Fraud is a Sickness

Over the past two weeks, both of my daughters had summer colds. I don’t know why, but summer colds seem worse than winter colds. The symptoms seem worse, and they always last longer. I feel bad for my daughters because I have fought with summer colds too and know they can make you feel miserable. I have been taking my vitamins, drinking lots of orange juice, and washing my hands more frequently. Luckily, I haven’t caught it—yet.

We all know what it feels like to be sick. If it’s a stomach bug or a summer cold, it isn’t fun. Which is why we generally practice routine habits of good hygiene like hand washing to avoid getting sick and to prevent as much as possible the spread of germs to others. Organizations have similar risks when it comes to fraud. The risk of fraud will vary by the size of the organization, industry, business practices, control environment, etc. Make no mistake, fraud finds a way to get into your organization, and when it is discovered, dealing with it isn’t fun. Fraud is like a sickness. But, if you have some established practices in place, an organization’s risks of fraud decrease:

• Prevention – Eating healthy and exercising, among other things, will help prevent sickness. If we are around others who are sick, we can try to boost our immune system with vitamins and wash our hands to minimize the spread of germs. We do the same things within our organization to prevent fraud. We implement segregation of duties, access controls to limit users’ rights with the system, or automate controls to prevent certain types of transactions. These are all very important to prevent fraud.
• Mitigation – We can implement all possible preventative steps, but the reality is—we will get sick at some point in our lives or fraud will happen at some point in our organization. With regard to sickness, we may not be okay with it happening, but we understand that it will happen. Fraud is a different story—most business owners and executives are shocked or want to ignore it when happens to them. Mitigation is all about identifying the warning signs and addressing them. With regard to getting sick, you should listen to your body and take action when symptoms (or warning signs) are identified. The risk of fraud can be mitigated by identifying red flags and addressing them. One important control that can help monitor for fraud is reconciling balance sheets monthly. Through these account reconciliations, you catch fraud sooner and reduce potential losses. As the number of red flags grows, the mercury in the thermometer rises.
• Severity – What would you do if your body temperature is at 102 degrees? Some people would say, “Go to the doctor,” which is probably the right answer. What if your temperature was 100 degrees? This is probably a harder question to answer. The same holds true when assessing the severity of fraud, which would relate to the possible time frame involved, number of employees involved, areas impacted, number of schemes, red flags, or amount of loss. The more severe the fraud, the more an organization should consider hiring outside professionals. These outside professionals are the equivalent to you going to see the doctor.
• Healing – Once you determine the severity, you should evaluate the treatment necessary to heal your body or organization. With regard to healing your body, you may need to take your medicine as the doctor ordered and get plenty of rest. As it relates to fraud, the treatment plan may include taking action against current employees, gathering evidence, evaluating recovery avenues, filing lawsuits, or providing evidence to authorities. The healing process can be a long one, and it is important not to rush things.

I know that dealing with fraud is painful, but you must identify the red flags early and seek help if necessary. Uncovering fraud within your organization may be the best thing for the long-term health of your organization.

For weekly insights on fighting financial fraud, click here: