I ran across a posting recently that indicated that the majority of fraud in companies was perpetuated by people working in collusion in the finance area.
This is distressing to me for two reasons.
First, as a finance person, entrusted with a company’s most liquid assets, occupying a certain level of esteem (see our vision and mission post), I do not like the fact that these people give the profession a bad name. Finance was responsible for roughly 1/3 of the fraud instances, so it is still true that the majority of fraud is not committed by finance, but by other areas.
Second, “in collusion” is a problem as well. Most financial and accounting controls center around a “no collusion” principle, the procedures are set up so that fraud cannot occur unless someone walks up to someone else and says “hey, you know, if you and I get together….” The response in this scenario is supposed to be that the person approached says “No, how dare you!” and reports the other to the proper personnel and we all go on with our day.
The no-collusion principle is the reason we see two signatures on a check, why it takes two individuals to release a bank wire, why daily bank activity is reviewed by someone not involved in the daily bank activity, people who reconcile accounts are not the people who execute transactions on those accounts, etc.
If we cannot rely on no-collusion, what are we to do? Upping the collusion ante, as it were, would make fraud less likely. But where do we stop? Three people? Four? Five? Even having two people introduces process inefficiencies, each additional person probably makes the inefficiencies grow geometrically.
A lot of banks have a rule where people need to be out for a certain length of time, under the assumption that if they are engaged in something it will come unraveled before they come back. We could institute some type of similar policy.
Alternatively, technology may be able to assist us. If two people are required for a task, could we segregate this at a task level, where the second person was randomly assigned the role for that transaction? This would prevent collusion, since the two people would never know prior to the fact that they would be working on the same thing. We need at least three folks, probably more (sick days, etc.) performing the task in question to implement this reliably.
Introducing some type of random review, or audit, also helps discover these things, though usually after the fact. Yet the mere threat of audit adds an additional level of deterrent. One needs to keep this in mind, there is a tendency to audit only necessary things in tough economic times, and searching for unidentified fraud activity does not make it high on the list of priorities.
Whatever we do, we cannot rely on our instincts that we trust a person. As one of my co-workers said to me “Nobody has committed fraud on a company that wasn’t trusted”.
I would love to hear your thoughts about financial fraud or your stories on this topic if you have them.
Please take the time to subscribe, bookmark, or otherwise note your web presence and support of this blog if you are able.
Thanks for stopping by the Treasury Cafe!