With pressure from external factors bearing down on a company's margins, managers must not lose sight of the threat of the internal fraudster. With fraud on the increase, Jonathan Lovell, head of KPMG Forensic for the Midlands looks at how companies can defend themselves.
According to the recently published KPMG Fraud Barometer, the prevalence of fraud is sharply increasing across the UK.
This is particularly so in the Midlands where reported fraud cases have risen by a worrying 124 per cent in the first half of 2008, compared to 50 per cent nationally, with over £123.2 million coming to court across 22 cases, substantially up from the previous six months during which £54.8 million of fraud was reported from 14 cases.
The figures are likely to get worse as the full impact of the credit crunch begins to unfold. There are three main reasons for this.
Firstly, in an environment where most people do not have the level of disposable income they are used to, the temptation to commit first time fraud increases.
Secondly, as business margins erode and poor performance is investigated, many more fraudulent practices over longer periods of time will be detected.
Thirdly, companies may cut back on traditional control and oversight, thereby providing a green light for those intent on perpetrating fraud.
In the context of increasing levels of fraud, local businesses must take a fresh look at the fraud risks they face and ensure their systems and controls for preventing and detecting fraud are upgraded where necessary. Companies should also consider the deployment of new, more sophisticated forensic technology techniques to test for fraud across company data.
The most effective approaches to fraud risk management are those which focus on reducing the motivation and opportunity to commit fraud, as well as examining controls in place.
These motivational factors can be addressed through better internal assessments and counselling procedures to identify both business and personal pressures which increase the risk of fraud.
The fraudster’s rationalisation can also be addressed head on by communicating warnings on what will happen to anyone committing fraud within the organisation, through the introduction of an effective fraud policy.
One approach that has been adopted by both the public and private sector is that of the Fraud Risk Assessment. This method seeks to ensure that employees across the organisation are involved in fraud risk identification and prevention.
The process considers both internal and external fraud risks through a series of stages including interviews and workshops, and using a fraud risk assessment database.
Fraud risk professionals help to ensure the process is properly focused on the risks, so that control effectiveness is rigorously challenged and solutions are developed based on the results of the assessment and their experience of good practices from other businesses.
It is important for businesses to perform ongoing assessments of fraud risks. In other words, this should not be a one-off activity. Effective assessments are able to reduce risk and cut fraud costs, and ultimately improve margins.
Businesses also have the option of deploying forensic technology to enhance an anti-fraud strategy.
Historically, embedded controls, usually within a company’s accounting systems and based on simple parameters, have been used to alert management to potential fraud. A common example would be reviewing transactions over a certain level by way of an exception report.
Such controls can provide some reassurance, but are limited in their ability to identify possible instances of fraud and misconduct, particularly when one considers that fraudsters generally think very carefully about how to circumvent controls.
Forensic technology has evolved in recent years, particularly in the development of Proactive Forensic Data Analysis. This is the process whereby a business uses technology across all of its data.
Through aggregating and comparing data from different sources, and using different routines based on known fraud indicators, anomalies can be identified which may indicate fraud or misconduct, as well as waste and error.
The routines are developed by fraud risk professionals with substantial experience and knowledge of fraud through years of experience. As new fraud practices and types emerge, so tests can be developed to identify the corresponding indicators within a company’s data.
Using this process, companies can much more effectively assess where their fraud risks lie, identify potential indicators of fraud or weakness in company data, and, based on the results, decide on the action to be taken. Analysis can be conducted across business operations, or focussed on particular areas of perceived risk such as payroll, purchase ledger or accounts receivable. Actions can include implementing such tests on a regular basis, as part of a continuous auditing cycle.
As well as helping to track down the origins of a fraud after it has been committed, forensic technology has an increasingly prominent role to play in helping to detect anomalies, thereby capturing emergent fraud behaviours which can be used to predict – and therefore potentially prevent – the committal of fraud. In addition, predictive analytics also helps to increase the productivity of forensic fraud investigators by prioritising their efforts towards the data most likely to show fraudulent behaviour.
Investing in the prevention of fraud is key for all local businesses. Keeping up-to-date with techniques to thwart the threat is vital. Ignoring it could prove a costly oversight for local businesses.
The ingenuity and audacity of fraudsters often simply catches people off their guard. That is why companies and individuals need to be fully alert to what is, in these challenging economic conditions, an ever-present and growing threat.