The Rise in Internal Fraud and You26 February 2016
The PWC Global Survey of Economic Crime is always an interesting read and this year’s UK edition does not disappoint. Of particular note, over half the UK respondents reported having experienced economic crime, an expected increase largely due to the rise in cybercrime.
1/3rd of these economic crimes are being carried out by employees, with the headline figure of huge growth in the proportion committed by more senior levels (up by over 100% on last year). This flies in the face of a common statement that we hear on contacting businesses – “we don’t have internal fraud here”.
There’s a fine line between trusting your employees and having a healthy level of intrusion to detect fraud. No-one wants their employees to feel like they are constantly under suspicion, but there is strong evidence to suggest that most firms are subject to at least some internal fraud, and crucially that it is likely being committed by the sorts of people you trust most. Someone who has been with the company a long time – probably a ‘good old boy’, known as someone who can be relied upon, who probably doesn’t take all their annual leave and who regularly works late.
The difficulty lies in developing a culture in which the suspicions of your employees are being reported in confidence, investigated properly, and acted upon appropriately. Despite all the advances in analytics and software flagging, it remains the case that your staff are by far your best resource against the insider. After all, they work closely together and will be best placed to spot when each other are acting unusually.
How best to achieve this? There are three initial steps:
Firstly, top level buy-in is essential. Usually, if your chief exec discusses fraud and makes it clear that your company takes a zero-tolerance approach, employees will listen. Fraud should be regularly discussed at senior levels, with regular communications being put out by the financial crime and risk teams about current threats. This top-level interest needs to make it clear that the company fully supports employees who make reports, and that such reports can be made in confidence, without fear of repercussion.
Secondly, a confidential reporting system needs to exist. This can be a simple anonymous address in the internal mail, supporting traditional contact points such as an email address or hotline. You are asking staff to potentially report on colleagues and line management – mechanisms must therefore be in place to ensure that your whistleblowers are properly looked after.
Thirdly, you need to have the capacity and skills to fully and properly investigate concerns which have been raised. Trained and accredited investigators will be invaluable not only in making sure that any suspicions are appropriately considered and dealt with, but also in identifying weaknesses and creating a plan to shore up the defences.
Internal fraud is absolutely something that all organisations should be planning for. Even if your risk profile is low in this area, you should make sure that you have a response plan in place and appropriate arrangements for your employees to support your counter fraud culture.View All News