The annual 2015 Kroll Global Fraud Report finds that fraud has continued to increase and businesses are more vulnerable and at risk than ever before. A reported 75 percent of 768 senior executives representing a broad range of industries and regions in the survey experienced a fraud incident last year – and 81 percent of companies affected by fraud reported insider perpetrators. The wide range of sectors represented included financial and professional services such as retail, wholesale, and distribution; technology, media, and telecommunications; healthcare, pharmaceuticals and biotechnology; and manufacturing.
In this year’s Global Fraud Report, the proportion of respondents reporting at least one fraud in their company in the past year has risen to its highest level in the report’s eight-year history, however, every separate category of fraud has decreased. This contradiction points to the survey being a measure of perceptions, and not that a category of fraud has been missed. While “fraud is on the agenda and in people’s minds… the apparent decrease in each of the individual categories reflects a lack of specific knowledge [by reporting executives] of the details of the frauds, and so the allocation by type may in many cases involve some guesswork on the part of the respondent.”
While attention has often been paid to external threats – particularly for companies operating in emerging markets – the report highlights the importance of a company’s internal review and its subsidiaries’ compliance measures. Tommy Helsby, Kroll Chairman, explains, “It is far more comforting to think of the threat coming from the outside rather than lurking among colleagues within the company. [Reassuringly,] there is a limit to what you can do about threats from North Korea, but there are plenty of effective measures to tighten internal systems and improve employee behavior.”
Joseph A. Spinelli, a senior managing director at Kroll, emphasizes that “all effective fraud risk management programs begin with the boards of directors of an organization ensuring overall high ethical behavior, regardless of its status as private, public, or not-for-profit; its size; or the industry [in which] it conducts its business. … It’s up to the board of directors to ensure that its own governance practices set the tone for fraud risk management, and that management effectuates policies that encourage ethical behavior including providing a mechanism for employees, agents, vendors, and customers to report violations of those standards without fear of retribution.” With so much fraud at the senior level, the board’s check on senior power is important. Spinelli also mentions that incentives programs can be a good place to look for fraud as well. For example, if a company incentivizes sales numbers by giving sales agents a percentage of their sales, then agents could be tempted to exaggerate their numbers.
Besides focusing efforts on the tone from the top, whistleblower programs were the most frequent source of fraud discovery. The report found that, in the past year, a whistleblower was at least partially responsible for exposing 41 percent of cases of fraud – ahead of external audits (31 percent) or internal audits (25 percent).
Fraud does not discriminate among sector or size – it occurs all along a company’s supply chain and can affect companies in all sectors. However, Richard Dailly, Managing Director at Kroll, explains that emerging and frontier markets, with a higher instance of fraud and corruption, face three common challenges in addressing risks within supply chains. First, there can be limited visibility or full reliability of ownership of a business along the value chain. Second, audit limitations – specifically their overt approach and broad scope – can permit information gaps, potentially leaving a company unaware of fraudulent activity and noncompliance. The report advises an audit strategy reaching “beyond the proverbial factory walls and the first tier of suppliers” for a comprehensive understanding of the complete network of third parties within the value chain. Third, the common practice of subcontracting can weaken conventional audit and compliance efforts.
Marianna Vintiadis, Kroll’s Country Manager in Italy, underscored that “different regulatory environments affect internal compliance programs as well.” While a multinational’s anti-corruption program might meet legal requirements for its company headquarters, there is no guarantee that subsidiaries abroad meet the same standard. Vintiadis advises beginning by considering the available tools at the local level and working backwards to construct a robust compliance policy.
The report also provides ten country studies highlighting trends in prevalence of fraud, average loss of revenue, and biggest drivers of increased exposure for fraud from the United States to India since 2013. Among these country overviews, an overarching trend was a pressing need for companies to take the threat from the top more seriously. For example, where a fraud had occurred in the previous year with a known perpetrator, 44 percent of Colombian respondents said senior or middle management had been involved. Yet, only 20 percent or respondents reported their businesses would be investing in further management controls in the coming year.
A similar situation occurred in China, which ranked highest in terms of vulnerability for theft of physical assets or stock, corruption and bribery, intellectual property theft, internal financial fraud, misappropriation of company frauds, market collusion, management of conflicts of interest, and money laundering. This shows a gap in exposure to vulnerability and appropriate anti-fraud strategies. Only 35 percent of respondents indicated investing in staff due diligence, and only 53 percent indicated investing in due diligence with partners and/or vendors despite 74 percent feeling vulnerable to vendor, supplier, or procurement fraud in China.
Overall, the globalization of business and the sprawl of supply chains crossing countries with fewer controls against fraud and corruption have left businesses feeling exposed (49 percent surveyed) to fraud. Furthermore, weak internals control and follow-on measures have left companies vulnerable to internal threats. Because there is no absolute deterrent against fraud, companies need to be prepared to have “a rapid and decisive response” when instances arise.
For full methodology and to download the report, visit http://www.kroll.com/global-fraud-report.
Stephanie Bandyk is a Program Assistant with Global Programs at CIPE.