As the world moves into a new era of digital integration and smart technologies, organisations are grappling with unprecedented fraud risks. Corporate fraud results in financial loss, impairs brand reputation and goodwill, alienates customers and suppliers, and diminishes market confidence and trust. In the long run, fraud has the potential to run businesses into the ground.
So, what is the profile of a modern-day corporate fraudster and what can organisations do to mitigate risks? KPMG has reported on fraud trends for many years. Our recent survey, which analysed 750 corporate frauds around the world, provides insights on fraud trends, characteristics and contributing factors.
The most prevalent fraud surveyed was the misappropriation of assets (47 per cent), mainly embezzlement and procurement. The second-most prevalent was fraudulent financial reporting (22 per cent). Perpetrators tend to be men between 36 and 55 who have worked in the victim organisation for more than six years and are operations, finance or general management executives. While the typical fraudster is likely to be autocratic and have a sense of superiority, a fraudster is also likely to be regarded as friendly, be respected and not necessarily lead a showy lifestyle.
About one-third of fraud is committed to meet targets or hide losses. It increases in slow-growth environments, downsizing, reductions in disposable incomes and the need to meet targets (by fair means or foul). Frauds and manipulations to protect companies often result in recurrence for personal gain – where fraudsters start out by trying to protect the company, then continue the fraud for their own benefit.
Saudi Arabia’s Capital Market Authority recently imposed penalties over a long-running case involving the troubled Saudi contractor Mohammad Al Mojil Group’s share value, handing out fines and jail terms to a number of stakeholders, including the company’s auditor. In another case that has led to litigation in Saudi Arabia, Bahrain, the United States, UK, Switzerland and the Cayman Islands, Ahmed Hamed Al Gosaibi and Brothers (Ahab) has alleged that it was the victim of a US$9 billion fraud orchestrated by a (now estranged) member of the family.
While only one in five fraudsters is female, this is increasing as more women become executives. Motivations differ. Men are typically motivated by greed, whereas women are commonly motivated by need. The average female fraudster is also younger and tends to operate alone, whereas males are more likely to collaborate.
KPMG’s survey found that corporate fraud is a persistent, global challenge. Managing fraud risk has grown more complex as executives and board members face an escalating technological threat and no let-up in the more traditional forms of wrongdoing. Organisations, boards and owners across the Middle East should move fraud prevention and governance up their agendas. Two thirds of fraudsters worldwide are executives or managers – often the very leaders entrusted with implementing, overseeing or allocating investment in fraud prevention programs and internal controls. Strikingly, the proportion of frauds that are committed by leadership is higher in the Middle East and North Africa region (80 per cent) than elsewhere (68 per cent).
Fraudsters are increasingly seeing weak internal controls as an opportunity – in particular the lack of resources (manpower and money) and routine internal audit controls. Large family concerns typically are slow to adopt technology to prevent and detect fraud while fraudsters are evolving and adapting to technology quickly, meaning some companies are bringing a knife to a gunfight in their attempts to combat fraud.
Fraud is less likely to occur in companies with robust internal controls and monitoring. Conducting risk assessments based on current fraud risk environments and refreshing controls accordingly, including the adoption of forensic technology, helps prevent and detect fraud and misconduct. Monitoring ensures controls are being followed and not overridden.
While good controls prevent lone-wolf fraud, our study shows that even the best-designed controls can be overridden by executives with unchecked authority or working in collusion with others. Collusion is twice as likely as lone-wolf fraud, often involving conspirators outside the organisation.
Collusive frauds tend to run for longer, involve more senior employees (more than 40 per cent are directors or non-executive directors) and cause larger losses. In fact, the largest frauds in our report involved five or more persons colluding. About 27 per cent of those frauds were valued at more than US$5 million and ran for more than five years. Frauds involving so many parties are particularly pernicious, as they tend to involve the circumvention or override (by senior executives) of well-designed controls.
Boards therefore must concentrate on overall fraud governance, not just controls. Having an internal audit function is not enough – collusive frauds are more often stumbled upon by accident or detected through tip offs. Without a whistle-blowing function or a corporate culture that effectively deters fraud, it is unlikely that these most serious frauds will be uncovered. However, regional companies have been slow to adopt independent hotlines, and usage is low. KPMG’s experience in the UAE – where whistle blowing and other forms of reporting are 50 per cent of those in developed economies – indicates a need for cultural change in the fight against fraud, led from the top, encouraging staff to speak up and protecting them when they do so. More generally, many companies in the UAE need to invest in technology and better internal controls to counter increasing fraud risk.
Nicholas Cameron, who is based in Dubai, is the head of forensic for KPMG in the Lower Gulf