White collar crime is burgeoning business. New Zealand’s fraudsters lifted their annual take by $79 million to $279 million in the second half of last year, according to global accounting firm KPMG’s fraud barometer.
And competing accounting consultancy PricewaterhouseCoopers’ latest Global Economic Crime Survey placed us fourth out of 78 countries for reported internal organisational fraud and theft. White collar crime is, according to PwC, now persistent fact of New Zealand business life.
Just shy of 50 percent of respondents to PwC’s New Zealand survey said they had experienced some form of economic crime in the past year. This level of criminal activity means we rank significant 16 percent above the global incidence average of 34 percent. Australia isn’t far behind on 47 percent which, ironically, provides one of the few trans-Tasman performance indicators on which we outrank them.
Our commercial crime rate is climbing steadily. And the cost to businesses, the insurance industry and the economy in general is climbing along with it. Interestingly, many Kiwi companies are either not well insured, or not at all insured against criminal activities.
Most organisational theft is committed by employees, 71 percent of whom are male. And in most cases they do it by manipulating accounting systems to divert funds from the enterprise.
So what’s driving our booming white collar crime industry? The parlous state of the economy and the repercussions of that reality is major factor. Staff reductions, poor financial performance, mergers and acquisitions, and increased employee workloads are more often than not at the heart of the problem. According to AIG chief executive Cris Knell, surges in criminal activity such as the one recorded in 2011, most often happen during tough economic times. Given the current state of the economy, business owners and managers should be “very concerned”, he says.
Bad apples
Oddly, despite the millions stolen businesses are reluctant to buy insurances that cover fraud or other similar theft. “Despite numerous annual global studies on fraud and white collar crime, business owners still view their staff as the most honest and upstanding community,” says Knell. They optimistically think other companies employ the bad apples.
New Zealand businesses seem to relate better to the need for natural disaster property insurance and other production or distribution related covers. Company directors relate to the need for management liability protections and professionals, like solicitors, are quick to insure themselves against personal liability claims. Crime insurance isn’t always afforded the same importance.
“KPMG’s latest survey puts disturbingly high figure on the cost of commercial crime,” says Ace Insurance New Zealand president Paul Martin. “And the insurance industry has an important role to play in providing risk management solutions to the problem.”
According to Knell, an organisation’s good reputation can seriously be compromised by fraudulent employees. Their activities can erode the company’s core values and put the key qualities upon which business depends at risk. serious internal fraud can kill an enterprise that has taken years to build.
It is not always easy to manage the internal risk of white collar crime. Even technically sophisticated and large enterprises that have no trouble measuring data-rich exposures such as credit, market and regulatory risk, stumble when it comes to measuring fraud risk, says Knell.
That’s because the data used to measure the potential for internal crime is harder to mine and so the risk becomes more difficult to assess. This finding was highlighted with financial institutions, pre the global financial collapse (GFC), when PwC and Britain’s Economist magazine revealed in collaborative paper that organisations frequently fail to act if they can’t find the numbers with which to measure risk or set of risks.
KPMG’s 2010 Fraud and Misconduct survey suggested that two thirds of all frauds remain undetected. Insurers, therefore, are looking for companies to adopt steps that can detect, deter and prevent fraud. “We want companies to be proactively engaged in preventative measures and to avoid the difficulties associated with responding after the event,” says Knell.
“If you think about the repercussions major fraud can have on company’s reputation, staff morale and external business relationships, taking early action [to prevent internal crime] is an obviously more sensible strategy.”
Mitigate the risks
According to Paul Martin, insurers need to work closely with brokers to make businesses aware of the risks they face and to help them mitigate these risks. There are, he says, six categories of potential fraud or risk that businesses should be vigilant about to prevent losses. They include stock theft, supplier collusion, excessive IT management access, funds transfer authorisation losses, contract allocation kickbacks and personal expense abuse.
Only one third of frauds are actually discovered. And, says Knell, most of those are uncovered by ‘chance’ such as an employee discovering something ‘odd’ in the workplace, overhearing something strange or management following up on tip-off.
Martin thinks more businesses should re-assess their commercial crime insurance cover. “There are new optional extras available that may be relevant in individual cases,” he says. “For example, companies with high reliance on outsourcing arrangements could cover for losses suffered through fraud committed by outsourced company employees. And higher profile brands might cover for public relations expenses to manage adverse publicity following loss.”
AIG takes hands-on, management-centric approach to helping clients counter internal fraud. It works with clients to clarify the issues and ensure that each business is better equipped to identify and manage fraud and corruption. Knell suggests companies adopt risk management framework and use pre-loss consultancy services – such as those offered by Ernst & Young – to provide forensic data analysis, anti-fraud health assessments and fraud-awareness training. The company then meets the client’s management team to suggest procedures and techniques to manage the risk more effectively.
“Sadly, the very person that business owner or chief executive might trust could well turn out to be the most damaging fraudster,” says Knell. “The ideal fraudster profile is long-serving, middle-aged, reliable, committed and trusted employee.”
The fraudster’s ability to deceive is often enhanced by the modern organisation’s ability to transact business across variety of new technology platforms, says Knell. Management therefore must make certain that all employees take at least two weeks unbroken holiday and be allowed only limited connectivity to the company’s systems while they are absent. All members of staff should be subject to the same rigorous checking, regardless of service or seniority.
Adopting internal controls that involve peer reviews, clear escalation processes, defined authority levels, dual signature signoff, and both regular and ad hoc audit checks invariably coalesces into rudimentary risk management processes, says Knell.
Whistle blowers
Employees must also be able to safely “blow the whistle” on poor internal practices. They must have access to free and open forum, without fear of unfair repercussions, to discuss transparent processes.
“Then, if internal measures and controls are insufficient to prevent and detect all frauds, there is clearly role for insurance to compensate for the inevitable losses,” says Knell. “Internal controls are not, however, substitute for insurance.”
There is an irony in insurers recommending more effective risk management framework. It often results in higher claims volumes and some significant monetary losses. Why? “As insurers work with customers to implement better regimes, they often repla
