Most business owners think it just won’t happen to them. You trust your employees and treat them well. But occupational fraud happens to businesses of all sizes, in all industries. Ninety-five percent of all businesses have been targeted and nearly 40% of employees have stolen from their employers.1
Occupational fraud is internal fraud perpetrated by an employee, manager or executive against his or her own employer. And it’s damaging, demoralizing and expensive. A recent Association Fraud Examiners (ACFE) survey takes an in-depth look at occupational fraud and estimates global losses of $3.6 billion annually.2
Why do employees steal?
Occupational fraud experts describe a “fraud triangle,” that includes opportunity, rationalization and pressure. Dishonest employees typically see themselves as having a financial problem (pressure), which they believe can be resolved by stealing funds or property (opportunity), and they rationalize their criminal conduct by adjusting their realities (rationalization): “No one will find out,” “The company can afford it,” “The company owes me because I work so hard/contribute so much,” and so on.
Who’s stealing and how?
The ACFE found that more than half of occupational fraud was committed in just four departments — operations (15%), accounting (14%), executive/upper management (12%) and sales (11%).
Fraudsters who had been with their organizations more than six years caused twice the losses of those who had been with the company for a shorter time. That’s no surprise since they know the ins and outs of the organization and can more easily plan their crimes.
According to the ACFE, there are three distinct categories of occupational fraud, all with varying timeframes and levels of damage.
This type of fraud involves theft or misuse of company resources. It is the most common fraud (86% of cases) and causes the lowest median loss, at about $100,000 per case.
Billing schemes are the most common type of asset misappropriation. These schemes include invoices for fictitious goods or services, inflated invoices or invoices for personal purchases. Check and payment tampering are the most expensive type of asset misappropriation, followed by cash larceny and theft of non-cash assets, such as inventory.
Extortion, embezzlement and conflicts of interest are the second most prevalent examples of occupational fraud (43% of cases). These schemes cause $200,000 per case in median losses.
Financial statement fraud
The purposeful material misstatement or omissions in the company’s financial statements is the least common type of fraud (10% of cases) but causes the largest losses at $954,000 per case.
In about one-third of cases, the fraudster commits more than one type of fraud, with the most typical overlap being asset misappropriation and corruption. Regardless of type, the median duration of fraud is 14 months. Payroll schemes, however, tend to last the longest before they are detected, at an average of 24 months. Theft of non-cash assets are typically detected in about 13 months.
The longer the fraud lasts, the worse the financial damage. Schemes that are discovered in under six months cause about $50,000 in average losses, versus schemes that last at least 60 months and cause $740,000 in average losses.
Small businesses are more vulnerable.
Although companies of all sizes experience occupational fraud in relatively equal amounts, smaller companies of fewer than 100 employees are more likely to experience employee fraud. Billing, payroll, and check and payment tampering are more common in smaller organizations — occurring two to four times more often in small companies than in larger ones. Small businesses also had the highest median loss at $150,000.
Smaller businesses also face different challenges in terms of anti-fraud controls. For example, external audits uncover a fair amount of fraud, but because smaller companies are less likely to engage in external audits, they are missing this important fraud control tool. Smaller companies are also more likely to lack internal controls such as segregation of duties, specifically focused fraud departments, job rotation requirements and surprise audits.
What are companies doing about employee theft?
Eighty-six percent of company perpetrators had never been charged with or convicted of fraud prior to the crimes reported in the ACFE survey. This may indicate that most are first-time offenders, but businesses may also have opted not to pursue legal action. Eighty percent of the employees who committed fraud received internal punishment. However, only 59% of cases are referred to law enforcement, and only 28% of cases resulted in civil litigation.
Early fraud detection reduces losses and sends a powerful message.
Early fraud detection can save your business from bigger losses, while sending a strong message that fraud will not be tolerated.
Many sophisticated fraud detection techniques are now in use around the world, but interestingly, most fraud schemes are still detected the old-fashioned way: tips. More than 40% of fraud schemes, as reported in the ACFE study, were detected by tips. More than half of those tips came from employees. Customers, vendors, even competitors, also alerted businesses of fraud schemes. Fifteen percent of tips were anonymous.
Internal audits and management reviews also uncover fraud. The survey underscores that when fraud is detected proactively, via methods such as document examination, surveillance or monitoring, it is shorter in duration and less costly. Fraud that is detected passively — by accident, confession or police notification — tends to last longer and be much more expensive to the company.
Fraud hotlines are particularly effective, and generally cut the company’s losses in half. Hotlines also cut about six months off the duration of the crime.
Fraud prevention measures work.
Creating an anti-fraud culture is the foundation of fraud deterrence. This includes setting the right tone at the top. Owners and executives must be flawless in abiding by the rules, from not overriding internal controls to correct handling of petty cash. In addition, fraud prevention measures should be visible to employees, increasing the perception of fraud control and detection.
Fraud prevention controls work, but they are not all created equal. Four tactics tend to reduce both fraud losses and duration by about 50%: a code of conduct, an internal audit department, management’s certification of financial statements, and regular management review of internal controls, processes, accounts and transactions.
Be proactive in protecting against employee fraud.
Taking proactive steps to deter fraud is the best way to protect your company. Review your internal controls, tighten oversight and set the right tone.
If you suspect that your company is being defrauded, bring in help. Gather a small, discreet team to investigate, and ask your trusted financial and legal advisors for objective advice. Act quickly to restrict the perpetrator’s access and stop the damage. Talk to your insurance company and don’t hesitate to involve law enforcement.
Your team works hard to keep your company growing and thriving. Don’t let occupational fraud stand in the way of your success.
For more information on how Synovus can assist in protecting your business from fraud, contact our Treasury and Payment Solutions team, your Treasury Consultant, or Relationship Manager.
This content is general in nature and does not constitute legal, tax, accounting, financial or investment advice. You are encouraged to consult with competent legal, tax, accounting, financial or investment professionals based on your specific circumstances. We do not make any warranties as to accuracy or completeness of this information, do not endorse any third-party companies, products, or services described here, and take no liability for your use of this information.
You are about to leave the Synovus web site for a third-party site
Third-party sites aren't under our control, and we are not responsible for any of the content or additional links they contain. We don't endorse to guarantee the goods or information provided by third-party sites, and we're not responsible for any failures or inaccuracies. Third-party sites may contain less security and may have different privacy policies from ours.