In the recent past, the Association of Certified Fraud Examiners has described where companies should concentrate their monitoring for employee fraud. In finance departments, for example, a majority of instances of misappropriation of funds or assets occur in the procurement, payment and expense areas. By analyzing transactions in these functional areas, the ACFE has said, businesses can “test for a wide range of employee fraud schemes, as well as bribery and conflicts of interest.”
However, in the 2014 Report to the Nations on Occupational Fraud & Abuse, released Tuesday, the ACFE admits that catching corporate criminals through analyzing transactions or performing some kind of audit is not very effective. For example, the report says, as reported on PropertyCasualty360.com, many companies use external audits, but audits were the primary detection method in only 3 percent of the 1,438 global fraud cases reported by certified fraud examiners. More fraud (7 percent) was detected by accident than by external audits.
The most effective way to catch corporate criminals, on the other hand, is through employee fraud hotlines, says the ACFE. More than 40 percent of the cases included in the 2014 study were detected by a tip, most often from employees of the victim organization. Given the common “red flag” behaviors that most fraud perpetrators display, it’s no surprise that fellow employees are the ones catching them. The most common behaviors among perpetrators, according to the ACFE study, were living beyond one’s means (43 percent), having financial difficulties (33 percent), maintaining an unusually close association with a vendor or customer (22 percent) and “exhibiting control issues with an unwillingness to share duties (21 percent),” according to Propertycasualty360.com.
The ACFE is not saying anti-fraud controls or monitoring systems are useless. Indeed, small businesses are especially vulnerable to fraud, because they “use fewer anti-fraud controls than their large counterparts,” according to PropertyCasualty360.com. The smallest organizations in the study actually had a slightly higher median loss from fraud cases — $154,000 — compared with companies of all sizes.
For most small businesses, or any businesses, that money will never be recovered. By the time of the survey, in more than half of the fraud cases the business had not recovered any of what was stolen (14 percent had made a full recovery).
“It is clearly more cost-effective to prevent fraud with proactive controls instead of hoping to recover losses after the fact,” according to PropertyCasualty360.com.