By: Andy Clemens, CPA, CIA
What happens if two or more individuals in your financial institution collude to commit fraud? According to the Association of Certified Fraud Examiners’ (ACFE) 2022 Report to the Nations, fraud losses rise precipitously. The median loss for a scheme involving just one perpetrator is $57,000, but when two or more perpetrators are involved, the median loss skyrockets to $145,000. When three or more thieves work together, it soars to $219,000.
Unfortunately, collusion schemes are common — they make up approximately 58% of all fraud incidents. So, these five steps are recommended:
- Enforce internal controls: Colluding thieves usually either ignore internal controls or take steps to hide noncompliance. For example, a colluding manager might override controls to allow another employee to commit expense reimbursement or payroll fraud. To prevent such scenarios, ensure controls function as they were designed. If an employee fails to comply with a control, does it raise a red flag? Are controls regularly reviewed for compliance and efficacy?
- Conduct surprise audits: When employees know unexpected audits are a possibility, they’re generally less likely to attempt fraud. Surprise cash audits should be conducted by independent employees on a regular basis. Keep the time and place confidential to only those who need to be in the loop. That way, a colluding manager is less likely to be able to warn fellow thieves or falsify an audit’s results.
- Pay attention to relationships: Obviously, you want employees to get along and even be friends. But do any workplace relationships seem suspicious — for example, does a nonaccounting worker spend an unusual amount of time in an accounting staffer’s office with the door closed? Also scrutinize any employee relationship with a vendor that seems too chummy. When vetting vendors, ensure their personal information, such as addresses, don’t match those of any employees.
- Monitor electronic communications: In partnership with your legal counsel, ensure you have the right to monitor employee communications, such as email or instant messages shared on your network. Investigate employees if their communications lapse into unintelligible code, appear unrelated to their primary roles, or appear to violate your company’s policies and procedures.
- Implement a job rotation program: When employees rotate positions, it’s harder for fraud perpetrators to hide criminal activity. If someone is resistant to participating in a job rotation plan, you might want to look closer at that employee’s work for red flags. Along the same lines, require everyone to take vacations. Employees who continually avoid time off or only want certain individuals to cover their work while they’re out generally deserve attention.
You can further impede criminally-minded employees from working together by making all workers sign a code of conduct and by modeling ethical conduct. If you need help strengthening controls or suspect employees are colluding in fraud, contact us.