Proper internal controls are important in fraud prevention
In the Singapore Fraud Survey 2014, results suggest that fraud has become more prevalent, often the result of poor internal controls. Indeed, 53 percent of the 103 respondents identified “weak or overridden internal controls” as a factor that enabled fraud; the second most identified factor was “collusion between employees and third parties”, which came in at a distant 30 percent.
“You must have the right risk control systems,” says Themin Suwardy, Associate Professor of Accounting (Practice) at Singapore Management University (SMU). “You cannot just wave a piece of paper with the risk control policy spelt out and say, ‘We have the right systems in place.’
“You still need to implement it on the ground level where the touch points are, such as where employees meet suppliers and customers. These employees will tell you what the risks are on the ground, but policymakers don’t always seek their advice when drawing up fraud control policies.”
Spotting fraud
Prof. Suwardy, who contributed to the survey report together with Prof. Gary Pan and Prof. Seow Poh Sun (all from the School of Accountancy), explains that such policies and systems are designed to minimise “everyday” fraud such as “suppliers over-billing you, or the employees taking money from the till”, and that “most companies do alright on these fronts”. However, when employees manage to circumvent control systems, there are ways to tell who the culprit is.
“It takes great effort for you to swindle and not enjoy a single bit of it,” Suwardy told Perspectives@SMU. “The whole psychological reward of fraud is enjoying something that is not rightfully yours. Successful fraudsters get access to resources that they wouldn’t otherwise have had. For example, they start buying things that make people go, ‘How can he possibly afford that?’”
The problem comes, Suwardy says, when the fraudsters are already well off. Extending that logic, it would be much more difficult to spot wrongdoing by senior management because the tell tale signs of living beyond their means are not obvious. Additionally, “it’s also because of the level of trust and power placed in these people, which allows them to circumvent controls.” Indeed, the survey showed that 17 percent of the fraud incidents were perpetrated by management.
As such, it would be prudent for companies to do a background check on potential candidates, especially if a senior position is being offered. Specifically, hiring companies should determine if the candidates are at risk of falling into the Fraud Triangle: opportunity, pressure/motivation and rationalisation.
“Fraud will only happen when there’s opportunity, pressure or motivation, and rationalization,” Suwardy explains. “If the till is left open, I have the opportunity to commit fraud but I may have no pressure or motivation to do so. If I have financial pressures, then perhaps the temptation is higher but it does not mean I will commit the act.
“Only when I can rationalise why I should do it that I will decide to steal. For example, I might feel cheated by my boss, or I might convince myself that I am doing no one any harm by stealing. It could be any other rationalisation. You need all these three factors to come together for fraud to happen.”
Stopping fraud
There are ways to counter fraudsters besides installing control systems. Whistle-blowing is the most obvious way but can be challenging to implement. The study showed 54 percent of fraud is discovered through notification by employees or customers via whistle-blowing or other communication channels.
“First, you have to establish trust in the system,” Suwardy says, highlighting that there must be no fear of reprisals or identification. Companies that managed to implement whistle-blowing policies successfully, he says, “sometimes did so by outsourcing the control system because it would be independent and neutral. It also draws the line between responsibility and checking mechanisms. You don’t want a circus where everyone is pointing fingers at everyone else.”
Much of all this depends on the prevailing company culture, which the report pointed out as the responsibility of management and the board in “ensuring institutional support for ethical and responsible business practices in the organisation”. If management consistently tells sales staff to “make the sales figures by hook or by crook”, says Suwardy, then eventually that’s going to be the company culture.
So is it possible to totally eliminate fraud?
“You cannot guard against everything,” Suwardy concedes. “A system that does so would not be cost-effective, nor would it be bearable to anybody: every time you do something you’ll need it to be counterchecked three times, and before you pass it on to someone else it has to be counterchecked two more times, or you’ll have to sign a document to prove that you said something etc. Such an office would be completely impossible to work in.
“The whole idea of fraud prevention is about having a system that minimises fraud as much as possible. We want to have the right system, people and technology at the touch points where potential fraud can happen.”
The Singapore Fraud Survey 2014 was jointly conducted by KPMG and Singapore Management University. Professors Themin Suwardy, Gary Pan and Seow Poh Sun were contributors to the report.
Follow us on Twitter (@sgsmuperspectiv) or like us on Facebook (https://www.facebook.com/PerspectivesAtSMU)