6% is a pretty good interest rate these days,
or it could be the profit margin on a product your company sells.
Unfortunately, it is also the estimated average amount that
organizations lose to fraud and occupational abuse annually
according to the Association of Certified Fraud Examiners 2002
Report to the Nation on Occupational Fraud & Abuse.
The report is the second issued by the association in six years
and was based on detailed case information supplied by certified
fraud examiners who had first-hand knowledge of the incidents
they reported. This study covers 663 occupational fraud cases
that caused over $7 billion in losses. All organization types
are included in the report: publicly traded and privately held
companies, non-profit organizations and government agencies.
There are some interesting findings and implications from the
report summaries that have implications for all organizations.
I’ll highlight a few of them that I believe are important
for managers and business owners to be aware of in their daily
operations to best protect their organizations’ assets:
• The typical perpetrator is a first-time offender.
Only seven percent of occupational fraudsters in this study
were known to have prior convictions for fraud-related offences.
Your organization should be performing proper background checks
on new employees entering your organization. To me, this finding
does not mean that the perpetrators did not commit frauds in
past positions held or companies they worked in. It means that
there are no records of criminal convictions for fraud for that
individual. This makes sense because many organizations do not
file criminal complaints on fraudsters – there is not
much business benefit for doing so. They fire them.
This makes the case for performing proper background checks
even stronger. Paying for professional pre-employment background
screening services will pay huge dividends in detecting potential
miscreants before they are on your payroll. This is what you
want – not to allow these types of people through the
doors and cause damage to your organizations.
• Small businesses are the most vulnerable to
occupational fraud and abuse. The average scheme in a small
business causes $127,500 in losses. The average scheme in the
largest companies costs $97,000.
Due to their size, small businesses rely on trust in their
employees to operate efficiently. Basic business controls such
as separating duties can be difficult and challenging. However,
these controls are an important aspect of managing a small business
because the magnitude of the loss relative to the size of the
business has a much greater impact.
• The most common method for detecting occupational
fraud is by a tip from an employee, customer, vendor or anonymous
source. The second most common method is by accident.
In the report, tips from all sources for the identified fraud
cases made up 46.2% of the total. Frauds detected by accident
were 18.8%. Less than half were detected by an audit or caught
by internal controls. The people who steal from organizations
have a good knowledge about the functions of the operation.
They may have designed the business systems and have a high
level of authority. A key component to a fraud is to take conscious
and intentional effort to conceal the existence of the act.
• The median length of time from inception to
detection for the occupational frauds was 18 months.
The time to detect frauds is definitely skewed to a longer
period than a shorter one. In the report less than 4% of the
cases were detected within the first month after the fraud had
started. Over 70% of the cases ran more than 12 months before
detection. This is due primarily to the fact of intentional
concealment cited above, insufficient or ignored internal controls
to prevent frauds from starting and audits that do not have
specifically designed tests to uncover incidents of fraud.
• There was a fairly even split between organizations
with insufficient controls and organizations in which controls
that could have prevented fraud were ignored. In about 11% of
the cases, respondents judged that the scheme could not have
been prevented by standard internal controls.
Somewhere between when the fraud is detected and the investigation
has been completed someone will ask “How did this happen?”
In the surveyed cases, it was a pretty close to even between
not having proper business processes established and not following
the processes if they were in place. This is planning the work,
working the plan and making sure you have the proper checks
and balances in place to ensure the plan doesn’t go off
the rails! Having professional help establishing your plan pays
huge returns in avoided problems down the road.
• A strong system of internal controls was viewed
as the most effective anti-fraud measure by a wide margin.
The people who responded with cases for the report were certified
fraud examiners in the United States whose primary job is to
investigate incidents of fraud. The overwhelming majority of
these professionals who responded to the survey believe that
planning and enforcing adequate internal controls is the most
effective way to deter fraud from occurring in organizations.
A distant second is background checks and last was workplace
The study accounts for only the effects of fraud on organizations.
It does not include things such as lost business from computer
crashes, power outages, or robberies.
Fraud is a serious problem for organizations but with a little
help, careful planning and diligence, the effects of this crime
can be reduced in organizations.
This report can be accessed on the internet at www.cfenet.com.
Warren Leonhard is the president of Lyndon Conrad, a company
that creates strategic asset protection plans for all types
of organizations. The company web site is www.lyndonconrad.com.