Alan Greenspan, former Chairman of the Federal Reserve, once said, “Corruption, embezzlement, fraud; these are all characteristics which exist everywhere. It is regrettably the way human nature functions, whether we like it or not. What successful economies do is keep it to a minimum.”
The truth is, no organization wants to believe that their associates are capable of fraud; but the reality is that corporate frauds do occur and they tend to go unnoticed for a startling amount of time. According to the Association of Certified Fraud Examiners (“ACFE”), the typical fraud lasts for 18 months, meaning that from when the fraud begins to when that fraud is actually detected, a year and a half has passed. Possibly even more disturbing, the typical organization loses an estimated 5% of their revenues each year to some sort of fraud. If applied to the 2013 Gross World Product, this translates to a global fraud loss of nearly $3.7 trillion. In 2013, only the United States, China, and Japan had a GDP greater than $3.7 trillion!
The ACFE data also indicates that over 75% of frauds are committed by individuals working in one of seven departments: accounting, operations, sales, upper management, customer service, purchasing and finance. Additionally, the higher the perpetrator’s level of authority, the greater the fraud loss tends to be. Frauds committed by upper management (19% of fraud cases) caused median losses of $500,000 while frauds committed by employees (42% of fraud cases) resulted in a median loss of $75,000. While less frequent, upper management frauds are more costly; therefore, companies should implement appropriate internal controls and fraud prevention policies that apply to all associates.
Frauds committed by corporate executives at blue-chip companies or large investment funds are covered extensively by the media. But what most people do not hear about are the frauds committed at small and mid-size companies, where frauds are most common and arguably more debilitating. According to the ACFE, small businesses are both disproportionately victimized by fraud and notably under-protected by anti-fraud controls, a combination that makes them significantly vulnerable to fraud.
So what can a small business do to protect itself against fraud? A good place to start is a fraud risk assessment to review existing internal controls (for example, are accounting duties as appropriately segregated as possible?). Performed proactively, a fraud risk assessment can identify areas of potential exposure before a loss happens. The unfortunate reality is that no accounting or internal control system is fraud proof. However, understanding your companies potential control weaknesses is a good place to start. While resources available for fraud prevention and detection are limited in many smaller companies, there are cost-effective protection tools that can be implemented. These include implementing firm-wide anti-fraud policies, formal management review procedures, anti-fraud training for employees, and establishing a reporting mechanism (a fraud “hotline”) for employees to report potential frauds. These types of policies and procedures provide tangible guidance to employees regarding what is right and wrong and promote fraud awareness throughout the entire organization.
Interested in learning more about fraud risk assessments, internal controls or fraud investigations? Contact Rebekah Smith at (614)947-5300 or rsmith@gbq.com or Keith Hock at (513) 252-0223 or khock@gbq.com.
Written by Colin Prescott
Senior Analyst