We’ll be at Compliance Week National 2024 in Washington, D.C., April 2-4. Learn more or schedule a time to meet with us at the show here.

#Article

Corporate Fraud Prevention: The Ultimate Guide


Corporate Fraud Prevention: The Ultimate Guide

Your employees are your first line of defense for corporate fraud prevention. Train them to be cautious and attentive.

In early 2022, Elizabeth Holmes, founder and former CEO of Theranos, was found guilty on federal charges of wire fraud and conspiracy to defraud investors. Her false claims about her company's blood testing services negatively affected patients, investors, employees, and, eventually, led to the downfall of her company.

According to the ACFE's 2020 Report to the Nations, organizations lose an average of five per cent of their annual revenue to fraud each year. Fraud affects victim organizations indirectly, too, in the form of non-compliance fines, legal costs, and reputation damage. For smaller companies, fraud can be fatal.

Overall, corporate fraud prevention is easier and less expensive than trying to repair your finances and reputation after the fact. With the proper plans in place, you can effectively reduce the chances of fraud and theft and minimize the losses from schemes that have already occurred.

Want to recover more funds lost to fraud and prevent future incidents?

Download our free eBook to learn how case management software can help you track, manage, and prevent workplace fraud and theft more effectively.


Get My eBook

Identifying Corporate Fraud

All corporate fraud falls into one of three categories: asset misappropriation, financial statement fraud, and corruption.

RELATED: 41 Types of Fraud and How to Detect and Prevent Them

Asset Misappropriation

This is the most common type of fraud, making up 86 per cent of all fraudulent activity. Asset misappropriation is essentially theft, when an employee steals or otherwise exploits the company’s resources.

Common examples include:

  • Stealing cash
  • Submitting false or exaggerated reimbursement claims
  • Stealing non-cash assets (e.g. products, supplies)
  • Drafting checks to themselves or another account they control
  • Using company inventory, services, electronics, vehicles, or other resources for unapproved personal use
  • Submitting false or exaggerated worker's compensation or healthcare claims

RELATED: Expense Reimbursement Fraud: How to Protect Your Company

Corruption

Corruption is the second-most-common type of fraud, with 43 per cent of cases (ACFE). Corruption occurs when an employee uses their position or authority to influence business transactions for their benefit while violating their responsibility to the employer.

Examples of corruption include:

 

Financial Statement Fraud

Financial statement fraud (also called financial statement reporting fraud) occurred in ten per cent of cases the ACFE studied but causes the highest median loss at $954,000.

This type of fraud involves purposefully omitting or misstating data in financial reports in order to mislead others about the company’s financial position and performance.

Fraudsters may create a rosy picture of the company’s success by falsifying balance sheets, inflating assets, creating fictitious revenues, or hiding liabilities.

External Fraud & Online Fraud

Business fraud doesn’t always originate inside your organization by disgruntled employees. Corporations should also be wary of outsider fraud.

For example, a call or email from what appears to be a trusted source (like your CEO) can trick employees to inadvertently share private information, such as bank account numbers.

RELATED: Phishing, Spoofing and Whaling: Tips for Keeping Your Company Safe

As business transactions continue to move online, corporations are more susceptible than ever to cyber fraud. A scam or other malicious attack can put company equipment and files in danger. Without security software and thorough training, cybercriminals can steal your banking details and other confidential, and valuable, information.

Could your employees be stealing from you?

Download this free cheat sheet to learn the six things you need to do when you have reasonable grounds to suspect employee theft.


Get the Cheat Sheet


Know Your Employees and Partners

Your organization might have thousands of employees, vendors, and partnerships. It’s important to observe and listen to anyone who has any involvement in your corporation, as a person’s behavior could indicate their intent to commit fraud.

Employee Attitudes

An employee’s change in attitude can reveal risks or issues that need to be addressed. For instance, an employee who recently began criticizing the company or who has expressed that they are facing financial challenges may pose a risk of fraud or other misconduct.

Monitoring employee attitude and responding appropriately may minimize loss from fraud and improve workplace culture. An unhappy employee may be inefficient and can breed resentment.

RELATED: Detecting and Preventing Employee Theft: The Ultimate Guide

Employee Behaviors

In addition to monitoring attitudes, also monitor employee behaviors. An employee who hasn’t missed a day of work might be an over-the-top dedicated employee, but they might also have something to hide.

An employee who never takes time off, calls in sick, or goes for lunch or who often works early mornings and late nights may worry that someone will detect their fraud while away from the office.

Monitoring vacation balances, mandating days off, and even rotating employees to other jobs in the department can help prevent (or expose) corporate fraud.

Formalize Hiring

A formal hiring routine is a must-have for large corporations to prevent fraud. A formal process consisting of background checks and scrutiny of past jobs will reduce the chances of bringing a former fraudster into the company.

Patricia Vercillo, VP of Operations at the Smith Investigation Agency and Smith Training Centre, says that, as a business owner, “you want to learn more about the person you’re bringing on board before it’s too late”. Truly getting to know prospective employees can prevent corporate fraud and other potential issues down the line.

Know Your Vendors and Partners

Just like you should know your employees, you should know your vendors and partners. Conduct regular audits of new vendors, as billing-scheme embezzlers set up and make payments to fictitious vendors.

Before getting into any relationship requiring trust (such as sending them payment after receiving a product or service) ensure you have collateral or some form of defense. This can be as simple as having a person’s or company’s physical address or trustworthy references.

Don't become a victim of vendor fraud.

Download this free cheat sheet to learn 16 ways to identify fictitious vendors before they can scam your company.


Get the Cheat Sheet


Create and Use a Reporting System

Set up methods for reporting suspicions of fraud (e.g. hotline, webform, dedicated email address) to catch schemes faster and reduce losses.

Raise Awareness

Whistleblower tips are responsible for uncovering 43 per cent of corporate fraud schemes.

Internally, inform employees about your reporting mechanisms via email, posters in common areas, or even a company-wide meeting.

For honest employees, raising awareness about a fraud reporting hotline will improve the likelihood that they use it. For dishonest employees who are considering committing fraud, ongoing reminders about reporting suspicions will act as a deterrent.

Frequent sources of whistleblower reports include employees, vendors, competitors, customers, the general public, and acquaintances of the fraudster, so don’t forget to raise awareness for all parties. An internal poster for employees won’t be helpful or informative for the fraudster’s spouse.

Offer Anonymity

A potential reporter might be hesitant to get involved, especially if they fear retaliation or punishment (if they're part of the scheme). If possible, allow anonymous reports. This might encourage reluctant reporters to speak up, allowing you to catch fraud more often and faster.

Look into Every Report

It’s important to not only offer a whistleblowing hotline for tips, but to follow up on and check into every report. If you’ve implemented various reporting procedures but fail to follow up when whistleblowers do report their suspicions, it'll all be for nothing.

For public companies, failure to investigate a tip could also result in fines from regulators.

If whistleblowers are doing their part by reporting fraud, do yours by following up.


Implement Internal Controls

One of the easiest ways to prevent fraud is to implement internal controls that make fraud harder to commit and easier to detect. This is an easy step considering many organizations do not have a formal program in place.

The term “internal controls” generally refers to plans, programs or processes that are used to track, control and safeguard assets, financial integrity, and fraud detection. Internal controls work to prevent corporate fraud, but their visibility also acts as one of the best deterrents to fraudulent behavior.

Some examples of internal controls you could implement include:

  • Separation of financial duties
  • Two-factor authentication to access company resources/data
  • Mandatory leave requirements
  • Surprise audits conducted by a third party

If you already have several controls in place but they aren’t effective, they might be out of date. When were they last evaluated or updated to reflect industry changes? Continuously monitor and update your strategies to ensure they’re working.

Segregate Duties

Segregating accounting duties is a great method of internal control. The general best practice is to ensure no one person has control over all parts of a financial transaction.

Instead, assign two workers to carry out financial tasks interchangeably. Have Worker 1 count cash, Worker 2 check the receipts and then Worker 1 can bring the deposit to the bank.

According to New York State's Office of Mental Health's Bureau of Audit, you should also:

  • Separate handling functions from recordkeeping functions
  • Separate purchasing functions from payables functions
  • Ensure that the same person isn’t authorized to write and sign a check
  • Require manager approval of time sheets
  • Require two signatures above certain amounts

 

Limit Access

Transparency is critical but giving employees unlimited access to financial information and physical assets is asking for trouble.

For the majority of employees, restrict access to financial account data, inventory, assets, and checks. Lock away cash, check collections, credit cards, and financial account data. Restrict the number of business credit cards and the number of users. Finally, set account limits just in case.

For Vercillo, limiting access is a key ingredient to corporate fraud prevention. She suggests making "sure to keep physical assets and access to data secure, with limited personnel having access”.

Don’t over-replenish petty cash; limit the replenishment amount to a total that will last a couple of weeks maximum. Always reconcile the petty cash funds, too, before replenishing them to ensure there is no asset misappropriation taking place.

To reduce your risk of check fraud:

  • Avoid writing checks payable to cash
  • Don't issue blank checks
  • Only sign checks when they are filled out completely
  • Deface and retain voided checks

Vercillo warns about the potential dangers of signing blank checks:

“This is a huge mistake and quick lesson learned if they get into the wrongs hands. Moreover, never give up signing authority, as this can make for a sticky mess if this authority is abused”.

Require and Review Documentation

Keeping, storing, and reviewing documentation is a great method of corporate fraud prevention. Not only are strict documentation rules a deterrent, but they also help stop a fraud scheme in its tracks.

With thorough documentation, you can verify that numbers line up monthly, weekly, or even daily. Thorough documentation might include maintaining and reviewing expense reports, phone bills, vehicle logs and odometers, company equipment logs, and receipts.

Scrutinize business bank accounts and credit card charges often. Online banking makes it easy to view credit card statements and account activity. Plus, online banking is more reliable since it cannot be manipulated as easily as a paper-based statement.

Remind employees that documentation is reviewed often as it is a critical part of your company’s anti-fraud strategy.

Implement Anti-fraud Policies

Follow best practices by solidifying them as policy. Often, corporations issue one large anti-fraud policy and in it include a code of ethics, a conflict of interest policy (use our Conflict of Interest Policy Template), an open-door policy, and other business procedures.

Topics to cover in your policy include:

  • Guidelines for bidding for major contracts
  • Disclosure of related party transactions
  • Expenses and travel reimbursements
  • Prohibition of signature stamps
  • Appropriate use of company assets (e.g. electronics, vehicles, services)
  • Purchasing guidelines

In the policy, also discuss common types of fraud and the consequences associated with them. Require that employees read and sign the corporate fraud policy to ensure they understand your company's commitment to corporate fraud prevention.

Develop the policy, implement it, and then live by it. Lead by example by following all the rules meticulously, no matter your role or level of authority in the company. Embrace an open-door policy for open communication.

Train Employees on Fraud Red Flags

Employees who are familiar with fraud warning signs can help with corporate fraud prevention.

First, employees are less likely to fall victim to fraud themselves. External threats, such as a suspicious email or a fraudulent phone call, are less dangerous when the responding employee is familiar with these types of scams and knows how to respond.

Teach employees to "think before they click" and be cautious and attentive to who they are communicating with. This will help you avoid inadvertent leaks of proprietary or financial information.

This training can be beneficial for uncovering internal fraud as well. Employees in every area of the company should know fraud warning signs and how to report suspicions. Employees  more likely than HR or upper management to notice their coworkers' frauds firsthand and are your first line of defense.

Establishing a culture of ethics in your organization is the easiest way to prevent internal fraud.

Download this free checklist to learn eight steps you can take toward better corporate fraud prevention through ethics.


Get the Checklist


Audit the Books Regularly

In addition to documentation reviews, have an independent, impartial person conduct a comprehensive audit of the books regularly. Require this person to routinely audit areas that deal in cash, refunds, product returns, inventory management, and accounting functions.

Schedule occasional undisclosed audits in high-risk, critical business areas to help prevent fraud. Routine audits are great, but it gives fraudsters time and ability to better cover up their tracks.

 

Hire Experts for Help

Vercillo says that in addition to an in-house team, every corporation should have a third-party, such as an accountant, to review their books. “This is a great way to see exactly what is going on, and sometimes a second pair of eyes is all you need to notice suspicious activity,” she says.

Every once in a while, even if you don’t have suspicions or an incident, it’s good to hire a fraud expert. An experienced CFE, CPA, or someone with a CFF designation can help you establish anti-fraud policies, conduct an extensive audit, or just provide general financial guidance.


If It Happens, Handle It

Despite having strong anti-fraud processes, organizations continue to experience fraud every day. For this reason, it’s important to develop a thorough fraud response plan before you become a victim.

Your plan should outline what to do if you discover fraud or at work. Break down employee responsibilities by department and level (e.g. worker, manager, etc.). Include instructions on how to:

  • Report the scheme to law enforcement
  • Inform creditors
  • Retain files
  • Conduct a fraud investigation
  • Disclose to regulators and/or affected customers/clients/patients (for data theft)

Before you accuse an employee of stealing, make sure you have well-documented, indisputable proof.

Being prepared can make fraud less disastrous if it happens.

Use our free fraud response plan template to get started.


Get the Template

Corporate fraud prevention is all about vigilance. With strong policies and employee training, well-maintained reporting mechanisms, and a plan for when fraud does happen, you'll protect your company from financial hardship and reputation damage.