Risk Management

Something Wicked This Way Comes

Fraudsters are preying on corporate coffers and catching the crooks will take more than accounting controls.
Marie LeoneJune 1, 2010

Odds are good that your company is losing money in the worst possible way — through theft. According to a new biannual study from the Association of Certified Fraud Examiners (ACFE), companies that fell victim to fraud suffered a median loss of $160,000, and 25% of the nearly 2,000 cases examined involved a loss of $1 million or more.

Those figures are based on 1,843 global respondents (60% from the United States) who detailed the single biggest fraud they investigated between January 2008 and December 2009.

As for how the scams were detected, the results aren’t heartening. The cases lasted a median of 18 months before being exposed, and fewer than 5% were detected by external audit firms. But don’t blame those firms, cautions report co-author and ACFE general counsel John Warren. “Fraud is not an accounting issue, it’s a human issue,” he says.

In fact, according to the survey, the most effective fraud-prevention tactics were “nonaccounting controls,” such as hotlines and training-and-support programs for both employees and managers. Of the top eight controls ranked by effectiveness, only one — surprise audits, which cut fraud losses by 51% — is part of the traditional accounting-based control structure. Financial-statement review, internal audits, and Sarbanes-Oxley-mandated certifications by CEOs and CFOs all ranked below the nonaccounting controls in terms of effectiveness in preventing fraud. (For more on some of the most interesting human aspects of fraud uncovered by the survey, see “Someone Is Up to No Good.”)

If auditors are going to do a better job, they’re going to need better training. So says Sam E. Antar, former CFO of Crazy Eddie Inc. and a convicted felon who now consults with companies and federal law-enforcement agencies on white collar–crime prevention. “Auditors are trained to look for bookkeeping errors,” Antar says. “They are not required to take [a single] course in forensic accounting or criminology.”

For now, the most common method of catching a fraudster is a tip-off, according to the ACFE. In fact, tips expose fraud three times as often as do management reviews, internal audits, or account reconciliations.

Antar, whose own inflation of sales figures, money laundering, and inventory fraud was revealed via a tip, says that informants usually fall into one of three categories: ex-lovers, ex-employees, and ex–business partners. Internal informants also provide tips, but the ACFE’s Warren says that in many cases an unsupportive corporate culture and poor employee training leave potential whistle-blowers unsure of whom to talk to, how to report a suspected crime, or just “afraid of retaliation.”

That fear is justified, Antar says. Criminals “don’t go down without a fight, they don’t fight fairly, and they are going to intimidate whistle-blowers — that’s the nature of their game.” To fight back, companies may need to raise the level of their own game, or say goodbye to losses that the ACFE says typically equal 5% of company revenue.

Fraud Facts

$150,000 — Median loss for small U.S. companies

$80,000 — Median loss for midsize/large U.S. companies

8.3% — Fraud cases detected “by accident”

7.4% — Companies that reward whistle-blowers

Nearly 1/3 of frauds studied drained more than $100,000 from companies; 1/4 topped $1 million.