Internal fraud: the ever-present threat to businesses
September 24, 2020
Fraud in the workplace
Fraud is never far from the headlines. A little while ago, Patisserie Valerie collapsed into Administration after it was found to have overstated its cash position by £30m and failed to disclose unauthorised overdrafts of nearly £10m. More recently, the global payments processing firm Wirecard filed for insolvency after admitting that €1.7bn of its assets were entirely imaginary, amid allegations that it had been involved in large scale money laundering. Another day, another accounting scam. These were exceptionally dramatic cases; most internal fraud is on a far smaller scale but that does not make it any less serious for the businesses affected.
How common is internal fraud?
A study in late 2019 revealed that the UK has the highest rate of internal fraud in the world, apart from sub-Saharan Africa. It showed that 38% of UK enterprises had been affected in the previous year, losing £88m as a result. 38% also suffered leaks of internal information.
Who takes responsibility for internal fraud?
Unfortunately, this report also reported that only 62% of UK business leaders view internal fraud as a risk priority. As a result, few businesses look to manage this risk effectively. The key question is, who owns internal fraud risk in a business? If you put that question to most board meetings, fingers will be pointed round the room at different functions: security, HR, IT are all involved, as are internal audit and line managers. No organisation is immune to internal fraud, but few have a clear risk management policy in place.
What motivates the perpetrators?
Businesses depend on their staff and put high levels of trust in them to do their jobs well, diligently and honestly. Unfortunately, this level of trust is the weak link in the chain. In a fast-moving business world, in which people have access to systems or assets and are under pressure to perform at pace, gaps in defences can so easily develop. People change, their circumstances can alter and things happen that effect their lives outside of work: a death in the family or some type of addiction are examples. Disgruntled employees turn against their employers. Employees can be pressurised or incentivised by organised crime gangs, who infiltrate your business.
Can you spot the problem before it gets too serious?
One thing is common to all internal frauds: the perpetrators believe they can defraud their employer and that they will not be found out. The tell-tale signs will be there: fancy clothes, exotic holidays and other expensive purchases that may indicate someone is living above their known means. You may have a quiet employee who does not interact or engage with management or colleagues. Then there is the workaholic, who does not take holidays or time off because they are scared that someone will spot what they have been up to while they are away. Most important of all, where there are weak management controls in place there will be more opportunities for fraud. An employee might have done something once either on purpose or sometimes by accident and it snowballs from there when they realise they have got away with it.
Covid-19 and workplace fraud
The pandemic has been blamed for many things. It has certainly increased the risk of fraud inside companies. It has created the perfect storm in terms of maintaining proper internal controls: desperate staff, distracted management, dispersed and denuded finance functions and diluted team spirit. It has probably never been easier to commit fraud and the chances of getting caught have been significantly reduced.
Many of the ‘soft’ warning signs, most notably erratic performance and nervous behaviour have become far more difficult to detect in a working environment where face-to-face contact has been eliminated or severely restricted and where human interaction is limited to video meetings where suspicious body language and behaviour is almost impossible to detect.
What can you do to combat internal fraud?
The answer is simple but challenging; it involves nurturing trust and applying best practice across the whole organisation. The good news is that most employees are trustworthy and hard-working. The trick is deterring and identifying the few who are not.
This task starts right back at the recruitment stage. Properly vetting potential new staff is vital. Screening should not just be about capability, it must also look at integrity. CVs are often ‘creatively’ written to heighten the chances of landing a job, but occasionally this is done to cover up past misbehaviour. References from previous employers are pretty much worthless. Better for employers to have access to one of the internal fraud databases which exist to warn employers, such as ones operated by Cifas or National Hunter.
Straightforward best practice within your business will help considerably to limit opportunities of internal fraud:
1. Monitor key staff activities
Transparency must be a part of your organisation’s culture, but it is important to balance trust and oversight to avoid an organisation feeling to staff like it is dominated by surveillance. Communication about the role of openness in protecting the business and jobs by being able to spot issues more quickly is important. It needs to become the new norm and not be portrayed as anything personal against staff.
2. Engage with staff about internal fraud
Awareness within the business of the consequences of committing internal fraud needs to be raised; secrecy and denial are bad strategies. Staff should be encouraged to come forward about their own issues and the behaviour of colleagues without feeling they will be judged critically. Management should have open conversations with employees about what red flags they can look out for. Managers cannot be everywhere all the time, so it is important to help employees to spot when something is wrong. Employees should be reminded regularly how important controls are to the organisation, emphasising that they are there to protect them and their jobs, not some sort of heavy-handed interference that makes doing their jobs more difficult.
3. Whistleblowing and anonymous reporting
There need to be procedures in place so that staff can report issues anonymously without recourse or recriminations. This enables appropriate action to be taken more quickly and problems to be dealt with before issues escalate.
Concerned about potential fraud in your workplace?
If you have been affected by internal fraud or if you are concerned about this risk, seeking external help and advice is advisable. Business owners and management will usually be too close to their organisation, its systems and its controls to be sufficiently objective to design the procedures and implement the changes necessary to combat internal fraud.