has been around for thousands of years, and the way it is run and sometimes abused can be embedded deep in the culture. Occupational fraud was defined by American criminologist Edwin H. Sutherland (1883–1950) as “a crime that involves a betrayal of trust implied in the holding of an office or other position of trust.” Sutherland used the term white-collar crime, casting doubt on the idea that poverty breeds crime. Sutherland argued in White Collar Crime that members of society occupying positions of privilege and status were just as likely to commit crime as those from lower classes. Sutherland's work, it could be argued, reflects some of the earliest studies on profiling criminals.
It can be contended that rationalization of occupational crime comes from its low visibility, occurring under cover of employment, with victims often suffering without meeting perpetrators, resulting in the indirect nature of the act giving the appearance that it is victimless. Research shows, however, that occupational fraudsters display criminal thinking that parallels street-level offenders with similar behavioral traits that serve as risk factors.
Generally, fraudsters live well-ordered lives and are well respected in their communities and at work. They commit fraud in their workplace to fulfill a financial need when there is an opportunity to do so and when then can rationalize their deed (Cressey's fraud triangle, 1953). Trusted, well-paid employees risk their careers by stealing from their employers due to financial difficulties, lifestyle maintenance, anger, low loyalty, revenge, and boredom (KPMG, 2011). Occupational fraud is costlier than other crimes and affects more people (ACFE, Report to the Nations, 2012). It relies on deceit and concealment and often employs sophisticated technology.
Further to motive and opportunity, techniques of neutralization enable individuals to violate normative and ethical standards (Coleman, 2002). For example, by justifying theft as “borrowing,” criminal activities may be deemed to be a normal way of stealing or achieving business targets. Trying to prove that a fraudster intends to permanently deprive an organization can be difficult when the fraudster has claimed that he intends to repay the amount or has already done so. Offenders may justify their behavior by claiming that they are not really hurting anyone, that everyone else is doing it, or that the activities may have been carried out that way for many years. This may be a reflection on their culture or background.
The ACFE estimates that some $3.5 trillion of fraud is happening worldwide. The National Fraud Authority in the United Kingdom publishes its Annual Fraud Indicator every year, which estimates that fraud in 2011 was costing the UK economy over £38 billion a year, equating to a shocking £765 per adult per year. This figure includes estimated undetected losses.
In the Compliance Reporter article “UK Fraud at Record Level” (2012), KPMG reported the actual 2011 UK fraud to be £3.5 billion. The 2011 FraudTrack Report, released by accountancy firm BDO, revealed a significant increase in both the number and value of reported frauds in the United Kingdom in the previous year to the highest level of fraud since the report began in 2003. In 2010, there were 372 cases of reported fraud with an average value of £3.7 million each. This had risen to 413 cases with an average value of £5 million each.
The Fight against Fraud
The nature and threat of occupational fraud is universal, according to the ACFE. Although the research in its 2012 Report to the Nations noted some regional differences in the methods used to commit fraud, as well as organizational approaches to preventing and detecting it, many trends and characteristics are similar regardless of where the fraud occurred. Whereas this may make writing a textbook on how to deal with fraud a little easier in that much of the approach may take a standardized approach, this is certainly not the case when we start to consider profiling. Profiling the human being cannot be a standard process with a one-size-fits-all solution. Each human being has unique characteristics and behavioral attributes, thereby giving a unique angle to what may be described as universal fraud.
Providing individuals with a means to report suspicious activity is a critical part of any antifraud program. Fraud reporting mechanisms, such as communication channels and whistleblowing hotlines, should be set up to receive tips from both internal and external sources and should ideally be externally managed, should offer anonymity and toll-free calling, and should allow confidentiality. Management should actively encourage employees to report suspicious activity, offering a reporting process free of reprisals and with the maximum protection for the whistleblower. In many jurisdictions this protection comes through the legal system with whistleblower protection embedded in local law. Interestingly, where I have worked on introducing whistleblowing mechanisms in organizations in jurisdictions where there is no legal protection for whistleblowers, I strongly advise that the organization's CEO or chairman state in his launch address as well as in his preamble in the whistleblowing policy that he personally guarantees the protection of whistleblowers and that their actions will not be detrimental to them in any way, irrespective of legal protection or its absence.
External audits should not be relied on as an organization's primary fraud detection method, says the ACFE. Such audits were the most commonly implemented control in the study; however, they detected only 3 percent of the frauds reported and they ranked poorly in limiting fraud losses. While external audits serve an important purpose and can have a strong preventive effect on potential fraud, their usefulness as a means of uncovering fraud is limited. Both internal and external auditors, however, have access to and are therefore crucial to the collection and analysis of the information and data required to set up a profiling mechanism in the organization.
Targeted fraud awareness and sensitization training for employees and managers is a critical component of an effective antifraud program and is a proven method of preventing and detecting fraud. Not only are employee tips the most common way occupational fraud is detected, but the research shows that organizations that have antifraud training programs for employees, managers, and executives experience lower losses and shorter fraud durations than organizations that do not have such programs in place. At a minimum, staff members should be sensitized as to what fraud actually is, what actions constitute fraud, how fraud harms everyone in the organization, and how to report suspected fraudulent activity.
Research continues to show that small businesses are particularly vulnerable to fraud. These organizations typically have fewer resources than their larger counterparts, which often translates to fewer and less-effective antifraud controls. In addition, because smaller businesses have fewer resources, the losses they experience tend to have a greater impact than they would in larger organizations. Managers and owners of small businesses should focus their antifraud efforts on the most cost-effective control mechanisms, such as hotlines, employee training, and setting a proper ethical tone at the top and within the organization. Additionally, assessing the specific fraud schemes that pose the greatest threat to the business can help identify those areas that merit additional investment in targeted antifraud controls. The fraud risk assessment process is invaluable in determining fraud risk exposure and is a fundamental element of fraud profiling.
Profiling as a Solution
In terms of profiling, most fraudsters exhibit behavioral traits that can serve as warning signs of their actions. These red flags, such as living beyond one's means or exhibiting excessive territorial control issues, generally will not be identified by traditional internal controls that are designed to focus on the organization's processes rather than human behavior. Managers, employees, and auditors should be educated through the training and sensitization programs on these common behavioral patterns and encouraged to consider them, particularly when noted in tandem with other anomalies, to help identify patterns that might indicate fraudulent activity.
The cost of occupational fraud, both financially and, possibly more important, to an organization's reputation, can be acutely damaging. With nearly half of victim organizations unable to recover their losses, proactive measures to prevent fraud are critical. Management should continually assess the organization's specific fraud risks and evaluate its fraud prevention programs in light of those risks. Profiling of the fraudster and his modus operandi
