Skip to main content
Business Protection Bulletin


By June 1, 2012No Comments

Fraud detection can be approached with a five-step strategy. Businesses of all types and sizes can use this five-step strategy to establish control systems to help detect frauds in day-to-day operations. The five steps are:

  1. Knowing the exposures.
  2. Knowing the symptoms of occurrence.
  3. Being alert for behavior indicators and symptoms.
  4. Initiating detection processes and building audit programs to look for symptoms.
  5. Following through on any detected symptoms.

It’s often step one, knowing the exposures, that stops most people from ever getting starting. After all, if you don’t know what could go wrong, then the rest of the strategy is a moot point. To help you better understand how you can use the five-step strategy to create a hostile environment for fraud, let’s begin by identifying the exposures and going through some of the most dangerous/common frauds affecting businesses of all industry types.

How often are employees offered a kickback by an employee or vendor in exchange for their participation in an embezzlement? Collusion is the involvement of at least two perpetrators in a fraud. This is a risk that intimidates accounting and finance managers, risk professionals, and auditors alike because it involves perpetrators getting around the controls designed to prevent a specific fraud.

It doesn’t take an elaborate, large conspiracy to circumvent controls. Let’s use a driver and accountant for a trucking company as an example. Inventory and warehouse operations and accounting operations are segregated from one another, but the control is circumvented. The driver steals the goods from his truck. Meanwhile, the accountant covers up the inventory shortages with false sales and un-collectible write offs.

This begs the question: How are executives and managers to prevent such a fraud when multiple people can so easily circumvent the control structures? The answer is to commit to seeking the symptoms of fraud. Begin with composing a list of what could go wrong, including potential fraud perpetrators and acts. With certain collusive frauds still in mind, here are some examples:

  • A procurement director for a business informs a vendor of what the vendor’s competitors are bidding. The vendor is able to win the business with a lowest bid and gives a kickback to the procurement director.
  • A supervisor proposes that a 13 hourly student laborers put false overtime on their timesheets. The supervisor will approve the un-worked overtime in return for them splitting the money they’re paid with him/her. The individuals are able to steal thousands of dollars before anyone detects the fraud.
  • A terminal operator, terminal supervisor, and accountant at a pipeline company conspire with two employees from the pipeline’s trucking vendor to steal one million gallons of fuel. Unsuspecting fuel service stations buy the stolen fuel. Meanwhile, the accounting clerk decreased the actual numbers on the fuel variance report and destroyed lading bills.
  • Three operation employees at a construction company begin over-billing several multi-million dollar project clients for insurance, rent, and other indirect costs. They’re able to put the extra billing money into their pockets while their company continues to collect on the legitimate charges. The company’s chief financial officer discovers the fraud, but offers his/her silence for a cut of the proceeds. Millions of dollars are over-billed before the fraud is detected.

The Symptoms. Once you know what could go wrong, the goal is to avoid the problem. This can be accomplished by listing the symptoms of the frauds, which is essentially how the frauds would appear in your records and books. Using the examples of what could go wrong from above, the following are just some examples of what could be on the symptom listing:

  • A particular bidder is always the lowest bidder, the last bid received, and/or just pennies less than their competitors.
  • Absent student employees during the time the overtime hours are supposedly being fulfilled.
  • Over budget departmental labor expenses.
  • Peculiar or suspect overtime hours, such as 80-hour workweeks by a full-time student.
  • Service stations complaining about competitors getting fuel under the market price.
  • Missing lading bills.
  • A particular area has larger than usual, unexplained, and/or miscellaneous losses.
  • Altered and/or inadequate documentation to support indirect charges.
  • An unreasonable percentage of indirect charges for a construction project, such as being 25% of more of the total billing.

In summary, notice that control weakness weren’t listed. Control weaknesses aren’t symptoms of fraud. You don’t know that you don’t have lung cancer because you’re a non-smoker, or that you do have lung cancer because you’re a smoker. It’s about the symptoms. The same can be said of fraud in that it doesn’t mean that a fraud isn’t happening just because a control is present, or that it is occurring because a control isn’t present.