To determine a typical fraudster, you need to ask yourself the question. Who is the typical fraudster in my company? Are there any defining features, traits, or behaviors that could help you to identify those individuals within your organization more likely to perpetrate fraud.
The information contained herein is of a general nature and is not intended to address the circumstances of any individual or entity. Although we endeavor to provide accurate and timely information. No one should act on such information without appropriate professional advice after a thorough examination of the situation.
Are there any defining features, traits, or behaviors that could help you to identify those individuals within your organization more likely to perpetrate fraud?
We have narrowed down the profile of a typical fraudster, based on scrutiny of actual instances of fraud, to help organizations like yours become more alert and responsive to fraud. We have sought to identify patterns among individuals who have committed acts of fraud and contrasted the value and duration as well as many other characteristics.
Here is what we found out about the typical fraudster:
Male
36 to 45 years old
- Commits fraud against his own employer.
- Works in the finance function or in a finance-related role
- Holds a senior management position.
- Employed by the company for more than 10 years.
- Works in collusion with another perpetrator, unsurprisingly, the overriding motivation for fraud is personal greed, followed by pressures on individuals to reach tough profit and budget targets.
The survey highlights, more importantly, how weakening control structures make the opportunity to commit fraud easier.
Organizations should take some of the blame. For them, it is time to consider how they contribute to fraud when failing to detect or respond to lapses or gaps in controls, or by setting overly onerous targets.
Discover which “red flags” to look out for and how to implement more effective measures to manage the prevention and detection of fraud and your response to it.
The analysis identifies:
- Fraudster profile and details of more common types of fraud
- Conditions that tend to enable fraud
- Typical follow-up actions by organizations impacted by fraud
Profile of a Fraudster
Typically, fraudster is perceived as someone who is greedy and deceitful by nature. However, as this analysis reveals, many fraudsters work within entities for several years without committing any fraud, before an influencing factor–financial worries, job dissatisfaction, aggressive targets, or simply an opportunity to commit fraud–tips the balance.
Age
Typical fraudster is between the ages of 36 and 45. Out of stats it is shown that this is the most likely group to commit fraud. This is closely followed by a group between 46 and 55 years old.
Gender
Men commit more fraud than women seem a reflection on the gender make-up of companies generally. The gender gap in fraud perpetration may reflect women’s under-representation in senior management positions and, therefore, fewer opportunities to commit fraud. Survey Age of Fraudster 18 to 25 years old 26 to 35 years old 36 to 45 years old 46 to 55 years old Older than 55 years 3% 2% 14% 12% 39% 41% 31% 35% 13% 10%
Profile of a Fraudster
Rank within the organization Within fraud matters we analyzed, we found the people most often entrusted with a company’s sensitive information and able to override controls are statistically more likely to become perpetrators. This is borne out by survey evidence that senior management is more frequently implicated in fraud than junior staff. 49 % percent of all fraudsters held senior management positions. While senior managers remain the most likely fraudsters board level perpetrators increased from 11 percent to 18 percent
Where the fraudster works
The survey finds that most people involved in committing fraud work in the finance function. Access to and responsibility for corporate assets, financial reporting, and credit lines all offers signify cannot temptation and opportunity to commit and conceal acts of fraud. After finance, fraudsters are most likely to work in the chief executive’s/managing director’s office or in operations and sales. Employees in the legal function continue to be the least likely perpetrators. Rank within the organization Survey Staff 14% 18% Management 26% 29% Senior Management 35% 49% Board member 11 % 18%
View from Central and Eastern Europe How does the global survey reflect regional findings?
Many multinational companies have tended to transfer trusted expatriate employees from the parent company into key financial positions at their subsidiaries in the region, to provide not only the necessary experience, but also to “police” the subsidiary from within the finance function. They act as whistleblowers, the initiators of investigations. Often, they are further transferred from region to region as the company sets up new operations to ensure the ongoing integrity of the finance function the region therefore bucks the global trend. Fewer frauds occur within the finance function, while most are committed within sales and procurement. Collusion with third parties–clients and suppliers–is evident in many fraud cases in the region.
Helm comments: “Lack of trust in local regulatory and judicial systems often results in affording the perpetrators an opportunity to resign without the offense going to court or becoming public. Consequently, HR references are unable to address the disciplinary issues, and poor background checking allows these fraudsters to re-enter the business community.”
Time at the organization
It reveals that 60 percent of fraudsters worked at the company for more than five years before the fraud was detected, while 33 percent of fraudsters worked there for more than ten years. Given that fraudsters usually work for their employer for over five years before discovery, whereas the average fraud has occurred for just over three years by the time of its discovery, it is plausible that those who commit fraud often do not join organizations with the intent to commit fraud. However, changes in personal circumstances or pressures to meet aggressive work targets may influence the onset of fraudulent activity. They may then commit fraud once they have their feet comfortably under the table when they have gained the trust and respect of colleagues and have identified weak controls and opportunities to exploit the business.
“Organizations need to recognize that fraud does happen. With a robust compliance program and protocols for prevention, detection, and response, they will be better able to deal with it and move on.” explains Graham Murphy.
“We find that most fraud continues to be committed at senior and middle-management levels.” explains Anne van Heerden.
Going solo or in collaboration?
90 percent of perpetrators were employed by the organization they defrauded. There has also been a dramatic increase in the likelihood of collusion–61 percent and more. Collusive activity is harder to detect as it involves circumvention of the control system by two or more parties. Where colluding parties are external to, rather than employed by, the defrauded entity, these are most commonly suppliers (48 percent) and customers (22 percent Consultants and sub-contractors make up most of the balance. In parts of EMA, the analysis reveals a more marked pattern of collusion between employees and suppliers of the victim organization than elsewhere in the world. Interestingly, the survey finds that male perpetrators (64 percent) are almost twice more likely to collude than women (33 percent). After taking account of male dominance in the perpetrator group, collusive females account for just 4 percent of activity.
Motivations for fraud the desire for personal financial gain, directly or indirectly, continues to be the biggest driver of fraud according to the survey.
Greed and work pressures Attempts to conceal losses or poor performance (possibly due to pressures to meet budgets and targets, to enhance bonuses, or to safeguard against loss of employment) provide motivation for many frauds, notably those involving the misreporting of results. Misappropriation of assets, notably due to embezzlement and procurement fraud, accounted for 43 percent of the frauds. In second place is fraudulent financial reporting, which again raises concerns about the pressures placed on management to achieve targets. Companies that fall victim to misreporting and other types of fraud should consider whether they set too onerous targets and exert excessive pressure on employees to achieve them. Faced with criticism about underperformance or concerned by the threat of a reduced bonus or loss of employment, staff might be tempted to hype up their performance by misstating results or to guard against potential financial hardship by defrauding the business. There tends to be less fraud in companies that make intolerance of fraud part of the corporate culture and which set realistic and achievable targets for employees. It is important, however, that the corporate culture is cascaded across the organization by management who act, always, in accordance with the corporate values. Entities, though they can control their own cultures, are subject to outside influences on employees. Organizations should be mindful of the impact of mounting personal financial pressures on employees due to the global economic crisis. In more austere times, formerly trustworthy employees affected by adverse changes in their personal circumstances might be more tempted to commit fraud when they spot an opportunity. Given that in the frauds we analyzed that it took, on average, nearly three and a half years between fraud inception and detection, it seems that there may be a signify cannot increase in newly detected cases over the next few years due to current and recent increased financial hardship.
One of the most significant findings of this survey is the large increase in cases involving the exploitation of weak internal controls by fraudsters.
The difficult economic climate may be partially to blame. Tighter budgets are forcing some companies to cut costs in their control environments.
Less robust controls, and fewer resources to monitor controls, allow for greater exploitation by fraudsters. Although necessary to preserve profits, such cost cutting should be balanced with effective risk management.
Many frauds continue to be exposed by formal or informal whistleblowing mechanisms., companies were alerted to fraud by whistleblowers in one-quarter of cases, with complaints from customers or suppliers accounting for a further 14 percent of frauds were identified due to customer or supplier complaints while 6 percent came in response to issues raised by third parties, including banks, tax authorities, regulators, competitors, or investors. One in seven frauds is now discovered by chance puts question marks over the effectiveness of controls and management review at detecting and preventing fraud.
The upshot is that companies seem to depend increasingly on the good consciences of staff or third parties, on accidental discovery or, in a few cases, on confessions, to identify potential fraud. In aggregate, these methods account for detection in just over half of the frauds in the survey. Weak internal controls exploited Reckless dishonesty regardless of controls Collusion to circumvent good controls Survey Methods used to override controls 49%
Many known instances of fraud go unreported. This may be due to staff’s unwillingness to report colleagues, to third parties’ reluctance to make a complaint, or because individuals conclude it is unnecessary to raise a particular issue. Individuals often argue that it is not their place to provide tip-offs; others fear repercussions, such as the loss of their job, especially where the fraud involves line or senior managers or board members.
Globally, there are moves to create more formal frameworks to promote whistleblowing. Such initiatives are intended to create more secure environments in which to tip-off Such incentives and protections can be helpful, but the fact remains that informal or formal whistleblowing should not be relied upon as principal detection tools.
Richard Powell leads KPMG’s Investigations Network. “Many of the frauds I’ve investigated in the past few years have come to light due to formal or informal whistleblowing reports,” he says. “Very few, by contrast, are discovered as a direct consequence of management, internal, or external audit review.”
The importance of annual fraud risk assessments cannot, be underestimated. “Properly conducted and focused risk assessments are an opportunity to identify areas where there are enhanced fraud risks but ineffective or missing controls. Remedial action can then be taken to close the gap and to mitigate the risk of fraud.” Although companies have opportunities to stop fraud before it escalates, red flags are often misunderstood or inappropriately actioned. The fraud typically lasts longer, losses accumulate, and the costs associated with remediation increase.
“Perhaps the most damning finding of the survey is that initial red flags are now raised more frequently than ever before, yet responses to these early warning signs have fallen significantly. Every ignored red flag is potentially a missed opportunity to stop fraud.”
Warning Signs
A red flag is an event or set of circumstances that ought to alert an entity to the presence of risk. Within the organization, individuals need to be alert to red flags– what to look out for, how to respond, how to follow-up. By responding appropriately to red flags, fraud can be detected sooner and, in some cases, prevented altogether.
But how often is anything done about a red flag? The number of fraud cases preceded by a red flag rose to MORE THA 60%. However, instances where action was taken following the initial red flag fell massively. Companies are failing to read and to act quickly on the warning signs. Ignored red flags are a license for perpetrators to carry on operating and a missed opportunity for the business to detect or prevent fraud and to reduce losses and associated costs. Rarely is an act of fraud a one-off. With financial statement fraud, for instance, fraudsters often make multiple transactions to cover their tracks. Repeated and long-running fraudulent activity may result in several red flags over a period. Recognizing and being alert to red flags and responding appropriately could save significant loss of value to the organization from fraud.
“When frauds blow up, it’s typically several years down the line, when the value of the deception has multiplied, and all the warning signs have been missed.” says Rohit Mahajan.
Rather than whistleblowing or accidental discovery, most fraud is now detected by management review or because a manager becomes suspicious about a colleague’s behavior. “However,” says Mahajan, “collusion between functions or with external parties means controls can be by passed which, in turn, results in an increase in fraud.”
Raising awareness
So how forthcoming are companies when it comes to telling others about the fraud and the penalties levied?
However, reporting can be used to send a clear message to potential perpetrators that fraud will not be tolerated and increases the likelihood of recovery in the event of successful prosecution. Of course, where the financial loss is Lessing cannot than the potential damage to the corporate reputation, companies may choose not to report their suspicions to the police and will conduct their own internal investigations. Outcomes and responses the outcomes of/responses to incidents of fraud because of the analyzed investigations are as follows: *
- Disciplinary action – taken in 40 percent of CASES.
- Enforcement action (includes regulatory, legal and police) – in 45 percent of cases.
- Civil recovery – 23 percent of cases.
- Resignation/voluntary retirement – 17 percent of cases
- Settled out of court – 6 percent of cases.
- Took no action or sanction – 3 percent of cases. By geography, the survey reveals the most frequent outcomes:
“Even in a well-regulated market and with a good audit function, massive frauds can go undetected for a number of years.” says Dean Friedman from South Africa
How does the global survey reflect regional findings? “The profile in South Africa is largely consistent with the findings of the global survey What can be described as economic hijacking is becoming increasingly prevalent and impedes investor confidence.” It manifests in three distinct ways: Company hijacking Company details, including the names and details of officers and directors of the company, are changed without authority. This enables fraudsters to obtain, for instance, bank loans in the company’s name. “They then channel the proceeds to themselves via an impaired loan account. Unpaid debts can accumulate, leaving the bank with an impaired loan and the company in debt and unable to obtain working capital,” explains Friedman. Wholesale dispossession of company assets Fraudsters materially or completely strip companies of their assets and/or their means to generate income. These rare but highly damaging instances leave creditors and shareholders with little prospect of recovering their losses. Hijacking of state-allocated rights in some industries, notably resources, the South African government allocates rights to companies to engage in certain activities. It may take several years of ongoing capital injection before economic return is achieved. However, security of tenure is at risk. More and more allegations are surfacing about fraudulent applications and exploitation of relationships, which see rights diverted elsewhere.
Fraud is up; defenses are down analysis indicates that fraud and misstatement of results continue to be growing problems for companies at a time when budgets are stretched. Defenses, however, seem to be less effective than they used to be.
In summary, the general characteristics of the fraudster appear to be changing only moderately. We see the middle-aged member of middle to senior management still being the subject of many of our fraud investigations. There is a slight trend toward the individual being more tenured at the company. More interesting is how the failure to initially respond to red flags and lapses in internal controls were an increasing contributor to enabling the fraud to occur. Also, the impact of the economic crisis seemed to have resulted in an increasing number of companies seeking to recover their fraud losses, in hopes of minimizing the financial consequences to the organization. With increased economic pressures on individuals, failure to identify or address red flags and the lengthening time lapse between fraud inception and detection, the likelihood is that frauds, currently undetected, will emerge in greater numbers in the next two to three years. For companies, the challenge is how to see through the “ordinary” disguise of the fraudster; how to close gaps in the corporate armor; how to enhance fraud prevention and detection efforts; and how to respond more often, more appropriately, and more rapidly to red flags.
Red flags not to be missed.
Your “average” fraudster, based on our analysis, is someone who has worked in an organization for many years, is considered trustworthy, and has a more senior position.
But which key areas of your business may be most susceptible to fraud?
And what behaviors among employees should not be ignored?
Red flags not to be missed Your “average” fraudster, based on our analysis, is someone who has worked in an organization for many years, is considered trustworthy, and has a more senior position.
But which key areas of your business may be most susceptible to fraud?
And what behaviors among employees should not be ignored?
As we have seen, there are certain characteristics that typify a fraudster.
Employee awareness of other behaviors can help businesses identify frauds earlier. Be alert to the following employee behavioral red flags:
Refuses or does not seek promotion and gives no reasonable explanation.
Volatile and melodramatic, arrogant, confrontational, threatening, or aggressive when challenged.
Rarely takes holidays.
Suspected to have over-extended personal finances.
Does not or will not produce records/information voluntarily or on request.
The level of performance or skill demonstrated by new employees does not reflect experience detailed on CVs.
Unreliable and prone to mistakes and poor performance.
Cuts corners and/or bends rules.
Tends to shift blame and responsibility for errors.
Seems unhappy at work and is poorly motivated.
Surrounded by “favorites” or people who do not challenge them.
Accepts hospitality that is excessive or contrary to corporate rules.
Persistent rumors/indications of personal bad habits/addictions/vices.
Seems stressed and under pressure.
Bullies or intimidates colleagues.
Has opportunities to manipulate personal pay and reward.
Vendors/suppliers will only deal with this individual. Lifestyle seems excessive for income.
Self-interested and concerned with own agenda.
Micromanages some employees; keeps others at arm’s length.
We can help you to build effective anti-fraud programs and implement fraud prevention and detection strategies, as well as respond to instances of fraud and misconduct.
MANAGING THE RISK OF FRAUD AND MISCONDUCT: MEETING THE CHALLENGES OF A GLOBAL, REGULATED, AND DIGITAL ENVIRONMENT
Increased multinational enforcement of anti-corruption laws or simply trying to implement an anti-fraud program throughout the enterprise. The book also discusses strategies to help organizations tackle challenges that range from the financial reporting fraud scandals of a decade ago, to the implications of the more recent massive Madoff and Stanford Ponzi schemes, or the investigations of insider trading in the hedge fund industry. While trying to keep one eye on fast-paced economic and regulatory changes, business leaders should also be attentive to risks of fraud and misconduct that can jeopardize their success.
FRAUD RISK MANAGEMENT: DEVELOPING A STRATEGY FOR PREVENTION, DETECTION, AND RESPONSE
This white paper provides an overview of fraud risk management fundamentals, identifies key regulatory mandates from around the world, and puts the spotlight on practices that organizations generally find to be effective. As you consider the risks of fraud at home and abroad, and the effectiveness of the controls you rely on to mitigate those risks, this document provides relevant insight.
We use those insights to consider how companies can derive best value for their current or pending investment in cross-border investigations, regardless of whether those are conducted in-house or undertaken with a third party.