By: Reena Panchal, CFE, Consulting Manager
There is no accounting for the creative lengths that motivated people will go through to perpetrate fraud. In one case that had an almost “supernatural” overtone to it, our team came across a fraud scheme at a maintenance company which cost the company more than $5.3 million dollars during the course of several years. Funds were being directly deposited into the controller’s bank account through bogus expense reimbursements to ghost employees. Close analysis of payroll reports during an internal control review revealed a missing page with fictitious employees. The fraud was perpetrated so that no other paper trail was left; it was almost as if the employees were ghosts!
This story drives home the point that all organizations are subject to fraud risk and that creativity knows no bounds when it comes to fraud. While it is impossible to completely prevent all fraudulent activity, pro-active management and sound internal controls can reduce the risk of such frauds occurring and can make it much easier to spot them when they are perpetrated.
According to “Managing the Business Risk of Fraud: A Practical Guide,” a document sponsored by the IIA, AICPA and ACFE, key principles for effectively managing an entity’s fraud risk include:
- An organization’s governance structure should include a fraud risk management program which includes a written policy.
- The organization should periodically assess fraud risk exposure.
- Controls to deter potential key fraud risk events should be established.
- Detection methods should be implemented to uncover fraud events.
- A reporting process should be implemented.
- A coordinated approach should be used to investigate and take corrective action to help ensure that potential fraud is addressed in a timely and appropriate fashion.
In future issues of The Advisor, we will be running a series of articles with stories from the headlines and our own experiences unearthing fraud, and lessons learned. The key theme is the importance of having a control environment with an anti-fraud tone at the top and the various tools necessary to create such an environment. One take away from the series will be an introduction of a “fraud toolbox,” which whether implemented internally or in conjunction with experienced external forensic consultants, will result in a management approach which significantly flushes out fraud.