Where there is a business, there is potential for fraud, both internally and externally. According to the PwC’s Global Economic Crime and Fraud 2022 Survey, nearly 70% of organisations experiencing fraud reported that the most disruptive incident came via an external attack or collusion between external and internal sources.
Trying to stay ahead of the curve through early detection and setting up key practices within your organisation can help you with preventing fraud from disrupting your business. In this article, we will identify the different types of internal fraud and external fraud and discover how your business can make the necessary changes to minimise your risk of fraud.
What are the types of internal fraud?
Many business owners are typically focused on the risks that external fraud can impose on their business, without really paying attention to the damage internal fraud can cause. According to the Global Economic Crime and Fraud Survey, 41% of economic crimes in South Africa were committed by employees, in comparison to the 36% of fraud committed by external sources and 21% was collusion between the two.
Below are four types of internal fraud every business owner should be on the lookout for and how they can protect their company against these risks:
Payroll Fraud Schemes
Payroll fraud can manifest itself in many ways, especially if a company’s payroll function is managed in-house and, typically, overseen by one individual. With no control measures in place, there is an increased delay in detecting, tracking and reporting the fraud of a dishonest employee.
What are the different types of payroll fraud?
- “Ghost” employees: This occurs when a “trusted” employee manipulates the payroll process, in order to get an additional paycheque for a non-existent employee.
- Falsified wages: When an employee or employees falsifies their wage rate or lies about their sales numbers for increased commission.
- Timesheet fraud: When an employee increases the time, they apparently worked to gain additional pay when compared to the actual amount of time worked.
- Expense and reimbursement fraud – This occurs when an employee logs a false reimbursement request or gets an expense claim approved for activities that did not receive the proper attention and valuation initially.
How to reduce the risk of payroll fraud?
- Employee background checks – Improve the quality and standard of your hiring practices by deterring unqualified or dishonest applicants, which can save you time and money by mitigating your risk of payroll fraud.
- Lifestyle audits – You can determine if an employee is living above their means, by comparing their known income with their current expenses and lifestyle to reduce fraudulent practices within your business.
- Change your payroll software – Remove the opportunity to commit fraud by strengthening your accounting policies and investing into fully-integrated digital payment platforms, such as ERPs, to organise payments more efficiently.
- Create a fraud prevention hotline – Your business can also create an anonymous tip or fraud hotline to encourage employees to alert managers of known or suspected fraudulent behaviour.
Invoice Fraud Schemes
Invoice fraud is when an employee or any third-party submits a fake invoice to the company with the intention of receiving excess funds. It is a problem so deceptive and difficult to detect because, regardless of company size and industry focus, the documents appear to be legitimate. Based on the Global Economic Crime and Fraud Survey, 16% of companies across South Africa suffered from procurement fraud in 2020.
What are the invoice fraud red flags to look out for?
- False invoices: These types of invoices appear to be legitimately for goods or services “delivered/ rendered” from a vendor that the company uses regularly.
- Inflated invoice costs: This is when a company receives an invoice with slightly inflated prices, the goal being to receive smaller pay-outs over a period of time to reduce suspicion.
- Increased invoice activity: When a company is receiving an influx in invoices from one particular vendor that surpasses the historic average.
How to reduce the risk of invoice fraud?
- Set up AP solutions: Consider putting an AP solution in place, the system can run through automated invoice matching, looking for PoS, GRN and vendor invoice verification. This will reduce potential document manipulation and therefore reduce the risk of paying fraudulent invoices.
- Due diligence with PoS: It is worth checking purchase orders against invoices to ensure the amounts are the same before processing payments. Even small amounts can accumulate to thousands of rands over time, if not detected promptly.
- Split accounting responsibilities: If one person oversees payments and invoicing, there is an increased possibility of fraud. Split the accounting and financial responsibilities amongst a team so that no single individual has the authority to approve PoS, paycheques or payments and identify suspicious invoices easily.
Asset Misappropriation and Skimming Fraud Schemes
Asset misappropriation is a broad term used to describe a vast number of employee-based fraud schemes which can be separated into two main categories: cash and noncash. Asset misappropriation is the most common type of occupational fraud committed worldwide, with 23% of companies in South Africa being affected in 2020.
What are the different types of asset misappropriation?
- Cheque tampering: When an employee alters the amount, recipient and other details on the cheque to transfer funds into their account instead of the original recipient or creates an unauthorised cheque with the intention of taking money from the business.
- Inventory theft: This occurs when an employee removes inventory from the company without permission or purchase or redirects deliveries of products from vendors to an alternate address – with the intention of keeping or reselling on the company’s dime.
- Expense account fraud: Similar to expense reimbursement fraud, this is when an employee utilises the company’s expense account for personal expenses, then submits them as business-related expenses.
- Misuse of assets: When an employee utilises company property, such as company vehicles, company computers or company credit cards for unauthorised personal activities.
How to reduce the risk of asset misappropriation?
- Pre-employment background checks: Ensure your staff upholds the safety and compliance standards of your company to maintain a safe and secure environment in the workplace.
- Run internal inventory audits: Companies should invest in an automated inventory management system that keeps the company informed of current stock levels and rapidly detects unauthorised removal of assets from the company. Alternatively, reducing inventory audits and sales comparisons can also help identify potential asset misappropriation before the costs of the loss increase.
- Separate finance duties: Consider separating financial duties between multiple employees, such as hiring, both, a cheque preparer and cheque signer to reduce potential payment fraud.
- Run lifestyle audits on employees: Expose potential illicit or illegal activities within your company, such as corruption, fraud, collusion, embezzlement, bribes, etc.
Financial Statement Fraud Schemes
Financial fraud involves an employee intentionally misstating or omitting important financial information, like sales, revenues, assets and liabilities, to deceive others. Although financial fraud is considered a less common fraud risk in business, it still has the highest monetary impact on the company and based on the Global Economic Crime and Fraud Survey, it affected 34% of companies across South Africa in 2020.
What are the financial statement fraud red flags to look out for?
- Accounting anomalies: When an employee falsifies the company’s revenue numbers to indicate increased income generated by the sale of products or services.
- Falsified growth reports: When employees, managers or executives, intentionally, misrepresent the company’s sales figures and financial growth in order for the company earnings to look healthier.
- Falsify the value of an asset: Then is when an employee, manager or executive purposefully alters the value of an asset to make it appear more valuable than it actually is.
- Reporting non-existent revenue from a sale: An example of this would be if an employee pre-bills a customer for their next purchase to bolster monthly revenue sales figures.
How to reduce the risk of financial statement fraud?
- Run financial audits: Consider internal and external audits to examine your company’s financial statements in order to identify inconsistencies or inaccurate information before publishing the financial statement reports.
- Monitor industrywide growth: Cross reference income generated with sales reports to identify false sales and non-existent income.
- Confirm asset useful life expectancy: Verify an asset’s useful life expectancy and compare this with the industry norm, then cross reference this with the stock value to confirm any discrepancies within the balance sheet.
- Create strong corporate culture: Encourage employees to adhere to company policies and procedures, provide reasonable assurance that accounting information is accurate, reliable and timely and promote fraud prevention through education and proper staff training.
What are the types of external fraud?
Fraudsters are constantly embracing new technology and adapting quickly to changes within the economic environment unlike their victims. Based on the Global Economic Crime and Fraud Survey for 2020, we have seen an increase in external fraud cases, such as customer fraud, bribery and corruption, cybercrime and many other modern fraud schemes, when compared to 2018.
External fraud can manifest itself in a variety of ways and negatively impact a company’s financial, material or reputational state. Below are the three classifications of external fraud every business owner show be on the lookout for and how to protect their company against external fraud risks:
First-party fraud is where a person intentionally falsifies their identity or personal information for financial or material gain. For example, by fabricating their employment, their income or lying about their financial status, they can gain access to credit or financial services they are not eligible for. As first-party fraud is often written off as bad debt, it causes future detection issues for a company when making future lending decisions and fraud identification.
What are the common types of first-party fraud?
- Fronting: This is when a person uses someone else’s identity to gain access to a service that they were not eligible for or could receive at a reduced cost.
- Address fronting: Using an alternative risk address on an application to reduce costs of service.
- Checkback fraud: When an individual refutes buying a product or service on credit and demands a refund from the card holder for financial gain.
- De-shopping: When an individual purchases a product with the intent of using it before returning it for a full refund.
How to reduce the risk of first-party fraud?
- Verify through SAFPS platform: Identify potentially fraudulent applications and protect your company from falling victim to fraud.
- Run a KYC check: Verify the address provided by a customer by matching addresses found in the bureau’s consumer database supplied by SACCRA (Banks, Telco’s) and NLR (Micro Financing) members in real time.
- Consider doing a credit check: Get a summary of an individual’s credit history and make better decisions regarding the consumers credit worthiness.
- Review your return policies: Consult with a legal expert and with the suppliers to determine the best suitable return policies for your clients and business, by reducing fraudulent sales.
Second-party fraud is when a legitimate account holder willingly gives out their personal or financial information to a fraudster for them to commit fraud. This is a more complex type of fraud because it can be difficult to detect the fraudulent activity and it is extremely complicated to prove a legit customer was complicit in the crime.
Without proving their involvement, these account holders could have their ‘losses’ covered by insurance, while they and their partner get away with the crime. The legitimacy of the account or customer can create multiple complications that leave banks, insurance companies and retailers out to dry.
How to reduce the risk of second-party fraud?
- Run an SAFPS database check: You can check and verify if an account or credit facility is being used for fraud or payment evasion. You can also reduce financial fraud by verifying loan applications or identity theft.
- Get credit authorisations: Protect your business and lower your risk of fraud by confirming credit authorisations.
- Run a KYC check: Reduce the possibility of data breaches, identity theft, account takeover frauds, money laundering and terrorist financing.
Third-party fraud is typically known as identity theft, where a fraudster impersonates an account holder’s identity and uses their personal information to defraud and deceive a business, bank or other financial organisation.
What are the common types of third-party fraud?
- Account takeover fraud (ATO): Occurs when fraudsters are able to take control of the actual banking accounts of a victim of fraud.
- Synthetic Identity Creation: When a fraudster creates a false identity using information stolen from real people and fabricates that information to create a new identity for financial gain.
How to reduce the risk of third-party fraud?
- Get credit authorisations: Protect yourself by identifying and avoiding fraudulent activities.
- Utilise an SAFPS database check: Confirm whether or not an ID number has been used for any fraudulent activity in the past or has been victim of fraud.
There will never be a one-size-fits-all solution to combating the scourge of fraud. The perpetrators of fraud can range from organised criminal syndicates to opportunistic account holders and criminal individuals with access to the necessary information and technology needed to commit these types of fraud. With the rise in fraud cases in South Africa that are affecting all types of organisations, companies must be as proactive as possible to minimise their risk of fraud.
At MarisIT, we strive to help our clients reduce their risk of fraud from negatively impacting their business through comprehensive screenings, credit vetting and scoring services. Contact us today at 012 542 7614/5 or visit us at www.marisit.co.za for more information on how we can help you.