Statistics show that in the UK alone, an estimated 7% of annual turnover is lost to fraud schemes, involving issues such as kickbacks, insider trading, financial statement and invoice fraud, bribery, and even the simple skimming and misappropriation of assets. It is estimated that fraud costs business in the UK over £110bn per year.
Fraud, like any serious disease, spreads if not treated early. It saps corporate reputations and finances, and in the worst cases can prove fatal to an organisation. Reputational damage, in particular, can be devastating. A loss of confidence by shareholders, customers, suppliers and regulators, as well as the potential of litigation in the wake of a fraud, can lead to a drop in share price from which a company may never recover. In addition, if it can be shown that a company’s directors and management have neglected their fiduciary responsibilities, they can be held personally liable for the loss incurred by the company.
Too many symptoms: all the data, none of the resources
For internal counsel and other corporate fiduciaries, it is a nightmare scenario to discover they have not put the necessary controls in place to combat fraud and corruption. However, determining where and how to deploy the proper preventive measures and early detection mechanisms is difficult, as implementing such measures internally can prove inefficient and costly for most organisations.
Technology has given companies an overwhelming supply of internal data to analyse, but the information is usually held in multiple locations and in systems that do not interact, making it difficult to spot red flags.
Developing a treatment: data and expertise
With companies now drawing a huge amount of data from a number of different sources, many find that performing a proper risk assessment internally – one that combines vast data sets, and uses data analytics and data mining tools to identify patterns that indicate fraud and corruption – is beyond their resources and abilities.
One treatment: performing a proper risk assessment – one that leverages bespoke technology to gather, link and test the data and industry experts, to determine which tests to run and what types of results point toward fraud. These assessments involve experienced teams composed of fraud examiners and forensic accountants, former law enforcement professionals, prosecutors and compliance professionals. Each risk assessment is unique to the company being analysed and is designed to identify red flags within the organisation, enabling the company to investigate and shore up its anti-fraud programs and procedures accordingly.
Reviewing the symptoms: red flags
The issues identified during a risk checkup provide companies with strong clues about areas to investigate. Here are just a few of the most common red flags identified during a check:
‘K2 Intelligence helped a state-owned company based in the Middle East recover $450m after a check of its data flagged discrepancies in the price of raw materials.’
- Invoices that use vague keywords (like ‘consulting services’, ‘marketing’, or ‘entertainment’), or that lack essential details like contact information or details about the supplier.
- Unusual invoice numbers and sequential invoicing. Fraudulent invoices can have invoice numbers invented by the fraudster. And a series of sequential invoices from a supplier may suggest over-reliance between the company and the supplier.
- Invoices that share a bank account, a next of kin, a phone number, or other data with a company employee. These can be flagged by cross-referencing HR, payroll and other company information.
- Invoices that include offshore account information, as well as invoices with false tax and VAT numbers.
- Invoices that are just below authorised spending limits or that are divided to avoid limits. For instance, a manager is authorised to spend £5,000 and his or her invoices consistently come in just below that amount. Tests may also catch efforts to divide a large, single payment into two payments to get around control limits.
- Invoices paid more quickly than usual. For instance, a company may have 30-day payment terms, but analysis shows that invoices for a particular supplier are paid in one or two days.
Diagnosis and prevention
Using subject-matter experts to follow up on red flags can yield substantial results. A dedicated team of fraud hunters, located across the world, with expertise in a broad range of industries, brings a unique perspective to examining transactions, people and companies. They leverage customised data analytics tools to handle more information, more efficiently. Not only does this provide insight into current wrongdoing, but it also gives a company direction on where to improve their controls.
For instance, K2 Intelligence helped a state-owned company based in the Middle East recover $450m after a check of its data flagged discrepancies in the price of raw materials. It was later discovered that a bogus procurement system had been developed to defraud the company.
This combination of technology and experience can be a game changer for companies looking to root out corruption. And performing a regular checkup can ensure that fraud is identified before it can do significant damage. It is preventive medicine that will help ensure the company’s reputation and finances remain healthy.
It is important to understand that a company’s risk areas will evolve alongside an ever-expanding landscape of fraud schemes. Semi-annual or annual examinations ensure peace of mind for a company’s board and management, and also take a bite out of losses that affect revenues and profits. An organisational risk checkup – followed by a deeper investigation if potential corruption is detected – is a relatively low-cost way of achieving a substantial increase in profitability.