During an economic downturn, financial pressures and opportunities can lead to an increase in fraudulent activity. This can take shape in many forms, including employee embezzlement, fraud by unrelated third parties, cyberattacks, fraud by vendors, financial statement fraud and corruption.
There are three factors generally accepted as being necessary for fraud to occur within organizations: pressure, opportunity and rationalization.
In economically uncertain times, organizations and individuals can become increasingly more concerned about their financial survival and feel growing pressure to commit fraud. This pressure can come from various sources, including paying household and medical bills and feeding their families. Opportunities for fraud can increase as organizations lay-off employees and important internal controls are compromised or eliminated.
A report published by the Association of Certified Fraud Examiners entitled “Occupational Fraud: A Study of the Impact of an Economic Recession” documented the increase in employee theft occurring from early 2008 through early 2009. The study found that the pervasive employee layoffs during the economic recession left “holes in organization’s internal control systems,” making them more susceptible to occupational fraud.
An important element of any effective corporate fraud prevention during economic uncertainty is to understand the pressures facing employees and to proactively support employees.
There is no bright line for fraud and often employees do not perceive themselves as fraudsters or committing fraud. They rationalize their behavior in a variety of ways, including: “I’ll pay it back next month” or “they will never miss it” or “just this once”. Once an employee experiences pressure to commit fraud and can rationalize it, it is usually only a matter of time before the opportunity to commit fraud presents itself.
A lack of strong internal controls and ongoing fraud risk assessments can create an environment where fraud can flourish and significantly affect the valuable economic resources of a company. The opportunities to commit fraud are increasing right now as more businesses and employees are working remotely and previously established controls and processes are potentially being compromised.
Based on the ACFE’s study, victim organizations that had implemented common anti-fraud measures experienced considerably lower losses and reduced fraud duration than organizations lacking these controls. These measures include:
- Segregation of duties
This involves the custody of assets, authorization of transactions affecting those assets and recording/reporting of related transactions. Examples of segregation of duties which should be diligently maintained in today’s environment include: separation of invoice preparation and payment approval; separation of billing from those for collection and accounting; separation of cash receipts functions from cash disbursement functions; and separation of the receipt of goods or services from purchasing or accounts payable activities. Setting up positive pay with your financial institution can also prevent counterfeit checks.
- Timely reconciliation of bank accounts and management review
Adequate segregation of duties should also be maintained in the bank reconciliation process. Cash bookkeeping, bank reconciliations and check signer/wire authorization functions should be separated. Reconciliations should continue to be performed daily, weekly or monthly depending on the size of the organization or the volume of transactions. Management should also review the reconciliations.
Additionally, it is important to have a comprehensive system of anti-fraud controls and proactive fraud prevention programs. This can include fraud training for employees and managers; formal fraud risk assessments; an anti-fraud policy; setting up of an ethics hotline; and rewards for whistleblowers. The good news is that much of these anti-fraud controls can be achieved even while working remotely. With productivity slowing in many cases, it might provide opportunities for education and program development.
A Note About Cyber Risk
It is important to be aware of the increased risk of cyberattacks during uncertain times and particularly as workers transition to at-home working environments. This is an ideal time to communicate with employees about the risks associated with social engineering attacks including malicious attachments, malware, phishing, vishing and smishing. Encourage employees to be thoughtful in their online, phone and texting behavior to protect themselves and you as their employer.
Protect Your Business
Whether an economy is turbulent or not, it is important to review your internal controls and fraud prevention policies and programs to determine whether improvements or changes can be made. We at BST have the knowledge, resources and experience to help you with that and, if you do become a victim of fraud, we have the expertise to help you navigate next steps.