While the global economy continues to fall, incidences of corporate fraud are on the rise. The current economic instability, coupled with weakened internal controls found in many organizations, both large and small, has created the perfect storm for corporate fraud.
As the economy continues to slow down, companies are under increasing pressure to maintain or improve their performances, often to the detriment of the organizations' long-term objectives. In some instances, organizations expect results that can only be achieved in a thriving economy. In slower economic times, this mindset can contribute to increased fraudulent activity within an organization.
During a prolonged recession, we are likely to witness even more fraudulent activities. During challenging economic conditions, the pressure to constantly meet projected financial results is even greater and the occurrence of fraud can become more common. Historically, revenue recognition fraud, which occurs when companies manipulate financial statements by recognizing revenue before key parts of a transaction are complete — just one of hundreds of fraud scheme methods — has been one of the most prevalent fraud scheme methods.
Ponzi schemes are also becoming more widespread, and, when unraveled, their victims fall harder and faster and suffer significant damage. A Ponzi scheme, in its most basic form, is a fraudulent investment operation that pays returns to investors out of the money paid by subsequent investors rather than from profit. The scheme is named after Charles Ponzi, who first used the technique in 1920.
Irrespective of the type and nature of fraud, there are generally three prerequisites necessary for a fraud to occur: motivation (such as financial pressure), opportunity (such as weak internal controls, management styles or corporate culture) and rationalization (the attitude that justifies the fraud). While these factors can be present during a strong economy, they often intensify during an economic downturn.
Opportunity, a key fraud enabler, frequently occurs when an organization's internal controls are weak or nonexistent as in the massive frauds at Enron, WorldCom, Quest and Tyco. Opportunity also existed in the more recent scandals by Bernard Madoff and George Theodule (Creative Capital). On Dec. 11, former chairman of the NASDAQ Stock Market Bernard Madoff was arrested and charged with securities fraud. If the accusations are true and the reported losses accurate — $50 billion of fraudulent losses — this would be the largest Ponzi scheme in history. And as recently as Dec. 30, Securities and Exchange Commission enforcement officials obtained an emergency court order to stop an alleged Ponzi scheme by George Theodule and Creative Capital that allegedly collected more than $23 million from thousands of investors in Florida's Haitian-American community.
In many instances investors and others are critically harmed, with often life-changing consequences, when fraud occurs and goes undetected. In the Madoff fraud, for example, it is alleged that one of Madoff's biggest investors, René-Thierry Magon de la Villehuchet, of Access International Advisors, committed suicide following the disclosure of the scheme. It is not a surprise that fraud continues to occur with increasing frequency. Fraud is now so common that its occurrence is no longer remarkable, only its scale and circumstances are.
The common theme among the fraudulent activities was opportunity to deliberately falsify, alter or manipulate books, records and financial statements or misappropriate monies and deceive investors. Appropriate oversight and effective management were obviously absent from these businesses. The board of directors down to staff-level employees failed in their responsibility to develop, implement and monitor fraud prevention programs and thereby cultivated environments conducive for fraudulent activities to occur undetected for significant periods of time.
Certified public accountants and certified fraud examiners, or CFEs, with experience in fraud investigation and detection can play a vital role in the establishment of fraud deterrence and prevention programs as well as provide important detection services when fraud has been suspected. Businesses, particularly during volatile economic periods, should keep these professionals close at hand.
Since fraud can generate catastrophic results, now is a good time to proactively identify and manage your fraud risks. Use the condensed checklist below to commence an assessment (or launch) of your fraud prevention policies and procedures. While not applicable to every business or individual, some of the following may be worth considering.
Condensed Fraud Prevention Checklist
- Advise personnel throughout the organization of fraud risk management programs, including the types of fraud and misconduct that may occur. Ongoing education is imperative. One of the strongest fraud deterrents is the awareness that effective detective controls are in place.
- Establish a "no-fraud-tolerance attitude" throughout the organization, starting with the highest levels of management.
- Institute a comprehensive ethics program, embracing a no-fraud-tolerance attitude.
- Require that all employees review and sign published anti-fraud program documents, indicating agreement and compliance with these programs.
- Appoint a fraud control officer charged with primary oversight for all fraud prevention and detection programs.
- Perform background checks on new employees. A key business and fraud risk in any organization lies in the people hired to operate the business, make decisions and rise into positions of trust and authority.
- Align an employee's authority and responsibility, particularly in the absence of other control activities and segregation of duties. Fraud is less likely to occur when an individual's level of authority is commensurate with his or her level of responsibility.
- Recognize that every level of an organization (management, staff, internal auditors as well as external auditors) has responsibility for dealing with fraud risk, including prevention and detection.
- Review third-party and related-party transactions, since fraud schemes often involve the use of third-party entities or individuals.
- Control billing correspondence and remittances. Remittances from clients and customers should be directed to a secure location. In smaller organizations, the owner or an employee who has no responsibilities related to recording deposits, accounts receivable records or revenue, should pick up and distribute the mail.
- Document fraud prevention techniques and reassess frequently. Fraud risk exposure should be assessed periodically by the organization to identify specific potential schemes and events that the organization needs to mitigate.
- Establish detection techniques that are designed to uncover fraud events when preventive measures fail or unmitigated risks are realized.
- Institute a reporting process throughout the organization to solicit input on potential fraud.
- Maintain a coordinated approach to investigation and utilize action to help ensure potential fraud is addressed appropriately and quickly.
- Institute a comprehensive segregation of duties program, which is essential to maintaining a system of effective internal control, by reducing the risk of both erroneous and inappropriate actions. For example, the individual who opens mail should not record bank deposits or customer payments.
- Document and continually update all accounting and financial reporting procedures developed in conjunction with external CPA, CFE and legal counsel.
- Establish ongoing management review as a compensating and supporting control activity.
- Restrict and control the number of authorized check signers. If possible, "C" level executives, or the owner in small businesses, should sign all checks. Two signatures should be required for checks exceeding a specified dollar amount. Never sign blank checks. Review supporting documentation with checks and question any improprieties. Do not use a signature stamp.
- Provide explanations by senior management to all levels of the organization to explain how the company is responding to heightened regulations.
- Ensure that the board of directors, and other members of executive management, maintains its own governance practices, which set the tone for fraud risk management, and that management implements policy that encourages ethical behavior, including processes for employees, customers, vendors and other third parties to report instances where those standards are not met.
- Review computer security for proper administration and access rights. Access should be limited to job responsibilities and passwords should be required to be changed on a regular basis.
- Perform ongoing accounting reconciliations to identify and investigate differences and take corrective action, when necessary, to resolve differences.
- Secure the business premises and assets. Restrict after-hours access and limit access to high-risk areas to only those who truly require it. The use of video surveillance or a keypad lock can be effective in preventing fraud.
- Ascertain and be certain that approval authority resides only with individuals with sufficient authority and knowledge to recognize and challenge unusual transactions.
- Require that employees take vacation and establish a schedule of rotation of employee responsibilities. This practice will minimize management's reliance on any one individual while providing a disincentive to commit fraud.
- Institute an employee fraud hotline program. These programs have been popular and effective in the discovery of questionable activities.
- Ensure involvement by management, at all levels, in control activities and fraud prevention programs.
- Purchase insurance coverage with protection against fraud.
The roles and responsibilities for fraud risk management involve personnel at all levels of an organization and should be clearly defined, implemented and monitored. The premise of fraud deterrence presumes fraud is not a random occurrence, but rather occurs when conditions are weak and fraud motivating factors are present. Removal of opportunity provides the most direct and efficient path to prevention of fraud.
Michael A. Gillen is the director of the tax accounting group of Duane Morris, a group of certified public accountants providing tax, accounting and consulting services as an ancillary business of the firm, where he devotes his practice to federal, state and local income taxation and a variety of litigation consulting services including, but not limited to, fraud and embezzlement detection and forensic and investigative accounting. He is a two term past president of the Greater Philadelphia Chapter of the Pennsylvania Institute of Certified Public Accountants. He can be reached at 215-979-1635 or .
Steven M. Packer is a manager in the tax accounting group of the firm, where he devotes his practice to federal, state and local income taxation, fraud and embezzlement detection and investigative accounting. He is a past president of the Greater Philadelphia Chapter of the Pennsylvania Institute of Certified Public Accountants and a member of the chapter's executive committee. He can be reached at 215-979-1697 or .
As required by United States Treasury Regulations, you should be aware that this communication is not intended by the sender to be used, and it cannot be used, for the purpose of avoiding penalties under United States federal tax laws.
Reprinted with permission from The Legal Intelligencer, © ALM Media Properties LLC. All rights reserved.