Do you want to access the full text of articles?

Please see our digital edition archive for the full text of articles.

Alternatively:

If you are a Chartered Accountants Ireland member, please visit the RIS service where Accountancy Ireland is available free of charge via the EBSCO databases.

If you are an Accountancy Ireland subscriber (i.e. you pay each year to receive your copy of Accountancy Ireland) please contact our Subscriptions Department quoting your subscription number and include details of the article you want.

All other users should enquire from their local public or college library about accessing full text Accountancy Ireland articles.

Home / ...

As growth in some areas of the Irish economy slows, the pressure to reduce costs increases. In this article Andrew Brown, Philip Aiken and Leon Visser of KPMG Forensic discuss how fraud can be treated as a business cost and explain some methodologies which can be adopted to reduce this unwanted expense.

Scarcely a week goes by without another news story concerning fraud affecting an Irish company, and even though it is largely a hidden crime, a number of recent studies have provided estimates of the total potential scale. - A study by the Small Firms Association in September concluded that 69% of small businesses had been the victims of fraud in the last two years. - The newly formed Irish Fraud Bureau, which aims to tackle financial fraud in Ireland, estimated that the total bill for fraud in Ireland could total €900million, and - There were recent press reports that the Garda currently have 200 fraud cases under investigation.

Given the scale and widespread nature of the threat, there is clearly a huge potential cost to Irish businesses from fraud in all its forms. But there is a perception that lots of companies take a reactive approach to the issue. In releasing its study, The Small Firms Association, commented that ‘Small firms tend to be reactive, rather than proactive in dealing with fraud, with only one in ten companies having taken fraud prevention measures and risk audits in the last year’.

There appear to be at least two significant reasons for this disparity between the apparent high risk of fraud and the low-level response to tackling it:

- The ever-changing risks associated with fraud make it difficult to devise a strategy to tackle it; - It can be difficult to measure the cost-effectiveness of anti-fraud strategies.

There is also perhaps a perception that fraud is a cost that can never be eliminated. In the words of the Small Firms Association though:

‘It is no longer acceptable to find fraud by tripping over it – you must put policies, strategies and structures in place to identify anomalies, which will trigger alarms within the company’

Fraud as a Measurable Cost to Business

Increasingly we are seeing evidence of companies treating fraud as a cost of doing business, and as a cost which they can attempt to control. This is particularly relevant at this point in the economic cycle. If growth starts to slow, then companies looking to increase profitability will increasingly look at cost reduction programmes as part of their strategy.

In our view, fraud cost is one of the ‘low-hanging fruit’ which should be the target for such an approach.

Measuring fraud The 5% Rule

It is of course difficult to measure the total cost of fraud to an organisation. Some companies do not even keep a record of the cost of discovered fraud, let alone attempt to estimate the hidden cost.

We would certainly recommend that companies keep a record of their fraud cost, covering both the direct loss and the on-cost associated with it, for example management time, investigation and legal costs. Such a record at least enables a company to have some idea of the cost of discovered fraud and will help to determine what level of anti-fraud expenditure is worthwhile.

If a company has no idea of the level of fraud which it faces there is good evidence to support the view that in an average organisation, the amount of illegitimate expenditure could be in the in the order of 5% of total expenditure.

Of that amount, it is believed that a thorough fraud reduction programme could reduce that cost by 50%.

That means that the potential savings to a business of a thorough anti-fraud programme could be equal to 2.5% of its total costs annually, and the evidence is that this scale of cost and potential saving can be applied to any area of a company’s business, be it payroll, procurement or stock control.

When companies start to think in these terms then the advantages of anti-fraud programmes, which can easily pay for themselves in a short time, become more apparent.

The Comprehensive Approach Table 1 (omitted from online version of this article) sets out the elements of a comprehensive programme designed to prevent, detect and respond to fraud. This approach should be familiar to most people and in each of the areas of Prevention, Detection and Response, we believe there are simple actions that all companies could take to significantly reduce fraud costs and we have highlighted some of these in the sections below.

Prevention Fraud risk assessment can seem an intimidating and costly process to many businesses, but it can be as simple as getting the key people responsible for a particular function together on a reasonably regular basis and discussing the key risks and the actions to resolve them.

Most businesses have a good idea of where they face risks, whether this comes from their own experience or knowledge of problems facing other in their industry. What can make a difference is: - pooling this knowledge within the business; - deciding which are the biggest risks; - deciding what can be done to reduce them; and - allocating responsibility to specific individuals to implement an action plan.

We often get involved with businesses in undertaking these risk assessment exercises and find them a quick and effective method of improving the anti-fraud environment.

Employee & Third Party Due Diligence

The second aspect of fraud prevention which we would draw attention to is that of employee and third party due diligence. In simple terms, if you want to reduce your risk of fraud, then a key action is to stop fraudsters getting access to your business.

In the area of employment screening, we have seen evidence in Ireland in recent years of severe resource shortages, particularly in the area of finance professionals. But because resources are scarce, it should not mean that normal employee due diligence should be reduced. In the cases we have investigated, it is surprising how often proper follow-up on references could have prevented the company employing the perpetrator in the first place. There was even a case where the fraudster had previously spent time in prison, but his cv described this period as ‘self employed consultancy’.

These type checks also need to be applied to agency labour, who will often have identical access to company information and assets. There is significant anecdotal evidence of criminal gangs utilising agency employment to gain access to company systems.

Most reviews provide useful background information but no major causes of concern , but some flag up issues that might lead you to think twice about whether you want to do business with a particular organisation.

Similarly, there are a range of standard checks that can be done on potential suppliers, customers or other third party arrangements to make sure you really know who you are dealing with. We frequently conduct such background checks on behalf of clients to provide them with details on the background and financial condition of businesses, particularly those operating in overseas jurisdictions. The majority of these reviews provide useful background information but no major causes of concern. There have however been situations where the review uncovered evidence which might lead you to think twice about whether you want to do business with them. For example, adverse local press coverage or evidence of shareholders or management with criminal backgrounds.

Detection In our view, the single action which can do most to reduce fraud is having a good whistleblowing procedure in place. Evidence suggests that nearly half of all frauds which are uncovered, are discovered because of a tip-off. (See Figure 1). Any company which can increase the number of effective tip-offs will identify more fraud and thus be able to reduce the risks going forward.

Pro-active data analysis The other area where we are seeing increasing focus is in proactive data analysis. Most companies hold huge amounts of data on their daily transactions, and this can be harnessed to try and identify expected and unexpected trends in performance.

Proactive data analysis uses sophisticated analytical tests, computer-based cross matching, and non-obvious relationship identification to highlight potential fraud and misconduct that can remain unnoticed by management, often for years.

The benefits of such an analysis may include: -Identification of hidden relationships between people, organisations and events. - A means to analyse suspicious transactions - An ability to assess the effectiveness of internal controls intended to prevent or detect fraudulent activity. -The potential to continually monitor fraud threats and vulnerabilities -The ability to consider and analyse thousands of transactions in less time, more efficiently, and cost-effectively than using more traditional forensic sampling techniques -The ability to consider a company’s unique organisational and industry issues.

In the world of forensic investigations we are seeing huge value in being able to investigate every single transaction within an area of concern, and test these transactions against a number of indicators of fraud to highlight transactions worthy of further investigation. We are developing specific procedures to look at various sub-sets of data on a proactive basis including manual journal entry posting, payroll and purchasing. In each area, the methodology is to use existing knowledge of the most common types of fraud and run these against the company data to highlight anomalies.

Response Of course no system of anti-fraud measures will eliminate fraud altogether. As James Treacy, Chairman of the Irish Fraud Bureau was recently quoted as saying: ‘Fraudsters are always one step ahead of the posse. We’re trying to make is as difficult as possible. We’re never going to eliminate it altogether’

So it is vital that the anti-fraud strategy includes effective measure to respond to frauds and to take appropriate action.

In this context it is of some concern that the Irish Small Firms Association’s survey in September 2007, reported that 20% of small firms concealed that they had suffered a fraud and made no effort to bring the perpetrator to justice.

It is vital in any anti-fraud programme to ensure that the fear factor of being caught remains present. There will always be habitual fraudsters, but there are also large numbers of people who find themselves with an opportunity to commit fraud. For these people the risk of prosecution, and all that goes with it, may be an important factor in preventing them from acting.

Conclusion The reactive approach to fraud leads companies to the situation where most frauds are uncovered by accident giving rise to a crisis situation. Such one-off frauds will always happen but a more pro-active approach to fraud risk can reduce this significantly with consequent cost savings. The rule of thumb outlined above suggests that 5% of costs may be questionable in nature in any business. In this context the potential cost savings available to businesses from tackling fraud using a thorough methodology are large and can contribute directly to bottom line improvements in profitability.

Andrew Brown, Philip Aiken and Leon Visser work with KPMG Forensic in Dublin.

Hi Im doing a project and im trying to find out if you use a person thats past away is this indenity theft or fraud this is one of the quistions Im going to add in my project and would like the right answer Im hoping you can help me

This article appeared in the December 2007 issue of Accountancy Ireland. For details of how to obtain the full text, please see the document, How to Access Full Text, in the Back issues panel on the left hand side of this screen.

Where could I get copies of the tables refered to in this article.