Who do you think is responsible for preventing and detecting fraud? Is it the external auditor, company management, board of directors, or outside specialists and how does the financial statement audit play a part in the fraud. The answer may surprise you! External auditors are only required to find what’s termed “material misstatements” whether due to fraud or mistakes. A material misstatement is defined as an amount that will sway an investor or reviewer of the financial statements one way or the other. For example, if the fraud perpetrator stole $100 for a company that makes approx $1M USD in revenues, the external auditor is not required to detect the $100 dollar fraud. If your organization relies solely on the external financial audit as your fraud prevention and detection tactic, you are already behind and increasing your risk exposure to fraud. Although much of the public believe an external auditor’s focus should be to detect fraud, the focus is to make an opinion on the financial statements. Then who is responsible for preventing and detecting fraud? Executive Management is responsible. They should be creating, designing, and evaluating the organization’s fraud risk management program. This special report will help management understand what creates opportunities for fraud to exist, how to prevent them, the mindset characteristics of fraudsters, and how to deter these characteristics in the organization.
MANAGEMENT OPPORTUNITIES
An opportunity is the condition or situation that allows a person or persons to commit fraud. Many people are given the opportunity, but do not necessarily succumb to the temptation. However, the following opportunities create an environment more prone to fraud.
Complex Business Structure
If the business structure is so complex, where multiple auditors, lawyers, and specialist are involved, this environment is a management fraud red flag. The structure may not allow one party to have access to all of the data needed to complete the task at hand like an external audit. If a professional auditor, lawyer, or other specialist do not have access to all the data due to the structure, they will not see the full picture from beginning to end. This is an opportunity for management to hide fraud.
High Turnover of Auditors / Lawyers
Sometimes a high turnover of auditors or lawyers infers these professionals were suspecting fraud or close to finding fraud and the District finds another auditor / layers as a result. The new auditors / lawyers without any suspicions are less likely to detect fraud.
High Turnover of Key Personnel
When key personnel don’t stay for a long period of time, this should raise a fraud red flag. Why? Because when an executive position is occupied by many different persons over a short period of time, it infers they will not cooperate with dishonest acts.
Creative Accounting
When the accounting of the business transactions become questionable, especially in revenue, it infers executive management are “cooking the books”. For example, they may recognize revenue too quickly or defer expenses and classify them as assets. Whenever the accounting becomes too creative and becomes suspicious, your fraud meter should perk up.
Let’s Recap
When a business structure is too complex and many auditors/lawyers are working on only pieces of the entity, it creates an opportunity for management to perpetrate fraud, because the auditors/lawyers don’t have access to all the data within the organization and don’t see the end to end picture. High turnover of key personnel and auditors/advisors is a fraud red flag. Many times persons of integrity won’t go along with dishonest acts and either quit or are fired accordingly, and finally, if the organization’s accounting books are too creative normally there is an alternative motive. This creates too much of an opportunity for management to increase revenues and/or decrease expenses erroneously.
EMPLOYEE OPPORTUNITIES
When employees are tempted to perpetrate fraud almost always opportunities or perceived opportunities are part of the equation. We’ll review some of these opportunities below.
Organizational Culture
One way for employees to commit fraud is to be part of an organization that does not promote and teaches honesty as part of a core principle of the organization. Employees tend to move away from honesty and integrity, when the organization has not clearly defined what is acceptable and what is not. It’s all about the tone at the top (What executive management do and promote, the others will follow and do likewise)
Companies, either through neglect or competitive culture, create the opportunity for fraud, when they do not explicitly define what is acceptable and unacceptable behavior. All employees should know the core principles and the acceptable behavior of the organization.
Dismissal of Fraudulent Acts Committed by Employees
When an organization either because of lack of time, resources, not wanting bad publicity do not prosecute the fraud perpetrator, the organization sends a strong signal to other employees that fraudulent activity will not be prosecuted. This inadvertently sends a message to other employees that dishonest acts do not carry strong consequences other than employment termination.
Lack of Tone at the Top
If a company does not perform background checks, employees can commit fraud by falsifying their resume. You do not want to hire someone where they say they can do “x” but only can actually do “y”.
Absence of Background Checks
If a company does not perform background checks, employees can commit fraud by falsifying their resume. You do not want to hire someone where they say they can do “x” but only can actually do “y”.
Lack of Segregation of Duties
When an organization does not have adequate segregation of duties, it creates an opportunity for a person to commit and hide fraudulent activity for a prolonged period. This is one of the most simple ways to conceal the fraud. Segregation of duties is the concept of having more than one person required to complete a task. For example, the person entering the cash receipt should not be the person to deposit the cash receipt to the bank account, and the person reconciling the bank account to the cash general ledger account should not enter the cash receipts nor deposit the cash receipt into the bank account.
Crisis Mode
When Management works in “crisis mode” do not follow proper internal controls and override the procedures. The “crisis mode” mindset supersedes normal protocol to follow internal controls and segregation of duties. Ensure every “crisis” is not too big and allows the organization to override existing controls and procedures.
Recap
We covered significant opportunities regarding fraud perpetrated by employees, but the theme to prevent these opportunities from occurring is to have a strong “tone at the top”. Upper management (executives) should promote and teach acceptable and unacceptable behaviors, always follow the same rules as the employees, check each employee’s background prior to starting their employment, segregate duties of tasks, and always follow proper internal controls no matter the situation at hand.
FRAUD PREVENTION
Now that you have an idea of what creates opportunities for management and employees alike, let’s review fraud prevention techniques to deter these opportunities. Preferably, I’m sure you would like to prevent fraud altogether without having to deal with fraud. Fraud prevention should be one of the principal sections in your fraud risk management policy.
There are many techniques to prevent fraud, we’ll cover five different techniques today.
Accounting System
Your accounting system should be designed to record the correct monetary amount, ensure the transaction is recorded in the correct period and is properly classified into the correct accounting general ledger account. These transactions should automatically feed into the financial statement reports. If the accounting system is connected to your sales transactions, accounts receivable ledger, accounts payable ledger, cash accounts, fixed asset schedules, etc, the fact that the accounting system is automated prevents an employee from committing fraud.
Control Procedures
Adequate procedures which are promoted and taught to the whole organization is key to prevent fraud. These procedures should include (but not limited to) dollar threshold for making payments, segregation of duties, storing of data, adequate safeguards of physical assets, independent checks on valuation and performance of certain recorded amounts. These procedures are started at the tone at the top. If management does not promote, follow, and teach these procedures, the employees will not follow the procedures. Accordingly, the procedures need to be part of the fraud risk management policy.
Job Rotation and Vacation
Believe it or not, many fraud perpetrators are long-time employees. If you require a mandatory vacation, there will need to be another person to cover the position. Many times fraud is detected because the fraud perpetrator was on vacation and did not have the opportunity to conceal his / her fraudulent activity. Job rotation works in a similar manner. If an employee is committing fraud and due to job rotation requirements, leaves the position for another one, most likely unless collusion takes place, the fraud will be detected.
Oversight
Nobody in the organization should have so much power where their decisions cannot be challenged. Even executives should be required to explain their decisions when they are stepping over the line doing something suspicious.
Performance Evaluations
Management should evaluate performance standards. If the culture becomes too competitive or the standards are realistically too high, this gives way to anger and resentment. Anger and resentment are a means to rationalize fraudulent behaviors.
Let’s Recap
Control procedures provide education to each personnel of what is acceptable and unacceptable behavior. When you create mandatory vacation (of at least one week) and / or job rotation, employees are less prone to commit fraud, because at some point in time, s/he won’t have the ability to conceal the fraud. Each personnel including upper management should be responsible for their own actions, and be ready to provide support for a certain decision or decisions. Finally, an environment where performance reviews are fair and realistic encourages a healthy environment with higher morale. Now that we’ve learned about opportunities to commit fraud and how to prevent them, let’s learn about actual personal characteristics found in fraud perpetrators.
PERSONAL CHARACTERISTICS
There are some characteristics which give way to fraud. We’ll review these characteristics so you can watch out for them and learn how to avoid these types of characteristics as much as possible. Of course these characteristics don’t necessarily mean the person will commit fraud, but from many studies these characteristics have been prominent when committing fraud.
These characteristics include:
- Lack of integrity
- Rationalization
- Temptation
- Anger
- Pride
- Power
- Frustration
- Challenge
If you are thinking to yourself how do these characteristics correlate with a fraudster’s mind-set, I’ll give you some short examples of how some of these characteristics are found in fraudsters to perpetrate fraud.
Those with lack of integrity are less prone to caring for what is just and fair. They care more for what is convenient to them at the moment and value monetary goods rather than honesty and integrity. Many fraud perpetrators rationalize their actions. Many of them interesting enough believe to be honest and upright citizens. Succumbing to temptation is a characteristic among fraudsters. These people tend to take large risks and don’t seem to recognize the consequences of their actions.
Sometimes anger causes them to compromise their integrity. These people become so angry that they take out their anger and resentment toward the company in committing fraud. Pride can cause these types of people to not see the consequences. Pride tends to lead the person(s) in believing it won’t happen to them. For some individuals the need for power is greater than their considerations for what is right and wrong. These individuals will “do” whatever it takes to have power and of course money (which symbolizes power). A common finding in computer criminals is the rise to a challenge. They become so involved in trying to figure it out (the challenge) that they forget about the consequences.
How may we prevent these types of characteristics in your organization? Good question! Our main objective is to maximize integrity in your organization.
“Our main objective is to maximize integrity in your organization”
Lead by Example
Upper management must create an environment of honesty. Upper management needs to promote, lead by example, and train their employees. They can do this by acknowledging upper management mistakes or via a formal presentation included in a new employee orientation program.
Be Consistent
Organizations should define what is acceptable and unacceptable behavior. Employees should recognize management is consistent and does not “play favorites”.
Advertise Policies
Employees should know the policies of the organization. In addition, they should see upper management following these procedures. If you have policies, but upper management doesn’t follow them, they can create an environment more prone to fraud.
Prosecute Fraud
All dishonest acts should be thoroughly investigated. If deemed fraud, the organization should prosecute. Although this can be embarrassing for the organization, the risk of fraud increases if the fraud is not prosecuted. The organization is sending a message of fraud will only lead to the termination of employment.
FINAL THOUGHTS
Fraud may not be a subject that anyone wants to deal with, but the fact is most organizations experience fraud at some level. It’s important to note preparing and creating a fraud risk management policy is constructive and forward-thinking. In this special report we focused on how an organization’ environment and culture impacts fraud (opportunities), how to prevent it, and the personal characteristics of fraudsters. Now that you have an good general idea, you can use this information when designing the fraud risk management policy for your organization.
If you would like to discuss further on how we can help, please, call us at (408) 780-2236, email us at david@dfarnsworth, or visit us on the web at www.dfarnsworthcpa.com.
David Farnsworth, CPA
P.S. We are on a mission to help local governments with fraud prevention and governmental finance. We exist to help eliminate abuse, wasteful spending and fraud. Our goal is to help you run a transparent financially responsible District or Agency. When you’re ready, here are a few ways we can help right away:
- Sign-up to our monthly newsletter here. We cover topics ranging from fraud prevention, financial reporting, government budgeting, etc.
- Take our fraud risk assessment (link to assessment here) We’ll give you specific recommendations on how to improve your situation right away.
- Receive our free fraud prevention package (click this link to schedule a meeting)
- Jump on a video conference call to get specific fraud prevention recommendations (click this link to schedule a meeting).
- Request a proposal to perform the financial audit. request for proposal.