Business Adviser

The Risk of Fraud Starts with the Bad Guy

By James McAuley
Senior Vice President, KPMG Forensic, Toronto

 James McAuley

Fraud is a problem that has plagued business since people first started trading for profit. As renowned lawyer and judge, Sir Edward Coke said “Fraud and deceit abound these days more than in former times.” It should be added that Sir Coke was renowned before his death in 1634.

For enterprise companies, fraud is an issue that cannot be dismissed because of the close involvement of the owner with all or many aspects of the business. While this oversight can help to mitigate the risk of fraud, entrepreneurial businesses often lack the fundamental controls such as segregation of duties that are so central to minimizing and controlling the risk of fraud.

It is also worth noting that while it is the large frauds that tend to make the headlines, the real scourge for businesses are the smaller frauds that occur with annoying frequency. Whether the problem relates to forging cheques, paying falsified vendors, payroll manipulations or any number of other tried and true schemes, the impact is more than purely financial. The effect of fraud on victim businesses includes the loss of trust in employees, reputational issues, and the diversion of attention and effort from actually operating the business and being successful.

There are many aspects to the reduction of fraud risks. For example, assessing and addressing overt risks, understanding control weaknesses and compensating controls, and ensuring appropriate prevention, detection and investigation strategies are in place can all reasonably be added to the fraud risk agenda. A useful starting point, however, is to understand some of the fraud basics. One of the most fundamental elements is who actually commits fraud.

Over the years, KPMG Forensic has conducted research on this essential topic. Most recently, we published our 2011 global review of fraud trends. In that analysis, we focused on the profile of a typical fraudster. With this information, organizations can become more alert and responsive to fraud.

In our recent fraud report, we reviewed actual and recent fraud investigations conducted by KPMG member firms in 69 countries, including Canada. For the most part, these investigations were not large-scale significant frauds and were not publicized. This research showed that the typical fraudster is:

  • Male
  • 36 to 45 years old
  • Commits fraud against his own employer
  • Works in the finance function or in a finance-related role
  • Employed by the company for more than 10 years
  • Works in collusion with another perpetrator

Unsurprisingly, the overriding motivation for fraud is personal greed, followed by pressures on individuals to reach tough profit and budget targets. The survey highlights, more importantly, how control structures make the opportunity to commit fraud easier.

In the end, there are basic control issues that are fundamental to the addressing the risk of fraud. At the highest level, three broad imperatives are:

  1. Tone at the Top – The most senior people in the company need to send the appropriate message and set the right example which must emphasize the conduct which is expected and the actions which are unacceptable. This should be supported by a Code of Conduct that clearly sets out expectations and is formally acknowledged by all employees, preferably on an annual basis. This will set the example for the organization and it will be noticed.
  2. Know Your Team – Keeping those who will abuse your trust and take illicit advantage of any opportunities out of your business is critical. To do this, a program of background checks of all new hires is important.
  3. Provide the Opportunity to Report Concerns – When fraud is discovered, it is too often found that employees were suspicious that something was amiss but they thought that they had no ability to voice their concern in an unthreatening way. A mechanism to make anonymous and confidential reports can be invaluable.

Beyond these high level issues, control basics are imperative. Segregation of duties, management oversight and well structured policies, processes and procedures will go a long way to reducing risks of fraud, misconduct and error.

KPMG Enterprise™ is a network of professionals devoted to helping business owners and entrepreneurs grow thriving enterprises and build value in their business.

For further information about how KPMG Enterprise can help private companies, visit kpmg.ca/enterprise.

Contact Us  |  Follow KPMG on Twitter   |  Subscribe  |  Unsubscribe  |  KPMG in Canada Privacy Policy  |  KPMG On-Line Privacy Policy  |  Legal

© 2012 KPMG LLP, a Canadian limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.