Taking a proactive approach to occupational fraud
Corruption has been a hot topic in recent times in South Africa with the release of former public protector Thuli Madonsela’s state capture report, which precipitated major changes in the country, including the exit of Jacob Zuma and the appointment of the new president, Cyril Ramaphosa, who vowed to “turn the tide of corruption”. All this impacts the landscape in which businesses in South Africa operate, but it is also important to consider the international corruption climate as, after all, we are functioning in an ever-increasing, global environment.
Earlier in 2018, the Association for Certified Fraud Examiners (“ACFE”) released its “10th Report to the Nations” (the “Report”), a global study on occupational fraud and abuse. This article focuses on two of the key factors that the Report states are likely to give rise to incidents of fraud:
- internal control deficiencies
- ignoring red flags of fraud
If both factors are adequately addressed as a proactive measure as opposed to a reactive one, this can be a game changer to an organisation’s fraud/corruption risk profile.
Internal control deficiencies
The Report reveals that internal control weaknesses were responsible for nearly half of fraud incidents reported to the ACFE globally between January 2016 and October 2017. Below are the primary internal control weaknesses that contribute to occupational fraud:
Poor segregation of duties is a classic form of deficient internal controls. To avoid this, companies should consider the following factors in their internal processes:
- is the same person who creates purchase orders, releasing and/or authorising the purchase orders?
- is the person who creates invoices the same person who attends to the credit notes?
- can the staff member processing EFT payments access supplier banking details?
- are they able to amend banking details without director/management authorisation?
- are the activities of all staff reviewed regardless of seniority?
Closing the gap on these processes can decrease an organisation’s vulnerability to fraud risk.
What is interesting is that small businesses (<100 employees) lost almost twice as much per scheme to fraud than larger organisations. These smaller organisations typically have fewer resources to prevent and recover from fraud incidents, and they often require an increased level of trust in employees due to a lower ability to implement robust anti-fraud controls. These types of risks are often highlighted in fraud risk assessments, which are designed to identify and evaluate fraud risk factors faced by the organisation.
Ignoring fraud red flags
Understanding and recognising the behavioural symptoms of possible misconduct displayed by perpetrators (“red flags”) can help organisations detect fraud and mitigate losses. As depicted below, in 85% of reported cases, at least one red flag was already present, and in half, the culprit displayed multiple red flags. The below infographic represents the most common behavioural clues to look out for.
An employee who has gone from pleading poverty and not joining the team for coffee-runs, to ordering KFC for lunch every other day, or a supervisor who takes an unprecedented luxurious holiday to Monaco or “checks-in” to exclusive clubs or restaurants (thanks Facebook), may warrant further scrutiny.
Research has shown that the typical fraudster is more likely to be male than female, but how does this effect red flag stats? Pretty significantly, according to the graphic below. What is interesting is that we also see a marked difference in the statistics when comparing the designation of the fraudster:
Instead of lamenting on the wonders of hindsight or relying on the observations and perceptions of colleagues or managers, many companies have taken a more proactive approach to identify potential risks. In practice, we call these lifestyle audits or “health checks” (the latter being more a palatable term to the employees undergoing the exercise).
The purpose of the assessment is to determine whether an employee’s known income is commensurate with their expenditure. Any significant deviations may be seen as a “symptom” of living beyond means, which, as illustrated above, is the most common behavioural red flag. Another useful function of the audit is to identify potential conflict of interest, which is often the motive behind the mischief. These assessments can also be done discreetly if a less invasive approach is required, such as for fraud detection and prevention purposes.
If while reading some of these symptoms, a particular person, situation or concern in your organisation comes to mind, contact us for more information on lifestyle audits and risk assessments.
No information provided herein may in any way be construed as legal advice from ENSafrica and/or any of its personnel. Professional advice must be sought from ENSafrica before any action is taken based on the information provided herein, and consent must be obtained from ENSafrica before the information provided herein is reproduced in any way. ENSafrica disclaims any responsibility for positions taken without due consultation and/or information reproduced without due consent, and no person shall have any claim of any nature whatsoever arising out of, or in connection with, the information provided herein against ENSafrica and/or any of its personnel. Any values, such as currency (and their indicators), and/or dates provided herein are indicative and for information purposes only, and ENSafrica does not warrant the correctness, completeness or accuracy of the information provided herein in any way.