Last month’s Fraud Lurks article featured employee fraud/embezzlement – part one.  The article referenced the Association of Certified Fraud Examiners (ACFE) report on the costs and effects of occupational fraud.>reporttothenations.

That report suggests occupational fraud is rampant and every organization needs to be cognizant of it and its potential effect.  As discussed in Fraud Lurks: In Your Employees Part I, occupational fraud is not restricted to any particular type of employee or employee department or business.  The ACFE report states fraud is not restricted to any particular:

  • Gender
  • Age
  • Level of education
  • Department

An item of particular interest in the ACFE report is how the frauds were initially identified – obviously, identification and curtailment are our goals.

  • Tip – 43%
  • Internal audit – 15%
  • Management review -12%
  • By accident – 5%
  • External audit – 4%
  • Document examination -3%
  • Surveillance/monitoring – 3%
  • Other 11%

Finally some good news!  Fully 76% of occupational frauds were identified by things we can control and affect.  I classify the underscored items above in the general category of internal controls.    If you will grant me that, 76% of frauds were identified through tips and internal controls.  As business owners and managers, internal controls are your absolute responsibility.

Let’s confront the elephant in the room – why aren’t more frauds identified by external audits?  The answers are several:

  1. External auditors generally perform their work during a given time of the year. Occupational frauds are identified throughout the year.
  2. The External auditor’s contractual responsibility is to opine as to whether the financial statements are free of material misstatements. Many occupational frauds do not rise to that level of materiality.
  3. External audits are not designed to drill down to examine (and therefore detect) the details that constitute immaterial frauds.

Clearly, business owners and managers cannot rely on external audits to identify frauds (4%) and certainly are not going to hope to identify frauds by accident (5%) so the answers are Tips and Internal Controls.

That 43% of frauds are initially identified by tips is fascinating.  Who is providing these tips?  According to the ACFE survey, tips were provided by:

  • Employees – 50%
  • Customers – 22%
  • Anonymous – 15%
  • Vendors – 11%
  • Other 10%

Logically assuming some, maybe most of the anonymous tips were in fact from employees, somewhere between 50 – 65% of tips were from employees.  Make it easy for them.

  1. Your employee manual should have a policy regarding theft. You have appropriate policies regarding discrimination, harassment, and other such matters – why not an anti-theft policy? The best run company I ever had the privilege of working with was in the retail auto parts business where inventory theft was a massive concern.   The first page of their employee handbook was devoted to their anti-theft policy: “If you steal from the Company your employment will be terminated.  There will be no warnings – THIS is your warning.”
  2. You should institute a confidential tip hotline. These can be hosted by third parties and are inexpensive to set up and maintain.   Advise employees that reporting identified theft, whether from inside or outside the company is part of their job.

We are all a function of values we learned as children.  Regarding the issue of reporting misconduct we have the competing values of “Fairness” and “Tattle tailing.”  Your employees may or may not care about the company but they do care about fairness – any 4 year old is quick to say “That’s not fair.” That they know a fellow employee is making more than they are by virtue of stealing from the company is untenable to them.   The company’s anti-theft policy coupled with the reporting mechanism turns “tattling” into part of their job responsibility.

It is simple, inexpensive, and effective.  Do it today.

Then there is the matter of internal controls.  I have spoken for years on effective internal controls and I know some things are certain:

  1. You have a basic misunderstanding of what internal controls are
  2. You think they are costly to implement.
  3. Because of both 1 and 2 above you dislike the topic and prefer to ignore it
  4. You are making a big mistake

Intuitively you know you need to control some things – What things?  How?  Next month’s Fraud Lurks article will review the basic strategy for designing and implementing internal controls that are both essential and cost-effective for your business.

Stanley Olejarski