FCPA Compliance and Ethics Blog

February 24, 2011

Five Myths About Fraud

Ed. Note-today we host a Guest Post from our Fraud Examiner Expert colleague – Tracy Coenen

We’ve all heard so much in the news about fraud over the last several years. Not a day goes by that we don’t hear about an executive caught with his hand in the cookie jar, a company that failed to follow proper accounting rules, or a compensation structure that led someone to cheat with the numbers.

In some ways, I think people are becoming immune to fraud. The cases don’t seem as significant as they would have been five years ago. They’re not as shocking as they used to be. It is sad that fraud is becoming more commonplace. And the more we hear about fraud, the more I think companies run the risk of not taking it seriously.

Most importantly, I think people are running around with some big misconceptions about employee fraud. If they mistakenly believe their company is not at risk, they are probably not actively preventing fraud. Companies must know the truth about fraud and its perpetrators in order to actively protect themselves.

The following are five of the fraud myths that I regularly run into in my fraud investigation practice. Whether owners and executives actually utter these out loud or not, merely buying into these myths mentally can be a recipe for disaster.

1. Our company does not have an internal fraud problem.

While companies would like to believe they have good employees and adequate controls to prevent fraud, the fact of the matter is that 45 percent of companies will be significantly affected by fraud, according to one international study. A separate study estimates that the average internal fraud will cost $159,000, and that almost one-fourth of fraud cases will cost companies over $1 million each.

Companies cannot afford to ignore the risk of fraud and the likelihood that fraud is occurring internally. It is too expensive, particularly when one considers the fact that there are many indirect costs of fraud, including investigation and legal costs, employee attrition, and decreased employee morale.

Actively fighting fraud means implementing policies and procedures that prevent and detect fraud. Anti-fraud professionals who are experienced with the common methods of fraud can be invaluable to this process. Whether a company gets there with employees or outside consultants, it is important to secure company information and assets to prevent internal fraud.

2. Most people are honest and won’t commit fraud.

This is a dangerous approach to take to the business of fraud. It is true that most people are generally honest. But to rely on this instead of putting controls in place to prevent fraud is a big mistake.

While it’s wise to hire those with a track record of honesty, past behavior doesn’t necessarily predict future behavior. Almost 88 percent of employees and executives who commit fraud against their employer have never before been charged or convicted of a fraud-related offense. This means it’s nearly impossible for companies to predict who is going to commit fraud and when they are going to do it.

It is a fact that honest people can and do commit fraud. Outside pressures can cause people to behave in ways they normally would not. Things that could push someone toward fraud include addictions, divorce, overwhelming debt, and gambling problems. When pressures like this are present, it’s difficult to predict who will commit fraud.

In the end, those who commit fraud come from all walks and ways of life. From clerks to executives, no one is immune. Thieves come from all social classes and all economic backgrounds. If given a strong motivation and ample opportunity, anyone can commit fraud against her or his employer.

3. If our company follows government regulations, we will be protected against fraud.

Unfortunately, the current accounting rules and regulations do not really provide protection against fraud. Sarbanes-Oxley is probably the most widely-recognized regulation dealing with fraud. It has had some positive effects because it has forced companies to review and document their policies and procedures.

Companies have spent enormous amounts of money on implementing Sarbanes-Oxley, and it’s probably discouraging to admit that even such an extensive project isn’t really preventing fraud. The regulation forces management and the board of directors to accept responsibility for issuing accurate financial statements, however, it doesn’t really ensure that companies have fraud prevention procedures in place.

In order to effectively prevent fraud, companies must create and implement policies and procedures specifically designed to deter and detect fraud. Again, this should be accomplished with the help of an anti-fraud professional who is experienced in the methods used by corporate fraudsters. A good fraud prevention program will actively prevent and detect fraud while still complying with the applicable regulations.

4. Small frauds aren’t important enough for management to worry about.

Virtually every big fraud started out as a small fraud at one point. Whether it is a minor theft of cash or a financial statement manipulation intended to cover up a substandard quarter, what starts out as a small fraud can quickly grow into a major fraud scheme. A theft of $500 may not seem significant enough for management to devote time and effort to the problem. But what if an employee was stealing $500 a week for three years? Suddenly, there is a theft of over $75,000, which could be very material to the company.

It’s important for companies to take small frauds and ethical lapses seriously. Not only does management want to cut off frauds while they are in their early stages, they also should be sending a message to employees that dishonesty is not tolerated. A zero tolerance policy is a necessary part of any good fraud prevention program.

It may be expensive to monitor and investigate smaller thefts from the company. However, in the long run, the cost will be worthwhile because the company will have stopped frauds from growing into the hundreds of thousands and millions of dollars. Therefore, an effective fraud prevention program will contain components that help the company discover fraud early.

5. Fraud will be detected by our auditors.

History has shown us that a company’s independent auditors cannot be relied upon to find fraud. This is true primarily because audits are not designed to detect fraud. They are designed to give “reasonable assurance” that the numbers shown on the financial statements are materially accurate.

Because fraud involves the active concealment of the truth, it makes it difficult for auditors to discover. Further, auditors have a tendency to become complacent with their clients. They see the same things year after year in the audit, and they may stop paying close attention. Employees who are concealing a fraud may also be comfortable with the auditors and know what procedures are coming. If that’s the case, count on the employees to be very careful with the fraud as it relates to those expected procedures.

Auditing rules have attempted to address how auditors approach the potential for fraud within companies. While the current rules are somewhat better than those of several years ago, a traditional independent audit still cannot be relied upon to detect fraud. Executives who believe differently are setting their companies up for disaster.

The Solution
Preventing fraud in companies all comes back to active prevention techniques and educating employees about fraud. First, owners and executives must be aware that they are very much at risk of experiencing internal fraud, and that the statistics show that the losses can be expensive. Then they need to take decisive action in formulating a fraud prevention program.

Education of everyone is still a very important part of fraud prevention. No company is immune to the problem, and no employee is completely free from the possibility of committing a fraud one day. After owners and executives appreciate the true magnitude of the problem, it will be through action that fraud will be prevented at their companies.

Tracy L. Coenen, CPA, CFF is a forensic accountant and fraud investigator with Sequence Inc. in Milwaukee and Chicago. She has conducted hundreds of high-stakes investigations involving financial statement fraud, securities fraud, investment fraud, bankruptcy and receivership, and criminal defense. Tracy is the author of Expert Fraud Investigation: A Step-by-Step Guide and Essentials of Corporate Fraud, and has been qualified as an expert witness in both state and federal courts. She can be reached at tracy@sequenceinc.com or 312.498.3661.

Ed.Note-this article initially appeared in the Fraud Files Blog.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

FCPA Compliance and Ethics Blog on the Road

Next week, together with Stephen Martin, General Counsel of Corpedia, we will be having an FCPA ‘road trip’ next week in Miami on Tuesday, Atlanta on Wednesday and Cleveland in Thursday.  We will present the most current best practices for an FCPA and Bribery Act compliance program. If you reside in or near one of the venues, I hope you can join us. I would love to meet you.

All events are complimentary and both CLE and breakfast are provided. Our presentation is hosted by World Check.

Tuesday, March 1 in Miami-http://members.ethisphere.com/events/event_details.asp?id=143046

Tuesday, March 2 inAtlanta-http://members.ethisphere.com/events/event_details.asp?id=143049

Wednesday, March 3 inCleveland-http://members.ethisphere.com/events/event_details.asp?id=143052


2 Comments »

  1. Sometimes, people committing fraud were not actually aware that it’s already considered as “Fraud” especially to staffs. To prevent this, I believe companies/organizations should orient their employees about it through Ethics Compliance Training.

    Comment by 360training — March 10, 2011 @ 6:37 am | Reply

  2. Having interviewed many computer fraudsters, here are some more thoughts. I found the most common motive for engaging in deception is not greed or high living. It is solving an unshareable personal or business problem. Organizations don’t hire fraudsters; people engage in deception during the course of their employment.

    Managers should know their staffs on a personal basis and develop mutual trust in revealing personal problems. Organizations should provide confidnetial problem solving advisory services for employees and segregation of duties as important information security controls.

    Comment by Donn Parker — April 18, 2011 @ 10:49 pm | Reply


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: