If you are one of the many CEOs who
thinks that occupational fraud only happens to other companies, you might want to review the facts. According to participants in the “2006 Report to the Nation
on Occupational Fraud and Abuse” issued
by the Association of Certified Fraud Examiners, Inc. (ACFE), U.S. businesses lose
more than 5 percent of their annual revenues to fraud. That translates to more
than $652 billion in fraud losses each year.
The report goes on to state that while
fraud happens in all businesses, among
firms that used preventive measures such
as fraud-prevention training, surprise internal audits and an anonymous tip line for
reporting suspected fraud, the dollar
amount of the average loss was less than
half than firms without the measures.
“Occupational fraud is hard to detect
because, by its very nature, the act itself is
concealed,” says Patrick Ross, principal
with the Audit and Business Advisory Services Group of Haskell & White LLP. “Having the proper anti-fraud controls to prevent, deter and detect fraud based on the
specific risks of your business is important
in reducing potential losses.”
Smart Business spoke with Ross about
how CEOs can take action and set the right
tone to help prevent occupational fraud.
How common is occupational fraud?
Given the numbers reported by ACFE, it
is much more common than many people
think. Many times, it goes unreported in an
effort to avoid bad publicity, or executives
do not want to deal with the effort involved
in prosecuting the crime. Also, because
there is no universal definition of fraud,
knowing when it occurs is typically not a
black-and-white issue. If the boss takes a
few inventory samples from the warehouse, is that fraud? Or what about doing
personal work on company time? It can be
hard to prevent occupational fraud unless
the company has clearly communicated
what is expected of its employees.
Why is fraud hard to detect?
The average length of time that occupational fraud goes on before being detected
is 18 months, and frauds are often committed by trusted employees. An important
element of fraud is the need to cover up the
act. Also, because so many more business
transactions are electronic today, there is
less of a paper trail that can be followed.
For some frauds, the extent of losses cannot even be determined.
Given the rapid changes in business,
CEOs need to make sure their fraud-prevention process changes with their business in order to keep fraud from happening. It’s like a water leak in your house; it
may start out small but if you ignore it over
time, look out.
What steps can CEOs take to help prevent
fraud?
First, conduct a risk analysis of your business looking for potential vulnerabilities.
For example, if you run a cash business,
look for ways that the cash could be
siphoned off without your knowledge and
make sure that job responsibilities are
properly segregated. Review your controls
with fraud prevention in mind and then
actually test those controls to make certain
that they are working. Conducting random
audits is important; the surprise element embedded in the process can help deter
potential fraud.
Second, the CEO should establish an
investigation plan before needing it. The
plan usually involves your corporate attorney, internal auditors or — if you don’t
have the necessary internal resources —
hiring an external certified fraud examiner.
What role should CEOs play in fraud prevention?
It is important to define what constitutes
fraud and publicly state that it will not be
tolerated. To deliver this message, the company should have a defined code of ethics.
CEOs should set the tone from the top and
lead by example because employees take
cues from senior management in terms of
what’s appropriate. For example, if the
boss uses company vehicles for personal
use, then is it OK for me to do the same?
There are three elements that need to be
present for fraud to take place: (1) the
opportunity to commit fraud; (2) the
rationalization on the part of the perpetrator that it is ‘OK’ to commit the acts and (3)
perceived pressure by the perpetrator —
such as personal financial need. CEOs can
play a major role in eliminating two of the
three elements.
What actions should CEOs take if they suspect occupational fraud has occurred?
The first step would be to follow your
investigation plan. Not following certain
procedures of forensic investigation or not
taking the proper legal steps could lead to
a fraud perpetrator not being held accountable. When fraud is suspected, emotions
often come into play, so it is best to let the
professionals handle this. CEOs should be
supportive of the investigation process and
be prepared to take any necessary disciplinary action — including termination and
pursuing criminal or civil legal action.
PATRICK ROSS is a principal with the Audit and Business
Advisory Services Group of Haskell & White LLP. He has more
than 13 years experience in public accounting in Orange County.
Reach him at (949) 450-6362 or [email protected]. For more
information visit www.hwcpa.com.
