Constant vigilance is the most critical control to prevent fraud risk. Employee fraud happens when a motivated individual who knows of a weakness decides that no one is paying attention. The minute that directors and employees let their guard down, someone who has been thinking about stealing will become much more likely to start doing it.
“But how do I know where to focus my fraud prevention efforts?” you might wonder. In another article, we discuss cost-effective fraud protection that can help just about any business. But focusing on the types of fraud that are most likely to affect businesses in your industry is another way to maximize fraud protection efforts.
Fraud Risk Varies by Industry
In its most recent study on occupational fraud and abuse, which is based on 2,690 cases reported by Certified Fraud Examiners (CFEs) between January 2016 and October 2017, the Association of Certified Fraud Examiners reports on the most common fraud schemes in various industries.
The study authors note that the industries with more reported fraud cases are not necessarily the ones most susceptible to fraud, and instead the data likely reflects the industries that most often employ CFEs. However, by focusing on the top five industries in the chart — banking and financial services, manufacturing, government and public administration, healthcare, and retail — we see just how markedly fraud risks can vary.
Corruption is one of the chief causes of fraud in most industries. When you look at the next-most prevalent types of fraud:
- In banking and financial services, cash on hand is (not surprisingly) a significantly higher area of risk.
- Manufacturing and healthcare both show a weakness for billing schemes.
- Theft of noncash assets is a significant risk for manufacturing businesses, as well as in the government public administration sector.
- Predictably, the retail sector falls victim to theft of noncash assets more than any other fraud scheme.
This exercise illustrates the importance of knowing the most significant risks for your own business when determining where to concentrate fraud prevention efforts.
Understanding Your Business
While fraud protection efforts should start with a focus on areas most likely to be abused in each industry, that’s not the end of the story.
Industry guidelines can give you good ideas for some basic fraud controls, but each business has unique characteristics. Some of the innovations that help to distinguish you from your competition could create unique fraud vulnerabilities in your system. The last thing you want to do is assume that you’ve “checked all the boxes” for fraud protection because you’ve covered some basic industry standards.
Ask Employees: “How Could Someone Steal?”
Once you’ve thought through some of the key industry fraud risk points, talk to some trusted employees. Ask them, “How could someone steal from us?” The folks who are in the weeds might be better able to see weak points that aren’t as obvious to an executive looking at the big picture.
Next, consider engaging an outside consultant to review your anti-fraud program, dig more deeply into your fraud risk, and customize fraud protections to your business.
Remember, fraud can happen in any business. By cultivating an attitude of “It can happen here,” you have taken the most important step toward minimizing the opportunity for employees to abuse your trust. To learn more about fraud prevention and mitigation, please contact your CRI advisor.