How to Deal with Fraud Risk in a COVID-19 World

June 2, 2020 | Article

One day in early 2020, organizations started a new workday after things changed overnight. The effects of COVID-19 took many employees out of the workplace and into a home office setting. With an almost instant remote working situation, employees were forced to bring home computer screens, docking stations, laptops, desk top computers, client files and anything else they needed in order to do their jobs.

Then came the increased use of remote teleconference applications and a whole new set of questions:

  • Should we use Zoom, Skype, Microsoft Teams or some other video conference software?
  • How de we communicate internally?
  • How do we protect against conference call hackers or Zoombombing?
  • How do we ensure misconduct is not overlooked in a virtual work environment?

We broke down key considerations for a remote workforce that you might not be thinking about.

Of the numerous effects of COVID-19 on organizations, fraud should be a key consideration. The Association of Certified Fraud Examiners (ACFE) reports that 75% of all business are victims of fraud related crimes on a regular basis. In fact, the average business loses 5% of its annual revenue to fraud. With the average embezzlement taking 14 to 24 months to be uncovered, proper internal controls become increasingly important. This is especially true as many organizations scramble to contain costs and move forward into the next normal.

The Importance of Internal Controls in Fraud Prevention
When change is caused by disruption, processes become flawed. Business plans have to be put together quickly, but that also means details can fall through the cracks.

In the business world, these “details” may be internal controls. When internal controls are not adhered to, opportunities exist for employees to manipulate the process for their own gain. The tone at the top is one of the most important internal controls. This “tone at the top” must be set in stone with no tolerance for non-compliance. This accountability must take place regardless of if your employees are working remote or located in a physical office.

Make sense of your internal controls and develop an effective fraud prevention program.

How Internal Controls Affect Your Accounting Department
Internal controls and processes are of critical importance to your organization’s accounting department. Internal controls and processes impacted include:

  • Banking reconciliation
  • Invoice review
  • Payment review or approval
  • Vendor verification or acceptance
  • Payroll verification or approval

In some ways, working remotely could potentially add a layer of tracking/tracing to the flow of approval. After all, any email between individuals or businesses are time and date stamped automatically. Also, options are available to require a “read receipt” or a “delivery completed” notification which can be stored, just in case something needs to be verified.

Should your organization be concerned there is a limited segregation of duties, here are some areas to consider reviewing:

  1. Bank statements
  2. Cancelled checks
  3. Cash receipts
  4. Inventory counts
  5. Payroll processing

Organizations should also consider a review of the following areas of their cybersecurity plan:

  1. Email accounts
  2. Computers/servers
  3. Networks
  4. Mobile devices
  5. Data retention/destruction
  6. Electronic funds transfers

We’ve outlined key areas that may be susceptible to fraud.

Out of Sight Working Arrangements Can Lead to Fraud Issues
When people are “out of sight” they can also be “out of mind.” The red flags of fraud become considerably less visible and harder to identify over the phone or via a video conference call.

The ACFE report shows the leading red flag for fraud is living beyond one’s means. It also shows the leading tip for reporting possible questionable activity is tips. Without being able to interact with people, it is extremely difficult to determine their questionable activity. The lack of interaction caused by remote working and social distancing measures may allow employees to take advantage of a business without their activity identified or uncovered.

One way to help stop fraud in a remote working environment is to go back to the basics. The easiest, least expensive and most quickly implemented internal control is for an organization to set up a “perception of detection” within the business. A simple explanation of this concept is, will a person speed or run a stop sign if they “believe” they will get caught? The answer is undoubtedly no. This same reasoning occurs in a business—are most people going to commit an act of embezzlement if they feel they will be caught? In most cases, the answer will also be no.

The Impact of Fraud on Your Organization
The ACFE has found schemes lasting longer than five years have a median loss of $850,000. They also found that companies with fewer than 100 employees have a median loss of $150,000.

There are not many businesses, especially in this time of economic uncertainty, that can afford to lose $150,000 let alone $850,000 to an embezzler. Are you prepared to protect your organization’s finances?

Proper internal controls and risk assessment can help protect your organization during this time of uncertainty.

PODCAST
Two of our forensic professionals recently discussed fraud and embezzlement in our current remote working climate. Click play to listen.

Stay current on your favorite topics

SUBSCRIBE

Applicable Services

Take a deeper dive into this Insight’s subject matter.

Fraud & Forensic Advisory