As insolvency practitioners and forensic accountants, it is not unusual for us to come across instances of fraud in the businesses we are required to administer and investigate.
Apart from the voidable transactions provisions of the Corporations Act and Bankruptcy Act, we are sometimes required to investigate instances of suspected fraud involving the misappropriation of funds or property.
Whilst large scale frauds such as Enron, Madoff and more recently FTX tend to grab the headlines, it is often small and medium sized business that are most affected by fraud, and usually from their own employees.
What Is Fraud, anyway?
"Fraud" is any activity that relies on deception in order to achieve a gain. Fraud becomes a crime when it is a "knowing misrepresentation of the truth or concealment of a material fact to induce another to act to his or her detriment".1
Fraud is usually described in three categories:
- Asset misappropriation
- Fraudulent accounting and financial reporting
- Corruption
Examples of employee fraud include:
- Creating "ghost" employees or not deleting ex-employee records
- Creating bogus suppliers
- Creating bogus purchase orders of a bona fide supplier and substituting their bank account details with those of the fraudster
- Obtaining kickbacks or bribes from suppliers or contractors
- Associates of the offending employee providing services to the business at inflated prices
- personal use of business resources2
Impacts
Where a business is a victim of fraud, there is more at stake than just the direct cost of the fraud. Other impacts to consider are:
- Staff morale can be affected as they feel a sense of betrayal
- Good employees do not want to work for a business where fraud is widespread
- The reputation of the business in the eyes of stakeholders can be damaged
- Businesses may become overly internally focused in response to fraud
The Fraud Triangle
Several decades ago, Donald R. Cressey, a well-known US criminologist, developed the Fraud Triangle. Interested in the circumstances that led embezzlers to temptation, he published Other People's Money: A Study in the Social Psychology of Embezzlement.
The three elements of the Fraud Triangle are: Opportunity, Pressure (or motivation) and Rationalisation (justification). For fraud to occur, all three elements must be present. 3
Preventing Fraud
The old adage of "prevention is better than a cure" is very true when considering how to manage the risk of employee fraud.
One of the most important aspects of managing risk is to ensure that the business has solid internal controls in place as, in most fraud situations there is usually a breakdown of internal controls. To help minimise the potential for fraud it is important to design and implement internal controls that prevent, detect, and deter fraudulent behaviour.
Having a comprehensive recruitment policy including:
- Past employment verification and seeking explanations of any employment gaps
- Police checks
- Verification of qualifications
- Reference checks
- Credit checks, particularly for employees in finance roles and those handling cash
- Using technology to research potential employees, including viewing social networking sites
- Monitor employee behaviour
Other measures to consider include:
- Implement supervisory processes - strong supervision is vital, especially in smaller businesses that may have difficulty segregating duties.
- Perform regular accounting reconciliations - regular accounting reconciliations, such as bank reconciliations, payroll reconciliations, and analysis between budget and actual figures often make fraud concealment difficult.
- Implement physical access controls - control physical access to premises, cash registers, computer systems, safes, and other secure systems. 4
External Factors
Apart from the threats within a business, there are also increasing risks from external forces such as cyber fraud.
According the AFP The term 'cybercrime' is used to describe:
- Crimes directed at computers or other information communications technologies (ICTs), such as computer intrusions and denial of service attacks,
- Crimes where computers or ICTs are an integral part of an offence, such as online fraud. 5
Cybercrime has become a critical issue for the business community. Technological advances mean cybercriminal groups can target thousands of Australian businesses at once from anywhere in the world.
Increased awareness in this area has seen many businesses invest significantly in their IT systems to protect them from attack as well as taking out cyber insurance policies.
Footnotes
1https://www.acfe.com/fraud-resources/fraud-101-what-is-fraud
3https://www.agacgfm.org/Resources/intergov/FraudPrevention/FraudMitigation/FraudTriangle.aspx
5 https://www.afp.gov.au/crimes/cybercrime
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
