Let's kick off this article with a math 101 exercise to pique your interest in internal fraud. Consider your company revenue during 2018 and then calculate 5% of that figure; this number is the amount you are losing to internal fraud! Here are other disturbing statics:
- Estimated loss is $3.5 trillion nationwide (U.S.).
- Average fraud loss is $140,000 per instance.
- More than 20 percent of cases have over $1 million in losses.
- Frauds last approximately 18 months before detection.
- Industries most victimized by internal fraud are banking and financial services. (insurance companies).
- Presence of internal anti-fraud controls shows significant decline in internal fraud cases.
- Most internal fraudsters are first-time offenders with clean employment records.
- 87 percent of internal offenders have never been charged with a fraud-related offense.
- 84 percent have never been punished or terminated by an employer.
Hopefully after reading and digesting these alarming statistics, there is at least a slight interest in exploring this area a little deeper. As companies realize these losses, many are not sure where to begin their strategy and furthermore how to implement it. Internal fraud is a very sensitive area as many companies are hesitant to investigate their own employees, people that they hired! It is critical to understand this threat and what motivates them toward their unethical behavior.
One area that I have focused on in my academic research and speak and publish on is opportunity theory and specifically, how counter fraud efforts should focus on reducing opportunity in as many areas as possible within a corporate eco-system. The tenets of rational choice theory absolutely assist us in our analysis of the internal fraudster; we CAN implement programs that will serve to deter the rational-thinking employee. Several strategies that I have personally seen work would be showcasing other cases that were investigated/prosecuted, passing and posting strict zero tolerance statements, establishing a strong code of conduct, and requiring honesty declarations. A clearly posted code of conduct is a critical component toward developing a strong internal anti-fraud culture. Employees must have a clear and well-defined understanding of the threshold between normal and unethical business activity. This code of conduct should be a piece of the overall ethics strategy.
Statistics reveal that about 90% of companies have a structured, formal ethics program, however, about half of the employees within these organizations remark that these programs are unclear. Even more alarming is the fact that of the 90% of organizations that have a formal program, only half are supported by training and open communication. This implies that half of all employees within an organization are totally unclear and unsure of the ethics protocol, program, and parameters; an incredibly troubling statistic!
If a company is looking to develop a strong ethics program, the first step is to create a code of conduct that fits into the corporate culture; second, it must be posted and visible to employees. Lastly, awareness training must be provided. The code of conduct should clearly identify unacceptable behavior and the repercussions to employees who violate it. If it is not feasible to post a lengthy code of conduct, the company can create a brief statement, similar to a mission statement, that succinctly states this code. This should also be provided to new employees, who should be asked to read, sign, and consent to the code. This written consent should also be re-administered on an annual basis. The signed code of conduct agreement has a similar effect as honesty declarations and serves to trigger internal ethical behavior.
The use of technology can also help to identify internal thefts before they occur, providing significant savings. For example, technology can be used to track internal payments and alert administrators when certain ones are triggered. Specific red flag indicators can be developed and integrated into software programs to track the behavior of an employee pertaining to check transactions, amounts, vendors and payees.
Companies should also consider job rotations, cross-training, the four eyes principle (checks and balances) and even promote taking vacations! My research has revealed that many internal fraudsters tend to take less vacations and PTO days due to their anxiety over other employees potentially discovering their unscrupulous activity in their absence.
There is no doubt that internal fraud will continue to be a hot topic in the upcoming year and act as a significant threat to companies. The psychology of an internal fraudster is very similar to that of an external opportunistic fraudster and therefore rational choice principles apply. Internal fraudsters can make a conscious rational choice to commit or refrain from suspicious activity; therefore, companies that employ a multi-pronged approach toward combatting this threat will definitely see positive results.