Distracted by COVID-19? That's exactly what an opportunistic fraudster wants
With so much focus on managing the external risks associated with the COVID-19 pandemic, it is a timely reminder for business owners of the risks arising internally during times of crisis; notably opportunistic fraud. 

There has been so much focus over the past month regarding the impacts of the COVID-19 pandemic as business owners grapple with falling revenues, implement cost reduction strategies and access government announced stimulus measures. With attention focused on these matters, this may present an opportunity for a motivated fraudster to perpetrate a fraudulent act.

Opportunistic behaviour: Panic buying and resale of critical supplies

You would have witnessed the media articles regarding panic buying and worse still, intentional hoarding of critical supplies such as hand sanitisers being resold at inflated mark-ups. In the United States, the FBI recently raided a private residence in New York re-acquiring many thousands of medical supplies including personal protective equipment (PPE) which was redirected back to front-line medical workers. This behaviour is reflective of the opportunistic nature of some during times of crisis. 

Whilst transferring a workforce to work-from-home arrangements, or simply freeing up staff to keep a business operating, key elements of the business’s control environment may be relaxed. This is exactly what an opportunistic fraudster wants.

Trust is not an effective internal control

A common response from business owners is the trust placed in their staff: “that would never happen here.” However, global fraud surveys continue to show that it is often long-term and trusted employees that perpetrate acts of fraud. Often because they can take advantage of their trusted positions inside businesses. Financial pressures on families will increase as the economy contracts over the coming months, in particular from job losses. This may increase motivation for some people to perpetuate a fraudulent act.

Trust within a business is a key component to operating a highly effective team. However, trust needs to be supported with effective internal control for the protection of the team as well as for the business. Trust itself is not an effective control.

When and why does fraud occur?

During this time of economic uncertainty, it is likely that some jobs will be lost as businesses implement survival strategies. Experienced staff members may be eliminated from key processes such as payroll and supplier payments. They may be replaced by inexperienced staff members of their roles may not be replaced at all resulting in gaps in the control environment. Just as likely is that more will be asked of existing staff members, reducing their available time to conduct review and monitoring tasks.

Opportunistic fraud generally occurs when a motivated fraudster operates in a business with:
  
  • Weak or lack of supervision;
  • Gaps in the internal control environment;
  • Poor security over business assets;
  • Weak or lack of monitoring processes; and
  • Lack of communication establishing minimum standards of staff behaviour.

The COVID-19 pandemic is presenting the above conditions and it is critically important that business owners consider the threat of opportunistic fraud during this time of crisis.

Just as prevention is better than cure when it comes to COVID-19 itself, the same can be said for opportunistic fraud. Proactive management to reduce fraud risk is far more cost and time effective than conducting investigations, legal action and recovery processes after a fraud has occurred.

Ten common frauds perpetrated: 
  
  1. Personal use of company assets including motor vehicles, IT and other equipment.
  2. Theft of company assets including stock (inventory) and IT equipment.
  3. Theft of cash through online banking.
  4. Inappropriate use of company credit cards.
  5. Falsification of timesheet records.
  6. Falsification of expense reimbursement claims.
  7. Payment of fictitious employees or suppliers (e.g. false invoices).
  8. Inappropriate changes to bank account information within employee or supplier masterfiles.
  9. Skimming from customer invoices through processing credit notes and other refunds/returns.
  10. Theft of personally identifiable information such as credit card numbers, client lists etc.

Get ahead of the fraudster with these actions:

  • Communicate with staff with respect to acceptable behaviour and expectations particularly when implementing changes to business practices and work-from-home arrangements.
  • Wherever possible, do not relax key controls, particularly over payment processes. Maintain appropriate segregation of duties and supervision of activities.
  • For large and unusual payments to new or infrequently used suppliers (e.g. cleaning/sanitising products), independent verification of payment details including bank account numbers is recommended.
  • Maintain supervision and effective control over procurement decisions.
  • Now is an important time to review system access controls and ensure that these controls support effective segregation of duties. This includes password protocols for online systems.
  • Ensure that physical access to business assets is in place. This is increasingly important if large components of your workforce are no longer present at workplaces i.e. there are sets of eyes keeping everyone honest.
  • If irregularities are identified or an act of fraud is suspected, ensure these are followed up and investigated immediately. If the business does not have the resources or expertise to do so, consider engaging independent support.
  • Create an honest and ethical workplace culture and/or consider the use of a whistle-blowing service (already mandated for certain businesses).
For more information, click here.

If you have any questions regarding the above, please contact Associate Director of Corporate Assurance, Alex Hardy on 02 8262 8254 or email ahardy@prosperity.com.au.

Related Articles