Dealing with fraud in the workplace

This was one of the key findings of the 2018 PwC Global Economic Crime Survey (GECS) Report for the Philippines, where organizations from various industries were asked to participate and share their encounters with fraud in the workplace.

The report also highlighted Asset Misappropriation as the Philippines’ top economic crime; this has always been the most prevalent type of fraud in public and private organizations globally. Even more alarming is that one out of four organizations in the Philippines have experienced the most disruptive type of fraud — Consumer-related Fraud — over the last 24 months. Direct losses incurred by the affected organizations range from P1.3 million to P5.3 billion.

The report further revealed that even though Philippine organizations admit to having experienced fraud, quite a number of them were unwilling to disclose critical details about the incident. This was even considering that the survey was designed to be totally anonymous, with no questions that could associate any response with a particular respondent.

Philippine organizations, unlike their global counterparts, are not as open to sharing “internal issues” publicly. In my personal view, the primary reason for this is that these organizations do not want any unnecessary exposure to regulators and/or the general public to protect their reputations.

It’s the corporate power that matters

The elements of the fraud triangle include pressure, opportunities and rationalization — these are the complete ingredients for (potential) fraudsters to commit fraud. With the addition of a fourth key element, that is, the misuse and abuse of “power” or “corporate authority,” the fraud triangle has now evolved into a “fraud diamond.”

It appears that global corporate scandals were not perpetrated by ordinary staff but by employees who take advantage of their corporate power — those who can persuade staff to follow their instructions without any questions asked. This was captured in the global GECS results, which revealed that fraud was mostly done by internal actors over the last 24 months, with 87% of reported fraud committed by members of management, i.e. junior (26%), mid (37%) and senior (24%) corporate officers.

I remember one time when the head of a large organization, in need of cash, asked his driver to go to an accounting clerk to process a P30,000 cash advance. Since he couldn’t find any paper, he used a table napkin to instruct the clerk to process the request. Despite the clear violation of basic internal controls, the accounting clerk processed the transaction without any questions asked.

In my past life as an auditor, I’ve seen this happen a lot of times; corporate officers flouting standard processes for their convenience despite the controls in place. Of course, such as in the above scenario, staff would usually not dare question the intention of the executives, for fear of losing their jobs.

The 2018 GECS Philippines report revealed that almost 50% of companies who have experienced fraud in the workplace focused mainly on making immediate improvements to various business processes and key management controls. This shows how Philippine businesses are truly resilient in managing internal matters and are able to move forward after bearing the impact of fraud in the organization.

Furthermore, one out of three companies focused on handling organizational and external influencers by establishing an ethical culture across the organization, as well as elevating their corporate governance framework and anti-fraud mechanisms (e.g. a whistle-blowing platform/hotline) in order to be on top of the situation.

Fraudsters are getting smarter these days and organizations need to be fully aware of this. If there is extreme pressure to commit fraud (pressure) and any number of control weaknesses exist within the organization (opportunity), fraudsters are free to execute their fraudulent schemes because they believe that what they are doing is “just right” for them to do (rationalization). This problem is further compounded if they have the ability to do so (power). Again, all elements of the fraud diamond exist.

I want to share with you the four basic steps in fighting fraud:

1. Know the various types of fraud in the workplace. Organizations need to educate their employees about the types of fraud and how to prevent them.
2. Take a dynamic approach. Conducting an enterprise-wide fraud risk assessment is the best way to identify the organization’s vulnerabilities and implement the necessary controls to address fraud risks.
3. Invest in people and technology. Investment in people, coupled with the implementation of appropriate anti-fraud technology, helps to boost the effectiveness and efficiency of corporate governance and anti-fraud initiatives.
4. Establish an efficient anti-fraud framework. Mature organizations have whistle-blowing processes, as well as a whistle-blowing portal or “hotline” in place to facilitate the reporting of anomalies and fraudulent activities.

In fact, most workplace fraud is uncovered via “tips” from employees. Furthermore, reports received through these whistle-blowing channels must be properly handled, investigated in a timely fashion, and treated with utmost confidentiality. It is also important to protect whistle-blowers against potential retaliation from fraudsters.

Adopting these four basic steps will not only bring your organization’s corporate governance to the next level but will also allow your organization to align its anti-fraud initiatives with that of other global organizations. Ultimately, this should mitigate (if not totally eliminate) the risk of fraud within your organization.