Thinking

Optimising financial processes

Posted on:

Fraud Prevention & Detection: The Impact of Corporate Governance, Internal Controls & Culture


We recently hosted a webcast in partnership with Dr Devendra Kodwani, Professor of Financial Management and Corporate Governance at The Open University Business School (OUBS). The professor shared his expertise from academic research and experience with fraud detection and prevention, specifically around the culture and behaviour that facilitates fraud and creates the environment for it to occur and even flourish.

We covered a lot during the webcast, so we’ve put together some key takeaways below for those who were unable to attend.

For those who have two minutes to read, here is our bite size facts and figures infographic so you can take away the most important points:

For those with a bit longer to read, here is our commentary and the recording of the webcast:

Fraud has always occurred, but instances of fraud and the losses associated are on the increase. It seems clear that we aren’t getting much better at prevention or detection.

Why is this happening? There are both internal and external factors affecting our businesses in how our vulnerabilities are being exposed, our operations threatened and how effective our prevention and detection strategies are proving to be.

·      Internal Factors: In our modern business world, organizations are truly global, without boundaries internally. This has many benefits but equally results in a lack of line of sight by any individual over end to end process execution.

·      Another crucial internal factor that is often overlooked, is the “agency problem” in which executives, particularly in large public companies, are treated as risk taking owners, even when they are purely agents working on behalf of the owners (shareholders). If there is a disconnect between executives and the business, this can manifest as a cultural issue whereby employees feel no personal attachment, making fraud easier to justify or commit. This final aspect of culture and connectedness we believe makes the traditional fraud triangle model too simplistic – it does not capture the full picture.

·      External factors for this – from the ‘uberization’ of business, digital transformation, the way consumers, shareholders and stakeholders consider the whole business, from supply chain to internal employees and much more. All of this has had an impact on the way in which fraud is committed as well as how we must protect our organizations.

·      Technology factor – Be aware that technology is both friend and foe. It is not enough on its own, and it is very easy to rely too heavily on its use. New technology is invented all the time to help us solve problems, but in doing so can often create a different environment for the problem to populate or add a further dimension to the original problem.

PWC classifies fraud into five types:

We can see that asset misappropriation is particularly prolific, representing 69% of all frauds committed.

Professor Kodwani shared some uncomfortable truths around the typical perpetrators of fraud– generally those who have been in the company for longer, who have accrued responsibilities/trust and/or access to more sensitive information and systems. They are also generally paid above average.

An important point to remember is that fraud is not just committed by employees – board members, volunteers, independent contractors, suppliers, grantees. Owners/Executives made up less than 1/5th of the perpetrators, but still accounted for the largest fraud losses.

Early detection is crucial, as the longer fraud goes undetected, the bigger the impact. The best methods of detection are IT controls, internal audit and management review. But ensure that implementation of controls is not where the process stops: what happens after you implement the controls, who owns this and who is managing the next steps. An alarming statistic from our webcast was that over 30% of attendees didn’t know who was responsible for fraud in their companies.

Another important point that Professor Kodwani made is not to underestimate the importance of prevention. Prevention is not always prioritized as it is difficult to measure what is NOT happening. The fact that prosecution works as a deterrent of fraud comes as no surprise. It is a demonstrably successful deterrence and yet, so few companies choose to go down the prosecution route. We can link this again with the human connectedness factor. Despite knowing that it makes monetary sense and works effectively as a deterrent, there is a human feeling of shame in having to admit that this happened on our watch, that we didn’t catch the problem. A loss of pride stops us from making the prosecution. The importance of human, cultural aspects of fraud cannot be ignored.

A particularly interesting part of Professor Kodwani’s presentation was the study he shared around ‘The Finders Law’ in Japan. This law has led to a cultural phenomenon whereby Japanese people are much more likely to return lost property than those in Western Society. The Japanese people foster a feeling of connectedness, so they are not seen as a single agent but a community.

We believe that fostering a culture of connectedness is crucial – if your employees feel connected, they are motivated to protect be vigilant. It can make all the difference and act as an integral defensive, preventive capability. Not to mention working in a more connected organization is a nicer environment for all!

Opportunity for fraud is on the increase and occurrence of fraud is on the increase. What can we do to mitigate this?

We discussed five ways:

1)      Understand fraud behaviours, internal ecosystem and external

2)     Common sense controls

3)     Optimise data analytics

4)     Counter-fraud risk management process

5)Connection & Communication

When it comes to tackling fraud, it would be great if there was one quick fix to ensure that we were fully protected and to stop fraud in its tracks. But we think the “aggregation of marginal gains”, improving everything by a small percentage, is a proven recipe for success. Fraud is a symptom not a cause. If there is fraud in your organisation it is not an isolated bad thing, it is a symptom of a wider issue.

You can find a recording of the full webcast here:

If you are interested in finding out more about the interesting research and work Professor Kodwani is involved in, as well as the opportunities available through The Open University Business School, check out their website here

As always I welcome your comments, thoughts and criticisms…