By Sharon Hamrick
THE IMPORTANCE OF FRAUD RISK ASSESSMENT
We all grew up hearing the expression, “An ounce of prevention is worth a pound of cure.” That saying applies to many things, including our businesses and our clients’ businesses, especially in the area of fraud. In fact, this ounce of prevention may never have been as valuable as it is currently.
Fraud prevention literature describes the risk factors for fraud as composing the legs of a three-legged stool. The absence of or weakness in any of these legs can cause the stool’s collapse. Those legs are:
- the incentive/pressure to commit fraud
- the opportunity to commit fraud
- the rationalization/attitude toward fraud
In these current economic times, employees may be facing pressures they have never previously faced and of which their employers may not even be aware. These circumstances may lead workers to look for opportunities to commit fraud and to rationalize their actions.
By its very nature, fraud is hidden, and the perpetrator will go to great lengths to keep it that way. According to the Association of Certified Fraud Examiners’ 2008 Report to the Nation, of the 959 cases of workplace fraud reported in a survey of its members, the median loss for these schemes was $175,000, and more than one-fourth of these cases involved losses of at least $1 million. These amounts are the dollars lost to the fraud; they do not begin to include the cost of detecting, investigating and prosecuting the actions. Such statistics make it clear that there is a substantial financial advantage for an organization to take preventative measures now, rather than waiting to detect a fraud sometime in the future.
By far, the most commonly reported fraud in the survey was asset misappropriation. In such schemes, the perpetrator steals or misuses an organization’s resources by circumventing whatever controls the organization may have in place, often through such actions as false invoicing, payroll fraud, check tampering and skimming.
Unfortunately, these situations can often involve a trusted employee. Because that employee is esteemed by management, a weakness in an entity’s controls can be exploited and go undetected for an extended period of time. In such cases, the fraud is often discovered by accident, for example, due to the fraudster’s absence from work or their carelessness.
Illustrating this is a situation investigated by Decosimo in which a long-time, trusted employee realized that there were weaknesses in the oversight of her work, providing the opportunity for fraud. She prepared the payment checks for accounts payable, provided them to the owner for signature and, after receiving the signed checks, was charged with inserting them in their envelopes and seeing that they were mailed. Monthly, she also reconciled the company’s checking account and provided the reconciliation to the owner for review. Because she received the signed checks for mailing, she realized she could change the payee to a bogus company in whose name she had opened a bank account. She utilized drafts to frequently used vendors so that she could easily prepare a legitimate check, in the next batch of payments, for the invoices that were to have been covered by the stolen checks. Furthermore, because she received and reconciled the bank statement, no one saw the altered checks in the check images returned from the bank. The reconciliation she provided the owner showed only check numbers and amounts for outstanding checks. Of course, everything agreed with the general ledger cash balance. Her scheme was uncovered when she was in an automobile accident and the owner asked another employee to reconcile that month’s bank statement. That employee noticed the odd-looking checks to a vendor whose name she did not recognize. At that point, the owner realized he had a situation requiring investigation and called Decosimo for assistance. The company undertook the investigation, suffered the trauma to its other employees of the realization that their coworker had defrauded the company, dealt with the fact that the stolen funds were unrecoverable and, finally, made the difficult decision to prosecute. No company wants to go through the turmoil, expense, and lost productivity such a fraud involves.
Boards of directors, audit committees and management have a responsibility to take what reasonable action they can to protect the organization’s assets. An efficient and cost-effective way for an entity to do this is to undergo a fraud risk assessment. Such a study involves an experienced assessor, such as one of Decosimo’s certified fraud examiners, scrutinizing all aspects of the business in order to identify existing opportunities for fraud. These opportunities could entice employees who may have incentives to commit fraud to rationalize their actions. The risk assessment process involves employee interviews at every level of an organization, observation of current processes and controls, and examination of transaction documentation and financial statement report generation. Based on the results of these interviews and observations, we prepare detailed recommendations for changes to current controls and implementation of new ones.
WE CAN HELP
It is more important than ever to be proactive in protecting an organization’s assets. A fraud risk assessment can be a critical and affordable way to accomplish this objective. Our team of Certified Fraud Examiners, CPAs and IT professionals provide a full range of forensic accounting services and are trained to identify instances of white-collar crime, including embezzlement and theft. Please contact Sharon Hamrick to assess what measures should be taken to protect your assets.
Sharon Hamrick, CPA•CFF, CFE | Director