Traditional fraud controls aren't coping with the increase in fraudulent activity, with most frauds continuing undetected for as long as 18 months – and only 1% of them being uncovered by IT tools.
These are some of the findings of the Association of Certified Fraud Examiner's (ACFE's) 2010 Report to the Nations on Occupational Fraud and Abuse, based on data compiled from a study of 1 843 cases of occupational fraud that occurred worldwide between January 2008 and December 2009.
The cases studied represent a combined total loss of more than $18-billion, with about 25% of the cases costing the employer at least $1-million.
High-level perpetrators cause the greatest damage, the report found, with frauds by owners/executives more than three times as costly as frauds committed by managers, and more than nine times as costly as employee frauds.
Researchers calculate that the typical organisation loses 5% of revenue to insider fraud, which translates, when applied to the 2009 Gross World Product, to a potential loss of $2,9-trillion.
Asset misappropriation schemes were the most common form of fraud in our study by a wide margin, representing 90% of cases — though they were also the least costly, causing a median loss of $135 000.00.
Financial statement fraud schemes were on the opposite end of the spectrum in both regards: These cases made up less than 5% of the frauds in our study, but caused a median loss of more than $4-million – by far the most costly category.
Corruption schemes fell in the middle, comprising just under one-third of cases and causing a median loss of $250 000.00.
The report shows that small organisations are disproportionately victimised by occupational fraud. These organisations are typically lacking in anti-fraud controls compared to their larger counterparts, which makes them particularly vulnerable to fraud.
The industries most commonly victimised were the banking/financial services, manufacturing and government/public administration sectors.
More than 80% of the frauds studied were committed by individuals in one of six departments: accounting, operations, sales, executive/upper management, customer service or purchasing.
More than 85% of fraudsters had never been previously charged or convicted for a fraud-related offense. However, fraud perpetrators often display warning signs that they are engaging in illicit activity, the study says.
The most common behavioral red flags displayed by perpetrators were living beyond their means (43% of cases) and experiencing financial difficulties (36% of cases).
The reports concludes that fraud reporting mechanisms are a critical component of an effective fraud prevention and detection system, and organisations should implement hotlines to receive tips from both internal and external sources.
It also found that organisations tend to over-rely on audits. External audits were the control mechanism most widely used by the victims in our survey, but they ranked comparatively poorly in both detecting fraud and limiting losses due to fraud.
Employee education was found to be the foundation of preventing and detecting occupational fraud, and employees should be trained in what constitutes fraud, how it hurts everyone in the company and how to report any questionable activity.