Josephine Giordano, Forensic Accountant, Certified Fraud Examiner

Effective Fraud Risk Assessment: Staying Out of the News

The fundamental foundation of effective fraud risk management includes assessing processes and procedures susceptible to fraudsters, identifying the red flags, and promptly curing and strengthening the breakdowns and weaknesses that exist.

See Related Article | Occupational Fraud: Recognizing Red Flags and Managing Risk (2010)

In the News:

The Survey Says …

According to the 2016 ACFE Report to the Nations on Occupational Fraud and Abuse, the vast majority (64%) of frauds were committed by individuals working in one of five departments:

  • accounting (16.6%)

  • operations (14.9%)

  • sales (12.4%)

  • executive/upper management (10.9%)

  • customer service (9%).

Often the perpetrator has limited or no oversight and unilateral authority to access cash, inventory or other assets, and/or financial data. The four highest median dollar losses were in cases involving executive/upper management ($850,000), board of directors ($360,000), finance ($234,000) and IT ($200,000). Almost 40% of all fraud is discovered as the result of a tip, and more than 40% of all tips came from non-employees, such as customers and vendors. Even though 82% of organizations had external audits of their financial statements, less than 4% of frauds were detected by external audits. The lack of effective internal controls was cited as the primary contributing factor in nearly almost 30% of frauds.

Studies show that some industries are more vulnerable to fraud than others, with the banking and financial services, manufacturing, government and public administration, and healthcare industries most commonly impacted.

Prevention: Where to Start

Begin by researching the most common types of fraud in your industry and assessing what steps your company has taken, if any, to mitigate the likelihood of occurrence. By performing detailed historical financial trend analyses and budget-to-actual variance analyses, unusual operating results can be identified for further investigation.

Evaluating your company’s organizational chart and the direct lines of authority and oversight helps to determine where weaknesses may exist in the oversight functions.

Identifying the weaknesses and breakdown in internal controls can shed some light on where potential problems may exist. Ask employees to explain their processes; more often than not, an open line of communication with employees helps to identify areas that need improvement or how procedures are sometimes streamlined resulting in the circumvention of internal controls.

Finding the Smoking Gun

Is there always a smoking gun when suspicions are raised? Not necessarily. However, suspicions, unusual activity and behavior, and/or circumvented internal controls increase the risk that fraud exists or could occur. Tracing and verifying information internally is a good start, but, whenever possible, confirmation by outside sources could mitigate risk in a financial investigation.

It’s a Matter of Time

The longer a fraud scheme goes undetected, the greater the losses. Surveys shows that payroll fraud, check tampering, financial statement fraud, expense reimbursements, and billing schemes lasted an average of two years before being detected. Creating and altering physical documents were the most common concealment methods.