How Have Fraud Risks Changed?

No organization is immune to fraud risks. From giant publicly traded corporations to small, closely held family businesses to nonprofits and governmental entities, organizations lose about 5% of revenue to fraud each year, according to the Association of Certified Fraud Examiners (ACFE).

While the risk of fraud is universal, certain circumstances heighten those risks. External stressors drive people to make bad decisions, so maybe it’s not surprising that the federal government’s unprecedented flood of COVID relief funds unleashed a parallel tidal wave of pandemic fraud.

How the COVID Pandemic Contributed to Fraud

The pandemic created a perfect storm of stressful conditions. Many families saw their overall incomes drop drastically due to layoffs, furloughs, or caregiving duties. In addition to financial hardships that heightened people’s motivation to commit fraud, opportunities for fraud schemes also increased. As organizations downsized or lost staff to sick leave, they often lacked the staffing resources to maintain their normal internal controls. Pandemic-related disruptions also resulted in smaller organizations falling behind on tasks such as recording and reconciling accounting records and completing required compliance audits. Unfortunately, such delays can create an environment where fraud goes undetected for months or even years. And when employees believe no one is “watching the till,” the opportunity to commit fraud can be all too tempting.

Even when pre-pandemic operation resumed, many organizations did not resume their pre-pandemic control activities. It can be hard to justify the extra time and effort for that extra layer of review, especially when bypassing those controls has not led to any problems — or at least, none that you know of. Time will tell just how much impact these changes had on organizations’ fraud risks. In the ACFE’s most recent Report to the Nations, the Certified Fraud Examiners surveyed said that at least one pandemic-related factor contributed to more than half of the fraud schemes they investigated.

In addition to short-term operational responses to the COVID-19 virus, the pandemic also set in motion events that will affect how businesses operate for years to come. The shift to remote work has created opportunities for payroll fraud and other forms of employment-related fraud, as well as opportunities to compromise sensitive data.

The pandemic also accelerated the shift to a cashless society. This evolution serves to lower most organizations’ larceny risks, but it also increases their risk of electronic payment tampering — which can be a much higher-dollar crime. A sales clerk might be able to slip a $100 bill out of the till, but a finance manager with the employer’s bank account and routing numbers can wipe out an entire account balance.

Cultivate an Anti-Fraud Culture

Anti-fraud controls help lower fraud losses and lead to quicker fraud detection. The ideal controls will depend on your organization’s specific risk profile, but the following are a few that any organization should adopt to set the right tone:

Code of conduct. Do your employees and associates know how you expect them to behave? Do they understand what constitutes ethical behavior? When employees know what you expect, they are more willing to accept individual accountability. They also need to see that you and other organizational leaders have zero tolerance for unethical behavior so they feel comfortable speaking up if they see signs of fraud.

Training. Inexperienced or inadequately trained accounting personnel can be particularly susceptible to facilitating financial fraud, whether knowingly or unknowingly. They may not have the proper training or experience to recognize fraudulent entries, or they may simply not believe that they can challenge management. In addition to job training, everyone in the organization should receive training on common fraud schemes and red flags.

Annual fraud checkup. Just like you go to your doctor for an annual physical, organizations should have a yearly fraud risk assessment. According to the ACFE, victim organizations that conducted a fraud risk assessment saw 45% lower median fraud losses, yet less than half of victim organizations had conducted one. If your organization doesn’t have an internal audit department, consider outsourcing the risk assessment to a fraud examiner with experience in your industry.

See Something? Dig Deeper. Sometimes, the best anti-fraud control is to ask questions when things don’t seem right. Remember: The buck stops with you. If you’re concerned about fraud in your organization, reach out to your CRI advisor to discuss how to get to the bottom of it