Annual fraud risk assessments can be very effective in finding obvious fraud threats and documenting internal controls that are in place to minimize them. However, these assessments can overlook evolving and behavioral risks that could cause significant financial losses if bad actors exploit them. You can help boost the power of your risk-reduction program by actively looking for potential blind spots.
Here are several examples of possible threats and how you can mitigate them:
- Performance pressure. Unrealistic performance targets that employees can't achieve legitimately may create a "win at all costs" culture that encourages cheating. This is particularly true if you tie compensation to overly aggressive goals. You can reduce this risk by ensuring performance metrics include integrity-related measures. In addition, performance outliers should be analyzed, and employees should be required to detail how they met their stretch goals.
- Cultural shortcomings. Low utilization of confidential fraud hotlines and whistleblower channels can indicate cultural problems. For example, your workers may not trust that their tips will be taken seriously or worry they'll be subject to retaliation. So track all tips your business receives (via anonymous mechanisms, direct reporting to managers and other methods), including how they're investigated and their ultimate resolution. While maintaining confidentiality, communicate such resolutions to employees to promote confidence in your system.
- Poor tone at the top. Not every executive models ethical behavior. For instance, a company leader might routinely override internal controls or ignore safety precautions. In such cases, workers may resent executive "privilege," and some could use their grievances to justify fraud. Your business's policies must apply equally to all employees, including executives. It's critical to demand integrity of your executives and to thoroughly investigate complaints about them. Executives found to be culpable of serious infractions must suffer consequences.
- Accepted noncompliance. When minor policy exceptions become commonplace, standards across an entire organization can gradually erode. At that point, workers may regard compliance as an obstacle to overcome, rather than a mechanism to protect their employer and fellow employees. Reduce such risk by tracking policy compliance, noting the exceptions and monitoring trends. Also, regularly retrain workers on compliance procedures and any acceptable rationalizations for overriding them.
The Bottom Line: Take steps now to address any policy pitfalls or employee behavior that might promote unethical or criminal activity. For most businesses, the best defense is proactive leadership, transparency, well-designed incentives and demonstrated respect for honesty and following rules. We can help you develop internal controls that address your company's most significant risks.
SERVICE SPOTLIGHT
Forensic Accounting & Fraud Examination Services
Porte Brown has significant experience working with attorneys in matters regarding shareholder disputes and family law issues. These matters may involve the hiding of assets, misappropriating corporate assets or dissipating marital funds. Our job is to get answers, communicate our findings with your attorney, and have an accountant testify the facts in a litigation. We also perform fraud risk assessments...
