According to the "2010 Report to the Nations" by the Association of Certified Fraud Examiners, the most common asset fraud, which makes up more than a quarter of all reported occurrences, involves purchasing and vendor billing schemes. By the time these schemes are uncovered they have, on average, been operating for two years and resulted in losses exceeding $125,000….regardless of the size or type of organization.
After most organizations discover fraud, the first corrective action that they do is strengthen their internal controls. Why? Because they are the processes that management implements to ensure that fraudulent activities are either prevented, or detected in a timely manner.
In order for fraud to occur, the perpetrator has to perceive a need and have a justification for the fraud. More critically, the perpetrator needs to have the opportunity to commit the fraud. Accounts payable fraud is usually a crime committed by an employee, often one who works with a vendor. After all, he or she knows how the company functions. Opportunity comes when no one is watching. An employee has the time and knowledge to figure out where that lack of attention exists.
If you want to address the risk of fraud, where should you start?
You will want to start by identifying the processes in which individuals handle multiple aspects of a job themselves, then break them apart. You want to provide yourself with some sort of oversight. You can insert other individuals in the process (segregation of duties), or have someone independently evaluate activities (a management review). Segregation of duties puts a second individual in the position of routinely reviewing the actions of the other, and therefore provides an ongoing and timely control. It takes more people, but it is the strongest anti-fraud control. Management review, on the other hand, is always done after the fact, so it may not catch a problem in as timely a fashion. However, when you have a limited number of people available, it may be the best monitoring control you have.
Don’t assume, verify. When individuals know that others are observing their actions, they know their opportunities will be limited and, in many cases, they will be completely deterred. But, never assume that you can prevent fraud. If truly motivated, the fraudster will find an opportunity to exploit. Instead, you should devise ways to detect those actions in a timely fashion, and be able to react quickly. That requires oversight, review and verification.
A Quick Check-Up: What to Look For and What to Do
What To Do
Wherever there is money to be made, there is the risk of fraud. Individuals have been committing these acts for as long as records have been kept. So, although you cannot prevent fraud, you can reduce its risk and impact.
Remember, every fraud programs starts with management oversight. If you aren’t paying attention, the fraudster knows, and will take advantage of the opportunity. If you are, the fraudster knows that too and may be deterred completely. Hope is not a strategy. If you want to protect yourself, you have to take action.
This publication contains information in summary form and is intended for general guidance only. It is not intended to be a substitute for detailed research nor the exercise of professional judgment. Neither BPM nor any member of the BPM firm can accept any responsibility for loss brought to any person acting or refraining from action as a result of any material in this publication. On any specific matter, reference should be made to the appropriate advisor.