I recently watched a short video published by the Association of Certified Fraud Examiners (ACFE), and I wanted to share two big lessons I pulled away from it. The video is a brief five minutes, but it is loaded with valuable information and some simple and highly effective fraud prevention techniques that I will summarize.
First of all, have you ever wondered how to get started on a fraud prevention program? Have you ever found yourself saying, “Fraud prevention seems complex and expensive, and as a small business I don’t think we have the resources?” How about, “I’ve heard about so many different fraud prevention measures, how do I know which ones are right for my company?” It is true that there are a lot of different fraud prevention measures out there and the volume can certainly be overwhelming. But, it shouldn’t be paralyzing.
In the video, the ACFE shares five simple things small businesses can do to reduce fraud. I would agree that these five things are simple, and I would challenge you to look at your business and determine if you’ve implemented each of them. If you haven’t, consider doing so in the next 30 days.
The five simple things highlighted in the video are:
1. Conduct background checks on all employees
2. Implement a written code of ethics
3. Divide bookkeeping and check-signing authority
4. Deliver bank statements – unopened – to top management
5. Implement a reporting mechanism or hotline
These are all very powerful concepts. Throughout my career as a financial statement auditor and fraud examiner, I have seen frauds perpetrated as a direct result of each one of these individual simple mechanisms not being in place:
- As an auditor, my colleagues and I will routinely advise our clients that segregation of duties (#3 above) and delivering the bank statements unopened (#4 above) are paramount controls to safeguarding assets and monitoring the business. These are often the first and most important controls we address.
- As a fraud examiner, I know the comfort and empowerment that hotlines provide to whistle-blowers.
- As a business owner, I know that hiring quality people and professing my business and ethical philosophy are important in creating a rewarding and successful culture.
I have often contemplated what a “starter kit” for fraud prevention looks like, and this list by the ACFE is a really good example.
The other lesson I took from the video was more of an unspoken one. One of the key tenants to fraud theory is that fraud perpetrators need to be able to rationalize or justify their fraud. In their mind, they’re not really bad people, or even good people doing bad things. They may even go as far as to consider themselves victims. It is an essential part of most frauds and it is a key ingredient in the fraud triangle. But have you ever seen it in action?
In the video, the ACFE interviews convicted fraudsters and they share certain elements of their schemes. Listen to each of them. They each have a tendency to push blame and “rationalize” their behavior. I hear things like:
- There was too much trust.
- I needed a better boss who would watch over me.
- There was no accountability in my department.
- If only the boss would have opened the bank statements, I would have never been able to do this…and I wouldn’t have gotten into trouble.
The other thing that went wrong in their fraud is that they committed a fraud! They did the crime, but that seems to get lost in the shuffle. As difficult as it is to hear these convicted fraudsters pass blame and deflect responsibility, one of them, Tom Hughes (the man who speaks about unopened bank statements), brings up a point that is very true and powerful. The mere perception of effective controls being in place is usually a deterrent to employees who could potentially commit a fraudulent act. Had management received and reviewed the unopened statements, instead of Tom, that would have been a signal to Tom that someone was watching. That watching can certainly lead to the uncovering of his scheme. These days it is even easier to implement this kind of control with the availability of online banking resources.
I would argue that these controls are critical enough that you should actually be performing them. However, take the opportunity to casually mention that you are doing it. Something simple like, “The other day when I was looking at the bank activity online, I saw….” You can be more obvious than that, of course, but here’s the point: the performance of controls and the communication of that performance are critical and effective ways to prevent fraud for small businesses.
© Clark Nuber PS and Focus on Fraud, 2015. Unauthorized use and/or duplication of this material without express and written permission from this blog’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Clark Nuber PS and Focus on Fraud with appropriate and specific direction to the original content.