Fraud Prevention 101

Listen to this article

Tracy L. Coenen

Fraud is an industry unto itself, causing annual losses to United States companies totaling at least $660 billion. While it’s easy to focus on the big losses incurred by the likes of Enron, Tyco, and WorldCom, no company is immune to the problem. Companies of all sizes are vulnerable, even though their risks may be different.

The impact of fraud hits a company straight in the bottom line. While large corporations may be able to withstand a six-figure or seven-figure fraud, a smaller corporation or a nonprofit organization may never recover. In order for survival in today’s competitive marketplace, businesses must be proactive in the fight against fraud.

Anatomy of a Fraud

Knowing how to prevent fraud requires one to know how and why fraud occurs. Fraud investigators often refer to the “fraud triangle,” which illustrates the three necessary components of fraud. Without all three components, fraud will not occur.

The first part of fraud is opportunity. There must be some vulnerability in the system for a fraud to occur. That vulnerability may be something as simple as poor security. Often the opportunity is trust. Management places trust in an employee and therefore gives that person access to assets and systems, and that access creates the opportunity for fraud.

The next component of the fraud triangle is motive. This motive is the reason behind the fraud. It is often some sort of need, whether real or perceived. A real need may be paying for an expensive medication or paying the electric bill. A perceived need is something that the perpetrator wrongly believes she or he needs, such as a luxury vehicle or extra spending money.

Motives may also include a need for revenge against a company or person. Balancing perceived inequities can also be a powerful motive, such as in the case of a person who feels unfairly compensated when compared to peers. Motives include any sort of trigger that may cause an employee to decide that fraud is the answer to the problem.

The final component of the fraud triangle is rationalization. In order to commit fraud, the person has to make it “okay” internally to do the act. For some, this may be easy, as dishonesty may be a way of life. For others, rationalizing theft is a little more difficult. Perpetrators of fraud may tell themselves that they need the money more than the company, that they are simply righting a wrong, or that the company deserves to be defrauded because of lax controls.

Companies must focus on eliminating opportunities for fraud. This is the only component over which there is significant control. Treating employees fairly and offering them reasonable compensation can help reduce motives or rationalizations. But this affects only a small number of fraudsters. The controls over assets, data, and procedures are what will have the most impact on effective fraud prevention.

Eliminating Opportunities

Perpetrators of fraud have plenty of schemes to choose from when cooking up their crimes. The fraud schemes range from petty theft by lower-level employees, all the way up to management cooking up stellar financial statements to dupe investors and lenders.

Fraud-prevention policies and procedures sometimes have a tendency to focus on the smaller thefts. While those types of defalcations occur most often, they are not the most expensive. The financial statement frauds are the most devastating monetarily, and therefore must be fought aggressively.

Another mistake made by companies attempting to begin proactive fraud prevention is an “all or nothing” attitude. While the best fraud prevention programs are extensive in terms of procedures, costs, and timelines, this should not deter companies from implementing basic procedures. Even if a company cannot implement a comprehensive fraud prevention program due to cost or staff limitations, they should still make some basic improvements.

Some of the more obvious policies and procedures that can influence the level of fraud in companies include the following:

• Incentive programs such as stock options based upon financial statement results or bonuses based upon sales goals can encourage unethical behavior. Managers and executives have been known to record sales prior to their completion, in order that the current period’s results are inflated. This affects later accounting periods, however, and such a fraud may balloon quickly. Incentive programs should be balanced to create high performance, but not encourage cheating.
• No audits may be a recipe for disaster. While audits generally don’t detect fraud because they are not designed to do so, the performance of audits can have a significant deterrent effect on employees. If employees and managers know that this level of oversight is present, they may be less likely to act unethically.
• Relying upon regulations to solve a company’s problems is foolish. Regulations such as Sarbanes-Oxley have caused companies to critically review their processes, and as a result, management has made changes that have created efficiencies. However, the regulations don’t address true fraud prevention. Companies that substitute compliance with regulations for real fraud prevention are doing the wrong thing.
• Absence of formal budgeting and evaluation processes are also a cause for concern. Budgeting helps a company to control its expenses, and also provides a benchmark against which to measure performance. Significant deviations from the budget may indicate problems, including fraudulent behavior. Formally evaluating a company’s results and comparing those results to budgets and forecasts provides additional oversight of employees. Again, employee knowledge that controls exist may help deter fraud.
• Significant growth between reporting periods should be investigated. When a company is consistently outpacing the market or showing continued double- or triple-digit growth, scrutiny is warranted. Even in the case of a top performer, there is only so much growth that can consistently occur. It is important to investigate the growth skeptically to avoid another WorldCom or Enron.
• Companies must take steps to aggressively prevent fraud, and must eliminate policies and procedures that may encourage fraud. Legal counsel can be instrumental in identifying risky areas and helping to develop appropriate courses of action.

For example, risks in the area of hiring and firing employees must have the input of a labor and employment attorney to ensure that remedies are legal and defensible.

Litigation attorneys may be able to assist with the development of an investigation policy and work plan, since they may be using the investigation results in court. In-house counsel will be able to address daily operational issues and their legal implications.

Real World Solutions

While companies have only minimal control over motive and rationalization of would-be fraudsters, management can take aggressive steps to reduce the opportunities for fraud. Many solutions are available, but it is important to first work on mending the policies and procedures that a
re the most broken and that will have the greatest positive impact on the company.

It’s easy for accountants and auditors to get caught up in the hype of discussing “internal controls.” That’s a snoozer for most executives, managers, and attorneys. Instead, think first about real-life solutions like those listed above when beginning to attack the problem of internal fraud. Analyzing the problem to death gets a company nowhere, while action on easy-to-address items gets the ball rolling toward more effective fraud prevention.

Tracy L. Coenen CPA, MBA, CFE is the president of Sequence Inc, a forensic accounting firm with offices in Milwaukee and Chicago. She is a nationally-recognized expert on fraud and financial investigations, and can be reached at [email protected] or 414.727.2361.