It was a crime that shocked anyone who assumed that in the digital age most frauds of the cyber variety. But the recent theft of $1.2 million of wine from a Goldman Sachs co-president by his personal assistant is a clear demonstration that traditional fraud persists across all kinds of organisations.
Dr Stephen Hill, the managing director of Snowdrop Consulting, which specialises in fraud risk management and data security, says finance directors are on the front line of fraud prevention as financial crime affects business and government entities of all shapes and sizes.
Dr Hill says an academic model called the ‘fraud triangle’ devised by US criminologist Donald R. Cressey identifies three key areas when it comes to fraud: opportunity, pressure and rationalisation. “Opportunity relates to possible exposure for example unencrypted USB sticks or photocopiers internal memory where sensitive documents have been copied and then becoming available to fraudsters or potential fraudsters to take advantage and commit associated crimes,” he says.
“Pressure relates to the weak position that an individual may find themselves in who are financially challenged and need to fix the situation and may take advantage of circumstances to commit a fraud,” says Dr Hill. “Rationalisation refers to a mindset of a fraudster who believes they are doing nothing wrong in re-appropriating resources, especially if they think their seniors are engaged in fraudulent activity,” says Dr Hill who is a Trustee Director of the ICAEW Fraud Advisory Panel and is a member of the Cybercrime Working Group. When it comes to practical steps that your business can take to reduce fraud, Dr Hill recommends making sure systems and controls are robust enough to deter and/or identify a fraud and that data is secure. .
Paul Smethurst, Partner, Forensic and Investigations at accountants Carter Backer Winter, says finance needs to play a key role in reviewing all business activities – to identify where the business is at risk by considering all products and business sectors it is involved with, where it does business, and who it does business with and whether it deals with any governments or officials. “This review should form the basis of an internal assessment of risk and the determination of a proportionate response,” he says.
X-head: Building an anti-fraud culture
When Nick Leeson, a derivatives trader in the Singapore offices of Britain’s Barings Bank, committed a massive fraud in 1994, it cost the bank £827 million- enough to bring the venerable institution to its knees. Commenting on the fraud culture that developed around the Libor inter-bank rate, Leeson recently said: “Somebody was the first to first to try to manipulate the rate. More and more people get involved until lots of people are doing it. Then people do not think any more that they are doing something wrong. That breeds a culture.”
With this in mind, the best advice for any business is to focus on building an ethical and empowered team, says Gavin Williamson, forensic accounting partner at accountancy firm BDO. “The real ability of any organisation to resist fraud lies in its people – their ability to spot fraud ‘red flags’ and report and challenge inappropriate behaviour whenever they see it. The challenge for management is to foster this fraud resistant culture through education and empowerment of their people,” he says.
Williamson adds that a key component of a building a fraud resistant culture is adopting a zero tolerance approach to incidents of fraud. “The only thing worse than facing up to a fraud is ignoring it or dealing weakly with it. When businesses seem to condone or avoid dealing with fraud or other misconduct, staff morale plummets and other potential fraudsters are encouraged,” he adds.
A policy of encouraging and nurturing whistleblowers should be put in companies, says Professor David Lewis of Middlesex University, convenor of the International Whistleblowing Research Network. “The key aim of whistleblowing is to create an open reporting culture where disclosers feel confident that their concerns will be taken seriously and do not fear retaliation,” he adds.
Prof Lewis says concerns should be raised through the line management structure, but alternative mechanisms should be made available. As far as possible, people who ask for it should have their identity kept confidential and staff should have access to free confidential advice.