In order to prevent, deter and mitigate Corporate Fraud, organizations have to (a) assess their corporate fraud risk, (b) set-up and strengthen their corporate fraud risk management systems and (c) investigate allegations and indication of corporate risk.
What is Fraud?
There is no universal definition of fraud in law and definitions and scope what constitutes fraud vary from one jurisdiction to another. There are three main categories of fraud that affect organizations:
- Asset misappropriation, which involves the theft or misuse of an organisation’s assets.
- Fraudulent statements usually in the form of falsification of financial statements in order to obtain improper benefit.
- Corruption such as the use of bribes or acceptance of kickbacks, improper use of confidential information, conflicts of interest and collusive tendering.
Who commits Fraud?
Fraud perpetrators usually cannot be distinguished from other people on the basis of demographic or psychological characteristics. People that commit fraud are usually good people who consider themselves to be honest – they just get caught up in a bad situation as a result of pressure, opportunity and rationalization.
The Fraud Triangle
People commit fraud because of a combination of perceived pressure, rationalization and opportunity. The majority of frauds starts small as the result of an immediate financial need. Once individuals gain confidence in their fraudulent scheme, the fraud continues to get larger and larger until it is discovered. The fraud triangle provides a lens from which to examine any fraud. The fraud triangle is comprised of perceived pressure, perceived opportunity and rationalization. Fraud will only occur if all three elements of the triangle are present.
- Pressure is one of the three elements of the fraud triangle. Pressure is especially important because it is typically an immediate financial pressure that leads people to engage in fraud, e.g. money problems, gambling debts, alcohol or drug addiction, overwhelming medical bills.
- A perceived opportunity to commit fraud, conceal it, and avoid being punished is the second element of the fraud triangle. Opportunity is an essential part of every fraud because if fraud perpetrators don’t have the opportunity to commit fraud then fraud becomes impossible to commit. While eliminating all fraud opportunities may be impossible, reducing or minimizing the opportunity for fraud to occur can pay big dividends for organizations.
- Rationalization is one of the three elements of the fraud triangle. Rationalization is important because it is the mechanism that allows otherwise ethical individuals to justify unethical behavior. People rationalize to eliminate the inconsistency between what they do and what they know they should do.
eCommerce Fraud involves the use of stolen or counterfeit payment cards to make direct purchases or cash withdrawals. It also includes the use of stolen card data to buy items over the phone or via the internet. Fraud perpetrators will target retailers that sell goods and services online using stolen credit card details. Online business appeals to those fraud perpetrators, because there is no physical contact with the business or the legitimate cardholder. Businesses should be fully aware of the risks otherwise they are more likely to be targeted.
Fraud perpetrators hijack or set up an apparently legitimate business with the intention of defrauding both with its suppliers and customers. Those fraud perpetrators are happy to deal in any goods or services that have a market value, preferably those that are not traceable and easily disposable, for example electrical goods, toys, wines and spirits, confectionery etc.
Businesses now operate in a connected world. They sell across multiple channels and geographies. But as the number of channels and markets businesses operate in continue to rise, so does the risk of fraud. Fraud perpetrators are becoming more sophisticated. Fraud is increasingly difficult to detect. As a result standard fraud verification tools can prove to be insufficient.
Invoice Redirection fraud (or Mandate Fraud) occurs when your company receives a request to change a direct debit, standing order or bank transfer mandate, from someone purporting to be from another organisation to which regular payments are made, for example a business supplier. It generally takes place when a criminal impersonates your company and deceives the customer into making payment of the company’s genuine invoices to a fraudulent third party account instead.
Employees may be trusted with certain procurement responsibilities which can provide opportunities to commit fraud-related offenders. It’s difficult to identify the risks. A common sense approach is always essential.
Business Email Compromise (BEC) Fraud (or CEO Fraud) is similar to Invoice Redirection Fraud however in this case junior employees in the finance department of a company receive an email from a fraud perpetrator purporting to be the Chief Executive Officer stating that an important deal or some other urgent matter is pending and that a substantial payment needs to be processed immediately.
Email fraud (“Phishing”) involves fraud perpetrators making contact by email and can take a number of forms. The email may appear to be from a reputable company however when one clicks on the email or attachment or link within the email, malicious software (malware) is downloaded onto the PC or other device allowing the fraud perpetrator to track online activity and identify personal or financial information for fraudulent purposes. Both individuals and companies can be victims of this type of crime.
Telephone fraud involves criminals contacting you by phone (vishing) or by text (Smishing) pretending to be your bank, credit card issuer, utility company or often a computer company. During the conversation they will try and trick you into giving personal, banking or security information. Fraud perpetrators may also convince you to make a money transfer to them or inform you that you have won a prize and need to send money to release it. Their intention is to use this information to commit fraud against you or other parties in your name.
Fraud perpetrators may cold call you claiming there are problems with your computer and they can help you to solve them. Those fraud perpetrators often use the names of well-known companies such as Microsoft, Apple or IBM. They could even use the name of your broadband provider to sound more legitimate.
A substantial increase in your telephone bill is an indication your company could be the victim of Private Automatic Branch Exchange (PABX) fraud. Detailed billing will assist in identifying any potential unauthorised calls, usually International calls but they can also be National telephone calls. Another indicator is where customers trying to dial, in or employees trying to dial out, find that the lines are always busy.
How VAN LEEUWEN LAW FIRM can help
Most organizations do not have a comprehensive approach to preventing and deterring Corporate Crime. In fact, most companies don’t think about Corporate Crime until they experience one. When Corporate Crime occurs, they go into crisis mode, investigate and try to resolve the Corporate Crime, and then wait until another Corporate Crime occurs.
The strategic alliance with PRAETOR FORENSIC AUDITING enables VAN LEEUWEN LAW FIRM to co-operate with this auditing and financial crime risk management firm if this is beneficial to its clients.
Through it’s servicelines PRAETOR FORENSIC AUDITING helps private and public organizations identity the nature and extent of Corporate Crime and deliver appropriate remedies to establish a more comprehensive approach to preventing and deterring Corporate Crime.
PRAETOR FORENSIC AUDITING combines specialist knowledge and years of experience in the various disciplines of compliance, monitoring and enforcement. It provides the services required to help private and public organizations identity the nature and extent of fraud and deliver appropriate remedies: Fraud Risk Assessment, Fraud Risk Management, Fraud Investigations, Compliance Assistance, Integrity Due Diligence, Forensic Business Intelligence, Litigation, Negotiation and Reputation Management.
PRAETOR FORENSIC AUDITING leverages proven methodologies, as well as innovative and proprietary technologies, to identify relevant investigative and dispute resolution evidence in a timely and credible manner.
PRAETOR FORENSIC AUDITING help clients identify and assess financial crime risk, respond to evolving regulation, react to regulatory action, and enhance their existing financial crime risk management programme. Our services include: Strategy Consulting, Risk Advisory, Compliance Solutions, Independent Review, Technology Innovation and Investigations.
New technologies and processes are transforming in-house legal departments, but staffing models, too, are shifting to create new efficiencies and respond to the need for updated departmental skills and expertise.
Meet the legal department operations (LDO) professionals – a new position in corporate legal departments that is increasingly helping free up attorney time to focus on legal matters instead of operational ones. The recognition that operations, innovation, technology, and procurement should actually be the responsibility of an identifiable individual, rather than part of the portfolio of the general counsel is the biggest emerging trend in legal operations.
The legal department operations (LDO) professional is typically occupied with project management, financial planning, and managing outside counsel. But these legal department operations (LDO) professionals are also responsible for strategy, goal setting, and managing budgets, people, and vendors. Additionally, legal department operations (LDO) professionals play a crucial role in change management, which might explain their recent popularity.
The legal department operations (LDO) professional is often the person to decide what technology changes make sense and to determine how those technologies should be implemented with consideration of financial and operational implications such as budgeting, staffing requirements, outsourcing, and training.