No company is immune to internal
fraud. Organizations that take a wait-and-see approach risk severe financial damage. The fact is that every business —
from small mom-and-pop businesses to notfor-profit organizations to large public companies — is subject to fraud at some level.
“Fraud can have a devastating impact on
organizations and, when not prevented or
detected early enough, can cause major
financial and reputational problems for
companies of all shapes and sizes,” says
Ryan Hauber, a certified fraud examiner
(CFE) and principal at Brown Smith
Wallace LLC.
The pervasiveness of corporate fraud,
employee misappropriation of assets and
financial statement abuse is a significant
problem in corporate America. More companies are taking a proactive approach to
identifying and mitigating fraud risk.
Smart Business spoke to Hauber about
how to address the risk of fraud and how to
minimize the overall business risk.
Are specific industries and/or companies of a
certain size more prone to fraud than others?
Small businesses are especially vulnerable
to occupational fraud due to their lack of
effective and adequate segregation of
duties, but the potential for fraudulent activity exists for larger organizations, as well.
According to the 2008 Report to the Nation
on Occupational Fraud & Abuse, the area of
financial services is one of the most victimized industries. Based on this study, the
largest median losses of fraud occurred in
the manufacturing industry, followed by
banking and insurance. Fraud happens at
every company to a certain degree, shape or
form at some point. For this reason, companies that have not already utilized a CFE or
an expert with a certified forensic accountant (Cr.FA) designation to evaluate fraud
potential are wise to consider, at the very
least, a quick fraud prevention checkup.
What types of fraud have a significant and
detrimental impact on organizations?
The three main categories of fraud
include: corruption/bribery, asset misappropriation and fraudulent financial statements. Fraudulent financial statements
are the least commonly reported type of
fraud, but the most costly per scheme. On
the other hand, asset misappropriation
schemes are the most commonly reported
and least costly. Over time, these schemes
can add up to severe financial impact.
Often, under-the-radar fraudulent activity is
not detected until serious damage has been
done. Any type of fraud is a major risk for
all organizations from both a financial and
reputation perspective. That’s why assessing risk and developing controls to prevent
internal fraud is paramount in today’s business environment.
How can an organization reduce the risk of
fraud?
There are a variety of proactive fraud tools
and techniques available to help deter and
prevent fraudulent activity, including fraud
prevention checkups, fraud risk assessments, data analysis focused on fraud risk
factors, development of fraud policies and
reporting mechanisms, fraud training and
various tool kits, and scorecards for detecting internal fraud. More small to midsized
organizations have shifted toward partnering with a licensed CFE to conduct fraud prevention checkups, fraud risk assessments and data analysis, using software
such as Audit Command Language (ACL).
What’s involved with fraud prevention checkups, fraud risk assessments and ACL data
mining tools?
For decision-makers on a limited budget,
one of the best uses of time and money to
minimize fraud potential is a tailored fraud
prevention checkup. These projects are generally completed by a licensed CFE and can
be conducted in a few business days or less
for most organizations with revenue less
than $250 million. The checkup involves
interviews with management and key
employees. Questions are targeted based on
the company’s size and industry and the
employees’ role in the organization. That
information is compiled and a report is prepared that provides an overview of the entity’s fraud prevention performance.
In contrast, fraud risk assessments dig
deeper and can require compiling in advance
certain company records (i.e., gratuity logs,
beginning and ending trial balances, etc.).
The interview process is more detailed. The
organization’s risk is benchmarked against
similar industry competitors.
Finally, data analysis tools such as ACL
have the capability to mine electronic data
for suspicious behavior based on the industry and company size when utilized by an
experienced data analysis professional. An
experienced fraud professional then works
with the company to help it change its
processes and/or mitigate potential risks
for fraud based on any identified unusual
patterns, anomalies and/or outliers of data.
These fraud prevention methods can
shed light on risky areas of a business that
decision-makers must address before
fraud occurs — especially given the current state of our economy, which increases
the risk of compromised employee and
vendor behavior.
RYAN HAUBER, CFE, is a principal at Brown Smith Wallace LLC. Reach him at (314) 488-3048 or [email protected].