Occupational fraud exists since establishment of labor relations. Times and technologies have changed, but most of the schemes fraudsters use remained consistent.

Occupational Fraud 2022: A Report to the Nations by ACFE defines three primary categories of the problem: financial statement fraud, corruption, and asset misappropriation.

Financial statement fraud

Schemes, where the perpetrator intentionally causes a material misstatement or omission in the organization’s financial statements are the least common (only 9%), but cost the most to the victim organization – $593,000 per case.

Perhaps the landmark example of falsifying financial statements is Lehman Brothers case. The global financial services company hid over $50 billion in loans disguised as sales. In almost all accounting cases, the fraud happened because of weak or absent internal controls that gave company executives opportunity to engage in illegal activities. 

Corruption

Corruption is mainly associated with conflicts of interest, bribery, illegal gratuities, and economic extortion. These schemes occur in 50% of cases and cause a median loss of $150,000.

According to Transparency International, in India alone, 39% of public service users paid a bribe in the previous 12 months. Which is a huge number, knowing that corruption is the most frequent occupational fraud scheme in the majority of researched regions. As an example, in Southern Asia corruption makes 71% of all cases, Eastern Europe and Western/Central Asia has 64% and Sub-Saharan Africa 62%. 

Asset misappropriation

Asset misappropriation happens the most often (86% of cases) and includes an employee stealing or misusing the employer’s resources (cash, inventory, other assets). However, this fraud category causes the lowest median loss at $100,000 per case.

Fraudsters do not necessarily limit themselves to one method of stealing. According to ACFE, 32% combine asset misappropriation and corruption, 2% - asset misappropriation and financial statement fraud, 1% - corruption and financial statement fraud, 5%- all three categories at once.

Internal control framework to prevent fraud

Proper internal controls are able to defend against insider threats, regardless of whether those are caused by deliberate fraud or innocent mistake. Here are three components to assure that employees operate ethically, transparently and within the legal field: 

• People-centric instead of data-centric. Monitor employee actions instead of monitoring data flows. Before insider threats develop to fraud, there are always behavioral red flags, pointing out deviations worth a closer look.

• Risk assessment. Risk is an inherent part of doing business. Take control over ineligible consequences, by adopting a risk management plan. Dynamically assess risks and identify anomalies to minimize possible losses.

• Response plan. Whatever can happen, will happen. Obtain context to see the big picture of the organization’s security posture and have a plan to stop any unwanted operations.