August 07, 2009
Hardly a day goes by without dire recession news hitting the airwaves. Consumer confidence is down and unemployment is up. Homes and retirement plans are generally worth less than they were a couple years ago.
"Intense financial pressure during the economic crisis has led to an increase of fraud," according to a survey done earlier this year by the Association of Certified Fraud Examiners. Survey respondents expect fraud to continue to rise in coming months - especially cases of employee embezzlement.
Here are three current trends that companies of all sizes are currently experiencing:
Trend #1: Overwhelmed, but no bandwidth to attack. Many companies suspect that fraud is rampant. Common sense as well as the financial news reminds them of the relationship between a bad economy and fraud. Unfortunately, companies are in survival mode and don't have the resources to uncover problems.
Trend #2: Support services are cut to the bone. Internal audit, fraud departments, and various back office functions are being downsized. In some cases, these departments are experiencing more significant cuts than the rest of the organization. It is often believed that cutting a position involved in fraud prevention is preferable to letting a member of the sales staff go.
Trend #3: Fraudsters are busy. Among those laid off are disgruntled former employees who had access to sensitive information and system weaknesses. Some of them have no problem stealing data, selling trade secrets or causing computer system havoc.
Meanwhile, some of the remaining employees or "survivors" may be concerned about job security. In their minds, committing fraud could be justified.
Fortunately, with careful planning and minimal investment, businesses can counteract these trends by improving their ability to detect and prevent internal and external fraud. Here are eight steps to take:
1. Set a tone at the top. Don't send the wrong messages. Business owners and executives may unintentionally give employees the wrong idea. For example, an owner may occasionally pay for incidental personal expenses by using the company's petty cash. Although it is within the owner's rights to do so, employees may view such behavior as permission to do the same. Further, if they believe that the accounting for petty cash is lax, they may view it as ripe for the taking.
2. Hire carefully. The tough economy has created a larger pool of applicants so if your business is hiring, you want to screen carefully.
In today's litigious society, it is difficult or impossible to secure a detailed reference from a candidate's previous employer. Lawsuits have made many employers steer clear of providing information other than dates of employment, position and salary ranges.
With that said, calls should still be made to all references provided by an applicant. If the reference is employed with a large organization, call the company's main number to ensure that you are in fact talking to an employee of the company, and the not the candidate's friend or accomplice. Consider asking for additional references if the people contacted are ambiguous or appear less than forthcoming.
And always ensure that the educational credentials detailed on an applicant's resume were actually earned. Conduct background checks and verify whatever information you can about applicants.
3. Put it in writing. It may appear to be overkill, but it's important to create a code of conduct and have employees acknowledge that they have read and understand the document. The expectations detailed in the code of conduct can be referenced repeatedly and serve as the cornerstone of a company's culture.
4. Create a "perception of detection." Business owners and executives cannot be everywhere at all times. However, if the appropriate controls and overall tone at the company signals to employees that their actions are being scrutinized, they will be less likely to commit fraud in the first place. Obviously, employees should not feel that they are "guilty until proven innocent." However, there is a fine line between trusting employees and sending a message that the business is focused on stopping fraudulent activity.
5. Educate employees. External fraud involves theft by individuals outside of your organization. For example, retail businesses experience shoplifting and banks deal with check fraud. These crimes differ from internal theft committed by employees. Then of course, there are frauds in which employees inside the organization collude with outside individuals.
Consider providing fraud training to all employees, regardless of their function. While educating employees about external fraud, you can also provide education on how the company detects and prevents internal fraud. Encourage staff members to come forward and report suspicious behavior.
6. Stay on top of the latest criminal methods. Internal and external fraudulent schemes constantly change. In a retail operation, for example, managers may be looking for employees taking cash out of the register or stealing merchandise in their backpacks at the end of the night. But they may not be looking for cashiers working with outside organized shoplifting rings. In these cases, a cashier may charge a customer for one or two items at the register but stuff several more items into bags without ringing them up. The customer then returns the paid-for items and gets a refund. The remaining items are sold at online auctions, swap meets or pawn shops.
To stay one step ahead of the criminals, retailers need comprehensive loss prevention programs that may involve adding different technology and changing certain procedures without informing associates.
7. Send employees on vacation. In a small company environment, segregation of duties (dividing job responsibilities among more than one individual) is more difficult because there are fewer employees. Be on the lookout for staff members who are unwilling to share their duties. And consider mandating that all employees use their allotted vacation time each year. Fraudsters do not like taking vacation days because doing so could expose their deceitful activities. If employees refuse to take time off, consider requiring them to perform other functions within the company so you can review the activity in their primary occupations.
8. Perform regular audits. Consider engaging your accounting firm to conduct periodic audits of the company's control environment, as well as surprise audits of high risk functions. For example, implement a quarterly audit of all processes involving the receipt of cash. By engaging a third-party firm experienced in uncovering business fraud, you send a strong message to employees that unethical conduct will not be tolerated.
These are just some of the steps you can take to help prevent losses. No matter how overwhelmed your business is during the recession, don't be shortsighted by ignoring fraud prevention and detection. In the event that illegal behavior is discovered, you can quickly resolve the issue and mitigate the losses. An "ounce of prevention is worth a pound of cure."
"Recessions don't phase fraudsters for a minute. They look at economic crises...as opportunities.
It is no surprise to any of us involved in fighting fraud that with the current economic downturn, we are witnessing an immediate and disturbing increase in fraud."
-- Douglas Simpson, President, Canadian Council of Better Business Bureaus
How One Manager Stole More than $1 Million from His Company
David Alan Smith was a 46-year-old facilities manager for an international health care diagnostic testing company when he was caught stealing from his employer. The Florida man pleaded guilty to defrauding Quest Diagnostics out of $1.3 million.
According to the U.S. Justice Department, here's how the complex scheme worked:
- Smith submitted fraudulent invoices from fake "shell" companies that Smith claimed he paid on behalf of Quest Diagnostics. The companies involved were created by Smith and involved fictitious names and addresses.
- Approval of the fraudulent invoices required a countersignature by one of Smith's supervisors. He simply forged their signatures. Since the reports included the required signatures, Quest Diagnostics approved the payments and either electronically transferred money to him or mailed checks.
Smith was sentenced in June of 2008 to five years in prison for wire fraud, mail fraud, and aggravated identity theft.
Business Wisdom for Today's Economy
Another way to help prevent and detect internal fraud is to set up a hotline so employees can report unethical or illegal behavior. This also helps in compliance with the Sarbanes-Oxley Act since it requires publicly traded companies to provide employees with a way to anonymously report financial improprieties.
Various methods can be used, including a telephone hotline, e-mail address or dedicated Post Office box. Ideally, a hotline should be operated by a third-party, rather than in-house. This reaffirms the company's commitment to protect whistleblowers' identities and encourages employees to come forward.