says Ian Waller, a partner at Nichols Cauley & Associates.

“Fraud is more likely to occur when employees and companies are feeling outside financial pressures,” says Waller. “In these uncertain economic times, companies are forced to do more with less, providing opportunity. And as conditions worsen, employees and companies rationalize cheating.”

Smart Business spoke with Waller about the cost of fraud and how to lower the risk of it occurring at your company.

How prevalent is fraud?

According to the Association of Certified Fraud Examiners, the typical organization loses 5 percent of its annual revenue to fraud, a potential loss of more than $2.9 trillion.

Asset misappropriation schemes were the most common form of fraud, accounting for 90 percent of cases, although they were the least costly, with a median loss of $135,000. Financial statement fraud schemes, while they made up less than 5 percent of the frauds, caused a median loss of more than $4 million.

Who is at risk for fraud?

Small organizations are disproportionately victimized by occupational fraud because they are typically lacking in anti-fraud controls, compared to their larger counterparts.

The industries most commonly victimized were banking/financial services, manufacturing and government/public administration sectors. In addition, more than 80 percent of fraud in studies was committed by individuals in accounting, operations, sales, executive/upper management, customer service or purchasing.

Studies show the typical fraudster is a middle-aged male in a senior management role related to the finance function of an organization. Other high-fraud areas involve the operations and sales departments.

Most fraudsters have worked for the organization for more than 10 years and are generally in collusion with another individual. The individual is likely to have gained trust and respect from colleagues and has identified weak controls and opportunities to exploit the business. Individuals faced with changes in personal circumstances or pressures to meet difficult work targets may also turn to fraud. Look for red flags including an employee living beyond his or her means or showing control issues.

Fraud typically occurs when pressure/incentive, opportunity and rationalization come together, and organizations and individuals that know the common characteristics of a fraudster are better prepared to detect and prevent damaging incidents.

What is occupational fraud?

Schemes can be as simple as stealing supplies or manipulation of timesheets, or as complex as sophisticated financial statement frauds. There are three primary categories.

  • Asset misappropriations, in which the perpetrator steals or misuses resources, including skimming cash receipts, falsifying expense reports and forging company checks.
  • Corruption schemes, which involve the employee’s use of influence in business transactions in a way that violates a duty to the employer in order to obtain a benefit for the employee or someone else. Examples include bribery, extortion and a conflict of interest.
  • Financial statement fraud schemes involve the intentional misstatement or omission of material information in the organization’s financial reports. Common methods include recording fictitious revenue, concealing liabilities or expenses, and artificially inflating reported assets.

Are there other areas in which businesses face the risk of fraud?

Another risk is vendor fraud, including fraudsters who create fictitious companies and submit bills for payment, and trusted suppliers who charge you more than they are due. Vendors may even collude with your employees to help them navigate your company’s internal controls.

Common types of vendor fraud include:

  • Vendor masking, in which companies hide their real identity, making it harder to detect fraudulent activity and recover lost funds.
  • Inside jobs, in which current or former employees with knowledge of your internal controls commit fraud.
  • Flying under the radar, in which criminals avoid detection by using practiced techniques for blending in with legitimate invoices, vendors and payments.
  • Organized crime billing schemes, in which criminals take a planned and organized approach to defrauding your company.

How can businesses protect themselves?

Staff members are an organization’s top fraud detection method, and employees must be trained in what constitutes fraud, how it hurts everyone in the company and how to report questionable activity.

Audits can have a strong preventive effect on fraudulent behavior, but should not be relied upon exclusively. While surprise audits can be useful, their most important benefit is creating a perception of detection. The threat of surprise audits increases employees’ perception that fraud will be detected and thus has a strong deterrent effect.

Advances in IT and computers better enable fraud. Companies are doing more with less, creating risks. Simple tools such as employee education and implementation of the perception of detection are cost-effective ways to limit fraudulent occurrences.

Ian Waller is a partner at Nichols Cauley & Associates. Reach him at (404) 214-1301 or iwaller@nicholscauley.com.

Published in Atlanta