With "Ponzi" schemes and "rocketing levels of discovery" of insider fraud that has gone undetected for years finally being exposed by the credit crisis, corporate fraud will be an area of renewed focus this year as companies go back to basics to defend themselves against malicious and non-malicious attacks perpetrated by insiders.With so much press and industry focus on the multitude of threats looming outside the corporate firewall, until recently insider fraud attracted few column inches. Given the impact exposure of corporate fraud has on a company's brand and reputation, it is not surprising perhaps that most incidences of insider fraud (50% in the case of insider fraud in banks, according to Celent) goes unreported.
Yet, with figures published by analyst firm Celent indicating that insider fraud accounts for 60% of all bank fraud cases involving a data breach or theft of funds, corporate fraud is an endemic problem and fraud experts anticipate it will be ratcheted up a notch or two by the recession.
Richard Abbey, managing director, Financial Investigations, for risk consulting company, Kroll, says the recession could give rise to the "non-malicious" corporate fraudster - those that commit fraud not for personal gain, but to save their company and employees' jobs. "It's misplaced loyalty if you like as they do not really think they are committing fraud," says Abbey. While anti-fraud measures tend to be focused on new employees, Abbey says the typical fraudster is the long-serving, loyal employee that knows their way around a company's systems.
Despite the introduction of Sarbanes-Oxley in the US, which placed more rigorous reporting requirements on a company's financials in the wake of the Enron and WorldCom corporate accounting scandals, Abbey expects to see more financial accounting scandals in the wake of the recession as corporate executives falsely inflate profits and cover up debts in an effort to maintain core ratios or to protect themselves from breaching banking covenants.
"We will see a significant increase in that type of fraud, however the jurisdiction is shifting from the more regulated markets where Sarbanes-Oxley, independent audit committees and the significant level of oversight make it more difficult to get away with, to emerging markets where supervision and broad oversight is not as advanced," says Abbey.
No surprises then that the latest accounting scandal has rocked Indian IT outsourcing firm, Satyam Computers, where the company's chairman has admitted to a $1 billion fraud, which is being billed as "India's Enron". Kroll is also seeing more companies reporting allegations of corporate bribery and corruption, which if proved true can attract hefty fines far in excess of the original bribe.
Given the threat landscape, it may be tempting for corporate executives and chief risk officers to reach for the latest gadgets: biometrics; enterprise anti-fraud systems; software that detects the potential for fraud in emails; however, fraud experts caution that brandishing the sword of technology is not necessarily the answer.
According to Abbey most corporate fraud is detected not as a result of controls companies put in place, but by accident or whistle blowers. There are, however, more immediate measures firms can put in place to protect themselves against insider fraud, segregation of duties being the main one, to ensure that no single person, regardless of how long they have been with the company, has "end-to-end" control over a business processes or processes.
In its latest Global Fraud Report, Kroll concludes that the financial crisis will lead to more fraud claims, legal disputes and regulatory action. Greater due diligence and levels of corporate governance will also be required and cross-border transactions are likely to increase exposure to "complex fraud and corruption".
“There are some wonderful technologies that can help solve fraud,” says David Porter, head of security and risk at consultancy, Detica, “but it is not just about wielding the sword of technology. It is about con artists scamming people. There is a soft human element to combating fraud. This year, companies are going to be learning a lot of old lessons about fraud.”