Prevention of High-Risk Fraud Situations

The Association of Certified Fraud Examiners has released its ninth annual global fraud study. The 2016 study continues to highlight the cost of fraud, waste, and abuse. The report indicates the median loss for financial statement fraud is $975,000, followed by corruption at $200,000, and asset misappropriation at $125,000. In addition, the higher ranked the employee, the greater the median loss. Employees’ median is $65,000, managers’ is $173,000, and owners/executives weigh in at a hefty $703,000. The report also highlights the importance of controls in reducing the loss. Organizations that lacked anti-fraud controls had median losses more than twice the amount of organizations with anti-fraud controls.

When we look at the fraud triangle, you will usually hear that businesses can only influence the opportunity corner to decrease opportunity. There is generally an emphasis on internal controls such as segregation of duties and management review. I contend that businesses can also influence the rationalization corner. How can an organization influence personal justification? They do it with fraud’s worst enemy.

Fraud’s worst enemy is a strong ethical environment fostered by an ethical tone at the top. If employees see upper management using company resources for personal use or accepting large gifts such as vacations in exchange for doing business with a vendor, what message does that send to their employees? This is a very blatant example of an unethical tone at the top. There are also organizations that have executive management with very high ethical standards. The issue is that they remain in their ivory tower, the employees do not know what is expected, and do not see first-hand the expected ethical behavior. This is a very common scenario. One can never assume that employees have the same ethical standards as the organization. Our eclectic organizations have employees with many different backgrounds, and definitions of right and wrong. So how does an organization go about influencing the rationalization process of their employees?

The answer is a strong Code of Ethical Business Conduct (Code) coupled with constant communication and training. Employees should see reminders of the expected ethical conduct on a regular basis. They should understand the consequences, and the very real potential for termination if they violate the Code. There should be open discussion regarding ethical dilemmas, how the company expects you to react, and the consequences if your actions are considered unethical by the organization.

So what went wrong when an organization has implemented their Code, and they still have fraud or unethical conduct? Often the answer is that the employees, for various reasons, did not get the intended message. This is where an evaluation of the organization’s ethical environment, and the implementation of the Code can be very beneficial. The issue is that you do not know what you do not know. Engaging an independent professional trained in interviewing techniques used to assess the ethical environment can provide you with new insights. They can highlight the strengths and weaknesses of your implementation of the Code, and assist you in improving the program to foster the desired ethical culture within the organization.

For questions or more information on Business Ethics Evaluations, contact Elaine Nissley, Principal, Internal Audit and Management Consulting,