The average organization will lose five per cent of its annual revenue to fraud each year. Fraud affects victim organizations indirectly, too, in the form of fines, legal costs and reputation damage. For smaller companies, fraud can be fatal.
Overall, it’s easier and less expensive to prevent corporate fraud than to repair your finances and reputation once fraud has been committed. With the proper plans in place, an organization can effectively reduce the chances of fraud occurring and minimize the losses from fraud that have already occurred.
Learn what types of fraud are plaguing corporations around the world, the programs and procedures you need in place to reduce your organization’s vulnerability to fraud, plus how to respond to fraud correctly to reduce your losses.
Want to learn why corporations around the world are using case management software to recover more funds lost to fraud? Download the eBook.
All corporate fraud falls into one of three categories: asset misappropriation, financial statement fraud and corruption.
It’s the most common type of fraud, making up 89 per cent of all fraudulent activity. Asset misappropriation is essentially theft in which an employee steals or otherwise exploits the company’s resources.
Common examples include stealing money directly, submitting false reimbursement claims to claim bogus expenses and stealing non-cash assets.
Corruption is the second-most-common type of fraud. In the 2018 Report to the Nations, ACFE stated that 38 per cent of cases studied involved some form of corrupt act. Corruption occurs when an employee uses their position or authority to influence business transactions for their benefit while violating their responsibility to the employer.
Examples of corruption include bribery, extortion and conflicts of interest. For example, a senior project manager who continually uses her brother-in-law’s company for labor work is guilty of corruption.
Financial Statement Fraud
Financial statement fraud (also called financial statement reporting fraud) occurred in ten per cent of cases but causes the most median loss. This type of fraud involves purposefully omitting or misstating data in financial reports in order to mislead others about the company’s financial position and performance.
Fraudsters may create a rosy picture of the company’s success by falsifying balance sheets, inflating assets, creating fictitious revenues or hiding liabilities.
External Fraud & Online Fraud
Business fraud doesn’t always originate inside your organization by disgruntled employees. Corporations should also be wary of outsider fraud. For example, a call or email from what appears to be a trusted source can trick employees to inadvertently share private information, such as bank account numbers.
As business transactions continue to move online, corporations are more susceptible than ever to cyber fraud. A scam or other malicious attack can put company equipment and files in danger. Without security software and thorough training, cybercriminals can steal your banking details and other confidential, and valuable, information.
Depending on their size, corporations can have thousands of employees, vendors and partnerships. It’s important to observe and listen to anyone who has any involvement in your corporation, as a person’s behavior can sometimes indicate their intent to commit fraud.
An employee’s change in attitude can reveal risks or issues that need to be addressed. For instance, an employee who recently began criticizing the company or who has expressed that they are facing financial challenges may pose a risk of fraud or other misconduct.
Monitoring employee attitude and responding appropriately may minimize loss from fraud and improve workplace culture. An unhappy employee may be inefficient and can breed resentment.
In addition to monitoring attitudes, also monitor employee behaviors. An employee who hasn’t missed a day of work might be an over-the-top dedicated employee, but they might also have something to hide.
An employee who never takes a vacation, never calls in sick, never goes for lunch and always works overtime may worry that someone will detect their fraud while away from the office.
Monitoring vacation balances, mandating days off and even rotating employees to other jobs in the department can help prevent (or expose) corporate fraud.
A formal hiring routine is a must-have for large corporations to prevent fraud. A formal process consisting of background checks and scrutiny of past jobs will reduce the chances of bringing a former fraudster into the company.
Patricia Vercillo, VP of Operations at the Smith Investigation Agency and Smith Training Centre, says that, as a business owner, “you want to learn more about the person you’re bringing on board before it’s too late”. Truly getting to know prospective employees can prevent corporate fraud and other potential issues down the line.
Know Your Vendors and Partners
Just like you should know your employees, you should know your vendors and partners. Conduct regular audits of new vendors, as billing-scheme embezzlers set up and make payments to fictitious vendors.
Before getting into any relationship requiring trust (such as sending them payment after receiving a product or service) ensure you have collateral or some form of defense. This can be as simple as having a person’s or company’s physical address or trustworthy references.
Download this cheat sheet for 16 ways to identify fictitious vendors.
It’s important to set up a method (or, ideally, multiple methods) to report suspicions of fraud.
Whistleblower tips are responsible for uncovering 40 per cent of occupational fraud.
Frequent sources include employees, vendors, competitors, customers, the general public and acquaintances of the fraudster, so don’t forget to raise awareness for all parties. An internal poster for employees won’t be helpful or informative for the fraudster’s spouse.
For honest employees, raising awareness about a fraud reporting hotline will improve the likelihood that they use it. For dishonest employees who are considering committing fraud, ongoing reminders about reporting suspicions will act as a deterrent.
Someone hesitant to report fraud or get involved would benefit from the option of doing so anonymously.
Look into Every Report
It’s important to not only offer a whistleblowing hotline for tips but to follow up on and check into every report. If you’ve implemented various reporting procedures but fail to follow up when whistleblowers do report their suspicions, it’ll all be for nothing. If whistleblowers are doing their part by reporting fraud, do yours by following up.
And, for a public company, failure to investigate a tip could result in fines and regulatory action.
One of the easiest ways to prevent fraud is to implement internal controls that make fraud harder to commit and easier to detect. This is an easy step considering many organizations do not have a formal program in place.
The term “internal controls” generally refers to plans, programs or processes that are used to track, control and safeguard assets, financial integrity and fraud detection. Internal controls work to prevent corporate fraud, but their visibility also acts as one of the best deterrents to fraudulent behavior.
If you already have several controls in place but they aren’t doing a good job, ask yourself when was the last time they were evaluated or updated to reflect industry changes? Continuously monitor and update your strategies to ensure they’re working and effective.
Being prepared can make fraud less disastrous if it happens. Use our fraud response plan template to get started.
Segregating accounting duties is a great method of internal control. The general best practice is to ensure no one person has control over all parts of a financial transaction. Instead, assign two workers to carry out financial tasks interchangeably. Have Worker 1 count cash, Worker 2 check the receipts and then Worker 1 can bring the deposit to the bank.
According to New York State’s Office of Mental Health’s Bureau of Audit, other best practices include:
- Separate handling functions from recordkeeping functions.
- Separate purchasing functions from payables functions.
- Ensure that the same person isn’t authorized to write and sign a check.
- Require manager approval of timesheets.
- If you can’t separate duties, require independent checks.
- Require two signatures above certain amounts
Transparency is critical but giving employees unlimited access to financial information and physical assets is asking for trouble.
For the majority of employees, restrict access to financial account data, inventory, assets and checks. Lock away cash, check collections, credit cards and financial account data. Restrict the number of business credit cards and the number of users. Set account limits just in case, too.
For Vercillo, limiting access is a key ingredient to corporate fraud prevention. She says to “make sure to keep physical assets and access to data secure, with limited personnel having access”.
Don’t over-replenish petty cash, limit the replenishment amount to a total that will last a couple of weeks maximum. Always reconcile the petty cash funds too before replenishing them to ensure there is no asset misappropriation taking place.
Regarding checks and check collections:
- Avoid writing checks payable to cash
- Avoid issuing blank checks
- Only sign checks when they are filled out completely
- Deface and retain voided checks
Vercillo warns about the potential dangers of signing blank checks: “this is a huge mistake and quick lesson learned if they get into the wrongs hands. Moreover, never give up signing authority, as this can make for a sticky mess if this authority is abused”.
Require and Review Documentation
Keeping, storing and reviewing documentation is a great method of corporate fraud prevention. Not only is it a deterrent when you have strict documentation rules, but it will also help stop a fraud scheme in its tracks.
With thorough documentation, the business owner can look weekly, daily or even hourly to verify that numbers line up and there is no shady business occurring. Thorough documentation may include maintaining and reviewing expense reports, phone bills, vehicle logs and odometers, company equipment logs and receipts.
Scrutinize business bank accounts and credit card charges often. Online banking makes it easy to view credit card statements and account activity. Plus, online banking is more reliable since it cannot be manipulated as easily as a paper-based statement.
Remind employees that documentation is reviewed often as it is a critical part of the company’s anti-fraud strategy.
Implement Anti-fraud Policies
Follow best practices by solidifying them as policy. Often, corporations issue one large anti-fraud policy and in it include a code of ethics, a conflict of interest policy (use our Conflict of Interest Policy Template), an open-door policy and other business procedures.
Topics to cover in your policy include:
- Competitive bidding for major contracts
- Disclosure of related party transactions
- Expense and travel reimbursements
- Prohibit signature stamps
- Appropriate use of company assets
- Appropriate purchasing guidelines
In the policy, also discuss the types of fraud and the consequences associated with them. Require that employees read and sign the corporate fraud policy to ensure they understand how seriously the company takes corporate fraud prevention.
Develop the policy, implement it and then live by it. Lead by example by following all the rules meticulously, no matter your role or level of authority in the company. Embrace an open-door policy for open communication.
Train Employees on the Signs
Employees who are familiar with fraud warning signs can help with corporate fraud prevention.
First, employees are less likely to fall victim to fraud themselves. External threats, such as a suspicious email or a suspicious phone call, are less dangerous when the responding employee is familiar with these types of scams and knows how to respond.
Teaching employees to “think before you click” and be cautious and attentive to who they are communicating with will help avoid any inadvertent leaks of private financial information.
On the inside, these trained employees can work in your favor. Employees in every area of the company should know fraud warning signs and how to report suspicions. Because these employees are working more closely with potential fraudsters than a CEO, they are more likely to see fraud firsthand and are your first line of defense.
In addition to documentation reviews, have an independent, impartial person conduct a comprehensive audit of the books regularly. Require this person to routinely audit areas that deal in cash, refunds, product returns, inventory management and accounting functions.
Schedule occasional, undisclosed audits in high-risk, critical business areas to help prevent fraud. Routine audits are great, but it gives fraudsters time and ability to better cover up their tracks.
Hire Experts for Help
Vercillo says that in addition to an in-house team, every corporation should have a third-party, such as an accountant, to review their books. “This is a great way to see exactly what is going on, and sometimes a second pair of eyes is all you need to notice suspicious activity,” she says.
Every once in a while, even if you don’t have suspicions or an incident, it’s good to hire a fraud expert. An experienced CFE, CPA or someone with a CFF designation can help establish anti-fraud policies, conduct an extensive audit or provide general financial guidance.
Despite having strong anti-fraud processes, corporations continue to experience fraud every day. For this reason, it’s important to develop a thorough fraud response plan before you become a victim.
Your plan should outline what to do if you discover fraud at work. Reporting the scheme to law enforcement, informing creditors, retaining files and conducting a fraud investigation are four important steps to stop fraud in its tracks and prevent others from being victimized.
But before you accuse an employee of stealing, make sure you have well-documented, indisputable proof. Download this cheat sheet to learn the six things you need to do when you have reasonable grounds to suspect employee theft.