How to Stop Fraud

The Madoff and Stanford cases may grab the headlines, but the temptation of fraud appears at every corporate level

Fraud examiners expect that number to rise during the next 12 months, especially embezzlement cases and an increase in Ponzi schemes investigated by the SEC, says Bruce Dorris, ACFE program director. "The credit market is drying up and there's not as much capital to raise for those types of frauds, so you're going to see a lot more reporting" as investors realize they've been defrauded.

In these tough economic times, CSOs need to harden their defenses against fraud.

Fraud Frenzy

Embezzlement accounts for 70 percent of fraud cases. "That's employee theft across the board" from C-level execs to administrative staff, Dorris explains. That's anything from fabricating vendors to charge payments to corporate credit card misuse, taking petty cash "down to stealing pencils, pens and notepaper."

Vendor fraud is also on the rise. Examiners are detecting fraud schemes in contract and procurement areas, where, for example, a vendor suddenly shows a marked increase in contracts over the previous year--especially low dollar amount, no-bid contracts, which may indicate kickbacks to employees.

Data fraud cases continue to concern employers, but now many employees who fear losing their jobs are using stolen client lists, marketing data or company secrets to leverage new jobs. Some 59 percent of employees who leave or are asked to leave a company are stealing company data, according to a report by the Ponemon Institute, and two-thirds of them admit to using their former company's confidential, sensitive or proprietary information for new employment.

But even without economic pressures and downsizing, data theft "certainly is an issue that has existed and continues to exist" on a daily basis, says Lisa Sotto, a partner and head of the privacy and information management practice at Hunton & Williams, which represents companies who have suffered a security breach, often by rogue employees.

Call center agents, for instance, are highly susceptible to breaches because they have easy access to customer data, and callers are willing to give up sensitive information, such as credit card numbers, Sotto says. What's more, healthcare and insurance providers often use Social Security numbers to authenticate a patient's identity on call center inquiries.

Fundamentals of a Good Anti-fraud Program

Some fraud schemes have taken up to two years to detect. Illegal activity can be detected faster by having policies and procedures in place that include audits and monitoring, data access control, physical security, employee education and discreet ways to report fraud.

In the Accounting Department. Look at relationships between vendors and employees, such as familial relationships between vendors and purchasers or a sudden increase in contract awards to a particular vendor, which may lead to fraud, and set policies regarding those relationships.

A fraud monitoring program must include spot audits. Accounts should be reconciled daily with no variances, Safir says. That way, "you know immediately that you have a problem that requires further investigation. At some companies, their accounting department becomes too complex and they'll carry over imbalances"--a very unsafe practice, he adds.

Also, separate duties between accounts payable and accounts receivable. "You could train a nonaccountant to do your payables. That person would not be reconciling your pay statements like an accountant would," Safir says.