Scott Moritz and Tom McWeeney
Fraud and illicit activities often come to light in a down economy – but not for the reasons you may think. It’s natural to assume that a down economy leads to an increase in fraud. The facts tell a different story, however. While financial pressure is certainly one of the main triggers that lead people to commit fraud, fraud is constant and doesn’t correspond to cycles in the economy, good or bad. That is why organizations need to be proactive in identifying fraud regardless of what the larger economy is doing.
In this blog, we’ll explore fraud’s unrelenting nature and how, despite common misconceptions, it is a constant threat to businesses of any size or growth stage.
Workplace and vendor fraud encompasses a broad range of illicit activities, including embezzlement, asset misappropriation, bribery, corruption, and financial statement fraud. These deceptive practices are perpetrated by both internal and external actors, posing risks to organizations of all sizes and throughout every jurisdiction. The ramifications of fraud extend beyond financial losses, tarnishing reputations, and eroding stakeholder trust.
Let’s briefly examine the prevalence of workplace fraud, dive into the statistical evidence of this pervasive problem, and set the stage for organizations to employ a proactive fraud prevention strategy through thorough risk assessments and investigations.
According to the “Report to the Nations” published by the Association of Certified Fraud Examiners (ACFE) in 2022, occupational fraud causes significant financial harm to businesses worldwide. The study analyzed 2,110 cases from 133 countries, revealing several key statistics:
- Average Loss: The loss per case due to fraud was $1,783,000, with 23 percent of cases involving losses of $1 million or more.
- Duration: Fraud schemes typically last an average of 12 months before detection.
- Detection Methods: Tips (42 percent) and internal controls (16 percent) were the most common methods of detecting fraud.
- Perpetrators: Employees were responsible for 37 percent of fraud cases, while managers accounted for 39 percent of incidents.
- Industry Variances: Certain industries, such as banking and financial services, government, and manufacturing, experienced higher instances of fraud compared to others.
In the wake of the COVID-19 pandemic and in the midst of economic downturn in global markets, conditions appeared ideal for bad actors to emerge and engage in fraudulent activities. It has long been thought that economic recessions present a fertile ground for fraudulent activities to thrive. The challenging financial landscape, increased desperation, and diminished oversight during such periods create an environment where individuals may be more inclined to commit fraud. In fact, a 2022 piece from FinTech Futures explores drivers for fraud, as well as elements that may converge in a “fraud triangle,” and reasons that there is a correlation between recessions and a distinct uptick in fraud.
However, understanding the true prevalence of fraud, regardless of economic conditions, requires a shift in thought. Instead of looking at only when fraud is caught, we must envision the bigger picture.
The reason for the popular misconception about increases in fraud being directly linked to economic conditions is the fact that economic headwinds cause organizations to focus on the cost side of their business. This closer scrutiny of expenses is the most common way that frauds are discovered. These undesired surprises are followed by a flurry of activity –
- Retention of outside counsel,
- Notifications of law enforcement, and
- Insurance claims.
When this increased activity is compounded by time pressures, as it often is, this can lead to inefficiencies and missed opportunities in the haste of trying to deliver answers. In short, these elements come together to form a perfect storm that can veil additional instances of fraud or keep organizations from uncovering every detail.
The Realities of Fraud
Organizations are a microcosm of society. Most members of our society are good, hard-working, and law-abiding. A subset of our society operates outside of our societal norms and has chosen to make ends meet by committing crimes to do so. Organizations have a similar subset and dynamic within their employee population.
The demographics of individuals who engage in fraud vary widely and cannot be generalized to a specific group or categorized by specific traits. Fraudsters come from diverse backgrounds, including different age groups, genders, educational levels, and socioeconomic statuses. However, certain factors have been observed to increase the likelihood of someone committing business fraud, including a position of authority or access to financial resources, a history of financial difficulties or personal crises, a lack of ethical values, and the presence of opportunities or incentives for fraudulent activities within the business environment.
It is important to note that while some studies have identified correlations between certain demographic factors and fraud, it is crucial to avoid making sweeping generalizations and instead focus on understanding the complex motivations and circumstances that lead individuals to engage in fraudulent behavior.
However, while generalization cannot be made about those likely to commit fraud, data trends can help organizations understand how fraud is committed and the motivations behind it. In terms of occupational fraud, trends over the last ten years have shown that men have become increasingly likely to be the perpetrators of fraud, rising from 65 percent in 2012 to 73 percent in 2022. In the same time period, instances of women-led fraud fell from 35 percent to 27 percent. Additionally, data shows that fraudsters are collaborating more; the instances of multiple perpetrators have also risen over the past 10 years. Cases of fraud involving two or more perpetrators rose from 42 to 58 percent.
Another unfortunate reality is that fraud cannot be eliminated completely. So, organizations are faced with a choice when confronted with this reality – act proactively or reactively. Most organizations deal with frauds as they occur, investigating them and later plugging the holes in the control environment after the investigations are concluded. Indeed, this is the most common approach and the reason why forensic accounting and corporate investigations are growth industries.
While fraud should be viewed as an ongoing concern that can impact companies at any time, activities and downturns in specific markets are only expected to further exacerbate financial strains and instances of fraud in the near future. According to research and analysis published by Bloomberg, higher interest rates and falling property values have created a “ticking time bomb” of unoccupied building investments — which may worryingly result in landlords’ abandonment of financial obligations.
The commercial real estate market is facing significant challenges as owners and lenders grapple with the impact of the pandemic and changes in work, shopping, and living patterns. The sector is burdened with high levels of debt and faces a wave of loan maturities in the coming years, with approximately $1.4 trillion of commercial real estate loans due in the US alone. As a result, owners are increasingly choosing to default on their debt rather than refinancing, leading to a surge in property vacancies and declining prices. Major financial centers like San Francisco, New York, London, and Hong Kong are particularly affected, with office towers and shopping malls experiencing high vacancy rates and falling prices. The commercial real estate downturn is expected to have a long-lasting impact and could add further stress to the financial system, while also transforming some cities as they grapple with empty buildings and lower tax revenues.
There used to be a popular transmission repair commercial that ran on television for years where the company advocated for consumers to perform preventative maintenance on their car’s transmission, which featured the slogan: “You can pay me now or you can pay me later.” There is a widely cited figure advanced by the ACFE that five percent of revenue is lost to fraud, waste and abuse each year. Quickly do the math and figure out what even a 1 percent of lost revenue looks like and that should convince you that there’s a lot of wisdom to the “you can pay me now or pay me later” mindset.
Assuming you have the support to expend some budget to proactively identify fraud inside of your organization, what are some concrete steps that can be taken to lower the organization’s susceptibility to fraud and exposure to fraud losses?
The first step is performing a fraud risk assessment. In the battle against fraud, organizations must be proactive in identifying and mitigating risks. Fraud risk assessments serve as a vital tool in this endeavor, providing a systematic approach to evaluate vulnerabilities and implement preventive measures.
However, fraud risk assessments are a widely discussed but frequently misunderstood process. A meaningful fraud risk assessment contains the following analysis:
- A thoughtful and comprehensive review of the various types of fraud that could occur,
- The likelihood of their occurrence,
- The impact they could have on the organization, and
- The extent to which the organization’s existing controls could effectively mitigate the fraud if it were to happen.
Best Practices for Conducting Fraud Risk Assessments
Fraud risk assessments are often met with organizational resistance in the form of blind optimism. Senior leadership and middle management alike often express blind optimism that fraud is not a significant problem in their organization and if there was fraud, it would have little to no impact. It’s a strange phenomenon but this errant belief isn’t accompanied by bad intentions. It is rather a lack of understanding and familiarity with the types of frauds that occur and their prevalence.
If the anti-fraud professionals leading the assessment ask a specific question, the answers tend to portray a much more accurate picture of the state of the organization’s fraud risk. For example, if someone with wire transfer entitlements received an email from someone who they believed to be the company’s CFO instructing them to send a $1 million wire in connection with a confidential transaction, how likely is it that the recipient would refuse to send the payment without first verifying the sender’s identity? By discussing specific scenarios of things that could actually happen, the fraud risk assessment moves from an intangible concept that is unlikely to yield useful information to something much more tangible in which the participants will provide much more meaningful and useful responses.
Utilizing a Continuous Process for Continuous Risks
Equally useful in proactively identifying fraud is the performance of process walkthroughs. These consist of process owners walking the fraud risk professionals through core processes and systems such as accounts payable, vendor onboarding, inventory management, and certain treasury functions such as wire transfers.
Process walkthroughs are explanations of a process that occurs at the same time the enabling technology used to manage that process is demonstrated. Along the way, specific questions are asked about record-keeping, audit trails, controls, segregation of duties including a lot of questions about specific scenarios and “what ifs.” All processes have vulnerabilities, and no controls can realistically be expected to eliminate all risks.
Fraud risk assessments should be seen as an ongoing process rather than a one-time exercise. Regular assessments allow organizations to monitor changing fraud risks, adapt to evolving fraud techniques, and implement necessary updates to their prevention strategies. Continuous improvement based on the findings of risk assessments helps organizations stay ahead of potential threats and maintain a robust anti-fraud framework.
Frauds associated with vendors and the procurement process account for nearly 20 percent of all frauds. This type of fraud tends to be easier to detect. Two proven ways of identifying suspected vendor frauds are as follows.
First, obtain a list of the company’s vendor master file that includes aggregate disbursement data. Sort the file by aggregate spend from greatest to least. Then review the data with someone who has an above average understanding of the significant vendor relationships that are in place. Flag any vendors with large cumulative disbursements but who were not readily familiar to the company personnel that reviewed the files. Review the underlying vendor files for supporting documentation and perform high level background checks of any entities for which there is insufficient supporting documentation.
As a second means of examining vendors for possible fraud, use the same vendor master file and perform a comparative analysis against your master payroll record for any last name or address matches with company personnel. There shouldn’t be any hits. If there are, see if the name matches are simply false positives with common last names as opposed to actual hits in which any of your employees have an undisclosed interest in one or more of your vendors.
One last set of information is very important to consider when evaluating the current state of an organization’s fraud vulnerability – the examination of prior incidents. This may require interviews of a broad cross section of personnel cutting across finance, accounting, human resources, the audit committee, internal audit, corporate security and cyber and, perhaps a look at a sample of confidential hotline reports. The purpose of this workstream is multi-fold. Is the confidential hotline receiving a steady flow of alerts, are they being properly assessed, how many have resulted in investigations and what were the outcomes of those investigations?
What if you do all of these things and you find no indication of anything improper? Odds are, that won’t be the result but if that is in fact the case take the win and know that your organization is in pretty rarified air when it comes to fraud risk.
Fraud risk assessments serve as a crucial tool in identifying and avoiding fraudulent activities. By conducting comprehensive assessments, organizations can enhance fraud detection, tailor prevention strategies, meet compliance requirements, safeguard their reputation, and foster a culture of continuous improvement. Investing time and resources in regular fraud risk assessments is a proactive approach that enables organizations to stay one step ahead of fraudsters and protect their assets, stakeholders, and long-term sustainability.
However, fraud risk assessments – and the investigations that may follow suit – can often be difficult for organizations to handle on their own. That’s why White Collar Forensic and the IntegrityRisk team offer services to help organizations understand the landscape of their fraud risk, conduct thorough assessments, and continually monitor employee activity and environmental factors for red flags of fraudulent activity.
Scott Moritz and Tom McWeeney are former FBI agents and highly experienced and proven investigators. Both have more than 25 years of experience in fraud detection and response.
Scott is the founder of White Collar Forensic, an investigative, forensic accounting and compliance consulting firm. Tom is Chief Operations Officer (COO) for Integrity Risk International, a diligence and risk management firm.