OF all the worries and embarrassments faced by FDs, to become the victim of corporate fraud must be a big one. The annual cost of running the Serious Fraud Office (SFO) is about 70p per member of the public. This may be seen as a bargain, or as inadequate, when set against the staggering £66bn estimated annual loss to the UK due to fraud. Economic fraud takes many forms: misappropriation, procurement dishonesty, corruption, bribery and money laundering. And then there is the increasingly prevalent but underestimated risk of cybercrime (eg, Sony) which is erroneously viewed to be a technological rather than a strategic problem. Obviously, these infiltrations are concerning, but I am more disappointed by the extent of accounting fraud.
The PwC Global Economic Crime Survey 2014 noted that, of 5,000 respondents, 37% reported being hit by economic crime, and 56% identified the perpetrators as internal. Of the organisations that were hit, accounting fraud stood at an astonishing 22%, although asset misappropriation was the highest category at 69%. The EY 2014 Global Fraud Survey noted that financial statement fraud is still prevalent, with 6% of respondents saying that misstating financial statements is justifiable to survive a downturn. This rises to 28% in Singapore, 24% in India, and 10% in South Africa.
Accounting fraud includes misleading or falsely prepared financial statements at any level. These can deceive investors, banks, tax authorities, customers, regulators, management, the board and anyone else with a vested interest. Often the misstatement is marginal or subjective, not always with malice or for personal gain. However, false preparation of financial statements and abuse of position are against the basic principles of all the FDs I know, and none would take such a risk with their reputations. But it is still happening, and some FDs are being caught out by the actions of others, and they are shouldering the blame.
Actions to detect corporate fraud fit into three levels: corporate controls, corporate culture, and detection from outside the corporate entity. Corporate controls fall within the everyday remit of the FD and management, and most of us are well versed in this. Corporate culture is where most variation exists as not all organisations share the same values and ethics; some do not encourage tip-offs and whistle-blowing. Detection from beyond the corporate entity can include law enforcement and finding out accidentally. Detailed guidance is available from the SFO which has developed a Taxonomy of Fraud, a publication that should be on every FD’s reading list.
The EY report includes a number of priorities in dealing with this threat, and these apply equally to the risks and temptations of accounting fraud. Most important is the need for engagement from the board. Visible involvement of the leadership team is essential to promote good ethics. The use of big data analysis tools should be improved to facilitate the identification of anomalies. More should be done in the due diligence of anti-corruption opportunities. Escalation procedures should be robust and transparent, with adequate training for relevant staff. Importantly, adequate budget support should be given for compliance and internal audit functions, and they should be provided with the appropriate teeth and authority.
I have occasionally fallen victim to subsidiary and divisional businesses submitting financial reports and forecasts which were misstated, but the errors came to light in rigorous management review meetings. On those rare occasions when malicious intent was evident, the response was swift, decisive and visible. Upon investigation it became clear that other people knew something was not quite right, so the action was needed to preserve employee trust, motivation, reputation, and the principles of the going concern (and, of course, my own principles). ?