No company is immune to internal fraud. Organizations that take a wait-and-see approach risk severe financial damage. The fact is that every business — from small mom-and-pop businesses to notfor-profit organizations to large public companies — is subject to fraud at some level.
“Fraud can have a devastating impact on organizations and, when not prevented or detected early enough, can cause major financial and reputational problems for companies of all shapes and sizes,” says Ryan Hauber, a certified fraud examiner (CFE) and principal at Brown Smith Wallace LLC.
The pervasiveness of corporate fraud, employee misappropriation of assets and financial statement abuse is a significant problem in corporate America. More companies are taking a proactive approach to identifying and mitigating fraud risk.
Smart Business spoke to Hauber about how to address the risk of fraud and how to minimize the overall business risk.
Are specific industries and/or companies of a certain size more prone to fraud than others?
Small businesses are especially vulnerable to occupational fraud due to their lack of effective and adequate segregation of duties, but the potential for fraudulent activity exists for larger organizations, as well. According to the 2008 Report to the Nation on Occupational Fraud & Abuse, the area of financial services is one of the most victimized industries. Based on this study, the largest median losses of fraud occurred in the manufacturing industry, followed by banking and insurance. Fraud happens at every company to a certain degree, shape or form at some point. For this reason, companies that have not already utilized a CFE or an expert with a certified forensic accountant (Cr.FA) designation to evaluate fraud potential are wise to consider, at the very least, a quick fraud prevention checkup.
What types of fraud have a significant and detrimental impact on organizations?
The three main categories of fraud include: corruption/bribery, asset misappropriation and fraudulent financial statements. Fraudulent financial statements are the least commonly reported type of fraud, but the most costly per scheme. On the other hand, asset misappropriation schemes are the most commonly reported and least costly. Over time, these schemes can add up to severe financial impact. Often, under-the-radar fraudulent activity is not detected until serious damage has been done. Any type of fraud is a major risk for all organizations from both a financial and reputation perspective. That’s why assessing risk and developing controls to prevent internal fraud is paramount in today’s business environment.
How can an organization reduce the risk of fraud?
There are a variety of proactive fraud tools and techniques available to help deter and prevent fraudulent activity, including fraud prevention checkups, fraud risk assessments, data analysis focused on fraud risk factors, development of fraud policies and reporting mechanisms, fraud training and various tool kits, and scorecards for detecting internal fraud. More small to midsized organizations have shifted toward partnering with a licensed CFE to conduct fraud prevention checkups, fraud risk assessments and data analysis, using software such as Audit Command Language (ACL).
What’s involved with fraud prevention checkups, fraud risk assessments and ACL data mining tools?
For decision-makers on a limited budget, one of the best uses of time and money to minimize fraud potential is a tailored fraud prevention checkup. These projects are generally completed by a licensed CFE and can be conducted in a few business days or less for most organizations with revenue less than $250 million. The checkup involves interviews with management and key employees. Questions are targeted based on the company’s size and industry and the employees’ role in the organization. That information is compiled and a report is prepared that provides an overview of the entity’s fraud prevention performance.
In contrast, fraud risk assessments dig deeper and can require compiling in advance certain company records (i.e., gratuity logs, beginning and ending trial balances, etc.). The interview process is more detailed. The organization’s risk is benchmarked against similar industry competitors.
Finally, data analysis tools such as ACL have the capability to mine electronic data for suspicious behavior based on the industry and company size when utilized by an experienced data analysis professional. An experienced fraud professional then works with the company to help it change its processes and/or mitigate potential risks for fraud based on any identified unusual patterns, anomalies and/or outliers of data.
These fraud prevention methods can shed light on risky areas of a business that decision-makers must address before fraud occurs — especially given the current state of our economy, which increases the risk of compromised employee and vendor behavior.
RYAN HAUBER, CFE, is a principal at Brown Smith Wallace LLC. Reach him at (314) 488-3048 or firstname.lastname@example.org.