As a published author, blogger and thought leader in the fraud risk management arena, I’m in the unique position of seeing global fraud trends across a number of industry verticals. Certainly, high on many companies radar screens are the number of data, breach and information security (InfoSec) related incidents which are on the rise.
These types of InfoSec events show no signs of letting up any time soon, and reports from industry entities tracking the incidents suggest that both the number of breaches and the amount of consumer records compromised are increasing drastically.
These external data and fraud crimes are certainly important events for businesses to be aware of, but they shouldn’t consume 100% of a company’s internal resources as they don’t reflect the totality of the fraud challenges companies face today. Fraud risks are a combination of external crimes (like data security attacks) and internal crimes involving a breach of fiduciary duty.
Interestingly, a couple of internal fraud crimes continue to plague businesses around the globe: embezzlement and phantom accounts payable (AP) fraud. Both of these crimes have significant impact on the victim companies often in the form of: large scale revenue losses, investor lawsuits, regulatory involvement and negative publicity.
While both of these internal crimes are often committed independently from the other, Fraud Solutions has also recently seen embezzlements facilitated via the payment of company funds to phantom (non-existent) companies. Additionally, in a variation of true phantom fraud, we’re also seeing an increase in the number of phantom cases involving collusion between AP employees and representatives from legitimate companies.
In these cases, the invoices paid are either for legitimate services (but the invoice amount for services performed, or inventory received, has been greatly exaggerated,) or for services and inventory that were never performed or received (wherein 100% of the charges are fake). A key element to these types of internal collusion frauds is a “kickback” being paid to the AP employee by the individual from the company receiving the bogus payments.
Perhaps most importantly in both these types of internal frauds is the discovery that the dollar amounts are increasing dramatically, and the frauds are transpiring over a longer period of time (often more than two years) than they typically did before.
Historically, the longer a fraud goes on the larger the businesses losses become. Both the length of time that a fraud occurs over, and the losses it generates, are indicative of business control failures or problematic, deficient, or non-existent “policies, processes and procedures.”
That’s the bad news. The good news is that the key to preventing large scale victimization starts with awareness. Ensuring that these types of internal crimes are on your radar screen is a solid start.
Many companies fail to take proper fraud risk management actions to prevent internal crimes like these because they are under the mistaken belief “that it can’t happen here.” The reality: not only can it “happen here” but “sticking one’s head in the mud,” and doing nothing about it, has not proven to be a viable internal fraud prevention technique.
In today’s escalating fraud environment, losses are reaching epidemic proportions and no businesses are immune to either internal or external fraud events. Preventing these types of incidents requires a “regular” reassessment of your fraud risks, technology tools and policies, processes and procedures as “the only constant about fraud is change.”
Given fraud’s fluidity, and the changes in the global fraud landscape, if your fraud risk assessments are conducted annually, that probably isn’t “regular” enough.
Daniel W. Draz, M.S., CFE is the Principal of Fraud Solutions, a global fraud consulting firm located outside Chicago. Draz is a Fellow of the Governance and Accountability Institute, a Certified Fraud Examiner, a nationally recognized trainer, a published author and a thought leader in the fraud industry. Draz is a regularly quoted media source in industry, trade, online and news sources.
Fraud Solutions provides innovative enterprise anti-fraud risk management strategies, insightful observations, fraud training and thought leadership to clients in order to improve their enterprise fraud risk management efforts and reduce major fraud losses.