Do you have traitors in your midst?

Despite changes to legislation and an increased focus on corporate
governance, economic crime remains a significant and growing threat to
organisations both in the UK and worldwide.

More than half of organisations in the UK have been a victim of economic
crime over the past two years, according to the PricewaterhouseCoopers 2005
Global Economic Crime Survey – a figure that is higher than both the global
equivalent (45%) and domestic figures for 2003 (51%).

With the number of incidents reported by UK organisations across almost every
type of offence on the increase, it’s of little consolation that, at $1.6m
(£0.9m), the average cost of tangible fraud is lower in the UK than that for the
rest of the world.

For those corporate victims of tangible fraud, asset misappropriation is
still the most common incident, and false pretences the second most widely
reported offence, affecting 54% of respondents.

Interestingly, financial misrepresentation comes third, affecting 35% of UK
respondents – a threefold increase on 2003, and well above the rest of the world
(24%). It is also the offence with the highest average number of incidents over
the past two years.

This is partly due to its broad definition (financial misrepresentation
encompasses everything from inappropriate provisioning, write-offs and revenue
recognition procedures), and the high level of fraud awareness in the UK, which
has led to greater reporting.

Economic crimes may not all be of Enron proportions, but companies that do
not consider financial misrepresentation as a risk should be asking themselves
whether they are genuinely unaffected by such offences or whether they are
simply turning a blind eye.

Although many UK companies have historically perceived economic crime as a
third-party threat, approximately half of all frauds suffered by companies in
the UK were perpetrated by internal staff – 18% are senior management employees,
25% middle management and 56% were lower-level staff. It is clear that for any
system of anti-fraud controls to be robust, the issue of senior management
override must be considered.

Profiling shows there is little to distinguish fraudsters from regular
members of staff at any given management level – the overall profile of the UK
fraudster as male, aged 31-40 years old, and holding a position in middle
management or below is broadly consistent with our global findings.

But where distinct patterns emerge is regarding the type of frauds committed
at different management levels, and the subsequent treatment of those offenders.
Senior management are, for example, more likely to be involved with financial
misrepresentation – an offence with potentially more serious repercussions for
the company’s future, and one for which greater access and authority are often
required.

With no obvious link between opportunity and incentive in a perpetrator’s
decision to commit fraud, reliance on internal controls remains fundamental. Yet
there is a distinct danger of misplaced confidence among companies in their
current control systems. Even though the overwhelming majority said they were
satisfied with their safeguards, internal controls weaknesses were found to be a
factor in 42% of cases of fraud.

The fact remains that most companies uncover fraud by chance. But as
proactive fraud prevention measures go, internal audit is still the single most
effective control, accounting for a quarter of initial fraud detections. It is,
therefore, crucial that internal audit departments have comprehensive fraud
awareness training to ensure they appreciate the risks posed by economic crime.

The whistleblowing hotline is also proving to be another valuable tool.
According to the survey, 57% of UK companies now have a whistleblowing system in
place, and these systems account for 11% of frauds discovered – more than three
times the global equivalent. It is encouraging to see the UK taking the lead in
these techniques.

Economic crime may be on the increase, but it is still not being taken
seriously as a board-level issue. Disappointingly, two-fifths of the
organisations surveyed only debated the risks of economic crime at board level
on an ad hoc basis, and 16% did not discuss it at all.

While the most common response by companies upon discovery of a fraud was to
inform the board of directors, all too often a fraud had to actually occur
before the issue of economic crime appears on a board meeting agenda.

The board of any organisation relies heavily on the provision of management
information, and this extends to receiving information and advice on the
prevention, detection and investigation of economic crime. But current levels of
knowledge remain poor: only 9% of companies claim that senior management has a
very good knowledge of the causes of economic crime.

The involvement of a company’s board of directors is a key factor in the
battle against economic crime, but this involvement must be both proactive and
include an ongoing commitment of resources to ensure a substantial impact on
economic crime.

The threat of fraud is an inevitable part of corporate life, but that doesn’t
mean companies are powerless to reduce their risk. They should ensure that
sufficient resources are employed to keep pace with the increasingly
sophisticated fraudsters that threaten the survival of their business.

Andrew Clark is a partner in the forensic services division of
PricewaterhouseCoopers