Considerable effort is expended to determine the cost of fraud. Ag producers want to know how significant the risk is to their organizations. Unfortunately, the nature of fraud means that much of its costs are hidden. Many fraud schemes are never detected or continue for years before they’re caught, which means at any given time an organization might be losing money to fraud yet be completely unaware of the losses.
In addition, even when fraud schemes are caught, many of them are never reported or measured. Furthermore, most frauds carry substantial indirect costs such as lost productivity, reputational harm, loss of business, and expenses associated with the investigation and attempted recovery of stolen assets. Although it may be impossible to determine the precise cost of occupational fraud, it is critical for you to try to understand as much as you can about the financial harm caused by these crimes.
Our experience in detecting and preventing fraud has revealed consistent and clear patterns in the form fraud schemes take and the relative cost of each scheme type. Specifically, frauds can be classified into three primary categories: asset misappropriation, corruption and financial statement fraud, with each category further broken down into several subcategories.
As illustrated in the Association of Certified Fraud Examiners’ 2012 Report to the Nations, perpetrators of fraud have historically been well-profiled regarding their proclivity to commit fraudulent acts.
Quantitative observations regarding a perpetrator’s position, gender, age, tenure, education level and employment history are important factors in determining an individual’s motivation, opportunity or rationalization to commit fraud. The report also illustrates the qualitative red flag behavior commonly demonstrated by perpetrators, regardless of their status in those areas. Perpetrators consistently displayed psychological behavioral traits consistent with the stress or fear of perpetrating fraud, including living beyond one’s means, having an unusually close association with vendors or customers, irritability, suspiciousness, defensiveness, complaining, addictive problems, and excessive control issues.
While fraudsters’ circumstances may vary, all are subject to the behavior traits inherent to perpetrating fraud. The pervasiveness of these psychological behaviors is strongly correlated with the most common source of detection—employee tips. An employee’s ability to discern these red flag behaviors among peers accounts for the most effective method of detection. This suggests to me that of all the sophisticated tools used to detect fraud, an examiner’s most powerful and effective tool is the ability to emotionally and psychologically profile the perpetrator.
The following have been identified as potential signs of fraudulent behavior:
• Does the employee never call in sick regardless of how physically ill they
appear, or has the employee stopped taking full weeks of vacation in which someone else performs their duties?
A reluctance to take regular holidays may be due to the need to conceal an ongoing fraud. Fraud can often come to light during a sudden and unexpected absence of the person perpetrating it. Some organizations have a rule that staff must take several consecutive days’ of vacation each year—both for the physical well-being of the employee and to reduce the opportunity for long-term fraud to go undetected. During the employee’s absence, another employee should be asked to perform the job functions of the vacationing employee.
• Is the employee working odd hours when no one else is there? Regular late working by individual employees should always be investigated, as it may result from a need to cover up fraudulent activities in the absence of other staff. A trusted employee can be in a powerful position, especially if management has become relaxed about monitoring his or her activities.
• Has an employee’s lifestyle suddenly greatly improved with no explanation? An apparent discrepancy between an employee’s earnings and lifestyle is a common indicator of fraud. Fraudulent activity also manifests itself through abnormalities in accounting documentation and procedure.
The following questions should be reviewed within your organizations on a periodic basis:
• Are records or documents suddenly missing and untraceable?
• Are there excessive credit memos?
• Are certain customer/donor/member names frequently showing up as having received refunds?
• Is the general ledger out of balance?
• Are duplicate payments found in the ledger?
• Are adjustments to receivables or payables frequently found in the ledgers?
• Are there excessive cash transactions found in expense accounts?
• Is the organization experiencing inventory shortages above normal shrinkage?
• Are there alterations on employee time sheets after supervisors have signed them?
• Are there frequent shipments to P.O. boxes?
• Are shipping destinations anywhere other than the business address?
• Are unreasonably large quantities of supplies ordered?
• Are weekend or holiday delivery dates shown on the invoices?
• Do delivery dates appear that do not conform to vendors’ usual patterns of delivery?
• Are goods delivered by a vendor other than the one from whom the merchandise was ordered?
• Are some vendors paid on a preferential basis?
• Are invoices not properly canceled to avoid duplicate payments?
• Are there unusual markings on invoices?
• Are invoices appearing that are copies and not the original?
• Are handwritten invoices being paid?
• Do some invoices appear to lack the proper letterhead?
• Are invoice totals round dollar amounts?
Once fraud has been detected, quick and decisive action is necessary. Many organizations have founded a formal fraud action plan to assist in the response to fraud. A fraud response plan should include the general company policy on fraud and set out the action to be taken when fraud is suspected. Having a detailed fraud response plan in place helps ensure that everyone is clear about the action that needs to be taken if and when fraud is identified or suspected.
Thinking about the issues in advance helps management to ensure that all relevant aspects are covered. It is difficult to react promptly without a plan to follow.
A detailed document setting out the policies and procedures to be followed in the case of fraud has the following benefits:
• It demonstrates that management is in control of the situation.
• It can help to minimize the risk of further loss once fraud is detected.
• It should improve the chance of recovering the loss already incurred or maximize the amount recoverable.
• It provides a clear statement to employees that management will not condone fraud and will take appropriate action against anyone found to be involved in fraudulent activity.
Management should also be actively engaged in the ongoing prevention of fraud by establishing an appropriate tone and implementing ongoing invigilation. Management can encourage an anti-fraud culture emphasizing corporate responsibility. Management should define fraud so employees are aware of what actions constitute fraud and/or misconduct and what consequences exist for engaging in fraudulent behavior. They should also ensure that all employees know the procedures in the event of a fraud being discovered or suspected, including how to report fraud.
Ongoing invigilation should include:
1. Separation of Duties:
The company should maintain appropriate separation of duties between accounting job functions and provide necessary review and oversight to these functions. When separation of duties is performed appropriately, the following functions will occur separately:
• authorization function (e.g. signing checks). recording function and preparing source documents (e.g. printing checks).
• custody of asset, whether directly or indirectly (e.g. receiving payments in the mail or mailing payments to vendors).
• reconciliation or audit (e.g. monthly bank reconciliations).
2. Bank Reconciliations and Control of Bank Statements:
Monthly bank reconciliations should be performed on all cash accounts by someone who does not make bank deposits or initiate cash disbursements. This reconciliation should be performed before the end of the month in which the bank statement is received. All bank reconciliation should also be reviewed by a member of management to ensure that correct balances were used and that there are no unusual reconciling items. A member of management should also open the monthly bank statement and review it for any unusual items (e.g. checks with one signature) prior to giving the statement to the individual performing the reconciliation.
3. Petty Cash Reconciliation:
The company should keep all petty cash in a secure lockbox. A simple log should be maintained with a record of when petty cash is disbursed, who petty cash was distributed to, and what the petty cash was used for. The log should also show when petty cash is added to the lockbox, and a reconciliation should be performed between checks on the bank statement made out to petty cash and deposits recorded on the petty cash log
4. Administrative Rights, Password, and Closing Dates in Accounting Software:
Management’s login should be the only login in your accounting system that has been given all administrative rights. Usernames and passwords should not be shared. Closing dates should also be used to ensure that data from prior periods cannot be modified once it has been finalized.
5. Implement Quarterly Independent Reviews of Internal Controls:
The company should allow an independent review of accounting functions such as bank reconciliations. This review should include all locations at random times throughout the year.