In our complex and sophisticated business environment, fraud is an ongoing risk and concern for businesses. New scams and patterns emerge as new opportunities present themselves and fraudsters find ways around detection and prevention measures.
However, there are known fraud schemes that occur again and again, across different geographies, business types, and industry sectors. These schemes are often simple, but the impact on your business can be significant. Sadly, these fraud schemes are most often perpetrated internally by the organisation. These cases are known as internal fraud, the most common type of which is embezzlement.
At Bishop Collins, we specialise in audit and assurance services designed to protect your business against internal and external fraud. This guide will explore what embezzlement entails, red flags to watch out for, and strategies you can use to help combat internal fraud in your organisation.
Internal vs External Fraud
Business fraud can occur internally and externally in an organisation. Internal fraud is any criminal act committed by someone associated with a business. This could be a staff member, a member of management or a member of governance. For example, an employee making deposits into their account or paying personal expenses on the corporate account.
External fraud is committed against an organisation from the outside. This might be technological threats courtesy of hackers, suppliers who lie about the work they did or services provided, and sadly, customers who attempt to return imitated or stolen products.
Types of Internal Fraud
Internal, or occupational, fraud generally falls into three categories:
- Asset misappropriation: Involves an employee stealing or misusing the employer’s resources.
- Financial statement fraud schemes: Where the perpetrator intentionally causes a material misstatement or omission in the organisation’s financial statements.
- Corruption: This includes offences such as bribery, conflicts of interest, and extortion.
In this article, we’ll focus on the widespread issue of embezzlement as a main type of asset misappropriation fraud. This type of internal fraud is also known as occupational fraud.
Asset Misappropriation Fraud: The Prevalence of Embezzlement
Embezzlement is among the most damaging types of asset misappropriation fraud businesses face. Employees can exploit their position within a company to commit acts of theft which, in many cases, goes undetected for long periods.
Physical Cash, such as petty cash, can be simply taken by a perpetrator. Cash receipts fraud includes taking amounts received from customers which should, ordinarily, be banked. This includes schemes such as ‘skimming’ and cash larceny.
Disbursement fraud is becoming more commonplace in our technologically connected and complex business environment. This includes billing schemes, payroll schemes, expense reimbursement schemes, payment tampering, and register (or point-of-sale) disbursements.
Inventory and other assets frauds involve the misuse of employer assets as well as larceny. Larceny of other assets includes asset requisitions and transfers, fabricated sales and shipping, and purchasing and receiving schemes.
Embezzlement vs Larceny
Interestingly, there are subtle legal differences between embezzlement and larceny. These differences depend on the jurisdiction of the offence that occurred (as well as the specific circumstances).
In broad terms, the main difference is based on who had possession of the asset when it was taken. If the property was in the possession of the perpetrator, then it would be treated as embezzlement. If the asset was taken when in possession of the employer, however, then the matter will potentially be treated as larceny.
Who is at Risk of Internal Fraud?
All organisations have a susceptibility to internal and external fraud. Businesses with fewer than 100 employees are at much higher risk for employee fraud and embezzlement than larger corporations are.
Moreover, organisations with the fewest employees have a higher median loss in employee fraud cases. Small businesses also struggle more heavily to recover from these losses compared with larger businesses.
Fraud arising from dishonest behaviour not only undermines profits, operating efficiencies and reliability, but it can also severely damage an organisation’s reputation.
How Does Internal Fraud Occur?
In nearly 50% of internal fraud that occurs, the opportunity for fraud to be perpetrated was a result of either inadequate internal controls or internal controls simply being bypassed.
Interestingly, there is an inverse relationship between the internal control weakness and the character of the perpetrator. For example, employees perpetrating fraud do so through a lack of internal control or override of existing controls.
In contrast, executives largely override existing controls or there is an inadequate ethical culture (i.e. ‘tone at the top’) rather than there being a lack of internal control. For executives, it’s often their level of influence, authority and access within an organisation that affects how they can perpetrate fraud in this manner.
Unsurprisingly, the frequency of embezzlements committed by executives was less than by employees; although the financial loss incurred was markedly greater by about six times.
The Red Flags of Embezzlement
When a person is engaged in internal fraud, particularly embezzlement, that person will often display certain behavioural traits that tend to be associated with fraudulent conduct. It’s important to watch out for these red flags in efforts to identify, manage, and ultimately prevent employee fraud from occurring at your workplace.
Organisations with potentially greater exposure to internal fraud might have employees exhibiting the following characteristics, at least one of which has been exhibited by over 80% of reported fraudsters:
- Unwilling to share duties, or avoid having others assist or relieve them.
- Work long hours, including returning to work after hours and days off (including weekends).
- Resist taking annual, long service or sick leave.
- Resign or leave suddenly.
- Have a large number of void transactions, or conversely, have a low number of transactions.
- Replacing existing suppliers with suppliers that they have a close connection with.
- Refusal to implement, or adhere to, internal controls (e.g. skipping approvals, failing to keep appropriate or accurate records or receipts).
- Are unusually or overly inquisitive about the company’s payment system, or seek access to areas which they should not be able to access.
- Exhibiting financial hardship, such as always appearing unable to meet financial liabilities, or seeking loans and pay advances.
- Having past legal and/or compliance problems.
In addition, employees engaging in embezzlement may start to exhibit other unusual behaviours or attitudes. Look out for people who seem to live a lifestyle above their means, or who start to lavish expensive gifts on their colleagues.
You might also see bullying of other employees, a fraudster being affected by significant personal stress, displaying a strong sense of entitlement, or simply being openly unhappy with their employer (such as complaints about pay or leave entitlements).
How You Can Combat Embezzlement
As we often say at Bishop Collins about issues like fraud, prevention is always better than a cure. Every process, especially those involving cash and assets, should have checks and balances in place to identify and prevent fraud.
Our experts offer practical tips on how to reduce the risk of internal fraud within your business, which can go a long way in safeguarding your assets, finances, and reputation.
Promote an Ethical Culture in Your Entity
This is often referred to as the ‘tone at the top’. A good ethical culture also includes having clear policies and protocols relating to fraud prevention and detection, embezzlement awareness training (including refresher training), conflicts of interest, related party transactions and secondary employment.
Establish Strong Human Resource Management
This includes employee screening, implementing an equitable remuneration system, and providing job descriptions that segregate duties. It can also be beneficial to provide adequate training and education for your employees in the areas of fraud detection and management.
It’s important to effectively communicate policies and expectations of compliance to your team so they understand the far-reaching negative effects of embezzlement, which goes a long way in deterring unwanted behaviours. Finally, ensure your company understands things like audit regimes and the consequences of non-compliance.
Separate Duties and Delegations
As the old saying goes, be wary of putting all your eggs in one basket. Having only one or two employees responsible for key areas of finances and reporting can be risky.
Instead, delegate various tasks to more people within the business to ensure an even, safer spread of responsibilities. This includes appropriate and independent management oversight as well as restricted thresholds for transaction processing.
Review and Update IT Accesses and Transaction Processing
Access privileges should be assigned with care and due diligence and make a note of who controls what. This is also referred to as access on a need-to-know basis.
You may also want to consider restricting access to transaction processing or placing dollar value limits on transactions. This can help to keep larger processing amounts away from potential fraudsters, reducing the risk of fraud temptation and occurrence.
Invest in Strong Security Measures
Oftentimes, embezzlement and internal fraud can be caught at the very first instance (or even, ideally, prevented due to recognising red flags) thanks to good quality security measures within a workplace.
Invest in physical security like safes, CCTV, and physical access restrictions to ensure the safety of your business assets.
It’s also a good idea to actively and regularly test existing internal controls and fraud countermeasures, which may involve security and other measures you implement in your organisation. Watch for gaps, failures, or anything that doesn’t have the desired effect, and make changes where necessary.
Actively Monitor Employee Functions and Leave
No company wants to be overbearing, but there is a way to actively and supportively monitor your employees’ movements without being ‘that boss’. Ensure you’re up to date with your staff members’ functions and leave balances by taking an active approach to management.
Consider regularly rotating staff in high-risk positions and establishing requirements for staff to take annual leave regularly. Check in with your team via routine meetings and progress reports, and take a vested interest in their wellbeing. This not only allows you to stay close to goings-on in the business but also positions you as an attentive boss – one who cares, and one who won’t miss potential embezzlement attempts.
Regularly Audit Your Business
Regular accounts auditing is one of the most effective ways to spot anomalies that could signal fraud is taking place. External audits are mandatorily required by many businesses, but others elect to undertake these voluntarily. An internal audit can also help identify anomalies and irregularities.
At Bishop Collins, we specialise in conducting audits for a wide range of organisations. If you require assistance with your audit, get in touch with our team.
The Bottom Line: Develop a Fraud Risk Management Framework
A fraud risk management framework, encompassing internal and external audits, offers greater protection for a business against fraud. This kind of comprehensive fraud risk management encompasses awareness, prevention, and detection, making it a crucial prevention strategy to understand and recognise red flags.
The secret to creating a good fraud risk management framework lies in investing in regular fraud awareness education for your employees. These training sessions help educate your employees on what constitutes internal fraud, corruption, and employee misconduct, as well as the common red flags that are exhibited by those committing fraud.
Early detection, and encouraging employees to speak up and report concerns, allow your business to limit your losses due to internal fraud.
Protect Yourself Against Fraud With Bishop Collins
Internal fraud and embezzlement can come at a serious cost to your business, both financially and in terms of reputation. It’s something that can get out of hand very quickly if the proper safeguards are not in place.
Internal fraud management can seem daunting – with so many moving pieces and important strategy aspects to consider, it can feel like a full-time job. This is where the team at Bishop Collins can help.
We can chat through your concerns and pinpoint areas of improvement within your business, as well as conduct thorough audits and training to ensure you’re protected against embezzlement.
If you’re interested in learning more about internal and external audit, fraud risk management, and awareness training, get in touch with us for an obligation-free chat or simply call us on (02) 4353 2333.