The cover of CFO Magazine paints the picture pretty well: A businessman in a dark office, with cash piled over his desk. The headline reads, “How to Stop Fraud.” When I read the feature article, “Where There’s Smoke, There’s Fraud,” and the subhead, “Sarbanes-Oxley has done little to curb corporate malfeasance,” I immediately thought of our recently released Quarterly Corporate Fraud Index, which covered the fourth quarter of 2010. The Index showed that fraud reporting was on the rise. This aligns perfectly with what CFO Magazine is reporting, based on findings in Kroll’s 2011 Global Fraud Index and the ACFE (Association of Certified Fraud Examiners) 2010 survey, which both highlight the dark fact that fraud is still quite prevalent and it’s still quite costly.
According to the article, “If fraud were the flu, this would qualify as a pandemic.” That’s scary. It’s even scarier to think that reported fraud is only the proverbial tip of the iceberg to what may be lurking until the surface. Dodd-Frank’s whistleblower provision was supposed to help that. The good news, however, is that the article underscored the very things that we’ve been preaching, namely: 1) fraud prevention starts at the top and involves executive-level controls; 2) “employee education is the foundation for preventing and detecting occupational fraud,” and employees should know both the code of conduct for the company and how to make a report through their ethics hotline; and 3) organizations must look to the state of their ethical culture to prevent fraud and manage those incidents that do occur.
We have been talking with many clients and prospects who see uncertainty in how Dodd-Frank and the still-in-flux SEC whistleblower office will affect them, whether they’re a public firm or not. In fact, we recently signed a new customer, a very large financial organization, who made this point perfectly clear. In one of the conversations we had during the selling cycle, the compliance officer of that company told us they were coming to us because the Dodd-Frank Act (and no doubt, future legislation as well) was making it too complex to handle their ethics and compliances programs on their own. Until signing with us, they actually had their own internal hotline and were trying to manage all aspects of incident detection and management, employee training, code of conduct – all of it, on their own. They know the value in establishing and growing their ethical culture. For them, it’s a revenue enhancer. That’s how they are fighting the fire.