An intense enforcement environment and a slew of new regulations is pushing reporting of fraud to near-record levels.
According to a study by The Network and BDO Consulting, incidents of fraud, including reports on corruption and fraud, misuse of assets, conflicts of interest, and Foreign Corrupt Practices Act violations by employees went up last quarter to 20.3 percent of all compliance hotline activity by employees. Fraud reporting has now risen for three quarters in a row, based on the analysis of more than 1,000 orgnizations worldwide.
That percentage has climbed steadily from 10 percent in the first quarter of 2005 (when the Quarterly Corporate Fraud Index was first compiled), to 14.3 percent in first-quarter 2007, to 20.3 percent of today. The index hit a peak of 20.6 percent in the first quarter of 2009.
Doug Wells, senior vice president of operations at The Network, says that fraud reporting has remained high for the last three years. “It continues to sustain at a relatively high level,” he says.
The steady level in the percent of fraud reporting is partly due to a flurry of fraud-focused legislation, such as the U.K. Bribery Act and the Dodd-Frank Act, says Timothy Mohr, a partner at BDO Consulting. “It’s not necessarily that fraud is increasing with regulations in place,” he says. “It’s that the regulations are allowing for fraud to be discovered in a more timely fashion.”
The economic downturn has also caused fraud to become more apparent. When a very profitable company suddenly sees a decrease in revenue, any fraud that exists “bubbles to the surface,” Mohr says.
“These numbers are going to be sustained for several more quarters until you see significant economic conditions improving,” Wells says. Employees are still hurting from the recession, and many are not getting raises or bonuses, so the pressures that tempt a person to commit fraud still continue, he says.
As long as anti-fraud legislation is in place and companies are providing effective policies and procedures, “I do think you will see a leveling out over time,” Mohr says.
On the Hill
Still, with more anti-fraud legislation possibly on the way, including a bill to fund more fraud investigations, employees could be influenced to report fraud in even greater numbers.
The Senate Judiciary Committee on May 19 approved the Fighting Fraud to Protect Taxpayers Act, authored by Chairman Patrick Leahy (D-Vt.) and ranking minority member Chuck Grassley (R-Iowa). The bill would direct a small portion of funds collected by the government in fines and penalties to investigating, prosecuting, and litigating fraud cases.
In the last fiscal year alone, the Justice Department recovered well over $6 billion through fines and penalties. Additionally, since January 2009, the department has recovered $6.8 billion in False Claims Act cases—far more than any other two-year period. The fraud section of the Criminal Division also had a record year, imposing over $1 billion in criminal penalties in FCPA cases.
The Leahy-Grassley legislation calls for approximately $15 million a year to be reinvested in anti-fraud efforts. After the terrorist attacks of Sept. 11, 2001, some law enforcement resources to investigate and prosecute fraud were redirected to anti-terrorism efforts. The bill would help restore some of these resources.
The bill also also gives the Secret Service more authority to investigate fraud, and would increase accountability by requiring the Justice Department to better manage and account for key spending.
The introduction of new fraud legislation and the steady rise of fraud reporting highlights the need for companies to develop an ethical culture that keeps fraud risks to a minimum.
One such mechanism is to have an anonymous reporting channel, which often allows fraud to be detected earlier, Mohr says. Many companies already have anonymous reporting mechanisms in place, “but it is the type of reporting mechanisms that you have that can make the difference,” he says.
For example, he says, a policy that fraud must be reported to the general counsel might not be the best practice. Mohr says he’s been involved in several investigations where many people knew of a problem but did not know where to turn. “They didn’t feel comfortable turning to the general counsel, so the fraud was allowed to run longer than it normally would have,” he says.
Below are two charts from The Network. The first chart compares first-quarter fraud reporting percentage for the past seven years; the second compares fraud-related incidents.
Source: The Network.
Employees should also have the option of reporting through e-mail or by phone. This reporting mechanism should further offer the assurance that the whistleblower will remain anonymous throughout the entire process, Mohr says.
And some companies set up their hotlines, but don’t spell out parameters for what should be reported, he adds. Is the hotline just for financial reporting issues? Is it just for embezzlement and theft? Do you also want to know about human resources-related issues? All those questions, he says, should be answered for employees.
“More and more companies recognize that it is not just about having a hotline,” Wells says. “It’s about having comprehensive capabilities.”
Companies are also paying more attention to how they can get out of a siloed approach to fraud reporting, Wells says. Some companies have thousands of locations and different departments around the globe; they need to compare the data in one place and put consistent reporting policies in place.
Many companies are beginning to employ software and other analytical tools to detect problems early. Some systems allow managers who receive incident management reports internally to log those in one central database.
This gives managers the ability to investigate and track all reports centrally. From there, they can identify the existence of any trends in fraud, where it is happening, and whether training or a change in policy is needed.
Companies should also ensure they are periodically conducting fraud risk assessments, especially when the business has changed or the market has shifted. Says Mohr: “Conducting a comprehensive fraud risk assessment before implementing new policies and new systems is important so you know where your vulnerabilities are.”