How to Proactively Detect and Prevent Fraud Before It Occurs

Whether it occurs in a small local shop or in large, multinational corporations—or anywhere in between—fraud is a common crime. And when it goes undetected over a long period, it can cause major loss of assets, damage to a company’s reputation, and hefty penalties.

For those new to fraud, there are three categories of occupational fraud (look for an in-depth explanation of these categories in an upcoming blog post):

• Financial Statement Fraud
• Assets Misappropriation Fraud
•  Corruptions and Money Laundering

Fraud is committed when an entity’s officer, director, or employee uses their occupation for personal gain through the act of deliberate stealing, cheating, lying, or misusing the entity’s resources or assets.

Some of ACFE’s “2018 Report to the Nations” Key Findings

In its “2018 Report to the Nations,” the Association of Certified Fraud Examiners (ACFE) found that an assets misappropriation scheme is the most common type of fraud, but less costly. Meanwhile, the financial statement scheme is less common, but very costly.

The report cites tips as the most common initial detection method, claiming 40% of all reported fraud cases. Internal audit came in second with 15%, and management review third with 13%.

In addition, small businesses were cited as the major casualty of fraud, and internal control weakness was reported as responsible for nearly half of the fraud cases.

The report’s findings were based on the study and analysis of 2,690 cases of occupational fraud that the ACFE investigated between January 2016 and October 2017. You can read the full report here!

Fraud Warning Signs, or Red Flags

Through study and analysis, ACFE has identified the following six common behavioral attributes of most fraudsters. These traits can be warning signs for those tasked with detecting and preventing fraud.

1.       Living beyond one’s means

2.       Financial difficulties

3.       Unusually close association with a vendor or customer

4.       Excessive control issues or unwillingness to share duties

5.       Recent divorce or family problems

6.       A general “wheeling and dealing” attitude involving shrewd or unscrupulous behavior

Officers and employees who display these traits need resources to serve their over-the-top lifestyle. So, when these traits become noticed, it can be an initial clue of the fraudulent activities occurring within the entity.

To prevent fraud from occurring, divide tasks among various employees and designate oversight authority to competent people who understand their role. For example:

• Ensure that the person who runs payroll is not tasked with changing the pay rate or reviewing the payroll reports.
•  Make sure the staff tasked with disbursement is not reconciling the books or authorizing invoices for payment.
• Assign a designated authority to review the vendor lists to make sure that there are no shell companies sending bills for products or services not provided.

Take proactive steps toward preventing fraud, like employee routine audits and inspections of expenditures. If you are a small company with few employees, hire an external CPA firm to inspect the books or to reconcile your balance sheet accounts once a month or quarterly.

In short, employ the independent checks or audits to ensure that human error and fraud are detected and corrected early.

Security Breaches

Cyber security is a major concern for every company. This is especially true for smaller organizations. They might not have the resources to hire and retain IT experts that will monitor security breaches and ensure integrity of the company’s IT systems.

The most effective means to detect and prevent fraud, as cited in the ACFE’s 2018 report, is strong IT controls.

Weak IT controls are a floodgate for phishing emails or free access to hacking an IT system. A hacker can take control of the company’s email accounts. Posing as the president, the hacker can use this access to write internal emails asking the CFO to transfer hundreds of thousands of dollars to an account that the company does not have a business relationship with. Such unusual emails are a red flag. Appropriate measures should be taken to prevent security breaches from spreading to other IT systems.

 A company that has implemented proper IT controls and developed procedures for a wire transfer authentication and authorization process will be better equipped to detect and prevent fraud before it occurs.

Companies should be vigilant of unusual emails or attachments that can be used to hack into their IT systems.

Weak Internal Controls

ACFE cited weak internal controls as responsible for nearly half of the fraud cases. Another red flag for fraud is management override of existing controls. When employees or officers are resistant to tighter controls, this is yet another clue that fraud is occurring or is in the offing.

Startup companies as they start to scale are more susceptible to weak internal controls, and subsequently, to fraud, because they are growing fast, and controls are the last thing on their mind. These circumstances create an opportunity where employees can steal from the company undetected for a long time.

Remember, trust is not a control, and it will not stop fraud from occurring. To detect and prevent fraud, companies should ask a CPA to assess their existing controls and to advise them on how to fix any internal control weaknesses.

Written by Mercy W. Njenga, CPA