Employee Fraud: How Much Should You Spend to Prevent it?

Reprinted with permission from Fraud Matters Newsletter of CPA America.

Forensic accountants stress that the best way to prevent fraud is to establish an efficient control system

How much should you spend on such a system? What mechanisms have worked best for other companies?

And, perhaps, most importantly – What is the price of doing nothing?

The Association of Certified Fraud Examiners and other groups provide the guidance below.

Control System

An efficient control system should include:

  • A strong control environment influenced by management’s philosophy of ethical behavior and strong corporate governance policies
  • A solid accounting system that ensures proper recording, classification and reporting of all transactions
  • Tight procedural controls that provide for safeguarding of assets, proper authorizations, audit mechanisms and proper documentation

Prevention Measures

The most common prevention measures used by organizations according to ACFE reports were external audits (75%); internal audits (59%); fraud training and hotlines (49%); and surprise audits (29%). Those organizations using internal audits, surprise audits, fraud training and hotlines experienced a significantly lower median loss and detection time than those organizations that did not.

Fraud Detection

While prevention measures are important, it’s helpful to know how most frauds are discovered. The ACFE said 34 percent of all frauds in their study were detected by tips. These tips came from vendors, customers, employees and anonymous sources. The remaining frauds were detected by:

  • Accident – 25% of the time
  • Internal audit – 20%
  • Internal controls – 19%
  • External audit – 12%
  • Notification by police – 4%

This clearly demonstrates the importance of having a strong internal control environment, a mechanism of reporting tips and abuses to someone who will react accordingly and external and internal audit services performed.

Industries Most Likely to Experience Fraud

The industries experiencing the most incidents of occupational fraud, in order of number of occurrences, are:

  • Banking/Financial Services
  • Government and Public Administration
  • Manufacturing
  • Health Care
  • Insurance
  • Retail

Cost of Prevention Measures

Because of fraud’s disastrous consequences, failure to implement safeguards could jeopardize your business. The ACFE estimates that fraud costs typical U.S. companies 6 percent of their annual revenues.

Determining how much your company should spend to safeguard itself is difficult to estimate. The ACFE doesn’t recommend how much an organization should spend on compliance. But, various studies analyzing Sarbanes-Oxley (SOX) corporate governance reforms have been conducted.

SOX reforms have cost public companies millions of dollars. One study, conducted by Foley & Lardner, LLP, found that the average cost of compliance for private firms was $50,000, whereas public companies reported that costs were close to $3 million.

An industry rule of thumb says that a company should plan to spend about $1 million on SOX compliance for every $1 billion in annual revenue. However, a study by A.R.C. Morgan found that companies in the $1 billion revenue range are already spending more than $2 million, without factoring internal resource spending and growing auditor fees. According to Morgan, this figure is likely to grow to $3 million in the near future.

Fraud prevention costs could vary significantly and are based on a number of factors. For example, you may be forced to adopt corporate governance reforms such as SOX (public companies); conform to industry-specific regulatory compliance (banking, financial or insurance); or operate in an industry more prone to occupational fraud. In some cases, it becomes a judgment decision.

What would you spend to safeguard from losing 6 percent of your annual revenues?

We can all agree that fraud prevention should not be ignored. Our firm can perform the Association of Certified Fraud Examiners fraud prevention checkup on your organization to determine your vulnerabilities.

The incidence of fraud is now so common that its occurrence is no longer remarkable, only its scale, the ACFE says.

By failing to protect your organization, you can expect to become a victim of fraud at some point in the future and become a statistic in their next study.

James I. Marasco, CPA/CFF, CFE, CIA
Jim is a partner at EFP Rotenberg. He brings more than 18 years of public accounting and auditing experience. He is a full-time management consultant and travels extensively throughout the country while leading StoneBridge Business Partners (an EFP Rotenberg affiliate company). Read more about Jim. Article republished with the permission of CPAmerica.