Although the recent high profile fraud cases like Enron, World Com, Tyco and Madoff get the bulk of the press, the vast majority of frauds doesn’t get much publicity, are not big dollar losses and are not committed by high profile executives. What company wants to broadcast that they lost money because they were robbed by an employee(s)? The Association of Certified Fraud Examiners (ACFE) in their 2008 ACFE Report to the Nation on Occupational Fraud and Abuse estimates that US organizations lose 7% of their annual revenues to fraud. This figure translates into approximately $994 billion in fraud losses.1 While this is a staggering figure, the median loss reported by the ACFE for all fraud schemes is only $175,000 and only one-fourth of the cases had losses of $1 million or more.
According to the ACFE’s study, there were 99 reported cases of financial statement fraud which accounted for just over 10% of all reported fraud cases. While the number might be small, the median loss for these financial statement fraud schemes (like Enron and World Com) is $2 million and over one-half of these crimes were committed by executives and upper management personnel. However, in comparison to the total reported fraud losses, only 18% of the losses are committed by upper management and executive level employees, yet frauds committed by these executives were particularly costly, resulting in a median loss of $8,153,000 (almost five times the median loss for all reported cases). Stated in another way, while owners/executives accounted for slightly less than one-fifth of the losses, these were the largest losses.
Certain elements exist in any fraud, whether it is a large fraud like Enron or a small fraud perpetrated by a bookkeeper. These elements are need, opportunity and rationalization (commonly referred to as the Fraud Triangle). Needs are limitless and can entail ego, lifestyle, medical issues and habits (drugs, gambling, etc.), just to name a few. The opportunity to commit a fraud frequently exists because of one’s position within the organization. For the executive the opportunity presents itself because of the power/standing the individual commands within the company and the fact that there is generally a double standard between executives and employees as far as freedom to maneuver, tolerance and the ability to override controls and bend the rules. For others, the opportunity presents itself because of the company’s organizational structure or the lack of organizational policies that allows an individual the opportunity to commit a fraud. Rationalization is a "mind game" which cries of entitlement because of poor salary, lack of promotion, the conduct of others or the excuse that the money taken was only borrowed. It is well reported that most fraudsters are not hardened criminals with prior records but regular people who got trapped and succumbed to the Fraud Triangle. One thing is for sure, where money is involved people have a tendency to get greedy and what started out as a one-time escapade turns into a recurring scheme.
Peter Goldmann in a recent article The New Fraud Triangle: Another Dimension in Employee Fraud Motivation indicated that "… prevention experts are redefining the Fraud Triangle as more of a Fraud Diamond. The fourth dimension of the theory explaining employees’ motives for committing fraud is the now widespread sense of alienation and disenfranchisement, driven largely by the ‘layoff culture’ … and further fueled by the accelerated disappearance of healthcare, pension and other benefits … foreign outsourcing of both hourly and salaried jobs … and increasingly stressful workloads."
Tone at the Top
Whether the company is large or small, there are some common elements that need to be present to help reduce the possibility of fraud and those are oversight and a "tone at the top." In a large company, this comes from the Board of Directors, the Audit Committee, management, internal and external auditors and the segregation of duties, among others. Small companies, on the other hand, typically do not have the resources that allow for a Board of Directors and an Audit Committee and the day-to-day operations are typically performed by a few individuals who perform numerous related functions which results in a lack of segregation of duties (oversight). But owners and managers can still set the "tone at the top."
Financial Statement Fraud
Financial statement fraud, as noted earlier, is the big ticket fraud typically found in publicly traded companies. These frauds while accounting for only 10% of the reported cases have average losses of $2 million and over half were committed by executives and upper management. Public companies and their key employees are rewarded for good performance. In good times when earnings meet or beat analysts’ projections, stock prices generally go up and market capitalization increases. In turn, key employees receive their stock options, bonuses, deferred compensation, etc. Companies are continually faced with pressures exerted by the markets and the financial analysts to ensure that they meet their projections or in common parlance – "make the numbers." Therefore, companies as well as their executives and accounting personnel are faced with a common dilemma – doing what is necessary to receive these rewards OR doing what is right. In good times making the projections (to keep the analysts happy) generally takes care of itself and "the numbers" are met or exceeded and all is well – stock prices and market capitalization go up and key employees receive their "perks." However, what happens when it doesn’t look like the company will "make the numbers?" Does the company (i.e. management) report the real/actual numbers that fall short of the projections and face the consequences of falling stock prices and the related impacts on market capitalization and potential loss of key employee compensation? Or, does the company (i.e. management) succumb to the pressures and "cook the books" to continue the company’s "apparent" financial success which ensures the continued financial rewards? Done once, it is easier to do a second, third and fourth time and ultimately on an as needed basis considering there appears to be "no pain and all gain." Therefore, with each passing quarter, when a company knows it has a method to succeed, "reality" becomes less of an issue. Having set the pattern in motion, it becomes more and more difficult to reverse the fraud that has been committed and the fraud will likely continue for some time. The ACFE study indicated that, on average, fraudulent financial statement schemes lasted 30 months. That is, until an anonymous tip is received, someone "blows the whistle" or possibly the external audit detects some accounting irregularity which upon further investigation uncovers the fraud.
The schemes utilized in financial statement frauds are only limited to the creativity of the perpetrator(s). Common schemes include the improper recognition of revenue, inappropriate capitalization of expenses, improper asset valuations, timing differences related to the recording of revenues and expenses, and fictitious post closing journal entries, just to name a few.
No business sector (manufacturing, financial services, healthcare, retail, etc.) is immune to a fraud and fraud doesn’t play favorites in terms of the size of an organization. Fraud occurs in every type of business; i.e. publicly traded companies, privately held businesses, governmental entities and not-for-profit organizations. As we have discussed, fraud occurs in large companies as well as in small companies; however, fraud occurs more frequently in smaller companies. According to the ACFE study, frauds in small businesses defined as those with less than 100 employees, were the most frequent, accounting for almost 38% of reported cases and a higher median loss ($200,000) than their larger counterparts. In addition, small businesses face different obstacles than larger organizations because of their size and limited resources. Most often small businesses are lacking in the appropriate internal controls such as the necessary segregation of duties. In addition, the perpetrator is often a "trusted" employee generally fulfilling multiple overlapping duties and, as a result of this "trust" factor there is a failure by the owner or on-site management to monitor the activities of that individual or to institute some simple compensating procedures or controls.
Approximately 90% of all frauds involve asset misappropriation which simply stated means the theft or misuse of company resources, such as cash, supplies, equipment or inventory. According to the ACFE study, approximately 85% of all asset misappropriation cases involve the theft or misuse of cash. Cash is stolen from incoming receipts, cash on hand or from outgoing disbursements. Not surprisingly, due primarily to the lack of segregation of duties, the majority of frauds in small companies in some way deal with cash. According to the ACFE study, the most common frauds in small businesses involve billing, check tampering, corruption and skimming schemes. Billing schemes attack a company’s cash disbursements and accounts payable functions in that a bogus invoice for merchandise, payroll or employee expenses is submitted for payment. Check tampering is obvious from its name as the fraudster either prepares a fraudulent check or alters/forges a check for his/her benefit. Corruption schemes relate to bribes, kickbacks, gifts and gratuities which benefit the fraudster. Finally, skimming relates to taking cash before it is entered into the company’s accounting system.
An example of a skimming scheme occurred at a golf course where the club pro, who was working the cash register at the pro shop, was providing customers with duplicate receipts generated from the accounting software for payment of greens fees and pocketing the cash. The customer would then proceed to the first tee, where they would present his/her receipt to the starter as evidence that he/she had paid for their round of golf. At many golf courses the starters merely initial the customer’s receipt and don’t keep a copy of the receipt as an audit tool. Even if the receipts weren’t maintained, the number of rounds recorded on the cash register could be compared with the log maintained by the starter but this was not done either.
There are numerous expense account violations which in general are insignificant to a company’s bottom line - business mileage can be inflated, duplicate receipts can be submitted for cab rides never taken and for meals never eaten, charging $10 for an expense that was only $5, non-business meals can be submitted as business meals – just to name a few abuses. An issue to consider here is that if someone is willing to pad their expense reports for relatively small dollars, what other schemes are they willing to perpetrate since these tactics have demonstrated the individual has suspect ethical standards?
Inappropriate gifts, travel and/or entertainment known as corruption in fraud terms are a frequently used scheme which happens often in the procurement area as an inducement offered by suppliers. When sales and purchasing personnel are not equally compensated on a basis commensurate with their performance, those in the purchasing area can use this inequity in compensation to justify taking advantage of the bribes and kickbacks.
Common Sense Controls
There are some common sense controls that any company but particularly smaller companies can and should put in place. One thing is for sure, it is less likely that someone will attempt a fraud scheme if they believe that there is some form of oversight. The following items are only a sampling of possible control procedures which could be performed by someone in a supervisory role such as the controller or the owner depending on the company’s organizational structure.
- Pre-employment background checks with previous employers are not always helpful in uncovering problems as employers are fearful of potential litigation; however, they still should be done and if the position entails cash related functions, they should be done in conjunction with credit checks and criminal checks.
- Use a PO Box for company mail, which is picked up daily and opened before being distributed.
- Have bank statements sent to a PO Box.
- Review checks clearing with bank statements for unusual items.
- Control accounts payable check stock and maintain a usage log.
- Require annual vacations.
- Periodically rotate job responsibilities.
- Generate exception reports with any changes made to master files – payroll, accounts payable, etc.
- Communicate both verbally and in writing the company’s position (code of conduct) as it relates to fraud, which includes a clear acknowledge-ment that no fraud will be tolerated and all frauds will be prosecuted.
In addition to the normal year-end work, companies could have their accounting firm spend one day each quarter reviewing the quarterly activity.
Consideration could be given to hiring a part time person to periodically perform some of these procedures as well as getting management more involved. Not-for-profit organizations have traditionally relied on volunteers to perform some of these functions. Taking some time on a periodic basis for some of these more mundane tasks could or has the potential to save the company money in the long run. The question that owners and management have to ask is whether or not the cost of implementing these (or other) controls is greater than the risk of loss through a fraud scheme.
Hotlines are becoming more and more commonplace. According to the ACFE, in slightly less than 50% of the reported cases in which a tip or complaint was instrumental in the detection of the fraud, 31% were received by a hotline or other formal reporting mechanism. This is a relatively high number considering that less than half of the victim organizations in the ACFE survey had a formal reporting mechanism. As a result, organizations can improve their detection efforts by establishing formal structures to receive reports about possible fraudulent conduct. In addition, the ACFE survey also found that fraud losses were reduced where organizations had anonymous hotlines, offered employee support programs, provided fraud training, and had internal audit or fraud examination departments.
PriceWaterhouseCoopers in The 4th Biennial Global Economic Crime Survey – Economic crime: people, culture and controls states: "As our survey clearly shows, it is simply impossible to get rid of economic crime – the crime of fraud remains intractable because of the many kinds of fraud and the correspondingly broad range of fraudsters who commit them. There will never be a simple solution, but we can endeavor to develop our understanding and share our knowledge of ‘what works and what doesn’t’ in combating fraud." If we will not be able to eliminate fraud, we should be able to mitigate its impact by implementing the appropriate corporate culture together with some necessary procedures and controls. Therefore, the old saying "you can pay now or pay later" surely has applicability in fighting fraud.
1 The ACFE study is based upon data compiled from 959 cases of occupational fraud that were investigated between January, 2006 and February, 2008. The median response indicated that the typical U.S. organization loses 7% of its annual revenues to fraudulent activity. Applying this percentage to the estimated 2008 U.S. gross domestic product of $14.2 trillion would project that roughly $994 billion would be lost to fraud in 2008. This is an estimate based solely on the opinions of Certified Fraud Examiners and therefore should not be considered a literal representation of the true cost of fraud facing U.S. organizations.
Ed Cikanek is the Director of Litigation Services for Sikich LLP, a full service accounting firm located in Aurora, Illinois. Ed has 40 years of accounting, audit and consulting experience and provides accounting and consulting services in a wide variety of litigation matters including commercial damages, construction disputes and fraud and forensic matters. You can contact Ed at 630.566.8533 or at email@example.com.