| here’s good news to be had: Audited companies suffer less severe fraud losses than unaudited ones, and the overall rate of occupational fraud hasn’t changed much in the last six years. Those conclusions come from the “2002 Report to the Nation on Occupational Fraud and Abuse,” issued by the Association of Certified Fraud Examiners (ACFE). From actual case studies taken from the report, auditors and their clients will learn the methods used by employees and insiders to commit occupational fraud and what can be done to better detect and deter these offenses.
The report defines occupational fraud as “the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets.” The breadth of this definition includes a wide range of misconduct by executives, managers and employees of organizations ranging from sophisticated investment swindles to petty theft.
The report, based on questionnaires mailed to some 10,000 certified fraud examiners (CFE), details 971 fraud cases. The CFEs typically fall into two broad groups: investigators and auditors. They are employed mainly in three sectors: government, business and public accounting (in that order). The average CFE has been involved in the audit or investigation of more than a hundred cases of alleged fraud.
|Occupational Fraud Losses
Source: “2002 Report to the Nation on Occupational Fraud and Abuse,” published by the Association of Certified Fraud Examiners.
|The survey covered four categories: the cost of fraud, the methods used, the perpetrators and the victims. This article will cover only highlights; the complete report can be viewed at www.cfenet.com .
Determining how much fraud actually costs the American economy is difficult, if not impossible, because not all fraud is detected or reported. Moreover, no organization is charged with accumulating comprehensive data, and few studies have been conducted. Even in the current ACFE report, I want to caution the reader that any estimates regarding the cost of fraud are subjective and that the survey focused only on occupational fraud.
Figures show that about 6% of revenues, or $600 billion, will be lost in 2002 as a result of occupational fraud and abuse (see graphic, “ Occupational Fraud Losses ”). Although this is a $200 billion increase since 1996, when compared with the $3 trillion rise in the gross domestic product (to $10 trillion from $7 trillion) during the same period, it is evident the rate of occupational fraud appears to be unchanged. Exhibit 1, above, shows that nearly half of the cases studied had losses in excess of $100,000; 16% of the cases had losses greater than $1 million.
|Exhibit 1: Distribution of Dollar Losses |
|Dollar loss range
||Percent of all cases |
|$10,000,000 and up
Source of data for exhibits 1 through 6: "2002 Report to the Nation on Occupational Fraud and Abuse," published by the Association of Certified Fraud Examiners.
A major goal of the survey was to determine precisely how fraud was accomplished and to classify the offenses by the methods used to commit them. In the ACFE’s first survey, “Report to the Nation on Occupational Fraud and Abuse,” published in 1996, the association found there were three principal illegal schemes committed against organizations: asset misappropriations, corruption and fraudulent statements. Asset misappropriations are still by far the most common and least expensive of the three schemes, accounting for more than 80% of the cases studied. Exhibit 2, below, compares the frequency and losses of the three main categories in 1996 and in 2002. As can be seen, the methods, their frequency and costs have—for the most part—remained somewhat stable. Within those broad categories, there are a number of principal schemes (see exhibit 3, below).
|Exhibit 2: Comparison of Major Occupational Fraud Categories by 1996 and 2002 Data |
||Median cost |
*Readers will note that the sum of percentages in this column exceeds 100%. A number of the schemes that were reported in this survey involved more than one type of fraud; thus, they were classified in more than one category. In the 1996 survey we classified schemes based on the principal method of fraud only.
Current data create the following profiles of fraud perpetrators:
The majority of frauds (64%) are committed by employees. But frauds committed by managers or executives are three-and-a-half times more costly than frauds committed by employees, because the higher employees rise in an organization, the more they are entrusted with company assets.
Males accounted for losses that were three times greater than those of females—although the frequency of incidents was roughly the same. This trend is probably due to the “glass ceiling” phenomenon, where males generally occupy higher positions in organizations than their female contemporaries.
Only about 7% of fraud perpetrators had been convicted of a previous crime. This is consistent with other studies that showed most people who committed fraud were first-time offenders.
Approximately 33% of reported frauds involved two or more individuals. In cases involving collusion, the median loss was six times greater than the median loss when only one person committed the fraud—which indicated the need for better control mechanisms that involve the separation of duties.
The oldest perpetrators (over 60) caused median losses 27 times greater than those of the youngest fraudsters (below 25)—older employees generally occupy more senior positions with greater access to assets.
|Exhibit 3: Frequency and Loss Comparison of 1996 and 2002 Data |
||Median cost |
Two key facts emerged regarding the type of industry and the size of the organization: The largest median losses occurred in public companies, and the smallest took place in nonprofits and governmental agencies (see exhibit 4, below). This is not surprising considering public companies generally have more assets than the other two types of entities. The smallest organizations of 100 employees or less actually suffered larger median losses than did the largest organizations with 10,000 employees or more (see exhibit 5, below). This means the smallest companies were over a hundred times more vulnerable to fraud than their largest counterparts. In the 1996 report, the trend was similar.
|Exhibit 4: Loss by Type of Organization |
||Median loss |
|Publicly traded company
|Privately held company
|Exhibit 5: Loss by Number of Employees |
||Median loss |
The smallest organizations suffered the largest per-employee median losses because of three factors. First, basic accounting controls often were lacking; it was common for a small organization to have one employee write and sign checks, reconcile the bank statement and keep the company’s books. In such situations, occupational fraud was easy to commit. The second was due to the level of trust that existed because of the entity’s size: In an atmosphere where employees knew each other, they were less alert to the possibility of dishonesty. Third, small companies were less likely to be audited. Unfortunately, small companies were also less likely than their large counterparts to report and prosecute these offenses because of the effect of adverse publicity.
|Exhibit 6: Impact of Audits |
|Internal or external
||Median loss |
The audit function had a substantial impact on the size of the typical fraud. Respondents were asked if the victim organizations had internal audit departments and if they conducted external audits. The median loss in companies that had either internal or external audits was 35% lower than in companies that had no audit function.
Audits had a significant impact on losses for two distinct reasons. First, the audit process itself was able to detect fraud through routine procedures such as the examination of documents, analysis of trend data and verification of assets. Second, knowledge that auditors were present in an organization discouraged employees from committing fraud in the first place. In preventing fraud, oversight—by managers, auditors, audit committees and even other employees—appeared to be the single most effective deterrent.
Although the report was designed specifically for the public, its data provided significant implications for CPAs.
The three types of occupational frauds can be subdivided into various schemes as reflected in exhibit 3. CPAs who are familiar with the major schemes are more likely to recognize them during audits.
Asset misappropriations are the bane of small business and can be material or even catastrophic. Both the 1996 and 2002 reports concluded that nearly nine in 10 misappropriations involved the cash account. CPAs who provide nonaudit services to small business can help educate their clients to asset misappropriation risks and recommend one or more of three actions: first, that the small business have adequate fidelity insurance to cover large losses; second, that monthly bank statements be delivered unopened to the owners, who should review them in detail for possible irregularities; and third, that entities consider an independent review of the cash accounts by CPAs.
Corruption in business is particularly prevalent in the purchasing function. In the typical case, a purchasing agent accepts kickbacks to favor an outside vendor in buying goods or services. Bribes and kickbacks can be among the most difficult occupational frauds to uncover, as the illegal transfer of funds occurs outside the company’s books. Nonetheless, in most cases of corruption, three clues are present. First, the company shows an increasing trend of favoritism toward one vendor, often to the exclusion of other qualified suppliers. Second, purchases from the vendor in question tend to be made at above-market prices. Third, dishonest purchasing agents sometimes maintain excessive lifestyles, engaging in conspicuous spending for such items as homes, cars, boats, clothing and jewelry. CPAs should be alert to these indicators.
Fraudulent financial statements are the least common but by far the most expensive occupational frauds. Our study was consistent with a 1999 report from the Committee of Sponsoring Organizations (COSO) of the Treadway Committee that found the majority of financial statement frauds involved the overstatement of sales and receivables. However, the COSO report studied only public companies. The ACFE 2002 report gathered data on public and private entities, and we concluded the risks of financial statement manipulations were inversely proportional to company size; that is, smaller businesses were more likely to commit financial statement fraud. In a typical situation that prompted fraudulent actions, a business was attempting to raise money from a private source such as a bank that required audited financial statements, and if the company’s statements were not audited, it was more likely to cook its books. This again indicated the power of the audit as a deterrent to fraud. There are two messages here for CPAs. First, a company is at the greatest risk to attempt financial statement fraud when it is actively trying to raise money and is unaudited. Second, based on this knowledge, CPAs should encourage bankers and other lenders to require more audits of their borrowers.
One fact rises above all others: Occupational fraud is easier to prevent than to detect; most schemes could have been avoided altogether with basic accounting controls, audits and proper oversight. Although management is ultimately responsible for fraud deterrence, it’s the CPA’s job to educate the client about these problems. Studies such as this one can help. In the war against fraud, education is the armor needed to protect us; the more we know, the less likely we are to become casualties.