Economic fraud prevention is a hot topic for both large companies and small firms. Fraud is the seizure of other people's assets (including money) or obtaining rights to them by deception and/or abuse of trust. As a rule, swindlers are subtle psychologists with manipulation skills. Often they are found among the employees of the company of their future victim. Below we will tell you about the most common types of fraud, potential carriers of this threat, and what control systems should be in the enterprise to prevent such crimes.
The main thing is awareness
The sources of fraud can be both external forces and internal (company employees). First, consider how you can counteract first.
In 1998, Reuters published the results of its research, from which it followed that only 28% of Russian managers rely primarily on specific information when making decisions. A similar figure in France was 91%, and in the United States in general 95%. For twenty years, the situation, of course, has changed, but even now, employees of companies often make important decisions on an intuitive level or under the influence of some momentary factors. As a result, several tens of thousands of economic frauds are officially registered annually on the territory of the Russian Federation. In the media, you can find information that almost a quarter of all enterprises are used to illegally receive funds from counterparties. Interestingly, it is known about the mass of open contracts with foreign companies (as practice shows, for some reason, domestic business is less picky about foreign partners than domestic ones, which often entails multimillion-dollar losses). Thus, from all of the above, the conclusion suggests itself: when choosing a counterparty company, you should collect as much information as possible about a potential partner. To do this, you need to know:
- Existing types of fraud.
- Methods and techniques for detecting fraud.
The most common types of fraud
One of the most common types of fraud is the use of forged documents or representation on behalf of a non-existent company. A typical example: a fraudster disguised as a counterparty arrives at the warehouse on Saturday to receive the goods for which money has allegedly already been transferred to the seller's account. Employees are preparing to leave work home, so they do not bother to check whether their company has received the funds due, and ship the goods (especially if the amount for their company is small). The fraud is revealed only on Monday when it becomes known that the funds for the purchase have not been transferred, and the goods have not reached the buyer.
To exclude such cases of fraud, it is necessary to implement elementary internal control rules in the company. Strict adherence to them by all employees will significantly reduce the possibility of fraudulent actions against the company.
But with the identification of phantom enterprises, the situation is more complicated. In this case, data from official registration organizations will be required. To get them, you can:
- independently apply to the mentioned structures;
- buy databases with the necessary information;
- seek help from a specialized company that can provide the information of interest.
Each of the above options has both its "pros" and "cons".
The first option - the company receives data from government agencies - is relatively inexpensive and as reliable as possible. The main drawback is the length of the procedure: the State Registration Chamber responds to the request within a month. And this, if necessary, to quickly respond to a tempting offer is simply unacceptable.
The acquisition of a database on the market also does not require special financial investments. This can be done quickly, and such databases are effective enough to identify structures prone to primitive fraud. "Minus" - there is no guarantee of the reliability of absolutely all information contained in such databases.
Thus, the most prompt and effective is contacting a specialized company. This method is, of course, cheaper than maintaining your security services, but significantly more expensive than the previous two fraud prevention options.
External corporate fraud
Very often, to carry out fraud, criminals officially register a full-fledged enterprise, which goes through all registries and databases. For the first time, this company can even fulfill its obligations in good faith - for example, release the goods at a price lower than the market price. Such a company quickly builds up a good reputation, and a line of people wishing to make a profitable purchase is lined up for it. Transactions are made on a prepaid basis. The so-called “pyramid” principle is used - swindlers attract more and more money because they sell goods at a price lower than that of others. When a decent amount accumulates on the accounts of the creators of the scheme, they simply disappear with the money, leaving their victims with nothing.
In this case, fraud could be avoided only by finding out at what price the criminals bought the goods. Seeing that further along the chain they are implementing it without profit for themselves, it was possible to draw appropriate conclusions. But such work is only within the power of highly professional security services or the information and analytical companies specializing, among other things, in the fight against corporate fraud. If the former is not at the enterprise, and the latter were not consulted promptly, then one has to rely only on the law enforcement agencies and hope that they will eventually find the crooks and will be able to recover the lost money.
Internal corporate fraud
Let's move on from external sources of fraud to internal ones (frauds committed by someone from the company's employees).
The transfer of significant powers to the company's managers, including in the financial sector, is fraught with rather significant risks. Unscrupulous employees can abuse their powers to the detriment of the interests of their company. One of the most common examples: a manager signs an agreement under which his company assumes certain obligations, and the top manager himself receives material benefits from this transaction. Such actions, according to article 159 of the Criminal Code of the Russian Federation, have signs of fraud.
Finding such fraudulent acts is not easy, as agreements concluded with criminal intent are like routine business agreements. Moreover, even an ordinary documentary check may not reveal the facts of fraud, since the primary and final numbers may correspond to reality, and the whole fraud took place at intermediate stages.
There are other techniques used by unscrupulous employees to disguise the scam:
- actions that took place in reality (purchases that were carried out, but in different volumes);
- destruction of information that can shed light on the true state of affairs with the help of malware;
- database falsification;
- distortion of information in the primary financial and economic documentation: checks, invoices, invoices, receipts.
But even such techniques do not guarantee that the fraud initiators will 100% avoid exposure. Violations can be discovered by carefully studying the financial activities of the company. So, should be alerted by incomprehensible changes in the balance sheet, lucrative contracts "at the end" of the reporting period, excessive indebtedness, a relatively large percentage of overhead costs in the overall structure of the company's expenses. All these are signs of fraud on the part of high-ranking employees of the enterprise. In the event of the destruction of financial information by malicious computer programs, the absence of DLP systems and SIEM systems in the company that prevents leaks from computer networks should be alerted. This negligence on the part of the management team may be deliberate.
Also, signs of internal corporate fraud include:
- permanent operation of the enterprise in a crisis state;
- non-transparent or informal relations of high-ranking employees of the company with contractors;
- frequent appearing of the enterprise in litigation;
- problematic movement of financial assets;
- the rapid growth of expenses, while incomes grow very slowly or do not grow at all;
- critical dependence of the normal functioning of the enterprise on one or two suppliers of goods / raw materials/services.
The lack of internal audit, as well as the non-transparent organization of the enterprise structure, are also risk factors in terms of preventing theft. As well as the disproportionately frequent contacts of sales managers with companies in which high-ranking employees are relatives of the latter.
As practice shows, in case of fraud by employees, appropriate adjustments are made to the financial documentation:
- in the primary, changing information about the terms of the contract, the number of deliveries, etc.;
- into accounting registers, distorting data in accounting systems;
- in the final indicators, incorrectly summing up the funds received in individual areas;
- in financial statements, in which all the final indicators are distorted: balance sheet, expenses, and income.
Therefore, when auditing the activities of employees who have access to financial and economic documentation, you must first of all pay attention to:
- the mathematical correctness of the calculations (how well income and expenses are summed up), for which the recalculation is carried out;
- completeness of the set of documents;
- the correctness of the document flow, primarily in terms of the sequence of signing and approval of individual contracts, orders, and orders.
If the suspicions of an individual employee of financial impropriety are justified, for completeness of the investigation, documents can be submitted for examination, which will confirm or deny the erasure of data both on paper and electronic media, as well as any other methods of distorting information in a specific document.
Building trusting contacts with employees also help prevent fraud. The employees themselves can become a source of information about impending thefts. A reason to suspect that something is amiss is a radical change in the behavior of a particular employee, his way, and lifestyle. Negative facts in the biography of a suspect are also a reason to pay closer attention to the professional activities of such an employee. At the same time, if there is no one hundred percent certainty of someone's fault, the investigation should be conducted as non-public as possible, so as not to damage the reputation of an innocent person.
Control over the actions of personnel and contractors usually avoids unpleasant stories. This control includes audits, both external and internal, other regular inspections of the enterprise, instilling certain rules and standards of corporate culture, a clear delineation of powers.