August 13, 2018
Many government agencies and organizations provide valuable guidance on how to detect and protect your company against occupational fraud. One of the more comprehensive sources I have found is the
Association of Certified Fraud Examiners (ACFE)
. ACFE investigates thousands of fraud cases globally on an annual basis to arm us with the information needed to deal with the issue. Its
2018 Report to the Nations on Occupational Fraud and Abuse
provides guidance on the best methods to protect your company from occupational fraud.
ACFE found that a tip (40%) reported by an employee or another source was the most common way fraud was detected in the 2,690 real cases of occupational fraud investigated for the 2018 Report to the Nations. Cases from 125 countries in 23 industry categories totaling $7 billion in total losses were studied. Nearly half of the fraud cases examined were a result of weak or nonexistent internal controls.
Occupational fraud was initially detected in the U.S. by:
- Tip (37%)
- Management Review (14%)
- Internal Audit (13%)
- By Accident (9%)
- Other Means (7%)
- Account Reconciliation (5%)
- Document Examination (5%)
- External Audit (3%)
- Notification by Law Enforcement (3%)
- Surveillance/Monitoring (3%)
- Confession (1%)
- IT Controls (1%)
Although in only 19% of the cases the company’s owners/executives were involved in an occupational fraud scheme, the median loss was much higher ($800,000). The average median loss per all cases studied globally was $130,000 and $108,000 in the U.S. Nearly a quarter (22%) of the fraud cases resulted in losses of more than $1 million.
The perpetrator’s level of authority related to occupational fraud in the U.S. was:
- Owner/Executive: 10% of the cases amounting to a median loss of $637,000
- Manager: 31% of the cases resulting in a median loss of $150,000
- Employee: 48% of the cases reporting a median loss of $50,000.
Fraud hotlines were instrumental in companies being tipped off that there was a problem in 46% of the cases compared to 30% in companies without a hotline. Surprisingly, an internal audit or management review detected only 15% and 13% respectively.
Data monitoring and analysis and surprise audits were correlated with the largest reductions in fraud loss and duration. Data monitoring and analysis lowered fraud losses in 52% of the cases which were detected 52% faster than other cases. Surprise audits decreased the amount of the loss in 51% of the cases which were detected 54% faster. It is interesting to note that only 37% of the victim organizations had these controls in place.
The most common anti-fraud controls used in the U.S. were:
- Code of Conduct (73%)
- External Audit of Financial Statements (69%)
- Employee Support Programs (62%)
- Management Certification of Financial Statements (61%)
- Internal Audit Department (60%)
- External Audit of Internal Controls for Financial Reporting (60%)
- Management Review (59%)
- Hotline (56%)
- Fraud Training for Employees (50%)
- Fraud Training for Mangers/Executives (49%)
- Independent Audit Committee (49%)
- Anti-Fraud Policy (47%)
- Formal Fraud Risk Assessments (37%)
- Proactive Data Monitoring/Analysis (36%)
- Dedicated Fraud Department, Function or Team (35%)
- Surprise Audits (31%)
- Job Rotation/Mandatory Vacation (15%)
- Rewards for Whistleblowers (12%)
ACFE has other
resources and checklists
that you might find helpful. You can also call any member of our team at 610-828-1900 to discuss your anti-fraud and internal controls. Feel free to contact me as well at
Marty.McCarthy@MCC-CPAs.com
. We are always happy to help.