The Association of Certified Fraud Examiners (ACFE), the world's largest anti-fraud organisation, has recently published its annual In-House Fraud Investigation Teams Benchmarking report. The report is based on the findings from a survey of 1,485 participants from 104 countries across 22 industries. We outline and explore some of the findings below:
- The categories of fraud investigations which are most frequently investigated include: employee embezzlement; fraud committed by customers; fraud committed by vendors/contractors; HR issues; and Cyber fraud/hacking.
- 25% of survey participants report internal fraud investigations to the head of audit within the organisation; 24% report to the CEO/senior management; 13% report to the board of directors; 10% report to the head of compliance; and 8% report to in-house counsel.
Miten Vaghela, an Associate in the Fraud Defence Group at Mishcon de Reya says:
As perpetrators of fraud become increasingly sophisticated through their ability to launch cyber-attacks on organisations with relative ease, it is important that organisations have an internal best practice guide on combatting and preventing fraud which is co-ordinated by an internal investigations team. There is no "one size fits" all approach to internal fraud investigations as some cases are more complex than others, but it is important for organisations to have in place fraud prevention mechanisms to prevent, detect and react to fraud. Typically, the size of an organisation will determine: the allocation of resources to internal teams; who an internal fraud investigation team reports to; when to consider instructing external organisations to assist with investigations; and how the investigation is handled. We recommend that employees are made aware of the appropriate person within the organisation to report a fraud or suspicious activity to so that the best practice guide can be implemented as quickly as possible to minimise damage to the organisation.
Martin Shobbrook, a Partner in the Fraud Defence Group at Mishcon de Reya says:
Businesses continue to be the targets for fraud. The ACFE's recent findings show that those attacks will commonly come from those closest to the business: its employees, its customers and its suppliers/contractors. Being at risk of fraud is unquestionably an inherent part of modern business life. The potential damage to business is not limited to whatever the fraudster has managed to steal – reputational loss and damage to customer confidence generally can leave businesses counting a much larger cost. In the event of a fraud being discovered, speed is of the essence: the quicker a business can react, the greater the prospects of recovering the sums stolen. The greater the delay, particularly at the outset, the further away the money will go making it harder to trace andrecover. Clear reporting lines are therefore vital to ensure that the person to whom a report of fraud is made is the right person to initiate the business's response. Having an urgent response plan ready to be deployed upon the discovery of fraudulent activity is essential and should include the contact details of external providers whose business is the investigation of fraud and the recovery of assets. In simple terms: businesses should assume they will be targeted by fraudsters and they should have their tried and tested response plan in place.