Unlike most other crimes, employee fraud involves both deception and an abuse of the trust that has been placed in the perpetrators as part of their professional roles. Most fraudsters also undertake specific efforts to conceal their crimes. This combination of factors makes fraud schemes particularly difficult to detect – which, in turn, allows the frauds to continue uninterrupted and the losses to multiply.
With the numerous issues and financial constraints faced by many organizations today, detecting employee fraud often takes a backseat, with a focus on reacting after the fact rather than proactively seeking out fraud. But because most fraud schemes continue – and grow – until they are discovered, actively identifying potential fraud is vital in protecting the organization’s assets.
The following techniques are among the most effective ways to fight fraud and weed out employee wrongdoing.
1. Know the Signs
Even with targeted concealment measures, nearly every fraud leaves some kind of trail. Whether in the accounting records, computer files, communications or behavior of the perpetrator, there is generally some sign – an anomaly – that, in hindsight, should have been a red flag of the wrongdoing. Being well-versed in the evidence a fraud scheme leaves behind is essential to uncovering the act.
Warning signs in the accounting system include missing or altered documentation, accounts with unexpected transactions or balances, and unexplained accounting entries. Computer files that have been copied, altered, moved or deleted in an unusual way (e.g., during non-work times or from remote locations) can also provide clues of theft, manipulation or attempted concealment. Additionally, both the patterns and the content of a perpetrator’s communications can illuminate areas meriting attention. For example, an inordinate amount of emails, calls or visits between an employee and one particular vendor or customer might indicate an unusually close relationship, perhaps involving bribes, kickbacks or a conflict of interest.
Likewise, fraudsters often display behavioral traits that can provide a warning sign of their schemes; ACFE research shows that most common behavioral characteristics among fraudsters include living beyond their means (displayed by approximately 36 percent of fraudsters) and experiencing financial difficulties (displayed by approximately 27 percent of fraudsters). Understanding and watching for each of these types of red flags is the foundation of any fraud detection activity.
Nonetheless, it is important to note that the presence of one or more of these red flags does not, in itself, indicate wrongdoing or fraud; instead recognizing these circumstances should be viewed as a means to identify areas worthy of further exploration.
2. Encourage Reports
ACFE research shows that tips are by far the most common method through which fraud is detected. While security professionals, auditors, compliance staff or management might typically be viewed as responsible for fraud detection activities in an organization, it is really the staff-level employees who are the first line of defense in spotting fraud committed by their peers. They are the ones who are working side-by-side with the perpetrators, accessing the same systems, privy to their coworkers’ behavior, and intimately familiar with true operations (not just expected protocol) of the business, all of which puts them in the best position to notice abnormalities. In some organizations, such as financial institutions, customers are an equally valuable and viable source of information about potential problems.
An effective whistleblower program involves providing and publicizing multiple mechanisms through which employees and others can report suspicious activity, as well as openly, clearly and fully supporting those who do come forward with information.
3. Empower the Staff
To bolster the support for reports of wrongdoing, staff at all levels should be empowered with the necessary knowledge and ability to aid in fraud detection. Specifically, managers should be tasked with duty to help uncover fraud in their departments. According to ACFE research, management’s review of processes, transactions and controls was the second most-common method by which fraud was detected, indicating the importance of proactively enlisting employees with management and supervisory roles in the fight against fraud.
For some managers, such as those in the accounting department, this might involve formally including anti-fraud activities in their job descriptions; for others, it might take the form of carrying out specific duties and exercising oversight in a way that ensures they will be able to detect things that are amiss. Additionally, employees at all levels must be trained about how fraud hurts them and what they can do to help prevent and detect it. Doing so will raise staff awareness, increase employee engagement in fraud detection efforts, and likely result in more – and more effective – tips regarding potential fraud.
4. Examine the Data
Most fraud affects the organization’s accounting data in some way. Whether an inventory theft leaves the books out of balance or a fraudster makes false entries in the organization’s systems to cover the fraud, close examination of the financial records can highlight areas for further investigation. Proactive data analysis is often done by auditors, as they are the charged with examining the organization’s finances and accounting systems; in fact, internal and external auditors together uncover approximately 18 percent of frauds, according to ACFE research.
However, such analysis does not need to be left to the audit team. Automated tools can be set up to scan the accounting data for items that fall outside expectations – for example, payments to vendors not on an approved list, employees who receive more than one paycheck per period, or attempts to access computer systems or files by unauthorized employees – and to provide alerts for any potential problem transactions. This can help focus the fraud detection team on those areas that are most likely to contain manipulations or anomalies that indicate fraud.
Additionally, many organizations are also beginning to actively monitor emails and other text-based data for signs of fraud. Textual analytics involves using tools to search for a high occurrence of certain keywords (such as “in over my head” or “get caught”) that might indicate the convergence of the pressure, opportunity and mindset necessary to engage in fraud. This type of analysis might be performed periodically or continually, and might be automated or manual. However, implementing textual analytics as a fraud detection tool requires the use of sophisticated software, as well as a thorough understanding of the legal environment of employee rights and workplace searches; consequently, it might not be appropriate for all organizations or situations.
5. Stop It Before It Starts
Clearly, the best way to protect an organization from fraud is to prevent it from happening in the first place. An extra benefit of openly undertaking the fraud detection methods discussed above is that doing so sets a clear anti-fraud tone and sends the message that attempted fraud is being proactively sought out. In turn, this has a deterrent effect on potential fraudsters; individuals who think there is a high probability that fraud will be caught and punished are much less likely to engage in wrongdoing. Consequently, in a time when many organizations are trying to accomplish more with fewer resources, vigorously seeking out employee fraud – an activity which both limits losses from existing frauds and helps prevent potential future frauds – is a critical part of protecting company assets.
Now online– Implementing an effective whistleblower program: SecurityMagazine.com/Columns/Whistleblower