The World Bank estimates that global financial fraud costs USD 40 billion a year. Amanda Line examines the best approaches for preventing it from hurting your business.
In the UAE alone, the State Audit Institution (SAI) says authorities are currently seeking to recover over AED one billion (USD 272.4million) lost, thanks to business fraud. More than two thirds of Interpol warrants issued by the UAE are for fraud cases, suggesting that is a significant problem.
However, the scale of the problem by international standards is unclear; it is likely that this is in some part due to the treatment of bounced cheques. It is impossible to eliminate fraud entirely, but that doesn’t mean nothing can be done. On the contrary, fraud prevention is a vital part of modern business. But whose job is it to identify and stop fraud, and how are they supposed to go about it?
Auditor: Watchdog or bloodhound?
It has been suggested that discovering fraud is the job of the auditor, and it is true that auditors often spot cases of fraud. Also, fear of the audit can act as a disincentive to potential fraudsters. However, auditors’ primary role is to ensure companies’ financial reports represent a true and fair view of their position.
They are highly trained to spot anomalies and to make a judgement on whether management assumptions are reasonable. Ferreting out complex, carefully-laid schemes of fraud (when there is no reason to be suspicious) is not supposed to be a part of their remit.
There are other reasons why it would be unwise to rely on the audit being the main bulwark against corporate fraud. The fraudster works for the company, and will know company procedures inside-out and therefore have the opportunities to cover their tracks. The auditor, by contrast, is there relatively briefly, during a well-advertised window, giving fraudsters plenty of warning.
Finally, bringing the perpetrator to justice means the case going to court. Auditors are not lawyers, and are not expected to have detailed knowledge of the rules surrounding investigations under criminal law. But to avoid a case being thrown out of court any investigation must comply, to the letter, with every last minor aspect of legal procedure in that jurisdiction. This means that the case must be prepared by someone with comprehensive knowledge of relevant criminal law.
There is a branch of accounting that examines financial reports from a criminal perspective, called forensic accounting. It is a career path in itself and plays a large part in fighting fraud. However, forensic accounting can only occur after the crime has been committed.
Better than cure
Prevention is always better than cure. Catching fraudsters happens when the damage is done; it will seldom reimburse money lost and can rarely bring back a destroyed company. The best prevention is a robust culture of ethics and professionalism. Fraud comes in such a variety of types, methods and sizes that attempting to prepare adequate defences for each and every one would not only be incredibly time-consuming and expensive, but also still likely to fail in one overlooked area.
Organisations that have strong ethical and corporate governance frameworks are off to a better start. The tone will come from the top, so it is crucial that the directors and corporate governors show their commitment to ethics and good governance. However, there are also concrete practical measures that will help embed the right culture.
Practical measures for fraud prevention
The first is good hiring policy. It is estimated that up to 15% of corporate CVs are falsified, meaning companies employing people who could be potential, or even convicted, criminals. This is potentially a particular problem for any country where a significant section of the workforce is sourced from overseas; companies hiring from abroad often rely on the UAE security system’s background check to keep out criminals.
However, the background check is geared towards assessing political threats rather than criminal ones. Companies need to have proper background and reference checks.
But keeping criminals out is just the start; the right culture must be nurtured. If individuals feel defrauding the company is a form of personal betrayal they are less likely to engage in fraudulent activity and far more likely to report suspicious activity from others. Fraud prevention, a commitment to taking the risk of fraud seriously, and proper controls can also be built into staff appraisals and into bonus incentives. Unit heads could be asked to take responsibility for ensuring measures are put in place to minimise the risk of fraud in their department, adding an extra layer of incentive.
Finally, schemes can be put in place to reward employees who report frauds or, better still, who identify areas of weakness where company controls and practices are vulnerable. And in the last resort, there need to be clear and recognised channels for reporting fraud, and potential whistleblowers also need to know that they will be supported.
The best protection
Fraud evolves as fast as businesses do. Technology is a good example; many businesses rely on IT now and it can be used both to detect and to hide fraud.
Some businesses which rely heavily on technology might invest in permanently staying on top of developments that allow them to fight fraud, but this is too time consuming and costly for the majority of companies.
The best solution is to have a culture that makes fraud both unwelcome and difficult in the first place. The same attitude applies equally across the business. Hoping to prevent every kind of fraud or to be able to stop it after the fact, will never be as good as putting in place measures to prevent it happening in the first place.
Amanda Line was appointed as the ICAEW’s Middle East Regional Director in September 2009. She is responsible for building the ICAEW’s presence and profile in the region. Amanda has broad international business experience. She has spent the last 15 years living and working in Asia and the Middle East and has extensive experience in financial training.