What can risk managers do to deal with fraud in their organisations, asks James Bray

Fraud and corruption are increasing amongst high level executives according to a recent report by the accountancy firm KPMG.

Richard Powell, head of forensic investigations at KPMG said the uptick in fraud stems from the difficult economic environment. “Individuals are under more financial and personal pressure,” he said, which makes them more likely to engage in fraud.

“Cost cutting” and a “lack of training” can also compromise fraud prevention measures. “Companies are less focused on the identification of fraud risk and the appropriate response,” he said.

With that in mind, what can risk managers do to combat fraud in their companies?

The first step is to identify problem areas. Red flags are one way of identifiying behaviour that suggests fraud is taking place. For example, an employee who rarely takes holiday or who spends more than they earn, should be red flagged immediately.

The next step is to deal appropriately with those red flags. KPMG’s 2011 research found that 56% of frauds exhibited one or more red flags but only around 10% of them had been addressed.

Unfortunately, another of KPMG’s findings was that most fraud is committed at a high level. If risk managers discover that their bosses are committing fraud there may not be much they can do if they want to keep their jobs.

After all blowing the whistle is not always the best career move…but employees have a moral obligation to inform the authorities if they uncover dirty tricks.

Sadly it’s more often the case that companies decide to cover up fraud rather than come clean. KPMG found that only 22% of UK fraud cases were uncovered by an official management review (globally the figure was even more depressing at 16%).

A lot of the high level fraud is covered up due to reputational issues. Underreporting of corruption leads to underestimation of the risk that it represents. The fraud cases that are reported publicly are only the “tip of the iceberg,” according to Powell.

Helpfully though risk managers can look out for the early warning signs. KPMG identified the “typical fraudster” as a man between the ages of 36 and 45 and usually a senior executive. “Fraudsters tend to have been in the business for 5 to 10 years, sometimes with 3 years in perpetration before detection,” noted Powell.

Diligent risk managers will also establish annual assessments of fraud hotspots. These assessments have to be carried out by experienced people who can identify problem areas and implement effective mitigation strategies. Companies can use data analysis tools, for example, to look out for “unusual trends and transactions”.

For more information from StrategicRISK on how to spot a fraudster see: How to spot a con man