With the devastating season of bushfires firmly in our rear view mirror, Australia is likely to be “one of the countries worst affected by the economic fallout from the coronavirus,” according to an OECD report.
All we need now are Frogs. It feels as if things are taking a turn towards Biblical proportions. After our Fires, Floods, Flu (COVID-19) and now Financial Recession and Inflation, Fraud is now a heightened risk to businesses. However, unlike the external nature of the first 4 Fs, the Fraud risk is not necessarily an external one.
More individuals than ever will be feeling financial pressure. Businesses need to be open to the idea that they are at risk of fraud and prepared for it to come from within their businesses.
Even the NSW Independent Commission Against Corruption has released Guidance Advice relevant to all organisations in any region or country on the new risks of corruption that emphasises “while the majority of employees are honest and trustworthy, there remains the possibility in any organisation for unscrupulous employees to take improper advantage of diminished control or supervision.” You can read the full guidance here.
How many hours did you spend thinking about or trying to commit fraud today?
For most of us, the answer is none. Hopefully that is the majority of the population, and especially your employees.
The reason we ask this question is that although there is always a risk of fraud, especially internal fraud, many of us would have no clue how to commit fraud or where to start. Most importantly, most people aren’t naturally opportunistic in this way.
However, with the recent events; fires, flood and now COVID-19, it has led to the massive fluctuation of our economy. These trying times have brought out examples of the very best in human nature through donations and volunteers. Unfortunately, these extreme times may also manifest into situations where individuals will contemplate resorting to illegal means of profiteering. Especially if their personal circumstances have been negatively affected, and there won’t be a single person not affected.
An expected salary increases, loans or promotions may now not be possible, significantly delayed, or redundancies on the horizon – some will start thinking about how they deserve or need to supplement the loss of money. A small minority may now feel “forced” to think about this because they have a “need” they can’t control like a gambling debt or drug habit. Forces beyond their control, start to change their mindset and they are able to rationalise to themselves why “borrowing” money from work is justified and possibly “deserved.”
For those working in organisations who don’t have continuous monitoring in place, the individuals don’t have to look far to come up with a solution: “I can ‘borrow’ from the company! They won’t miss it and I will pay it back when it all turns around. Anyhow these are desperate times…”
The challenge in these trying times is that often controls, policies and procedures are overlooked. As organisations try to survive, it can allow fraud to thrive. Companies are not able to update and enforce their controls at the same pace, when they are focussing on keeping their head above water.
Which brings us back to our opening question…
When the thought of committing fraud is in the mind of some daily and it is all they are thinking about, so any organisation with weak controls is at risk of fraud. They might be thinking “I am an internal resource, so I know the limits, the weaknesses, and how not to get caught” and so it starts.
At first amounts are small so they have the excuse or ability to repay it and not be caught – but over time it gets bigger, easier and they can’t even stop justifying it to themselves. They are caught up thinking, scheming and trying every moment of the day – in fact they can become an expert at internal “not getting caught” fraud.
They promise to themselves to stop once they have enough but that hardly ever happens.
Most fraud, especially internal ones, would never have been discovered if the perpetrator had stopped sooner. We know of someone who defrauded their company of $12million.
Had he stopped and gone back to normality (as he had promised himself, he would do) he would never have been caught. But he went for one more big hit and was eventually found out.
This is typical of many internal frauds and companies are reluctant to admit that their controls in the end all seem to hinge on trust. When fraudsters get caught, their colleagues and friends are left scratching their heads. They can’t believe that they did it – fraudsters were the nicest, most honest of people, hardworking, never taking time off, involved in everything. Obviously, that’s how they managed to do it and not get caught.
And now, not only is internal fraud something to be highly concerned about, there is a new pretty terrifying trend happening – the professional fraudster – intentionally seeking roles where they can commit fraud. They start out in a job with the intention of finding a way to get through the controls. Their mission is to enter a company and identify the control weaknesses as soon as possible to allow them to defraud the company.
They are professional con artists and have all the characteristics of the unintentional fraudster with one difference – they started out to do this. It is as if they got a double degree in commerce and fraud – they are very good at it and unlikely to be caught by traditional conventional means. If they are found out, their trail (if there is a trail at all) is often buried so deep that it would only be found years after they have left the company.
This is what companies need to be concerned about and why they need to put controls in place that are automated, independent and continuously monitored to make it harder and more difficult to perpetuate a fraud. These professional fraudsters (and the inadvertent fraudster) will be forced to go somewhere else.
Implementing continuous monitoring is akin to CCTV monitoring with AI – and investigators following up any suspicious activity – it sets a tone and creates a culture of awareness. If there were no rules around drink driving with no RBT’s and no penalty, would drink driving incidents go up or down?
Complacency and trusting people can be abused and often is, which is why trust cannot be the only control we rely on – we need to trust but verify.
Times change, circumstances change and so do we in how we see the world and what we need to do to survive, pay off debts or buy the new yacht.
Companies need the controls, processes and rules to keep some of us honest and inline. It’s the only way to ensure fraudsters and potential fraudsters get the clear message – “Not in my company!”.
For more information about Fraud Management and how it could be applied to your organisation, please free to to get in touch with us.