Loading...
HomeMy WebLinkAbout2022-04-05; City Council; ; Employee Fraud and Ethics Hotline Recommendation� CITY COUNCIL� Staff Report Meeting Date: To: From: Staff Contact: Subject: District: April 5, 2022 Mayor and City Council Scott Chadwick, City Manager Robert Threatt, Internal Audit Manager robert.threatt@carlsbadca.gov, 442-339-2418 Laura Rocha, Deputy City Manager, Administrative Services laura.rocha@carlsbadca.gov, 442-339-2415 Employee Fraud and Ethics Hotline Recommendation Citywide Recommended Action CA Review CKM Approve a resolution authorizing implementation of a fraud and ethics hotline exclusively for city employees. Executive Summary The city's Internal Audit Manager has evaluated the benefits of implementing a fraud and ethics hotline for use by city employees, as called for in the fiscal year 2021-22 internal audit plan. Implementing a fraud and ethics hotline would provide city employees with a tool for reporting suspected cases of fraud, waste or abuse of city resources. Doing so will also further strengthen the city's ability to deter and detect such activities. The audit plan called for the auditor to research possible hotlines and then report the findings and make a recommendation to the City Council. Staff are recommending that the City Council approve the implementation of a fraud and ethics hotline for city employees to include contracting with an outside vendor for hosted hotline services. Discussion California Government Code Section 53087.6, subdivision (a)(2), allows the City Council to authorize the City Auditor to establish a hotline to receive reports of fraud, waste, or abuse of city resources. "Fraud, waste, or abuse" means any activity that falls into one of these three categories: 1.Violates laws or regulations relating to corruption, malfeasance, bribery, theft of government property, fraudulent claims, fraud, coercion, conversion, malicious prosecution, misuse of government property, or willful omission to perform a duty 2. Is economically wasteful 3.Involves gross misconduct April 5, 2022 Item #11 Page 1 of 96 The proposed hotline is not meant to be a substitute for reporting such concerns through the normal processes and lines of authority. However, management recognizes that employees may not feel comfortable communicating such information directly to their supervisors. Additional benefits to implementing a fraud and ethics hotline are outlined in the Association of Certified Fraud Examiners's 2020 Report to the Nations (Exhibit 2, pages 18-23), a global study on occupational fraud. The report's findings and statistics support the implementation of hotlines. The most noteworthy, relative to staff's recommendation, is the degree to which hotlines increase the likelihood an organization will receive fraud tips. The tips, in turn, aid organizations in identifying fraud 50% quicker than organizations without hot lines. That further helps to mitigate losses by identifying fraud sooner. In weighing the benefits of implementing a hotline, the auditor researched hotlines at three other public agencies -the City of San Diego, the Port of San Diego and Solano County-and interviewed personnel responsible for overseeing their use. The first two public agencies contracted with a third-party vendor, Navex Global, to host their hotlines. The third, Solano County, used a system that was developed and managed by the county's employees. Following this research, city staff requested and received quotes from three vendors who offer hosted hotline services. The services offered by each vendor were essentially identical. Each included a turnkey hotline system that established no fewer than two intake points where city employees could submit reports of suspected fraud, waste, or abuse. Once reports are submitted by employees using either an online form or a toll-free phone line, the systems each send an email notification to city staff indicating that a report has been received. Staff could then use a link in the notifications to retrieve the report and any attachments. The hotlines permit a two-way communication between the reporting party and the managers responsible for investigating the reports. Upon implementation of the hotline, the city would have a small cross-functional group of managers, overseen by the Internal Audit Manager, perform an initial review of any reports received and to oversee any investigations deemed necessary. Depending on the details of the reports, investigations may be assigned to any of the city's different subject matter experts (e.g., Human Resources, the Police Department, or the Finance Department, to name a few). If it's found that the city has another reporting mechanism designed to address the primary issue identified in the report, the report will be directed to that program or tool. An example of such a tool would be the Police Department's online crime reporting tool. If malfeasance is found as a result of any investigation, the matter will be immediately referred to the appropriate department or office within the city for the appropriate next steps. Depending on the circumstances and the nature of the malfeasance, this could include the City Manager's Office, the City Attorney's Office, Police Department, or Human Resources. In keeping with the city's commitment to transparency, the Internal Audit Manager will prepare a summary statistical report of hotline activity on a recurring basis and will present the results to the City Council. If there is a substantiated case of fraud, waste or abuse, the City Council will receive a report of findings and actions taken. The Internal Audit Manager and the managers who review the reports will comply with the confidentiality requirements of California Government Code Section 53087.6 (Exhibit 3). The April 5, 2022 Item #11 Page 2 of 96 departments investigating allegations shall also take steps to comply with these confidentiality requirements. Staff recommend the city leverage the expertise of a vendor, Navex Global, to develop and implement the fraud and ethics hotline. The city will oversee and manage the review and investigation, when necessitated, of all reports received. For the costs outlined in the Fiscal Analysis section below, the city is receiving the following value: • Ethics-Point hotline, an industry leading governance, risk and compliance hotline system • A five-week implementation timeline, with Navex Global responsible for most of the work • A co-branded hotline webpage for the intake of reports • A toll-free, staffed phone line available for the intake of reports 24 hours a day, seven days a week and every day of the year • A well-defined reporting workflow that generates automated notifications and on- demand reports • Marketing materials provided to the city to help build hotline awareness • Training for the city staff responsible for managing the hotline While the option exists to develop a similar hotline internally with city resources, there is value delivered by Navex Global that the city is not able to duplicate or do so at a reasonable cost. That includes industry leading governance, risk and compliance training resources, and a fully staffed call center. In addition to the value-added features of the vendor hosted hotline, avoiding the additional administrative burden of the hotline implementation is factored into staff's recommendation. Options 1. Authorize the city to implement a fraud and ethics hotline to serve as a tool for employees to report suspected cases of fraud, waste, or abuse of city resources. Pros • Statistics show that entities with fraud hotlines are able to deter fraud and to mitigate its effects by identifying fraud quicker than entities with no such tool • A fraud hotline will strengthen the city's internal controls by contributing to its ability to detect fraud through the analysis of information reported by employees • Such a hotline provides employees with a direct line of communication to report what they believe to be cases of fraud, waste and abuse of city resources • Implementing a hotline demonstrates that the city's executive leadership takes its responsibility to safeguard taxpayer funded city resources and assets seriously Cons • There is an added administrative burden with managing such a tool and investigating reports submitted by employees 2. Do not authorize staff to implement a fraud and ethics hotline at this time. Pros • By not implementing the proposed hotline, city staff avoid an increase in administrative duties April 5, 2022 Item #11 Page 3 of 96 Cons • The city will miss an opportunity to strengthen its internal controls and increase transparency Staff recommend Option 1. Fiscal Analysis If the hotline is approved, staff plan to engage a third-party vendor that provides hotline hosting services. Those services would require an initial three-year agreement that would cost $5,300 in the first year and $4,300 in each of the second and third years, not to exceed a total of $13,900 for the three-year period. The amount of this agreement is within the City Manager's procurement authority under the city's Purchasing Ordinance (Carlsbad Municipal Code Chapter 3.28). The necessary funds for the first year have been requested in the fiscal year 2022-23 Administrative Services Administration Division budget and funds for subsequent years will be included in the respective future budget requests. Next Steps If the City Council concurs with and approves staff's recommendation, the city will develop detailed procedures, identify the necessary training and enter into a short-term agreement with Navex Global to provide their Ethics-Point hotline services. Environmental Evaluation This action does not constitute a "project" within the meaning of the California Environmental Quality Act under California Public Resources Code Section 21065 in that it has no potential to cause either a direct physical change in the environment or a reasonably foreseeable indirect physical change in the environment. Public Notification This item was noticed in keeping with the state's Ralph M. Brown Act and available for public viewing and review at least 72 hours before the scheduled meeting date. Exhibits 1. City Council resolution 2. The Association of Certified Fraud Examiners' 2020 Report to the Nations 3. California Government Code Section 53087.6 April 5, 2022 Item #11 Page 4 of 96 EXHIBIT 1 RESOLUTION NO. 2022-086 A RESOLUTION OF THE CITY COUNCIL OF THE CITY OF CARLSBAD, CALIFORNIA, APPROVING THE IMPLEMENTATION OF A FRAUD AND ETHICS HOTLINE TO PROVIDE EMPLOYEES WITH A TOOL FOR REPORTING SUSPECTED CASES OF FRAUD, WASTE, AND ABUSE OF CITY RESOURCES WHEREAS, California Government Code Section 53087.6, subdivision (a){2), allows the City Council to authorize the City Auditor to establish a hotline to receive reports of fraud, waste, or abuse of city resources; and WHEREAS, "fraud, waste, or abuse" means any activity that (1) violates laws or regulations relating to corruption, malfeasance, bribery, theft of government property, fraudulent claims, fraud, coercion, conversion, malicious prosecution, misuse of government property, or willful omission to perform a duty; (2) is economically wasteful; or (3) involves gross misconduct; and WHEREAS, the fiscal year 2021-22 Internal Audit Plan calls for the city's Internal Audit Manager to evaluate the benefits of a dedicated fraud and ethics hotline and to present the findings and recommendations to the City Council; and WHEREAS, the primary purpose of the fraud and ethics hotline is to provide city employees with a tool for reporting suspected cases of fraud, waste, and abuse of city resources directly to management; and WHEREAS, city staff recommend that a dedicated fraud and ethics hotline be implemented with city staff providing recurring reports to the City Council summarizing the number and general nature of reports received through the hotline and more detailed reports when there are substantiated cases of fraud, waste, or abuse, with all reports complying with the confidentiality requirements of California Government Code Section 53087.6; and WHEREAS, the hotline is not intended to replace the standard chain of command reporting, however the hotline is available to city employees who feel they need an alternate reporting mechanism for communicating issues of fraud, waste or abuse of city resources to the city's management; and April 5, 2022 Item #11 Page 5 of 96 NOW, THEREFORE, BE IT RESOLVED by the City Council of the City of Carlsbad, California, as follows: 1.That the above recitations are true and correct. 2.That the implementation of a dedicated fraud and ethics hotline is approved. PASSED, APPROVED AND ADOPTED at a Regular Meeting of the City Council ofthe City of Carlsbad on the 5th day of April 2022, by the following vote, to wit: AYES: NAYS: ABSENT: Hall, Blackburn, Bhat-Patel, Acosta, Norby. None. None. ftv' FAVIOLA MEDINA, City Clerk Services Manager (SEAL) April 5, 2022 Item #11 Page 6 of 96 Exhibit 2 REPORT TO THE NATIONS® 2020 GLOBAL STUDY ON OCCUPATIONAL FRAUD AND ABUSE I I J / _ ___, / I I ~ACFE Asso1.:.n1on 01 Cemficd Fraud Examiners FOREWORD The 2020 Report to the Nations-the ACFE's 11th study on the costs and effects of occupational fraud-represents the latest in a series of reports dating back to the first edition published in 1996. Collectively, these studies represent countless hours of work by our staff spent gathering, analyzing, and interpreting the data from thousands of cas- es of fraud committed against organizations of all types and sizes. We have invested so much time and effort into this research because we recognize two simple truths: (1) occupational fraud imposes tremen- dous costs upon businesses and government agencies throughout the world; and (2) in order to deal with such a problem, we must first understand it. In the 24 years since it was first published, the Report to the Nations has arguably contributed more to our understanding of occupational fraud than any other source of information. The first Report to the Nation was launched in 1996 by ACFE Founder, Dr. Joseph T. Wells, CFE, CPA, because he recognized that there was a glaring lack of information about occupational fraud. More impor- tantly, he also recognized that the ACFE was uniquely situated to address this problem because we were sitting on what was probably the greatest source of fraud information in the world-the collective knowledge and experiences of the Certified Fraud Examiners who make up our association. Over the years, the ACFE has received a great deal of praise and credit for publishing the Report to the Nations, which is the most widely quoted source of occupational fraud data in the world. But none of this would be possible without the work of thousands of CF Es who have taken the time to share with us very detailed information about the cases they have investigated and the lessons they have learned. I am reminded that this is why we have an association like the ACFE in the first place-so that our members can share infor- mation, contribute to the common body of knowledge, and learn from one another. The ACFE is proud to be the conduit helping to broadcast and transmit that information, but make no mistake: It is our members who are the source of every piece of data contained in these pages. This study is a tribute to the important work they do and their willingness to give back to the profession. On behalf of the ACFE and all of the CFEs who have contributed to this study, I am proud to present the 2020 edition of the Report to the Notions. Bruce Dorris, J.D., CFE, CPA President and CEO, Association of Certified Fraud Examiners Item #11 Page 8 of 96 CONTENTS Foreword 2 Collusion by Multiple Perpetrators 48 Perpetrator's Criminal Background 48 Key Findings 4 Perpetrator's Employment History 49 Introduction 6 Behavioral Red Flags Displayed by Perpetrators 49 Spotlight: The Global Cost of Fraud 8 Non-Fraud-Related Misconduct by Perpetrators 51 How Is Occupational Fraud Committed? 10 Human Resources-Related Red Flags 51 Categories of Occupational Fraud 10 Spotlight: Behavioral Red Flags of Fraud 52 Duration of Fraud Schemes 14 Case Results 54 Velocity of Fraud Schemes 16 Internal Action Taken Against Perpetrator 54 Spotlight: How Occupational Fraud Is Concealed 17 Spotlight: Response to Fraud 55 Detection 18 Reasons for Not Referring Cases to Law Enforcement 56 Initial Detection of Occupational Fraud 18 Recovering Fraud Losses 56 Median Loss and Duration by Detection Method 20 Fines Against Victim Organizations 57 Spotlight: Hotline and Reporting Mechanism Effectiveness 21 Methodology 58 Reporting Mechanisms 22 Analysis Methodology 59 Parties to Whom Whistleblowers Report 23 Survey Participants 60 Victim Organizations 24 Regional Focus 62 Type of Organization 24 Asia-Pacific 62 Size of Organization 25 Eastern Europe and Western/Central Asia 64 Industry of Organization 26 Latin America and the Caribbean 66 Spotlight: Fraud in Nonprofits 28 Middle East and North Africa 68 Anti-Fraud Controls at Victim Organizations 31 Southern Asia 70 Spotlight: Internal Control Weaknesses that Sub-Saharan Africa 72 Contribute to Occupational Fraud 36 United States and Canada 74 Perpetrators 38 Western Europe 76 Perpetrator's Position 38 Statistical Appendix 78 Perpetrator's Tenure 39 Perpetrator's Department 40 Index of Figures 82 Perpetrator's Gender 43 Fraud Prevention Checklist 84 Perpetrator's Age 45 Glossary of Terminology 86 Perpetrator's Education Level 46 Spotlight: Profile of a Fraudster 47 About the ACFE 87 April 5, 2022 It em #11 Page 9 of 96 Contents Report to the Nations - KEY FINDINGS OUR STUDY COVERED Q 2,504 CASES •---; Causing total losses of more than O-D---0-0 □~ TYPICAL □ [] □ FRAUD CASE r-----------------~ ' ' 0 O la sts 14 MONTHS before detection ca uses a loss of $8,300 per month '--------------------------------------- ' i CORRUPTION WASTHE : MOST COMMON ~i i-!-. ~ ~ -GLOBAL REGION : • SCHEME IN EVERY '. ________ ... -------------------------·~ Organizations w ith FRAUD AWARENESS TRAINING for employees were more likely to gather tips through FORMAL REPORTING MECHANISMS $3.6 BILLION CFEs ESTIMATE THAT ORGANIZATIONS LOSE 5 % OF REVENUE TO FRAUD EACH YEAR ASSET MISAPPROPRIATION SCHEMES f~; most common and least costly 86% OfCASES S100,000 median loss MEDIAN LOSS PER CASE: $125 ,000 AVERAGE LOSS PER CASE: $1,509,000 FINANCIAL STATEMENT FRAUD SCHEMES f~; least common and most costly 10% OfCASES $954,000 median loss Qt l ~ ~ D(o •~~~';;,,•,','.'.2'.'.'.,:'.'° ~ ca me from employees \._)l ______ TELE PH~~,: ~~!~Is~~ ~~d EMAIL,-...:0 whistleblowers in 33o/o OF CASES '----------------------------··---------·-----' 4 Kt>y Findings Reporl 10 Ille Nations ufi' USE OF TARGETED ANTI-FRAUD CONTROLS HAS INCREASED OVER LAST DECADE ' HOTLINE t13% A lack of internal controls CERTAIN FRAUD RISKS WERE MORE LIKELY IN SMALL BUSINESSES THAN IN LARGE ORGANIZATIONS: contributed to nearly ANTI-FRAUD POLICY t13% ' ,-------~-------, ' ' FRAUD TRAINING FOR -~~ EMPLOYEES t11% FRAUD TRAINING FOR t 9% 1/3 OF FRAUDS MANAGERS/EXECUTIVES THE PRESENCE OF ANTI-FRAUD CONTROLS IS ASSOCIATED WITH LOWER FRAUD LOSSES AND QUICKER DETECTION ~0 v . ' ' ' ' ' ' ' ' FEMALE $150,000 $85 ,000 Medi;in toss Median toss Men committed 72% of all occupational fraud, and also caused larger losses than women c§:&~==o~ '~l; 80% OF FRAUDSTERS I) Owners/executives committed only 20% of occupational fra uds, but they caused the largest losses • OWNER/EXECUTIVE ----------$600,000 MANAGER • ------------$150,000 EMPLOY££ • --------------$60,000 0 460/o of victim org anizations decli ned to refer cases to law enforcement because Bi lling fra ud ______________________ 2X HIGHER Payroll -----------------------···---2X HIGHER Ch eck and payment tampering ----------------------4X HIGHER MORE THAN HALF of all occupational frauds came from these four departments: OPERATIONS 15% r-----------i) ACCOUNTING 14% fnlnnITT EXECUTIVE/UPPER ,----------viJ!}7 MANAGEMENT 12% SALES 11% ,42 01. ~26% OF 70 OF OCCUPATIONAL OCCUPATIONAL FRAUDSTERS WERE FRAUDSTERS WERE FACED SOME FORM OF INTERNAL DISCIPLINE FROM INTERNAL DISCIPLINE WAS SUFFICIENT LIVING BEYOND THEIR MEANS EXPERIENCING FINANCIAL DIFFICULTIES THE VICTIM ORGANIZATION Key Findings Repor1 to the Nations 5 - INTRODUCTION This study represents the most comprehensive examination available of the costs, methods, victims, and perpetrators of occupational fraud. The Association of Certified Fraud Examiners is pleased to present the 2020 edition of the Report to the Nations, our 11th study of the impact occu- pational fraud has on organizations throughout the world. Occupational fraud1-fraud committed by individuals against the organizations. that employ them-is among the costliest forms of financial crime in existence. There are more than 3.3 billion people in the global workforce,2 and nearly all of them have access to or control over some portion of their em- ployers' cash or assets. For the ones who decide to seek illegal gains, their workplace is, in many cases, the most logical and convenient target. While the vast majority of those 3.3 billion people will never abuse the trust placed in them by their employers, the small percentage who do can cause enormous damage. As this report illustrates, that damage could amount to trillions of dollars in losses each year. This study contains an analysis of 2,504 cases of occupational fraud that were investigated between January 2018 and September 2019. This is a tiny fraction of the number of frauds committed each year against millions of businesses, government 'Occupational fraud is formally defined as the use of one's occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization's resources or assets. 2 United Nations Department of Economic and Social Affairs, World Economic Situotion and Prospects Monthly Briefing, April 1, 2019. April 5, 2022 Introduction Report to the Nations The goal of the Report to the Nations is to compile detailed information about occupational fraud cases in five critical areas: O The methods by which occupational fraud is committed O The means by which occupational frauds are detected O The characteristics of the organizations that are victimized by occupational fraud O The characteristics of the people who commit occupational fraud O The results of the cases after the frauds have been detected and the perpetrators identified organizations, and nonprofits throughout the world. Yet this study represents the most comprehensive examination available of the costs, methods, victims, and perpetrators of occupational fraud. The data presented here was gathered through our 2019 Global Fraud Survey. Each Certified Fraud Examiner (CFE) who took part in the survey was presented with Item #11 Page 12 of 96 a detailed questionnaire consisting of 77 questions The information presented in this study is drawn about a specific case of fraud they had investigated. from cases that occurred in 23 different industry These CFEs provided information on the method of categories. These frauds affected large multinational fraud employed, the loss, the victim organization, the organizations, small nonprofits, and every size and perpetrator, the means of detection, and the response type of business or government agency in between. by the victim organization after the fraud had been The fraudsters in these cases ranged from C-suite detected. We are deeply indebted to the CFEs who executives to entry-level employees. The lesson of shared their knowledge and experiences to help us this and our previous studies is clear: No organization prepare this report. is immune from occupational fraud, and these crimes can originate from anywhere within the organization. FIG. 1 Reported cases by region United States and Canada CASES: 895 (46%) Sub-Saharan Africa Western Europe CASES: 128 (7%) April 5, 2022 CASES: 301 (15%) Latin America and the Caribbean CASES: 101 (5%) Middle East and North Africa CASES: 127 (7%) ~~. 4 '. . i Asia-Pacific CASES: 198 (10%) Southern Asia CASES: 103 (5%) Eastern Europe and Western/Central Asia CASES: 95 (5%) Item #11 Page 13 of 96 Introduction Report to the Nations - - The cases in our study occurred in 125 coun- tries throughout the world, which also helps underscore the global nature of the threat posed by occupational fraud. Figure 1 on page 7 shows the number and percentage of cases from eight major geographical regions. (Be- cause data in our study was gathered through a survey of CFEs, the number of cases in each region largely reflects the geographical make- up of ACFE membership. It should not be read to indicate that fraud is more or less prevalent in any particular region.) We present this report with the hope that it will be of use to anti-fraud practitioners, organiza- tional leaders, academic researchers, and the public at large. We have compiled a great deal of data about the methods, costs, and indica- tors of occupational fraud, along with valuable information on how these crimes are detected and how they might be prevented or mitigat- ed. The amount of money lost to occupational fraud each year represents a staggering drain on the global economy. It directly impacts organizations' abilities to create jobs, pro- duce goods and services, and provide public services. The better we can understand how and why these crimes occur and how to fight them, the better we will be at directing the proceeds of commerce and state action to- ward the goals for which they were intended, rather than into the pockets of the fraudsters who prey on the system. We hope this study will contribute to the public understanding of these crimes; advance the common body of anti-fraud knowledge; and contribute to improved detection, deterrence, and investiga- tion of occupational fraud. April 5, 2022 Introduction Report to the Nations The Global Cost of Fraud Fraud is a global problem affecting all organizations worldwide. Because occupational fraud is frequently undetected and often never reported, it is difficult to determine the full scope of global losses. But our data provides insight into the enormity of this issue. :--c ~ 2,504 CASES I :_ -• V 125 COUNTRIES Causing total losses of more than $3.6 BILLION AVERAGE LOSS PER CASE: $1,509,000 ~ LOSS PER CASE S1.000.000 S800,000 S600.000 S400.000 S200,000 so ASIHACIFIC 25TH PERCENTILE $29,000 75TH PERCENTILE MED IAN : $125,000 $605,000 $100,000 $:?00.000 $300,000 $400,000 $:>00.000 THE TYPICAL LOSS VARIES BY REGION _1:, EASTERN EUROPE LATIN AMERICA AND WESTERN/ AND TllE CENTRAL ASIA CARIBBEAN 21% OF CASES CAU SED LOSSES OF 1~:: !f"il MIDDLE EAST SOUTHERN SUB·SAHARAN AND ASIA AFRICA NORTH AFRICA .. CFEs ES ORGA LOSE TIMATETHAT ---NIZATIONS ---.. - ~~ ~ 5% OF REVENUE TD FRAUD EACH YEAR -• UNITED STATES AND CANADA .. " ,. iii! : •• nru·-1:11_[ I I WESTERN EUROPE .i PROJECTED AGAINST 2019 GWP ($90.52 TRILLION), THAT'S MORE T HAN " $4.5 TRILLION LOST TO FRAUD GLOBALLY EACH Y EAR ~ ~ ~ ~ ~ -- SOURCE WWW.IMF ORGIEXTERNAUDATAM/l• :-:;,: k,(>~ DaWEO',::;F:\•: ::,.,/\CV:;.:\'. ::'JWORLD Introduction Report to the Ni!lions - Categories of Occupational Fraud At the highest level, there are three primary categories of occupational fraud. Asset misappropriation, which involves an employee stealing or misusing the employing orga- nization's resources, occurs in the vast majority of fraud schemes (86% of cases); however, these schemes also tend to cause the lowest median loss at USD 100,000 per case (see Figure 2). In contrast, financial statement fraud schemes, in which the perpetrator intentionally causes a ma- terial misstatement or omission in the organization's financial statements, are the least common (10% of schemes) but costliest category of occupational fraud. The third category, corruption-which includes offenses such as bribery, con- flicts of interest, and extortion-falls in the middle in terms of both frequency and financial damage. These schemes occur in 43% of cases and cause a median loss of USD 200,000. April 5, 2022 How Is Occupational Fraud Committed? Report to the Nations FIG. 2 How is occupational fraud committed? 86% V) Vl 0 --' z <t 0 w :i: 43% 10% Asset Financial misappropriation Corruption statement fraud $100,000 $200,000 $954,000 Item #11 Page 16 of 96 FIG . 3 Occupational Fraud and Abuse Classification System (the Fraud Tree)3 Corruption Asset Misappropriation Financial Statement Fraud I 3 The definitions for many of the categories of fraud schemes in the Froud Tree are found In the Glossary of Terminology on pg. 86. April 5, 2022 Item #11 Page 17 of 96 How Is Occupational Fraud Committed? Report to the Nations - - In one-third of the cases in our study, the fraudster committed more than one of the three primary categories of occupational fraud. As noted in Figure 4, 26% of fraudsters undertook both asset misappropriation and corruption schemes, 3% misappropriated assets and committed financial statement fraud, 1% engaged in both corruption and financial statement fraud, and 5% participated in all three categories. April 5, 2022 FIG. 4 How often do fraudsters commit more than one type of occupational fraud? Asset misappropriation Asset misappropriation only Asset misappropriation and corruption Corruption only F:11c111ci;il st<1tc111c11t fr ilUd Corruptio11 -------.53% •• 26% ---------- • 11% Corruption, asset misappropriation, and financial statement fraud ••• 5% Asset misappropriation and financial statement fraud •• 3% ------ • 2% Financial statement fraud only Corruption and financial statement fraud ---------- •• 1% Item #11 How Is Occupational Fraud Committed? Report to the Nations Page 18 of 96 Asset Misappropriation Sub-Schemes Within the broad category of asset misappropriation, fraudsters use several methods to steal funds and other resources from their employers. Figure 5 is a heat map that shows the frequency and median loss of each category of asset misappropriation sub-scheme (see Glossary on page 86 for definitions of each of these sub-scheme cate- gories). Billing schemes are the most common form of asset misappropriation and also cause a high median loss, making this type of fraud a particularly significant risk. Other high-risk frauds based on the combination of frequen- cy and impact are check and payment tampering, as well as schemes involving the theft of noncash assets. FIG. 5 What asset misappropriation schemes present the greatest risk? $120,000 $110,000 $100,000 $90,000 $80,000 $70,000 $60,000 $50,000 $40,000 $30,000 $20,000 $0 Register disbursements 0 0% 2% 4% 6% LESS RISK Category Billing Noncash Expense reimbursements Skimming Cash on hand Check and payment tampering Payroll Cash larceny Register disbursements April 5, 2022 8% 10% 12% 14% Number of Cases Percent of All Cases 430 20% 395 18% 310 14% 230 11% 224 10% 206 10% 199 9% 169 8% 55 3% 16% 18% 20% MORE RI SK Median Loss $100,000 $78,000 $33,000 $47,000 $26,000 $110,000 $62,000 $83,000 $20,000 Item #11 Page 19 of 96 How Is Occupational Fraud Committed? Report to the Nations - - Duration of Fraud Schemes Not all fraud can be prevented. Even in the most secure organizations, it is likely that some type of employee fraud will eventually occur. Consequently, quick detection of fraud is vital to protecting an organization from potential damage. Our research indi- cates that the median duration of a fraud-that is, the typical time between when a fraud begins and when it is detected-is 14 months. Additionally, as Figure 6 indicates, the longer a fraud remains undetected, the greater the financial losses. FIG. 6 How does the duration of a fraud relate to median loss? V) w V) <( u u. 0 1-z w u a:: w a.. 29% 19% 13% 12% 10% 5% 5% 7% s6 months 7-12 13-18 19-24 25-36 37-48 49-60 >60 months months months months months months months -$50,000 $90,000 $135,000 V) $210,000 V) 0 ....J z $300,000 <( Cl w $340,000 ~ $430,000 $740,000 April 5, 2022 Item #11 Page 20 of 96 How Is Occupational Fraud Committed? Report to the Nations When designing anti-fraud controls, assessing fraud risks, and enacting proactive detection measures, it is helpful to understand the potential impact of different types of fraud schemes. In addition to analyzing the median loss and frequency of the categories of occupational fraud (see Figures 2 and 5 on pages 10 and 13, respectively), we examined how long cases in each of these categories tend to last. As noted in Figure 7, companies tend to catch noncash schemes the quickest (13 months), while several scheme cat- egories typically last 2 years before being uncovered. April 5, 2022 FIG. 7 How long do different occupational fraud schemes last? Payroll 24 months Check and payment tampering 24 months 24 months Financial statement fraud 24 months Expense reimbursements 24 months 24 months Cash larceny 21 months Corruption 18 months 16 months Cash on hand 15 months Noncash 13 months Item #11 Page 21 of 96 How Is Occupational Fraud Committed? Report lo lhe Nations - - Velocity of Fraud Schemes Recognizing that not all fraud schemes affect com- panies equally and that organizations must make decisions in how and where to direct their anti-fraud efforts, we wanted to know how quickly occupational frauds tend to cause harm. For each case reported to us, we divided the loss amount by the number of months the scheme lasted to determine what we refer to as the scheme's velocity. The median velocity for all cases in our study was a loss of USO 8,300 per month. Analyzing the velocity by scheme type revealed that certain types of occupational fraud schemes cause damage much more quickly than others. As Figure 8 shows, financial statement fraud schemes have the greatest velocity of USO 39,800 per month, followed by corruption schemes, with a velocity of USO 11,100 per month. Because these schemes tend to result in larger losses very quickly, organizations might use this data to prioritize their investments in mechanisms to prevent and quickly detect these types of fraud. On the other end of the spectrum, register disbursement schemes and expense reimbursement schemes tend to grow more slowly, with a velocity of USO 800 and USO 1,400 per month, respectively, meaning orga- nizations typically have more time to uncover these schemes before losses become significant. FIG. 8 What is the typical velocity (median loss per month) of different occupational fraud schemes? Financial statement fraud $39,800 Corruption $11 ,100 Noncash $6,000 Check and payment tampering -$4,600 Billing -$4,200 Cash larceny -$4,000 Skimming -$2,900 Payroll 1111 $2,600 Cash on hand • $1,700 Expense reimbursements ■ $1,400 Register disbursements I $800 April 5, 2022 Item #11 Page 22 of 96 How Is Occupational Fraud Committed? Report to the Nations We also found differences in scheme velocity based on how many perpetrators are involved in a fraud and based on the perpetrator's level of authority. Schemes with three or more perpetrators escalate much more quickly than those with just one or two perpetrators. Schemes committed by an owner/executive have a velocity over three times that of schemes committed by an employee or manager, highlighting how those in the highest positions have the ability to damage the company much more quickly than lower-level personnel. Median loss Median duration One perpetrator $90,000 14 months Two perpetrators $105,000 14 months Three or more perpetrators $350,000 15 months Employee $60,000 12 months Manager $150,000 18 months Owner/executive $600,000 24 months How Occupational Fraud Is Concealed t., j 11 '' ( J '' '1 ''. ·1 • ·: f I '· i. : J; J 1 • 40% Crec1ted frc1udulent physiec1 I documents - · I, · • ,. c1 1:, '. : ,r, ·., t1· li , 1111 I 1 : 1°, •· · :; : ti, TOP 4 CONCEALMENT METHODS USED □Y rRAUDSHRS 360/o Altered physical documents 27% Altered electronic documents or files Scheme velocity (loss per month) $6,400 $7,500 $23,300 $5,000 $8,300 $25,000 26% Crec1ted fmudulent electronic documents or files (})- - I - 12% did not involve any attempts to conceal the fraud --= How Is Occupational Fraud Committrd? • ' ', r~ .. ' I,' Initial Detection of Occupational Fraud The foundation to effective detection of occupational fraud is knowing the most common methods by which fraud is discovered. Despite the increasingly sophisticated fraud detection techniques available to organizations, tips were the most common way occupational frauds were discovered in our study by a wide margin, as they have been in every one of our previous reports. As shown in Figure 9, more than 40% of cases in our study were uncovered by tips, which is almost three times as many cases as the next-most- common detection method. Therefore, processes to cultivate and thoroughly evaluate tips should be a priority for fraud examiners. Item #11 Page 24 of 96 Tip Sources Figure 10 breaks down the sources of tips that led to fraud detection. Half of all tips came from employees, while a substantial number of tips came from outside parties, including customers, vendors, and competitors. These findings demonstrate that anti-fraud education and the communication of designated reporting mecha- nisms should target not only internal staff, but external parties as well. FIG. 9 How is occupational fraud initially detected? FIG. 10 Who reports occupational fraud? 15% Management review 12% Employee Other -6% By accident Ill 5% Account reconciliation Customer -4% External audit -4% Anonymou" Document examination • 3% Surveillance/monitoring • 3% Vendor Notified by law enforcement ■ 2% Other IT controls ■ 2% CornpPtitor Confession Shareholder /owner I 1% April 5, 2022 Item #11 Page 25 of 96 Detection Report to the Nations - - Median Loss and Duration by Detection Method Our data also shows that some fraud detection methods are more effective than others in the sense that they correlate with lower fraud losses. Figure 11 shows the relationship between detection method and the associated fraud scheme duration and loss. In this chart, the red bars indicate schemes that were detected by passive methods, meaning the fraud came to the victim's attention through no effort of their own, including notification by police, by accident, or confes- sion. Passively detected schemes tended to last longer and were associated with the highest median losses relative to all other detection methods. The blue bars indicate detection methods that are active, meaning they involved a process or effort designed (at least in part) to proactively detect fraud, such as document ex- amination or surveillance/monitoring. Our data shows that schemes discovered through one of these active methods were shorter and had lower median losses than those detected passively. The purple bars could potentially be passive or active, including tips and external audit. What we can learn from this data is that when fraud is detected proactively, it tends to be detected more quickly and thus causes lower losses, while passive detection results in lengthier schemes and increased financial harm to the victim. Anti-fraud controls such as account reconciliation, internal audit departments, involved management review, and active cultivation of tips are all tools that can lead to more effective detec- tion of occupational fraud. FIG. 11 How does detection method relate to fraud loss and duration? MEDIAN LOSS MEDIAN DURATION $900,000 Notified by police 24 months $225,000 --Confession 17 months $200,000 By accident 24 months $150,000 -External audit 24 months $145,000 -Tip --14months $101,000 -Document examination 18 months $100,000 -Management review 17 months $100,000 -Internal audit 111111111111111 12 months $81,000 • Account reconciliation -7months • Passive detection method $80,000 . IT controls -6months e Polenltnlly active or p;issrve detectron method e Active detection method $44,000 I Surveillance/monitoring -7 months April 5, 2022 Item #11 Page 26 of 96 Detection Report to the Nations Hotline and Reporting Mechanism Effectiveness Maintaining a hotline or reporting mechanism speeds up fraud detection and reduces losses. Fraud awareness training further improves cultivation of tips thro ugh reporting mechanisms. --------· MEDIAN LOSSES WERE NEARLY---------; ~64°(~ DOUBLED AT ORGANIZATIONS WITHOUT HOTLINES VICTIM ORGANIZATIONS had hotlines Effect of EMPLOYEE FRAUD AWARENESS TRAINING on hotlines and reporting Training increases the likelihood of detection by tip 'AB l.l of cases detected ~ 7Q by tip with training -- Tips are more likely to be submitted through reporting mechanisms with training tips with : training 56% A of cases detected by • tip without training 37% Org anizations with hotlines detected fraud by ti p more often 49% Of CASES DETICTED BY TIP HOTLINES NO HOTLINES Small organizations are especially likely to detect occupational fraud by tip <100 ()·• ---, EMPLOYEES •• i cases detected EMPLOYEES ~}'"' ' Organizations with hotlines detect frauds MORE QUICKLY than those without hotlines 18 .,11, " 6) 11 , Since 2010, the use of hotlines or reporting mechanisms has increased notably 49% 2012 2014 2016 2018 2020 Detc-ction Report to the Nations 11 - Reporting Mechanisms In cases where a reporting mechanism was used to report fraud, we asked respondents to indicate how the tip came in. In our two previous reports, tele- phone hotlines were the most common mechanism whistleblowers used by a substantial margin. As shown in Figure 12, telephone hotline use declined substantially in this report, while email and web- based/online reporting each rose to become nearly equal to telephone hotlines. The use of mailed forms has also dropped from 17% to 12% since 2016. These findings indicate that whistleblowers' pre- ferred methods of reporting fraud may be shifting, particularly toward on line and in electronic written form. Consequently, organizations should consider maintaining multiple reporting channels to fit the needs of those who submit tips. FIG. 12 What formal reporting mechanisms did ~histleblowers use? Telephone hotline '' .. Email Web-based/online form Mailed letter/form Other -••,.-· -------tl-1------~em•·. Fax (11-)._ ______ ,__ ___ --l_lU_ 2016 2018 2020 April 5, 2022 Item #11 Page 28 of 96 Detection Report to the Nations Parties to Whom Whistleblowers Report In approximately 33% of cases where a tip was made, the whistleblowers did not use a formal reporting mechanism. Instead, they reported their suspicions directly to supervisors, investi- gators, or other interested persons. Identifying how often whistleblowers tend to report fraud to various parties can help organizations answer several important questions. Who should be trained to handle a complaint if they receive one? How likely are whistleblowers to report outside of the organization? How should complaints lodged outside a formal reporting mechanism be recorded and escalated? Figure 13 indicates that whistleblowers are most likely to report fraud to their direct supervisors, yet many will go to other parties, such as fraud investigation teams, human resources, or their coworkers. Therefore, it is important to provide all staff with guidance on how fraud allegations should be responded to and escalated. It is also noteworthy that 7% of reports were made directly to law enforcement or regulators, instead of internally, which is something most or- ganizations would hope to avoid. This illustrates the importance of training staff on how and why they should report fraud internally. 28% Fraud investigation team 14% 12% April 5, 2022 FIG. 13 To whom did whistleblowers initially report? Direct supervisor 28% Other 15% Fraud investigation team 14% Internal audit 12% Executive 11% Coworker 10% Law enforcement or regulator -7% Owner -7% Board or audit committee -6% Human resources -6% In-house counsel 1111 4% External audit I 1% Item #11 Page 29 of 96 Detection Report to the Nations - - Type of Organization As shown in Figure 14, 70% of frauds occurred in for-profit organizations, with 44% of the victim organizations being private companies and 26% being public companies. Private and public or- ganizations each suffered a median loss of USD 150,000. Nonprofit organizations only reported 9% of fraud cases and suffered the smallest median loss of USD 75,000; however, many non- profits have limited financial resources to begin with, so a loss of this amount can be particularly devastating to these entities (see "Fraud in Non- profits" infographic on page 28). Level of Government Organization Resources and operations vary at different levels of government, which can influence how fraud affects these organizations. To illustrate this, we analyzed the government organizations in our study by level. National-level government entities experienced the greatest number of frauds (45%) and had the highest median loss of USD 200,000, which is more than twice as much as the median loss at state/provincial government entities (USD 91,000). While local governments reported the second-highest number of cases (32%), they suffered a relatively lower median loss of USD 75,000. April 5, 2022 Victim Organizations Report lo 1he Nations 11 1111111 -■■-1111111 -■■-1111111 -■■-1111111 :::: 1111111 -■■-1111111 :::: 1111111 -■■-1111111 :::: 1111111 :::: 1111111 -■■-1111111 :::: 1111111 :::: FIG. 14 What types of organizations are victimized by occupational fraud? (/) w (/) <t u u. 0 I-z w u a: w c.. (/) (/) 0 __, z <t 0 w ::i; 44% 26% 16% 9% ■ 5% -Private Public Government Nonprofit Other company company $75,000 $100,000 $100,000 $150,000 $150,000 FIG. 15 What levels of government are victimized by occupational fraud? • National: 45% 1s200.000·1 • State/provincial: 21% [$91,00Q·) • Local:32% ($75,000; Other. 2% (N/A") 'Dollar amounts ore median loss. Median loss calculations for categories with fewer than 10 cases were omitted. Item #11 Page 30 of 96 Size of Organization In Figure 16, the size of the victim organizations in our study is shown based on the number of employees. The cases reported to us were evenly distributed, with about a quarter in each size category. Small businesses (those with fewer than 100 employees) had the highest median loss of USO 150,000, while large organizations (those with more than 10,000 employees) had a median loss of USO 140,000. It is important to note, however, that a small business likely will feel the impact of a loss this size much more than its larger counterparts. Figure 17 shows the distribution of victim organizations by annual revenue, with median losses ranging from USO 114,000 in the smallest organizations to USO 150,000 in the largest. FIG. 16 How does an organization's size relate to its occupational fraud risk? en w en < (J u.. 0 I-z w (J 0: w Q. en en 0 .., z < 0 w :I: 26\\\ <100 employees $150,000 April 5, 2022 27\\\ 23% 100-999 1,000-9,999 employees employees $100,000 $120,000 25\\\ 10,000+ employees $140,000 FIG. 17 How does an organization's gross annual revenue relate to its occupational fraud risk? en w en < (J ... 0 I-z w (J 0: w Q. "' en 0 .., z < 0 w :I: 38'l\ <$50 million $114,000 26'l\ 24'l\ 12\\\ I $50 mlllion-$500 million-$1 billion• $499 million $999 million $120,000 $132,000 $150,000 Item #11 Page 31 of 96 Victim Organizations Report to the Nations - - Figure 18 shows the frequency of different types of fraud schemes in small businesses (those with fewer than 100 employees) and larger organizations. Billing schemes occurred at almost twice the rate in small businesses compared to larger organizations, while check and payment tampering was nearly four times more common at small companies. In contrast, corruption and noncash schemes occurred more frequently in larger organizations. FIG. 18 How do fraud schemes vary by organization size? Corruption Billing Check and payment tampering Expense reimbursements Payroll Skimming Noncash Financial statement fraud Cash on hand Cash larceny Register disbursements Industry of Organization 17% 15% 13% 38% 47% 30% 22% 20% ■ <100 employees ■ 100+ employees Participants were asked to identify the industry of the victim organization. The most common industries reported to us were banking and financial services, government and public administration, and manufacturing. (It is important to note that this does not necessarily mean that more fraud occurs in these sectors; it might simply indicate that organizations in these industries employ more CFEs than others.) The mining industry suffered the highest median loss of USO 475,000, while frauds in the energy sector had the next-highest median loss of USO 275,000. April 5, 2022 Item #11 Page 32 of 96 Victim Organlzatlons Report to the Nations FIG. 19 How does occupational fraud affect organizations in different industries? Agriculture. forestry. fisl1111cJ ,111c1 IHJ11t111g Eclucc1tio11 $65,000 lnsurclllCC $70,000 Ret,111 $85,000 Tr,1nsportc1tion ,1I1cl w,1rl'110us1ng April 5, 2022 Arts. entertilinmcnt. ,111cl recret1tion $90,000 Energy $275,000 Mc1nufilcturing \1• ) /,-..,. CS'::, $ 185 198,QQQ Cases Services (other) $150,000 Utilities ',li :J t~"-l .UC.,'::, $ 20 163,QQQ Cases Banking c1ncl fin,rnci,1I services 'N :) ;\\IL Cl':,S $ 386 100,QQQ Cases Food service ancl hospitality M[D A"l .OSS $114,000 Mining $475,000 Co111munict1tio11s and publisl1i11g $115,000 Government illlcl public c1cl111inistratio11 $100,000 ~~~ $254,000 Construction \1C . >·t.·--J. ( JSS $ 80 200,QQQ cases Hcaltll CiHC Mi-~J /\'J '()'::,':, $ 149 200,QQQ Cases Religious. char itilble. or social SelVICl'S $76,000 Services (p1ofess1onal) Tecl111oloqy Tclccommu11icat1011s $150 ,000 Wholesille trilcle $130,000 $150,000 ivi; ·) J\'J (JSS $ 67 250,QQQ Cases Item #11 Page 33 of 96 Victim Organizations Report to the Nations - Fraud in Nonprofits Nonprofit organizations can be more susceptible to fraud due to having fewer resources available to help prevent and recover from a fraud loss. This sector is particularly vulnerable because of less oversight and lack of certain internal controls. Nonprofit schemes Percent of cases Corruption 41 % 191 Billing 30% ~CASEST Expense reimbursements -23% Cash on hand • 17% ' .--------------1 ' ' ■ ' ' Noncash 16% 6 ' 0 Skimming ■ 15% MEDIAN LOSS AVERAGE LOSS ■ $75 ,000 $639,000 Check and payment tampering 14% Cash larceny ■ 12% C®~ Payroll ■ 12% Financial statement fraud ■ 11% 9 Reg ister disbu rsements I 3% Owner/executive ~iitN $250,000 ------------------~-----------------1 : I : 6 6 0 35% of cases Manager/supervisor ~iitN $95,000 ----------, : ' ----------, ' ' : ' 6 0 ~ ' r ' ' ' ' ' ' ' 6 9 0 0 ~ ~ ....__., 23% of cases Employee ~ii~AN $21,000 28 Victim Organizations Report lo the Nations Nonprofit organizat ions have FEWER ANTI-FRAUD CONTROLS in pl ace, lea ving them Surprise audits Form al fraud risk assessments ··· 35% LACK OF INTERNAL CONTROLS --19% LACK OF MANAGEMENT REVIEW Management review OVERRIDE OF EXISTING INTERNAL CONTROLS 57% 76% /,'.. '· · .. ii,_.,· t ' .. :C--''\"' :. i~ I. \ .. ~~ I • •' • t;· .. ~~,-~ ~. i Internal audit department ■ Nonprofit organizations . Other_ . organ1zat1ons CONTROLS Detection AT NoNPRoF1Ts ------------------ TIP OR INTERNAL MANAGEMENT BY EXAMINATION COMPLAINT AUDIT REVIEW ACCIDENT OF DOCUMENTS 40% 17% 13% 7% 6% ~ ~ [I]~ rn [fl Victim Organizations Report to the Nations 19 - Most Common Schemes by Industry Identifying the most common fraud schemes within industries can help organizations design controls to guard against their most significant threats. In Figure 20, we show the most common occupational fraud schemes in industries with at least 50 reported cases. The risks are shaded from yellow to red, with darker variants represent- ing higher-risk areas. For example, in the health care industry, corruption represents the highest risk (40% of cases), followed by billing schemes (33% of cases). FIG. 20 What are the most common occupational fraud schemes in various industries? INDUSTRY A rn-<1 ,J rid fin r c111 "-1 f,I(( Go.\ , 11111t 11t i111d public (1cl,111n1c.,tr (1l1011 F outl t r. 1U 111(/ 110 p1L1l1t1 L ESS RISK April 5, 2022 Victim Organizations Report to the Nations Cases 364 189 177 145 89 89 82 82 T7 64 63 62 59 54 52 Cl ~ ixi 11% - 221l M 13% 24t, 5% "C >, C: c:: "' ., ~ .c: C: ..!!! 0 '7ii .c: V> "' "' u u 10% - 5% 9% 5% 6% 10% 10% 6% 7% 15% 15% 2% 5% 9% 13% 13% 12% 5% 9% 0% 5% 2% 3% IOI 10% 0% 9% 13% 12% ~ "C c:: ::, ., Jg C: E ., c:: ., ~ ., E ::, E >, .D ~ "' E a. "' "C c:: -~ -:;; Cl c:: 0 "' c:: a ., ro .c: 'f V> ·o V> .>< c:: "' ..., a. 2 ., c:: ..., ., E 0 a. "' c:: .c: ~ c:: 0 u !!! u ii: z 10% 10% 4% 111 -- 14% 241 9% 2ft 6% - 11% 9% 7% n -13% 3% 231 13% 22W. 6% 11% 15% 11% 15% 12% .f' ., - Item #11 2 >, "' <l. 2% - 10% 15% 6% 11% 5% 13% 13% 6% 11% 2% 12% m 8% ~ c:: ., E ., ~ ::, .D V> '5 Cl a:; c:: .E 1ii E 'o, <11 3i: a:: V, 2% 10% 0% 7% 2% 8% 6% 10% 1% 9% • 15% 2% 6% 1% an 4% 13% 0% 191 0% 0% 0% 5% 10% 14% 2% 4% MORE RISK Page 36 of 96 Anti-Fraud Controls at Victim Organizations Proactive anti-fraud controls play a key role in an organization's fight against fraud. While the presence of these mechanisms alone does not ensure that all fraud will be prevented, manage- ment's commitment to and investment in targeted prevention and detection measures send a clear message to em- ployees, vendors, customers, and others about the organization's anti-fraud stance. We asked survey respondents which of 18 common anti-fraud controls the victim organization had in place at the time of the fraud. Figure 21 shows that inde- pendent external audits of the organiza- tion's financial statements are the most common of the controls examined in our study; 83% of the victim organizations had their financial statements audited by an outside auditor. While we classify such audits as an anti-fraud control for purposes of our study, it is important to note that this mechanism is not primarily designed to detect or prevent all frauds. As noted in Figure 9 on page 19, only 4% of the frauds in our study were uncov- ered through an external audit. Other common anti-fraud controls include a code of conduct (present in 81% of victim organizations), an internal audit department (74%), and manage- ment's certification of the financial statements (73%). April 5, 2022 FIG. 21 What anti-fraud controls are most common? External audit of financial statements 83% Code of conduct 81% Internal audit department 74% Management certification of financial statements 73% External audit of internal controls over financial reporting 68% Management review 65% Hotline 64% Independent audit committee 62% Anti-fraud policy 56% Employee support programs 55% Fraud training for employees 55% Fraud training for managers/executives 55% Dedicated fraud department, function, or team 44% Formal fraud risk assessments 41% Surprise audits ____ l_ _______ ___l3~8% Proactive data monitoring/analysis 38% Job rotation/mandatory vacation 23% Rewards for whistleblowers 13% Item #11 Page 37 of 96 Victim Organizations Report to the Nations - - Effectiveness of Anti-Fraud Controls While implementing controls to prevent and detect fraud is a necessary part of managing fraud risk, not all anti-fraud controls are created equally. To help organizations understand the potential impact of various controls, we compared the median losses and median durations of the frauds in our study based on whether each specific control was present at the victim organization during the fraud's occurrence. For every control we examined, organizations that had the control in place experienced smaller fraud losses and detected frauds more quickly than organizations lacking that control. As seen in Figures 22 and 23, four anti-fraud controls in particular were associated How has the use of anti-fraud controls changed over the last decade? Over thC' l,ist tl'rl yc,1I s of OLJr stLJd rcs, foLJr of the controls we've ,1n,1ly?ccl l1ilve soc,n il co11sis- tcI1t dlld l)Otili)IP lllCIP<lS(' in irnple111011t,1tio11 r,1tes. I liese co11trols ,110 i1111oncJ tl10se most cornrnonly ,1ssoc,c1tcd w rtl1 ,1 robust ,1nt,-f1 ,iuci pr ogr ,1m, w hich incliciltcs tl1<1t lllCICilSlllCJ llUllli)OIS of OIQillllZiltions c1rc L1k111g tl10 tl1rcilt of frilud s01 i- ously ,1ml implcmcntinq I110,1surc·s specrficillly dcsiqned to l1elp tl1em rrntrgiltl' tl1ese risks with a 50% or greater reduction in both fraud losses and duration: a code of conduct; an internal audit department; management's certification of financial statements; and regular management review of in- ternal controls, processes, accounts, or transactions. Internal audits and management reviews are both mechanisms that can be used to actively look for fraud, so their correlation with reduced fraud losses and duration stands to reason. In contrast, codes of conduct and management certifications of financial statements are less directly tied to fraud detection, but both mechanisms likely help increase the percep- tion of detection and form the foundation for a holistic anti-fraud culture. 2010 2020 l11crcc1se ~ 51 64 13 l-=- 43 56 13 0 ~ 44' 55 11' r--h 46 'c 55"_ 9'j AAA April 5, 2022 Item #11 Page 38 of 96 Victim Organizations Report to the Nations FIG. 22 How does the presence of anti-fraud controls relate to median loss? $200,000 ■ Median loss without controls ■ Median loss with controls $150,000 $100,000 $50,000 $0 Control Percent Control Control not Percent of cases in place in place reduction Code of conduct 81% $100,000 $205,000 51% Internal audit department 74% $100,000 $200,000 50% Management certification of financial statements 73% $100,000 $200,000 50% External audit of internal controls over financial reporting 68% $100,000 $200,000 50% Management review 65% $100,000 $200,000 50% Hotline 64% $100,000 $198,000 49% External audit of financial statements 83% $110,000 $204,000 46% Fraud training for employees 55% $100,000 $160,000 38% Anti-fraud policy 56% $100,000 $150,000 33% Proactive data monitoring/analysis 38% $100,000 $150,000 33% Surprise audits 38% $100,000 $150,000 33% Formal fraud risk assessments 41% $100,000 $150,000 33% Employee support programs 55% $100,000 $150,000 33% Fraud training for managers/executives 55% $100,000 $150,000 33% Independent audit committee 62% $100,000 $150,000 33% Dedicated fraud department, function, or team 44% $100,000 $145,000 31% Job rotation/mandatory vacation 23% $100,000 $130,000 23% Rewards for whistleblowers 13% $120,000 $122,000 2% April 5, 2022 Item #11 Page 39 of 96 -Victim Organizations Report to the Nations - FIG. 23 How does the presence of anti-fraud controls relate to the duration of fraud? 25 ~ 20 ... u w ... w 0 ~ 15 "' :t ... z 0 :Ii ~ 10 0 w :Ii Code of conduct 5 Job rotation/mandatory vacation Internal audit department Control Management certification of financial statements Management review External audit of financial statements Surprise audits External audit of internal controls over financial reporting Proactive data monitoring/analysis Hotline Formal fraud risk assessments Anti-fraud policy Fraud training for employees Fraud training for managers/executives Independent audit committee Dedicated fraud department, function, or team Rewards for whistleblowers Employee support programs April 5, 2022 Victim Organizations Report to the Nations ■ Median duration without controls ■ Median duration with controls Percent Control Control not Percent of cases in place in place reduction 81% 12 months 24 months 50% 23% 9 months 18 months 50% 74% 12 months 24 months 50% 73% 12 months 24 months 50% 65% 12 months 24 months 50% 83% 13 months 24 months 46% 38% 11 months 18 months 39% 68% 12 months 19 months 37% 38% 12 months 18 months 33% 64% 12 months 18 months 33% 41% 12 months 18 months 33% 56% 12 months 18 months 33% 55% 12 months 18 months 33% 55% 12 months 18 months 33% 62% 12 months 18 months 33% 44% 12 months 18 months 33% 13% 11 months 16 months 31% 55% 12 months 16 months 25% Item #11 Page 40 of 96 Anti-Fraud Controls in Small Businesses Small businesses face different types of fraud risks than larger organizations (see Figure 18 on page 26), and they also experience unique challenges in com- bating occupational fraud. Whether it's due to resource limitations, a lack of awareness, or a tendency to place too much trust in their employees, small businesses implement anti-fraud controls at a much lower rate than their larger counterparts. The most common anti-fraud control-external audits of financial statements-was only in place at 56% of small businesses, and only 48% of these companies had a code of conduct, compared to 92% and 91%, respectively, of organizations with more than 100 employees. Our data shows that there are clear opportunities for small businesses to increase their protection against fraud. Adopting a code of conduct and an anti-fraud policy, having managers review the work of their sub- ordinates, and conducting targeted anti-fraud training for employees and managers are all measures that are correlated with significant reductions in fraud losses (see Figure 22 on page 33), yet each was implemented by fewer than half of the small businesses in our study. Each of these measures can typically be implemented without requiring a significant investment of resources and could help improve the anti-fraud environment of a small organization. FIG. 24 How do anti-fraud controls vary by size of victim organization? External audit of financial statements 56% Code of conduct 48% Management certification of financial statements 39% Management review 35% External audit of internal controls over financial reporting 33% Internal audit department 31% Employee support programs 23% Independent audit committee 21% Hotline 20% Anti-fraud policy 20% Fraud training for employees 19% Fraud training for managers/executives 19% Proactive data monitoring/analysis - 5% Surprise audits Dedicated fraud department, function, or team -11% Formal fraud risk assessments .. 9% Job rotation/mandatory vacation -9% 2 % -7 Rewards for whistleblowers • 4% 16% April 5, 2022 46% 55% 52% 92% 91% 85% 76% 80% 88% ■ <100 employees ■ 100+ employees 65% 76% 79% 67% 67% 67% Item #11 Page 41 of 96 Victim Organizations Report to the Nations - Internal Control Weaknesses That Contribute to Occupational Fraud Vari ous factors ca n facilitate a perpetrator's ability to commit and conceal an occupati onal fraud sc heme. What are the primary internal control weaknesses that contribute to occupational fraud? .·················------------· Lack of reporting mechanism. <1% ,/ .-----···············---------Lack of clear lines of authority, 2% _,, _,,· ___ ,. _________________ _ --··-·········.:~---Lack of employee fraud education, 3% ·-. Lack of independent checks/audits, 5% --------Lack of competent personnel in oversight roles. 6% ------Other. 6% SMALL COMPANIES are more likely to lack internal controls MANAGER-LEVEL PERPETRATORS are more likely than other perpetrators to OVERRIDE EXISTING CONTROLS Employees Managers 15% 22% Owner/executives 17% 000 000 000 CDID 00 gJgJ ~~ LARGE COMPANIES are more likely to have controls overridden Lack of internal conhols ~ ■ <100 employees POOR TONE AT THE TOP was the primary risk factor in 22% of all financial statement frauds. '·._;,c.-1. __ . : . -fl . ,., I~ ,I: ...,t T Asset misappropriation Corruption 36 Victim Organizations Repor1 to the Nations Overri_d~ of 1B existing internal controls ■ 100+ employees SOLE PERPETRATORS take advantage of a lack of controls, while schemes involving COLLUSION are supported by poor tone at the top and an ability to override controls Lack of internal controls Override of existing internal controls Poot tone at the top 1 perpetrator 2 or more perpetrators Background Checks Run on the Perpetrators Although most occupational fraud perpetrators do not have a crimi- nal history (see Figure 39 on page 48), it is still prudent for organiza- tions to run background checks (to the extent legally permissible) during the hiring process to avoid letting known fraudsters in through the front door. As noted in Figure 25, however, only approximately half of the victim organizations in our study undertook this due diligence step when hiring the perpetrator. Interestingly, of the 52% of organizations that did conduct a background check, 13% of them uncovered a red flag in the perpetrator's background and proceeded with the decision to hire them anyway. When running background checks, organizations might choose to prioritize different aspects of an individual's background. Figure 26 shows that, of the background checks conducted by the victim organizations in our study, 81% included a check on the perpetra- tor's employment history and 75% included a check of the perpetra- tor's criminal background. April 5, 2022 FIG. 25 Was a background check run on the perpetrator prior to hiring? Did the background check reveal existing red flags? No __ 87% Yes 13% FIG. 26 What types of background checks were run on the perpetrator prior to hiring? Employment history Criminal checks Reference checks 56% Education verification Credit checks Drug screening Other Item #11 Page 43 of 96 Victim Organizations Report to the Nations - - PERPETRATORS One of the key goals of our study is to identify the common characteristics ,rnd risk profiles of those who commit occupr1tionr1I frciud. Our survey included several questions focused on the fraud perpetrators' job details, basic demographics. prior misconduct, and behavioral warning signs. This information was compiled to help organizations better understand and identify the risks and red flags of fraud in their own workforces. Perpetrator's Position FIG. 27 How does the perpetrator's level of authority The perpetrator's level of au-relate to occupational fraud? thority within an organization 41% tends to strongly correlate with the size of a fraud. Owners/ex-35% ecutives accounted for only 20% "' of the frauds in our study, but w "' <t the median loss in those cases u (USD 600,000) far exceeded the LL 0 20% losses caused by managers and .... z w staff-level employees. This is u a:: consistent with our past studies, w 0. all of which found that losses tend to rise in tandem with a 3% fraudster's level of authority. -Owners/executives are generally Employee Manager Owner/executive Other in a better position to override • controls than their lower-level counterparts, and they often $60,000 have greater access to an orga- nization's assets. Both of these $150,000 "' facts might help explain why "' 0 losses attributable to this group ..... $230,000 z tend to be so much larger. <t 0 w ::. $600,000 April 5, 2022 Item #11 Page 44 of 96 Perpetrators Report to the Nations As seen in Figure 28, the length of fraud schemes also tends to rise in correlation with the perpetrator's authority. The median duration of a fraud committed by an owner/execu- tive was 24 months, compared to 18 months for schemes committed by managers and 12 months for those committed by staff-level employees. Perpetrator's Tenure FIG. 28 How does the perpetrator's level of authority relate to scheme duration? 24 months z ~ 18 months .... <t ct 12 months :> 0 z <t 0 w :l: Employee Manager Owner/executive The longer a fraud perpetrator works for a company, the more damage that person's scheme is likely to cause, as shown in Figure 29. Those who had been with the victim organization for at least ten years stole a median USD 200,000, which was four times greater than the median loss caused by employees with less than one year of tenure. FIG. 29 How does the perpetrator's tenure relate to occupational fraud? 9% <1year $50,000 46% 1-5 years $100,000 22% 6-10 years $190,000 23% >10 years $200,000 PERCENT O F CASES MEDIAN LOSS April 5, 2022 Item #11 Page 45 of 96 Perpetrators Report to the Nations - - The impact of tenure on fraud losses remains evident even when we control for the fraudster's level of authority. In Figure 30 we divided all fraudsters into two groups: those who had been with their organizations five years or less and those who had been with their organization six years or longer. Next. we compared the median loss caused by these two groups at three levels of authority: owner/executive, manager, and employee. At every level, the longer-tenured fraudsters caused significantly larger losses. What this tells us is that longer-tenured fraudsters do not steal more merely because they have been promoted over time to higher levels of authority. Instead, their added experience with their organizations seems to improve their skills or abilities related to com- mitting fraud. This might be because they be- come better at identifying gaps or weaknesses in internal controls, because they become more trusted (and thus are subject to lower levels of review by peers and supervisors), or because they learn over time how others have successfully committed fraud. Regardless, this data indicates that the ability to defraud an organization seems to be something people improve at with experience. FIG. 30 How does the perpetrator's tenure relate to median loss at different levels of authority? Employee • $100,000 1 $50,000 ~6 years ■ sSyears Manager $164,000 Owner/executive $700,000 MEDIAN LOSS Perpetrator's Department Departmenr Number of cases Percent of cases Median loss Figure 31 is a heat map showing the Operations 288 15% $72,000 frequency and median loss of fraud Accounting 277 14% $200,000 schemes based on the perpetrator's Executive/upper management 234 12% $596,000 department. This illustrates the relative Sales 225 11% $94,000 Customer service 175 9% $86,000 risks of occupational fraud in the Administrative support 116 6% $76,000 different parts of a typical organization, Finance 101 5% $100,000 which may help anti-fraud profession-Purchasing 96 5% $200,000 als effectively allocate anti-fraud con-Information technology 69 3% $200,000 trols and resources. For example, the Facilities and maintenance 60 3% $100,000 executive/upper management team Warehousing/inventory 60 3% $85,000 Board of directors 45 2% $750,000 and the accounting department were Marketing/public relations 40 2% $100,000 both associated with high frequency Manufacturing and production 35 2% $275,000 and median loss, which indicates that Human resources 27 1% $40,000 fraud risks in these areas should be Research and development 14 1% $350,000 carefully addressed in any anti-fraud Legal 13 1% $195,000 program. ·Departments with fewer than 10 cases were omitted April 5, 2022 Item #11 Page 46 of 96 Perpetrators Report to the Nations FIG. 31 What departments pose the greatest risk for occupational fraud? $750,000 $700,000 $650,000 $600,000 $550,000 $500,000 $450,000 $400,000 $350,000 $300,000 $250,000 $200,000 $150,000 $100,000 $50,000 $0 Manufacturing and production 0 Legal 0 Purchasing 0 0 Information technology Facilities and Marketing/ maintenance Finance public relations O O 0 0 0 Warehousing/inventory Human resources 0% 2% 4% LESS RISK 0 Administrative support 6% April 5, 2022 8% 10% 12% 14% 16% MORE RI SK Item #11 Page 47 of 96 Perpetrators Report to the Nations - - Schemes Based on Perpetrator's Department The eight departments shown in Figure 32 accounted for 76% of all occupational frauds in our study. The spe- cific fraud schemes used by perpetrators in these departments are presented to help organizations assess risk and develop effective anti-fraud controls within these high-risk areas. Boxes are shaded from yellow to red, with darker boxes indicating higher-frequency schemes for each department. FIG . 32 What are the most common occupational fraud schemes in high-risk departments? DEPA RTMENT Cases 288 277 234 225 175 116 101 96 LESS RIS K April 5, 2022 Perpetrators Report to the Nations 15% 5% >-c: "' ~ ..!!! .s;; VI ro u 5% 8% 8% 10% 4% "O C: ro .s;; C: 0 .s;; VI ro u 10% 11% 12% 4% C: "' E >-ro 0. "O Cl C: C: ft)·= -'<"' u 0. 6~ 5% 2% C: 0 :g_ 2 8 l!l C: "' E ~ :::, D E -~ el C: "' 0. )( LU 6% 14% 14% 7% 7% 8% 1% 8% 14% 7% .s;; VI B C: 0 z 15% 11% - 9% 12% 12% - Item #11 8% 12% 2% 2% 9% 9% 2% Cl C: .E E :i: "' 3% 9% 5% - 3% 10% ' 4% 10% 2% - 3% 12% 3% 8% 0% 4% MORE RISK Page 48 of 96 Perpetrator's Gender As shown in Figure 33, more than 70% of the perpetrators in our study were males. Men also caused a significantly larger median loss (USD 150,000) than women (USD 85,000). This is consistent with our past studies, all of which have found a sig- nificant gender disparity in fraud loss and frequency. Perpetrator's Gender Based on Region There was a large variance in the gender distribution of occupational fraudsters based on geographic region. Figure 34 shows that in the United States and Canada, males accounted for only 59% of occupational fraud perpetrators, whereas in Southern Asia and the Middle East and North Africa, men committed more than 90% of occupational frauds. FIG. 33 How does the perpetrator's gender relate to occupational fraud? "' w "' <( u u. 0 .... z w u "' w a. VI "' 0 .., z <( 0 w :E 72% Male 28% I Female $85,000 - Position of Perpetrator Based on Gender We examined gender distribution and median loss data based on the perpetrator's level of authority, as shown in Figure 35. At all levels of authority (employee, manager, and owner/executive), males committed a much larger percentage of frauds than women did. Male owners/executives and managers also accounted for much larger losses than their female counterparts. This was particularly true at the owner/executive level, where the median loss caused by men (USD 795,000) was more than four times larger than the median loss caused by women (USD 172,000). At the employee level, however, losses caused by males and females were equal. April 5, 2022 Perpetrators Report to the Nations FIG. 35 How do gender distribution and median loss vary based on the perpetrator's level of authority? VJ w VJ <( u u. 0 >-z w u "' w a. • VJ VJ 0 ..., z ~ 0 w :::; 64% Employee --$60,000 $60,000 ■ Male ■ Female 86% 73% Manager Owner/executive $173,000 $172,000 $795,000 Item #11 Page 50 of 96 Perpetrator's Age The age distribution of fraud perpetrators in our study was bell-shaped, with 53% of fraudsters between the ages of 31 and 45. Median losses, on the other hand, tended to rise along with the age of the perpetra- tor. Those in the 56 to 60 and 60+ age ranges toget her accounted for less than 10% of all cases. but they caused median losses of USD 400,000 and USD 575,000, respectively, which were by far the highest losses in any age range. April 5, 2022 (/) UJ (/) cl: u LL 0 I-z UJ u 0: UJ Q. (/) (/) 0 ...J z cl: 0 UJ ~ FIG . 36 How does the perpetrator's age relate to occupational fraud? 19% 18% 16% 14% 10% 8% 6% 4% 3% <26 26-30 31-35 36-40 41-45 46-50 51-55 56-60 >60 $20,000 $65,000 $80,000 $150,000 $141,000 $213,000 $207,000 $400,000 $575,000 Item #11 Page 51 of 96 Perpetrators Report to the Nations - - Perpetrator's Education Level FIG. 37 How does the perpetrator's education level relate to occupational fraud? "' w "' " u u.. 0 ... z w u "' w Q. "' "' 0 -' z " 0 w ::E 22% High school graduate or less $80,000 14% I Some university $150,000 49% 15% I University Postgraduate degree degree $175,000 $200,000 We also found a correlation between the per- petrator's education level and median loss. Figure 37 shows that fraudsters with a high school degree or less caused a median loss of USD 80,000, while those with a postgraduate degree caused a median loss of USO 200,000. Generally, we would expect losses to correlate with education because those with higher levels of education tend to hold higher positions of authority and might also have greater technical capabilities for committing fraud. April 5, 2022 Perpetrators Report to the Nations LEVEL OF AUTHORITY Most occup<1t1011al f1c1uds are corn1111tted by ;;rnployn·-IPvel 01 lllilllilge,-levPI pPI SOllllPI But flilUclS l)y OW11('15/('XPCUtives ill(' rnucll moll' t1<1rrnful. f'I ;,i( IN I ii , /,'--c., HIGH-RISK DEPARTMENTS Operations Accounting Executive/upper management Sales Customer service Administrative support Finance Purchasing 15% 14% 12% 11% 9% 6% 5% 5% MEDIAN LOSS $200,000 C®J. MEDIAN LOSS $100,000 C®l 5 YEARS 6 YEARS OR LESS OR MORE ♦, Profile of a Fraudster Our study includes perpetrator data from more than 2,000 fraud cases, which can help organizations assess fraud risk in their own workforces. TENURE ,-------- Occupational fraudsters who had been with their organizations at least 6 years caused TWICE the loss of GENDER Males committed more frauds and caused higher losses. less-tenured employees. 0 $150,000 Median loss 0 2a'!!\ $85,000 Median loss OF CASES \._ FEMALE / 0 EDUCATION 64% of occupational fraudsters had a university degree or higher. No university degree University degree or higher $195,000 ~Jf~AN Older fraudsters caused much larger median losses 40-54 AGE Pc-,petrators Report !o the Nations 47 - Collusion by Multiple Perpetrators Figure 38 shows that 51% of frauds in our study were com- mitted by two or more fraudsters working in collusion. Losses tended to increase with multi- ple perpetrators-particularly when three or more individuals conspired to commit fraud. One reason collusive frauds might be more costly is that multiple fraud- sters working together might be better able to undermine the systems of separated duties and independent verification that are at the heart of many anti-fraud controls. Perpetrator's Criminal Background Our past studies have shown that most occupational fraudsters have no prior criminal history before they commit their crimes, and our current data reinforces those findings. Only 4% of the perpetrators in this study had been previously convicted of a fraud-related offense. It should be noted that 41% of the occu- pational frauds in our study were never reported to law enforce- ment (see Response to Fraud infographic on page 55), which is also consistent with our past research. This indicates that the true number of repeat offenders is probably higher than what can be determined through criminal records. April 5, 2022 Perpetrators Rep0rt to the Nations FIG. 38 How does the number of perpetrators in a scheme relate to occupational fraud? .. • ONE PERPETRATOR -$90,QQQ ~~ian TWO PERPETRATORS -$105 ,QQQ ~itan THREE OR MORE PERPETRATORS $350,QQQ ~:~ian FIG. 39 Do perpetrators tend to have prior fraud convictions? ■ Never charged or convicted (89%) Charged, but not convicted (7%) ■ Had prior convictions (4%) Item #11 Page 54 of 96 Perpetrator's Employment History Figure 40 shows that 86% of fraudsters had never been punished or terminated for fraud-related conduct prior to the crimes reported in this study. As with the criminal conviction data in Figure 39, this tends to indicate that most occupational fraudsters are first-time offenders. But also like the criminal conviction data, there is reason to believe that this data might understate the true number of repeat fraudsters. According to Figure 44 on page 54, 5% of fraudsters received no internal punishment, 10% were permitted to resign, and 11% signed private settlement agreements with the vic- tim organizations. This suggests that a significant number of occupational fraudsters will have no record of employment-related discipline even after having been caught by their employers. FIG. 40 Do perpetrators tend to have prior employment-related disciplinary actions for fraud? ■ Never punished or terminated (86%) Previously terminated (8%) ■ Previously punished (8%) April 5, 2022 Behavioral Red Flags Displayed by Perpetrators The typical occupational fraud scheme lasts 14 months before it is detected; during this time, the perpetrator will often display certain behavioral traits that tend to be associated with fraudulent conduct. Figure 41 on pg. 50 shows the relative frequency of 17 common behavioral red flags. Significantly, all of these red flags had been identified by someone in the respective victim organizations before the frauds were detected. At least one behavioral red flag was present in 85% of the cases in our study, and multi- ple red flags were present in 49% of cases. The seven most common red flags were: (1) living beyond means; (2) financial difficulties; (3) unusually close association with a vendor or customer; (4) excessive control issues or unwillingness to share duties; (5) unusual irri- tability, suspiciousness, or defensiveness; (6) a general "wheeler-dealer" attitude involving shrewd or unscrupulous behavior; and (7) re- cent divorce or family problems. At least one of these seven red flags had been identified before the perpetrator was caught in 76% of all cases. Item #11 Page 55 of 96 Perpetrators Report to the Nations FIG. 41 How often do perpetrators exhibit behavioral red flags? Living beyond means Financial difficulties Unusually close association with vendor/customer No behavioral red flags Control issues, unwillingness to share duties Irritability, suspiciousness, or defensiveness "Wheeler-dealer" attitude Divorce/family problems Addiction problems Complained about inadequate pay Refusal to take vacations Excessive pressure from within organization Past employment-related problems Social isolation 9% 8% 7% 7% 6% 6% Complained about lack of authority -5% Past legal problems -5% Excessive family/peer pressure for success -4% Instability in life circumstances -4% Other -4% April 5, 2022 Perpetrators Report to the Nations 15% 15% 13% 13% 12% 19% 26% Item #11 Non-Fraud-Related Misconduct by Perpetrators In order to determine if there is a correlation between fraud and other forms of workplace violations, we asked survey respondents whether the fraudster had been engaged in non-fraud-related misconduct prior to or during the time of the frauds. Figure 42 shows that 45% of occupational fraudsters had engaged in some type of non-fraud-related misconduct. The most common was bullying or intimidation (20% of cases), followed by excessive absenteeism (13%) and exces- sive tardiness (12%). FIG. 42 Do fraud perpetrators also engage in non-fraud-related misconduct? Which forms of non-fraud misconduct are most common among fraud perpetrators? Bullying or intimidation 20% Excessive absenteeism 13% Excessive tardiness 12% Excessive Internet browsing 8% Other 4% Sexual harassment -3% Visiting inappropriate internet sites -2% April 5, 2022 Human Resources-Related Red Flags In some circumstances, negative events surrounding a person's conditions of employment (such as poor performance evaluations, loss of pay or benefits, fear of job loss, etc.) can cause financial stress or resentment toward the employer, which might play a role in the decision to commit fraud. We refer to these events as human resources-related red flags. As Figure 43 shows, 42% of fraudsters had experi- enced some form of HR-related red flags prior to or during the time of their frauds. The most common of these were negative performance evaluations (13% of cases) and fear of job loss (12%). FIG. 43 Do fraud perpetrators experience negative HR-related issues prior to or during their frauds? Which HR-related issues are most commonly experienced by fraud perpetrators? Poor performance evaluations Fear of job loss Denied raise or promotion Actual job loss Cut in pay 4% Cut in benefits 4% Other 3% Demotion -2% Involuntary cut in hours -2% 6% Item #11 13% 12% 10% Page 57 of 96 Perpetrators Report to the Nations - Behavioral Red Flags of Fraud Recognizing the behavioral clues displayed by fraudsters can help organizations more effectively detect fraud and minimize their losses. 7 KEY WARNING SIGNS 42 1% ... :··o!\ \ ~JJ .'. 19 % 15% Living beyond means Financial difficulties Unusually close association with vendor/customer Control issues, unwillingness to share duties LIVING BEYOND MEANS 50%, ii ' . '; .l'v--. 'L• t~) :c'? '. :_, ,: .... . 13 % 0/. OF ALL FRAUDSTERS 70 displayed at least one BEHAVIORAL RED FLAG while committing their crimes. 13% 12 % Irritability. suspiciousness, or defensiveness "Wheeler-dealer" attitude Divorce/family problems Living beyond means A fraudster living beyond his or her means is the most common red flag by a sizable margin. This has ranked as the #1 red flag in every study since 2008. 30% 20% 10%1 ' '---------------- '08 ·10 ·12 ·1a ·20 52 Perpetrators Report to the Nittions Financial difficulties Unusually close c1ssociJtion v✓ith vondor.·customer Control issues. unwillingness to shc1re duties Irritability, suspiciousness, or defensiveness "Wheeler-dealer" attitude Divorce/family problems ~-CLASSIFYING RED FLAG BEHAVIORS In 52% of cases, the fraudster exhibited red fl ags connected to their work duties. Unusually close association with vendor/customer Control issues, unwillingness to share duties Irritability, suspiciousness, or defensiveness 13 . "Wheeler-dea ler" attitude Complained about inadequate pay Refusa l to take vacations l ization ation : Excessive pressure from within organization l ! Past employment-related problems () ! Complained about lack of authority In 63% of cases, the fraudster exhibited red flag behavior associated with his or her Rersonal life. : Living beyond means i Financial difficulties i Financial difficulties i Divorce/family problems i Addiction problems : Social isolation : Past legal problems -s : In stability in life circumstances -4 : Excessive family/peer pressure for success -4 or success success JOB PERFORMANCE ASA WARNING SIGN A fraud perpetrator's job performance will often suffer while the scheme is taking place. Each of these performance-related issues were cited in at least 10% of cases. 'a • 13% POOR PERFORMANCE EVALUATIONS 13% EXCESSIVE EXCESSIVE ABSENTEEISM FEAR OF FEAR OF JOB LOSS 12% EXCESSIVE TARDINESS gilv, 10% DENIED RAISE OR PROMOTION Perpetrators Report to the Nu\ions 53 Internal Action Taken Against Perpetrator Once an internal fraud is sub- stantiated, the victim organization must decide what to do with the perpetrator. Termination was by far the most common response to fraud, but one-third of cases ended with a different internal result. Many cases resulted in relatively light punishments, where the perpetrator had already left the organization (11%), resigned (10%), or received no punishment at all (5%). FIG. 44 How do victim organizations punish fraud perpetrators? Termination 66% Perpetrator was no longer with organization -11% Settlement agreement -11% Permitted or required resignation -10% Probation or suspension -9% No punishment • 5% Other • 5% INTERNAL PUNISHMENT 80% OF PERPETRATORS • • • • 0 ................ ~ RECEIVED SOME PUNISHMENT Owners/executives are less likely to receive punishment TERMINATION 1or FRAUD 45% Managers Employees Received NO PUNISHMENT Owners/executtves an agers Employees 2% Response to Fraud Organizations can respond to fraud internall y, through civil litigation, and by referring the case to law enforcement. These are the results of such efforts. CIVIL LITIGATION MEDIAN LOSS ~ $ resulting in ~ CIVIL LITIGATION .28% of cases resulted in civil litigation. $400,000 ·-----------------------------------------------------· CRIMINAL PROSECUTION MEDIAN LOSS ~ in cases ✓ referred to $ LAW ENFORCEMENT $200,000 59% of cases were referred to law enforcement ·-----------------------------------------------------· ' + Of these cases: 56% JJleaded guilty/no contest 23% were convictea at trial 12% were declined prosecution Case Results Report to the Nations 55 - Reasons for Not Referring Cases to Law Enforcement As seen on the Response to Fraud infographic on page 55, many victims never report their cases to law enforcement. We asked respondents in those cases to tell us why. Figure 45 shows a timeline comparison of victims' reasons for non-referral; this year's report is the first time that fear of bad publicity was not the primary reason. Instead, 46% of victims determined that their internal discipline was sufficient. Coupled with the find- ings that private settlements and civil suits have also risen, it appears there may be a general trend of organi- zations seeking to resolve fraud cases internally or privately rather than through the criminal justice system. FIG. 45 Why do organizations decline to refer cases to law enforcement? Fear of bad publicity Internal discipline sufficient Private settlement Too costly Lack of evidence Civil suit Perpetrator disappeared 2012 Recovering Fraud Losses 2014 2016 2018 For many victim organizations, recovering losses is the key concern once fraud has been detected. However, most organizations (54%) in our study did not recover any of their losses. We also analyzed whether there were regional differences in victim organizations' success in recovering some or all fraud losses, and our findings suggest that recovering lost assets might be more challenging in some regions than others. As shown in Fig- ure 46, Eastern Europe and Western/Central Asia was the most difficult region for recovering fraud losses, with 61% of organizations recovering nothing, followed closely by Latin America and the Caribbean (60%). Western Europe and Southern Asia were the only regions where more than half of victims made at least some recovery of fraud losses. April 5, 2022 Item #11 Case Results Report to the Nations 50% 40% 30% 20% 10% 0% 2020 Page 62 of 96 FIG. 46 How does the recovery of fraud losses vary by region? FIG. 47 How does the type of scheme relate to fines incurred by victim organizations? 19% U) w U) 10% < 9% I u u. I 0 f-z w u "' w 0.. Asset Corruption Financial misappropriation statement fraud U) I w z ;;: $50.000 z < 0 w ::E $150.000 $221,000 April 5, 2022 Fines Against Victim Organizations Beyond losses directly caused by occupational fraud, some victims also receive fines from authorities re- sulting from the fraud, such as when the victim failed to take sufficient steps to prevent bribery or violated financial reporting requirements. Ou r data indicates that financial statement fraud schemes are the most likely to result in a fine against the victim organization (19% of cases); these cases also result in the largest median fine (USO 221,000). While fines resulting from corruption and asset misappropriation schemes occurred at a similar rate (10% and 9%, respectively), the median fine in corruption cases was three times higher (USO 150,000). Item #11 Page 63 of 96 Case Results Report to the Nations - METHODOLOGY TIH· 2020 Report to the Not1ons is b,1secl 011 the results of ti1c 2019 G/o/Jo/ Fraud Swvey. ,111 orili1H' ,,urvcy o:v.'11ccl to 51.608 Certified F1,1ucJ Ex,1:11i11c1s r,CFb) f10;11 July 201c, to S:·ptc·m:wr 2019. As pc,1t of tiw survey. rcspo11cl011ts v101c ,l",kccl to f)toviclc il r1 .111,1t \'C' clc-sc1:pt1011 of tl1c s,11glr, lc11gc,st occupc1tio11c1I irm1cl c,1sc tllcy l1c1ci irwcsti~Jcrtccl s;11u· J,111L1<11y 2018. A:_1clitio1Hlly. ,11tr_•1 c,111pl!::ti11g ll'L' su1vc:y till' fir-:,l tirlll' 11•:-,por1~:c11ts :;, le· prov1cJeci tlP optio11 to sul)1nit i11fo1 m,1tio11 211)out il seco11cl u,s,0 Respo11cle11ts were tl1cn present- ed wrth 77 questions r eg,1r ding the p,1rticul,11 dct,1rls of the fr,1ud C,7SC. 111cluclrnq infornliltion ilOOlll the perpctr,1tor. tl1c victim org,111i- Zi1t1011. ,111d 1110 metl1ods of fr c1ud c111ployccl. ,1s v1cll c1s fraud trends m gc'ncli1!. (Respondents wcr c not ,iske>cl to ide>ntify the perpetrc1tor or tl1c victim) We received 7.516 total responses to tile survey. 2.504 of v1l11cl1 v1ere us,1blc for purposes of this report. The dc1t,1 contAinecJ l1e1cin is based solely on the in- forrn,1tion proviclcd in these 2.504 survey responses. 58 Methodology!,•,;, ... :·,"' ll •'. ·, Cases submitted were required to meet the following four criteria: 1. The case must have involved occupational fraud (defined as fraud committed by a person against the organization for which they work). 2. The investigation must have occurred be- tween January 2018 and the time of survey participation. 3. The investigation must have been complete at the time of survey participation. 4. The respondent must have been reasonably sure the perpetrator(s) was (were) identified. Analysis Methodology Percentages In calculating the percentages discussed throughout this report, we used the total number of complete and relevant responses for the question(s) being analyzed. Specifically, we excluded any blank responses or instances where the participant indicated that they did not know the answer to a question. Consequently, the total number of cases included in each analysis varies. In addition, several survey questions allowed partici- pants to select more than one answer. Therefore, the sum of percentages in many figures throughout the report exceeds 100%. The sum of percentages in other figures might not be exactly 100% (i.e., it might be 99% or 101%) due to rounding of individual category data. A --------- April 5, 2022 Loss Amounts Unless otherwise indicated, all loss amounts discussed throughout the report are calculated using median loss rather than mean, or aver- age, loss. Using median loss provides a more conservative-and we believe more accurate- picture of the typical impact of occupational fraud schemes. The statistical appendix to this report (see pages 78-81) provides a more ho- listic view of the losses in our study, reflecting quartiles and average loss amounts for numer- ous categories explored throughout the report. To normalize the loss amounts reported to us and ensure that cases with extremely large losses were not identifiable, all average and total loss amounts reported were calculated using loss data that was winsorized at 5% (i.e., assigned all cases in the top 2.5% and bottom 2.5% the same value as the 97.5th percentile and 2.5th percentile, respectively). Additionally, we excluded median and average loss calcula- tions for categories for which there were fewer than ten responses. Because the direct losses caused by financial statement frauds are typically spread among numerous stakeholders, obtaining an accurate estimate for this amount is extremely difficult. Consequently, for schemes involving financial statement fraud, we asked survey participants to provide the gross amount of the financial statement misstatement (over-or under-state- ment) involved in the scheme. All losses reported for financial stateme nt frauds through- out this report are based on those reported amounts. Item #11 Page 65 of 96 Methodology Repon to the Nations - - Survey Participants To provide context for the survey responses and to understand who investigates cases of occupational fraud, we asked respondents to provide certain information about their professional experience and qualifications. Primary Occupation As noted in Figure 48, 39% of survey respon- dents indicated that their primary occupation is as a fraud examiner/inves- tigator, followed by 21% who indicated they are internal auditors. April 5, 2022 Methodology Report to the Nations FIG. 48 What was the primary occupation of survey participants? Fraud examiner/investigator 39% Internal auditor 21% Accounting/finance professional 8% Law enforcement 7% Compliance and ethics professional 5% Risk and controls professional -4% External/independent auditor -3% Consultant -3% Other -3% Corporate security and loss prevention -3% Attorney ■ 1% IT /computer forensics specialist ■ 1% Bank examiner ■ 1% Private investigator ■ 1% Educator <1% Item #11 Page 66 of 96 Nature of Fraud Examination Role More than half of the survey re- spondents work in-house and conduct fraud-related engagements on behalf of a single company or agency. In contrast, 26% work for a professional services firm that con- ducts fraud-related engagements on behalf of client organizations, and 19% work in law enforcement and conduct fraud investigations of other parties under their agency's authority. Professional Experience The CFEs who participated in our survey had a median 11 years of fraud examination experience, with 30% having more than 15 years of expe- rience (see Figure 50). Additionally, as Figure 51 shows, one-quarter of survey participants have investigated more than 20 cases of fraud during the last two years, while 42% investi- gated five or fewer cases during that period. April 5, 2022 16-20 cases (60/,) 11-15 cases (8%) 6-10 cases (19°/,) ,;5 cases (42%) FIG. 49 What was the professional role of the survey participants? In-house examiner Other 2% Law enforcement Professional services firm FIG. 50 How much fraud examination experience did survey participants have? 21% s 5 years 28% 20% 17% 13% I 6-10 years 11-15 years 16-20 years >20 years FIG. 51 How many fraud cases have survey participants investigated in the past two years? Item #11 Page 67 of 96 Methodology Report to the Nations - FIG. 52 What are the most common occupational FIG. 53 How is occupational fraud initially detected fraud schemes in the Asia-Pacific region? in the Asia-Pacific region? Corruption Tip 51% 44% Noncash Internal audit 18% 15% Expense reimbursements Management review 16% 11% Billing Other 7% 15% External audit Financial statement fraud -7% 14% Account reconciliation Cash on hand -5% 11% By accident Payroll • 3% -8% Surveillance/monitoring Skimming • 3% -8% IT controls ■ 2% Check and payment tampering Document examination -7% ■ 2% Cash larceny Confession -4% ■ 2% Register disbursements Notification by law enforcement I 2% I 1% -April 5, 2022 Asia.Pacific Report to the Nations Item #11 Page 68 of 96 FIG . 54 What anti-fraud controls are the most common in the Asia-Pacific region? Control Percent of cases External audit of financial statements 93% Code of conduct 88% Internal audit department 84% Management certification of financial statements 80% Management review 78% External audit of Internal controls over financial reporting 75% Hotline 72% Independent audit committee 71% Fraud training for employees 64% Fraud training for managers/executives 62% Anti-fraud policy 59% Employee support programs 50% Dedicated fraud department, function, or team 50% Formal fraud risk assessments 45% Proactive data monitoring/analysis 43% Surprise audits 36% Job rotation/mandatory vacation 32% Rewards for whistleblowers 15% FIG. 55 How does the perpetrator's level of authority relate to occupational fraud in the Asia-Pacific region? C/1 w C/1 < u u. 0 ... z w u "' w Q. C/1 C/1 0 -' z < 0 w :I: April 5, 2022 40% Employee -$73,000 35% 21% Manager Owner/ executive $200.000 $1,200,000 FIG. 56 Cases by country in the Asia-Pacific region Country Number of cases Australia 29 China 33 Hong Kong 11 Indonesia 36 Japan 8 Laos Macau Malaysia 19 Myanmar (Burma) New Zealand 3 Philippines 24 Singapore 17 South Korea 5 Taiwan 2 Thailand 6 Vietnam 2 Total cases: MEDIAN LOSS: USO 195,000 Item #11 Page 69 of 96 Asia-Pacific Report to the Nations - - REGIONAL FOCUS EASTERN EUROPE AND WESTERN/ CENTRAL ASIA FIG. 57 What are the most common occupational fraud FIG. 58 How is occupational fraud initially schemes in Eastern Europe and Western/Central Asia? detected in Eastern Europe and Western/ Central Asia? Corruption Tip 61% Noncash Internal audit 22% Billing Management review 17% Other Cash on hand 13% Surveillance/monitoring Financial statement fraud -10% Document examination Skimming --8% Account reconciliation Expense reimbursements --7% Notification by law enforcement ■ Cash larceny -7% IT controls ■ Payroll External audit -5% ■ Check and payment tampering By accident ■ 4% ■ Register disbursements Confession I 1% I April 5, 2022 Item #11 Page 70 of 96 Eastern Europe and Western/Central Asia Report to the Nations 51% 14% 9% 6% 4% 3% 3% 2% 2% 2% 2% 1% FIG . 59 What anti-fraud controls are the most common in Eastern Europe and Western/Central Asia? Control Percent of cases External audit of financial statements 89% Code of conduct 87% Management review 84% Internal audit department 80% Management certification of financial statements 78% Hotline 76% Anti-fraud policy 73% Independent audit committee 72% External audit of internal controls over financial reporting 71% Fraud training for employees 67% Fraud training for managers/executives 66% Dedicated fraud department, function, or team 58% Formal fraud risk assessments 51% Surprise audits 45% Proactive data monitoring/analysis 42% Employee support programs 29% Job rotation/mandatory vacation 29% Rewards for whistleblowers 9% FIG. 60 How does the perpetrator's level of authority relate to occupational fraud in Eastern Europe and Western/Central Asia? If) w If) <{ u u.. 0 1-z w u a: w a. If) If) 0 ..J z <{ 0 w ~ 34% Employee $49,000 April 5, 2022 37% 26% Manager Owner/ executive $150,000 $454,000 FIG. 61 Cases by country in Eastern Europe and Western/Central Asia Country Number of cases Albania Azerbaijan Bosnia and Herzegovina Bulgaria 2 Czech Republic 5 Estonia Georgia Hungary 5 Kazakhstan 4 Kosovo 2 Lithuania Moldova North Macedonia 2 Poland 6 Romania 9 Russia 13 Serbia 14 Slovakia 3 Slovenia 4 Tajikistan Turkey 13 Ukraine 4 Uzbekistan Total cases: MEDIAN LOSS: USO 133,000 Item #11 Page 71 of 96 Eastern Europe and Western/Central Asia Report to the Nations - - REGIONAL FOCUS LATIN AMERICA AND THE CARIBBEAN FIG. 62 What are the most common occupational fraud FIG. 63 How is occupational fraud initially schemes in Latin America and the Caribbean? detected in Latin America and the Caribbean? Corruption Tip 51% Noncash Internal audit 23% Financial statement fraud Management review 19% Billing Notification by law enforcement 18% -Skimming External audit 13% -Expense reimbursements Other 10% ■ Cash on hand IT controls 10% ■ Payroll By accident 9% ■ Check and payment tampering Account reconciliation 8% ■ Cash larceny Document examination 8% I Register disbursements Confession • 4% I April 5, 2022 Item #11 Page 72 of 96 Latin America and the Caribbean Report to the Nations 55% 12% 9% 5% 4% 3% 3% 3% 3% 2% 1% FI G. 64 What anti-fraud controls are the most common in Latin America and the Caribbean? Control Percent of cases External audit of financial statements 88% Code of conduct 88% Internal audit department 81% Management certification of financial statements 72% Hotline 72% External audit of internal controls over financial reporting 71% Independent audit committee 67% Management review 65% Fraud training for employees 58% Anti-fraud policy 56% Fraud training for managers/executives 54% Dedicated fraud department, function, or team 46% Employee support programs 45% Formal fraud risk assessments 44% Surprise audits 40% Proactive data monitoring/analysis 26% Job rotation/mandatory vacation 16% Rewards for whistleblowers 9% FIG. 65 How does the perpetrator's level of authority relate to occupational fraud in Latin America and the Caribbean? Vl w Vl -,: u u. 0 .... z w u "' w a. Vl Vl 0 ..J z -,: 0 w ::; April 5, 2022 30% Employee -$90,000 46% Manager $250,000 20% Owner/ executive $800,000 FIG. 66 Cases by country in Latin America and the Caribbean Country Number of cases Argentina 10 Bahamas 5 Barbados Brazil 22 Chile 2 Colombia 10 Costa Rica 4 Cura~ao Dominican Republic Ecuador Grenada 2 Haiti Jamaica 3 Mexico 23 Peru 6 Saint Vincent and the Grenadines Suriname Trinidad and Tobago 5 Venezuela 2 Total cases: MEDIAN LOSS: USO 200,000 Item #11 Page 73 of 96 Latin America and the Caribbean Report to the Nations - - REGIONAL FOCUS MIDDLE EAST AND NORTH AFRICA FIG. 67 What are the most common occupational fraud schemes in the Middle East and North Africa? Corruption Noncash Skimming Cash on hand Cash larceny Expense reimbursements Billing Financial statement fraud -Payroll -Check and payment tampering -Register disbursements I April 5, 2022 Middle East and North Africa Report to the Nations 52% 19% 16% 12% 9% 8% 8% 7% 5% 4% 2% FIG . 68 How is occupational fraud initially detected in the Middle East and North Africa? Tip 46% Internal audit 17% Management review 9% Other 7% Account reconciliation -6% By accident -4% External audit -3% Document examination -3% IT controls ■ 2% Surveillance/monitoring I 1% Notification by law enforcement I 1% Confession I 1% Item #11 Page 74 of 96 FIG. 69 What anti-fraud controls are the most common in the Middle East and North Africa? Control Percent of cases External audit of financial statements 88% Internal audit department 87% Code of conduct 84% Management certification of financial statements 83% External audit of internal controls over financial reporting 74% Management review 72% Independent audit committee 72% Hotline 72% Fraud training for managers/executives 58% Surprise audits 55% Anti-fraud policy 55% Fraud training for employees 55% Dedicated fraud department, function, or team 46% Formal fraud risk assessments 45% Proactive data monitoring/analysis 41% Employee support programs 34% Job rotation/mandatory vacation 33% Rewards for whistleblowers 17% FIG. 70 How does the perpetrator's level of authority relate to occupational fraud in the Middle East and North Africa? 50% 38% VI w VI <t u u. 0 I-z w u 12% er: w a. Employee Manager Owner/ executive -$98,000 VI VI 0 .J z $300,000 <t 0 w ~ April 5, 2022 $600,000 FIG. 71 Cases by country in the Middle East and North Africa Country Number of cases Bahrain 5 Cyprus 11 Egypt 6 Iraq 3 Israel Jordan 4 Kuwait 9 Lebanon 4 Morocco 3 Oman 5 Qatar 5 Saudi Arabia 23 Tunisia 2 United Arab Emirates 46 Total cases: MEDIAN LOSS: USO 100,000 Item #11 Page 75 of 96 Middle East and North Africa Report to the Nations - FIG. 72 What are the most common occupational fraud FIG . 73 How is occupational fraud initially schemes in Southern Asia? detected in Southern Asia? Corruption Tip 76% 48% Noncash Internal audit 23% 18% Billing Document examination 6% 17% Financial statement fraud Management review 5% 12% Notification by law enforcement Expense reimbursements -4% -10% Surveillance/monitoring Skimming -4% -8% Other Payroll -4% ■ 4% IT controls Cash larceny -3% ■ 3% External audit -3% Cash on hand Account reconciliation I 2% -3% Register disbursements I 1% By accident ■ 2% Check and payment tampering Confession I 1% I 1% -April 5, 2022 Southern Asia Report to the Nations Item #11 Page 76 of 96 FIG. 74 What anti-fraud controls are the most common in Southern Asia? Control Percent of cases External audit of financial statements 88% Management certification of financial statements 86% Internal audit department 86% Code of conduct 81% External audit of internal controls over financial reporting 76% Management review 72% Independent audit committee 70% Hotline 66% Anti-fraud policy 64% Fraud training for managers/executives 55% Fraud training for employees 51% Employee support programs 43% Surprise audits 43% Dedicated fraud department, function, or team 36% Formal fraud risk assessments 35% Proactive data monitoring/analysis 34% Job rotation/mandatory vacation 29% Rewards for whistleblowers 20% FIG. 75 How does the perpetrator's level of authority relate to occupational fraud in Southern Asia? Vl w Vl <( u u.. 0 t-z UJ u 0: UJ a. Vl Vl 0 ~ z <( 0 UJ :E 23% Employee $28,000 April 5, 2022 42% Manager $117,000 31% Owner/ executive $575,000 FIG. 76 Cases by country in Southern Asia Country Number of cases Afghanistan 3 Bangladesh 4 India 77 Nepal Pakistan 15 Sri Lanka 3 Total cases: MEDIAN LOSS: USO 117,000 Item #11 Page 77 of 96 Southern Asia Report to the Nations - FIG. 77 What are the most common occupational fraud FIG. 78 How is occupational fraud initially schemes in Sub-Saharan Africa? detected in Sub-Saharan Africa? Corruption Tip 56% 48% Internal audit 19% 14% Noncash Management review 18% 11% Other Cash on hand -6% 14% Account reconciliation Skimming -4% 13% External audit Expense reimbursements -4% 11% Document examination Cash larceny -3% 11% By accident Financial statement fraud -3% 11% Surveillance/monitoring ■ 2% Check and payment tampering IT controls 8% ■ 2% Payroll Notification by law enforcement -5% I 1% Register disbursements Confession ■ 3% I 1% -April 5, 2022 Sub-Saharan Africa Report to the Nations Item #11 Page 78 of 96 FIG. 79 What anti-fraud controls are the most common in Sub-Saharan Africa? Control Percent of cases External audit of financial statements 92% Code of conduct 86% Internal audit department 85% Management certification of financial statements 82% External audit of internal controls over financial reporting 79% Management review 70% Hotline 69% Independent audit committee 69% Anti-fraud policy 61% Fraud training for employees 57% Fraud training for managers/executives 54% Dedicated fraud department, function, or team 49% Employee support programs 49% Surprise audits 48% Formal fraud risk assessments 44% Proactive data monitoring/analysis 31% Job rotation/mandatory vacation 28% Rewards for whistleblowers 21% FIG. 80 How does the perpetrator's level of authority relate to occupational fraud in Sub-Saharan Africa? "' w "' ~ u u.. 0 ... z w u "' w a.. "' "' 0 _, z ~ 0 w :::; April 5, 2022 41% Employee -$40,000 37% 18% Manager Owner/ executive $100,000 $979,000 FIG . 81 Cases by country in Sub-Saharan Africa Country Number of cases Angola Benin Botswana 5 Burundi Cameroon 4 Central African Republic 2 Chad Cote d'Ivoire 4 Democratic Republic of the Congo 5 Ethiopia 2 Gabon Ghana 12 Kenya 53 Lesotho 2 Liberia 8 Madagascar 4 Malawi 10 Mauritius 6 Mozambique 3 Namibia 3 Nigeria 49 Rwanda 3 Senegal 2 South Africa 77 Sudan 2 Swaziland Tanzania 7 Togo 4 Uganda 16 Zambia 3 Zimbabwe 9 Total cases: MEDIAN LOSS: USO 100,000 Item #11 Page 79 of 96 Sub-Saharan Africa Report to the Nations - - REGIONAL FOCUS UNITED STATES AND CANADA FIG. 82 What are the most common occupational fraud schemes in the United States and Canada? Corruption 33% Billing 26% Expense reimbursements 19% Noncash 18% Check and payment tampering 14% Payroll 13% Skimming 11% Financial statement fraud 10% Cash on hand 10% Cash larceny 8% Register disbursements -3% April 5, 2022 United States and Canada Report to the Nations FIG. 83 How is occupational fraud initially detected in the United States and Canada? Tip Management review Internal audit By accident Other Account reconciliation -Document examination -External audit -Surveillance/monitoring -Notification by law enforcement -Confession I IT controls I Item #11 Page 80 of 96 37% 15% 14% 7% 6% 4% 4% 4% 3% 3% 1% 1% FIG. 84 What anti-fraud controls are the most common in the United States and Canada? Control Percent of cases Code of conduct 80% External audit of financial statements 72% Internal audit department 71% Employee support programs 71% Management review 68% Management certification of financial statements 67% Independent audit committee 61% Hotline 57% External audit of internal controls over financial reporting 54% Fraud training for managers/executives 51% Fraud training for employees 51% Anti-fraud policy 44% Proactive data monitoring/analysis 38% Formal fraud risk assessments 35% Dedicated fraud department. function, or team 33% Surprise audits 28% Job rotation/mandatory vacation 15% Rewards for whistleblowers 10% FIG . 85 How does the perpetrator's level of authority relate to occupational fraud in the United States and Canada? Vl w Vl <I u IL 0 I-z w u "' w Q. Vl Vl 0 ...J z <I 0 w :. April 5, 2022 44% Employee -$60,000 32% Manager $139,000 21% Owner/ executive $438,000 FIG. 86 Cases by country in the United States and Canada Country Number of cases Canada 66 United States 829 Total cases: MEDIAN LOSS: USO 120,000 46% OF ALL CASES Item #11 Page 81 of 96 United States and Canada Report to the Nations - FIG. 87 What are the most common occupational fraud FIG. 88 How is occupational fraud initially schemes in Western Europe? detected in Western Europe? Corruption Tip 39% Billing Internal audit 15% 17% Noncash Management review 15% 12% Expense reimbursements By accident 12% 9% Financial statement fraud Other 11% -6% Cash on hand Surveillance/monitoring 11% -5% Check and payment tampering Notification by law enforcement 7% -5% Cash larceny External audit 6% • 3% Skimming Account reconciliation -5% ■ 2% Payroll IT controls -4% ■ 2% Register disbursements Document examination ■ 2% ■ 2% April 5, 2022 -Western Europe Report to the Nations Item #11 Page 82 of 96 FIG. 89 What anti-fraud controls are the most common in Western Europe? Control Percent of cases External audit of financial statements 89% Code of conduct 87% Management certification of financial statements 81% Internal audit department 80% External audit of internal controls over financial reporting 79% Management review 74% Independent audit committee 70% Hotline 65% Anti-fraud policy 65% Fraud training for managers/executives 62% Fraud training for employees 61% Employee support programs 57% Formal fraud risk assessments 53% Dedicated fraud department, function, or team 51% Proactive data monitoring/analysis 44% Surprise audits 43% Job rotation/mandatory vacation 25% Rewards for whistleblowers 6% FIG. 90 How does the perpetrator's level of authority relate to occupational fraud in Western Europe? "' w "' " u u. 0 I- % w u .. w .. "' "' g z " 0 w ::£ April 5, 2022 45% Employee -s100.ooo 33% 17'l\ Manager Owner/ executive ■ $150,000 $1,350,000 FIG. 91 Cases by country in Western Europe Country Number of cases Austria 2 Belgium 3 Denmark 2 Finland 3 France 6 Germany 12 Greece 21 Ireland 2 Italy 10 Luxembourg Netherlands 12 Spain 13 Switzerland 17 United Kingdom 24 Total cases: MEDIAN LOSS: USO 139,000 7% OF ALL CASES Item #11 Page 83 of 96 Western Europe Report to the Nations - - Cases 25th percentile Median (50th) 75th percentile Mean• /111 ch,, 2 448 $29 ')00 $12', 000 $GO:, 000 $1 ',09 000 Schemes Asset misappropriation 1,639 $21,000 $100,000 $500,000 $1,199,000 Billing 306 $20,000 $100,000 $407,000 $842,000 Noncash 305 $10,000 $78,000 $500,000 $1,138,000 Expense reimbursements 193 $6,000 $33,000 $140,000 $202,000 Skimming 160 $10,000 $47,000 $133,000 $361,000 Cash on hand 154 $5,000 $26,000 $95,000 $1,204,000 Check and payment tampering 141 $40,000 $110,000 $500,000 $588,000 Cash larceny 106 $13,000 $83,000 $305,000 $1,000,000 Payroll 105 $16,000 $62,000 $238,000 $367,000 Register disbursements 27 $7,000 $20,000 $65,000 $85,000 Corruption 789 $34,000 $200,000 $1,100,000 $3,039,000 Financial statement fraud 186 $140,000 $954,000 $5,000,000 $8,693,000 Detection method Tip 869 $30,000 $145,000 $750,000 $1,486,000 Internal audit 291 $14,000 $100,000 $350,000 $1,115,000 Management review 240 $26,000 $100,000 $570,000 $1,316,000 By accident 103 $50,000 $200,000 $600,000 $613,000 Account reconciliation 86 $17,000 $81,000 $325,000 $485,000 External audit 80 $39,000 $150,000 $972,000 $2,397,000 Document examination 71 $32,000 $101,000 $500,000 $1,357,000 Surveillance/monitoring 56 $10,000 $44,000 $300,000 $955,000 Notified by law enforcement 48 $197,000 $900,000 $9,750,000 $5,206,000 IT controls 33 $9,000 $80,000 $1,255,000 $1,133,000 Confession 23 $100,000 $225,000 $3,000,000 $3,826,000 'Mean amounts were calculated using loss data that was winsorized at 5% (i.e .• assigned all cases in the top 2.5% and bottom 2.5% the same value as the 97.Sth percentile and 2.Sth percentile, respectively). April 5, 2022 Item #11 Page 84 of 96 Statistic.ii Appendix Report to the Nations Cases 25th percentile Median (50th) 75th percentile Mean• Victim organization Region: United States and Canada 886 $22,000 $120,000 $563,000 $1,234,000 Sub-Saharan Africa 295 $15,000 $100,000 $568,000 $1,523,000 Asia-Pacific 197 $38,000 $195,000 $1,000,000 $1,988,000 Western Europe 124 $50,000 $139,000 $638,000 $2,113,000 Middle East and North Africa 124 $33,000 $100,000 $1,000,000 $1,302,000 Southern Asia 102 $28,000 $117,000 $713,000 $2,208,000 Latin America and the Caribbean 99 $50,000 $200,000 $1,000,000 $1,500,000 Eastern Europe and Western/Central Asia 94 $30,000 $133,000 $499,000 $1,603,000 Organization type: Private company 883 $31,000 $150,000 $750,000 $1,451,000 Public company 529 $35,000 $150,000 $925,000 $1,675,000 Nonprofit 189 $12,000 $75,000 $300,000 $639,000 Government 327 $23,000 $100,000 $530,000 $1,812,000 National 141 $34,000 $200,000 $1,000,000 $2,652,000 State/provincial 66 $12,000 $91,000 $1,125,000 $2,693,000 Local 105 $18,000 $75,000 $253,000 $365,000 Organization size: <100 employees 516 $31,000 $150,000 $697,000 $1,145,000 100-999 employees 452 $26,000 $120,000 $520,000 $1,580,000 1,000-9,999 employees 541 $24,000 $100,000 $513,000 $1,557,000 10,000+ employees 496 $32,000 $140,000 $800,000 $1,715,000 Organization revenue: < USO 50 million 745 $28,000 $114,000 $500,000 $985,000 USO 50 million-USO 499 million 473 $20,000 $120,000 $684,000 $1,884,000 USO 500 million-USO 999 million 236 $21,000 $132,000 $608,000 $1,936,000 USO 1 billion+ 526 $35,000 $150,000 $1,000,000 $1,679,000 Industry: Banking and financial services 379 $20,000 $100,000 $600,000 $1,546,000 Government and public administration 193 $18,000 $100,000 $500,000 $1,609,000 Manufacturing 181 $50,000 $198,000 $1,000,000 $1,579,000 Health care 147 $33,000 $200,000 $900,000 $1,508,000 Energy 91 $54,000 $275,000 $1,225,000 $2,337,000 Retail 89 $10,000 $85,000 $550,000 $1,112,000 Insurance 86 $12,000 $70,000 $410,000 $889,000 Education 81 $17,000 $65,000 $250,000 $354,000 Construction 77 $47,000 $200,000 $995,000 $1,872,000 Telecommunications 66 $71,000 $250,000 $2,000,000 $2,049,000 Technology 65 $39,000 $150,000 $1,000,000 $1,823,000 Transportation and warehousing 63 $32,000 $150,000 $1,000,000 $653,000 Food service and hospitality 58 $29,000 $114,000 $509,000 $771,000 Services (professional) 53 $46,000 $150,000 $700,000 $772,000 Real estate 52 $38,000 $254,000 $1,777,000 $1,988,000 Religious, charitable, or social services 43 $12,000 $76,000 $300,000 $919,000 Agriculture, forestry, fishing, and hunting 39 $29,000 $100,000 $1,000,000 $2,191,000 Arts, entertainment, and recreation 39 $30,000 $90,000 $255,000 $1,254,000 Services (other) 29 $7,000 $150,000 $1,400,000 $2,316,000 Mining 26 $100,000 $475,000 $3,100,000 $4,409,000 Wholesale trade 25 $20,000 $130,000 $454,000 $923,000 Utilities 20 $14,000 $163,000 $350,000 $1,271,000 Communications and publishing 14 $39,000 $115,000 $526,000 $673,000 April 5, 2022 Item #11 Page 85 of 96 Statistical Appendix Report to the Nations - Cases 25th percentile Median (50th) 75th percentile Mean Perpetrator Number of perpetrators: One perpetrator 954 $15,000 $90,000 $300,000 $666,000 Two perpetrators 358 $30,000 $105,000 $713,000 $1,115,000 Three or more perpetrators 641 $75,000 $350,000 $2,000,000 $2,953,000 Position: Employee 803 $10,000 $60,000 $259,000 $545,000 Manager 688 $36,000 $150,000 $600,000 $1,247,000 Owner/executive 398 $111,000 $600,000 $3,485,000 $3,817,000 Tenure: > 10 years 452 $50,000 $200,000 $1,000,000 $2,082,000 6-10 years 432 $50,000 $190,000 $1,000,000 $1,664,000 1-5 years 886 $20,000 $100,000 $500,000 $1,268,000 < 1 year 169 $10,000 $50,000 $295,000 $604,000 Department: Operations 285 $12,000 $72,000 $410,000 $1,249,000 Accounting 273 $50,000 $200,000 $763,000 $1,109,000 Executive/upper management 230 $132,000 $596,000 $3,383,000 $3,787,000 Sales 222 $22,000 $94,000 $385,000 $807,000 Customer service 174 $15,000 $86,000 $250,000 $826,000 Administrative support 114 $10,000 $76,000 $259,000 $568,000 Finance 101 $19,000 $100,000 $682,000 $1,833,000 Purchasing 95 $39,000 $200,000 $1,000,000 $1,556,000 Information technology 66 $73,000 $200,000 $813,000 $1,204,000 Facilities and maintenance 59 $30,000 $100,000 $450,000 $390,000 Warehousing/inventory 58 $20,000 $85,000 $313,000 $453,000 Board of directors 45 $101,000 $750,000 $5,575,000 $5,205,000 Marketing/public relations 40 $20,000 $100,000 $363,000 $797,000 Manufacturing and production 34 $45,000 $275,000 $1,350,000 $1,486,000 Human resources 27 $15,000 $40,000 $400,000 $915,000 Legal 13 $10,000 $195,000 $741,000 $450,000 Research and development 12 $26,000 $350,000 $1,113,000 $1,795,000 Internal audit 8 'Loss calculations were omitted for categories with fewer than ten responses. -April 5, 2022 Statistical Appendix Report to the Nations Item #11 Page 86 of 96 Cases 25th percentile Median (50th) 75th percentile Mean Perpetrator (cont.) Gender: Male 1,391 $35,000 $150,000 $1,000,000 $1,823,000 Female 543 $18,000 $85,000 $300,000 $6n,ooo Age: <26 81 $5,000 $20,000 $113,000 $169,000 26-30 191 $15,000 $65,000 $250,000 $403,000 31-35 307 $18,000 $80,000 $400,000 $845,000 36-40 347 $31,000 $150,000 $600,000 $1,320,000 41-45 345 $38,000 $141,000 $750,000 $1,733,000 46-50 268 $56,000 $213,000 $1,200,000 $2,379,000 51-55 152 $50,000 $207,000 $1,000,000 $1,641,000 56-60 117 $78,000 $400,000 $2,284,000 $3,086,000 >60 60 $120,000 $575,000 $3,425,000 $3,644,000 Education level: High school graduate or less 325 $15,000 $80,000 $312,000 $933,000 Some university 219 $30,000 $150,000 $451,000 $751,000 University degree 751 $40,000 $175,000 $1,000,000 $1,811,000 Postgraduate degree 238 $35,000 $200,000 $1,000,000 $2,285,000 April 5, 2022 Item #11 Page 87 of 96 Statistical Appendix Report to the Nations - - Age of Perpetrator How does the perpetrator's age relate to occupational fraud? Spotlight: Profile of a fraudster Anti-Fraud Controls 45 46--47 How do anti-fraud controls vary by size of victim organization? 35 How does the presence of anti-fraud controls relate to median loss? 33 How does the presence of anti-fraud controls relate to the duration of fraud? 34 How has the use of anti-fraud controls changed over the last decade? 32 Spotlight Internal control weaknesses that contribute to occupational fraud 36 Spotlight: Fraud in nonprofits 28-29 Spotlight Hotline and reporting mechanism effectiveness 21 What anti-fraud controls are most common in various regions? 63-77 What anti-fraud controls are most common? 31 Behavioral Red Flags of Perpetrator Do fraud perpetrators also engage in non-fraud-related misconduct? 51 Do fraud perpetrators experience negative HR-related issues prior to or during their frauds? 51 How often do perpetrators exhibit behavioral red flags? 50 --------Sp o ti i g ht: Behavioral Red Flags of Fraud 52-53 Case Results How do victim organizations punish fraud perpetrators? 54 ----------How does the recovery of fraud losses vary by region? 57 ---------How does the type of scheme relate to fines incurred by victim organizations? 57 Spotlight: Response to fraud 55 Why do organizations decline to refer cases to law enforcement? 56 Cost of Fraud How do gender distribution and median loss vary based on the perpetrator's level of authority? 44 ---------How does the perpetrator's age relate to occupational fraud? 45 How does an organization's gross annual revenue relate to its occupational fraud risk? 25 How does an organization's size relate to its occupational fraud risk? 25 How does detection method relate to fraud loss and duration? 20 How does occupational fraud affect organizations in different industries? 27 April 5, 2022 Index of Figures Report to the Nations How does the duration of a fraud relate to median loss? 14 ---------How does the number of perpetrators in a scheme relate to occupational fraud? 48 How does the perpetrator's education level relate to occupational fraud? 46 How does the perpetrator's gender relate to occupational fraud? 43 How does the perpetrator's level of authority relate to occupational fraud in various regions? 6'J-77 How does the perpetrator's tenure relate to median loss at different levels of authority? 40 How does the perpetrator's tenure relate to occupational fraud? 39 How does the presence of anti-fraud controls relate to median loss? 33 How is occupational fraud committed? 10 Spotlight Fraud in nonprofits 28-29 Spotlight Hotline and reporting mechanism effectiveness 21 Spotlight Profile of a fraudster 46--47 Spotlight: The global cost of fraud 8-9 What asset misappropriation schemes present the greatest risk? 13 What departments pose the greatest risk for occupational fraud? 41 What is the typical velocity (median loss per month) of different occupational fraud schemes? What levels of government are victimized by occupational fraud? What types of organizations are victimized by occupational fraud? Concealment of Fraud Schemes Spotlight: How occupational fraud is concealed Criminal and Employment Background of Perpetrator Do perpetrators tend to have prior employment-related 16 24 24 17 disciplinary actions for fraud? 49 Do perpetrators tend to have prior fraud convictions? 48 ---------Sp o ti i g ht: Behavioral red flags of fraud 52-53 Was a background check run on the perpetrator prior to hiring? 37 What types of background checks were run on the perpetrator prior to hiring? 37 Demographics of Survey Participants How many fraud cases have survey participants investigated in the past two years? 61 How much fraud examination experience did survey participants have? 61 What was the primary occupation of survey participants? 60 What was the professional role of the survey participants? 61 Item #11 Page 88 of 96 Department of Perpetrator What are the most common occupational fraud schemes in high-risk departments? 42 What departments pose the greatest risk for occupational fraud? 41 Spotlight Profile of a fraudster 46-47 Detection Method How does detection method relate to fraud duration and loss? 20 How is occupational fraud initially detected? 19 ---------To whom did whistleblowers initially report? 23 ---------What formal reporting mechanisms did whistleblowers use? 22 Who reports occupational fraud? 19 Spotlight: Fraud in nonprofits 28-29 Spotlight: Hotline and reporting mechanism effectiveness 21 ---------- Duration of Fraud How does detection method relate to fraud loss and duration? 20 How does the duration of a fraud relate to median loss? 14 How does the perpetrator's level of authority relate to scheme duration? 39 How does the presence of anti-fraud controls relate to the duration of fraud? 34 How long do different occupational fraud schemes last? 15 Education Level of Perpetrator How does the perpetrator's education level relate to occupational fraud? 46 Spotlight: Profile of a fraudster 46-47 Gender of Perpetrator How does gender distribution and median loss vary based on the perpetrator's level of authority? 44 ----------How does the gender distribution of perpetrators vary by region? 43 How does the perpetrator's gender relate to occupational fraud? 43 Spotlight: Profile of a fraudster 46-47 Geographical Region of Victim Organization How does the gender distribution of perpetrators vary by region? How does the recovery of fraud losses vary by region? 43 57 ----------Regional focus (most common schemes, detection, anti-fraud controls, perpetrator's level of authority, and cases by country) Asia-Pacific 62-77 62-63 Eastern Europe and Western/Central Asia 64-65 ---------Latin America and the Caribbean 66-67 Middle East and North Africa 68-69 Southern Asia 70-71 Sub-Saharan Africa 72-73 United States and Canada 74-75 Western Europe 76-77 Reported cases by region 7 Spotlight: The global cost of fraud 8-9 Industry of Victim Organization How does occupational fraud affect organizations in different Industries? Spotlight: Fraud in nonprofits What are the most common occupational fr~~W)e~~51l:J'1~us industries? 27 28-29 30 Number of Perpetrators How does the number of perpetrators in a scheme relate to occupational fraud? Spotlight: Internal control weaknesses that contribute to occupational fraud Position of Perpetrator How does gender distribution and median loss vary based on the perpetrator's level of authority? 48 36 44 ---------How does the perpetrator's level of authority relate to occupational fraud? 38 Based on region 63-77 How does the perpetrator's level of authority relate to scheme duration? 39 How does the perpetrator's tenure relate to median loss at different levels of authority? 40 ----------Spotlight: Internal control weaknesses that contribute to occupational fraud Spotlight: Fraud in nonprofits Spotlight: Profile of a fraudster Scheme Type 36 28-29 46-47 How do fraud schemes vary by organization size? 26 --------How is occupational fraud committed? 10 How long do different occupational fraud schemes last? 15 ----------How often do fraudsters commit more than one type of occupational fraud? 12 Occupational Fraud and Abuse Classification System (the Fraud Tree) 11 Spotlight: Fraud in nonprofits What are the most common occupational fraud schemes in high-risk departments? What are the most common occupational fraud schemes in various industries? What asset misappropriation schemes present the greatest risk? What Is the typical velocity (median loss per month) of different occupational fraud schemes? Size of Victim Organization How do anti-fraud controls vary by size of victim organization How do fraud schemes vary by organization size? 28-29 42 30 13 16 35 26 ---------How does an organization's gross annual revenue relate to its occupational fraud risk? How does an organization's size relate to its occupational fraud risk? Spotlight: Control weaknesses that contribute to occupational fraud Spotlight: Hotline and reporting mechanism effectiveness Tenure of Perpetrator How does the perpetrator's tenure relate to median loss at different levels of authority? How does the perpetrator's tenure relate to occupational fraud? Spotlight: Profile of a fraudster Type of Victim Organization What levels of government are victimized by occupational fraud? What types of organizations are victimized by occupational fraud? 25 25 36 21 40 39 46-47 24 24 Item #11 Page 89 of 96 Index of Figures Report to the Nations - - The most cost-effective way to limit fraud losses is to prevent fraud from occurring. This checklist is designed to help organizations test the effectiveness of their fraud prevention measures. Additional guidance, resourc- es, and tools for managing organizational fraud risk can be found at ACFE.com/fraudrisktools. 1. Is ongoing anti-fraud training provided to all 3. To increase employees' perception of detec- employees of the organization? tion, are the following proactive measures □ Do employees understand what constitutes taken and publicized to employees? fraud? □ Is possible fraudulent conduct aggressively □ Have the costs of fraud to the company and sought out, rather than dealt with passively? everyone in it-including lost profits, adverse □ Are surprise fraud audits performed in publicity, potential job loss, and decreased addition to regularly scheduled audits? morale and productivity-been made clear to □ Are data analytics techniques used to pro-all employees? actively search for fraud and, if so, has the D Do employees know where to seek advice use of such techniques been made known when faced with uncertain ethical decisions, throughout the organization? and do they believe that they can speak freely? D Do managers actively review the controls, D Has a policy of zero-tolerance for fraud been processes, accounts, or transactions under communicated to employees through words their purview for adherence to company and actions? policies and expectations? 2. Is an effective fraud reporting mechanism in 4. Is the management climate/tone at the top one place? of honesty and integrity? D Have employees been taught how to com-D Are employees periodically surveyed to municate concerns about known or potential determine the extent to which they believe wrongdoing? management acts with honesty and integrity? D Are one or more reporting channels (e.g., a D Are performance goals realistic and clearly third-party hotline, dedicated email inbox, or communicated? web-based form) available to employees? □ Have fraud prevention goals been incorpo- □ Do employees trust that they can report sus-rated into the performance measures that are picious activity anonymously and/or confiden-used to evaluate managers and to determine tially (where legally permissible) and without performance-related compensation? fear of reprisal? D Has the organization established, implemented, D Has it been made clear to employees that and tested a process for oversight of fraud risks reports of suspicious activity will be promptly by the board of directors or others charged with and thoroughly evaluated? governance (e.g., the audit committee)? D Do reporting policies and mechanisms extend to vendors, customers, and other outside parties? April 5, 2022 Item #11 Page 90 of 96 Fraud Prevention Checklist Reporl to the Nations 5. Are fraud risk assessments performed to pro- actively identify and mitigate the company's vulnerabilities to internal and external fraud? 6. Are strong anti-fraud controls in place and operating effectively, including the following? □ Proper separation of duties □ Use of authorizations □ Physical safeguards □ Job rotations □ Mandatory vacations 7. Does the internal audit department, if one exists, have adequate resources and authority to operate effectively and without undue influ- ence from senior management? 8. Does the hiring policy include the following (where permitted by law)? □ Past employment verification □ Criminal and civil background checks □ Credit checks □ Drug screening □ Education verification □ References checks April 5, 2022 9. Are employee support programs in place to assist employees struggling with addiction, mental/emotional health, family, or financial problems? 10. Is an open-door policy in place that allows employees to speak freely about pressures, providing management the opportunity to alleviate such pressures before they become acute? 11. Are regular, anonymous surveys conducted to assess employee morale? Item #11 Page 91 of 96 Fraud Prevention Checklist Report to the Nations - - Asset misappropriation: A scheme in which an employee steals or misuses the employing organization's resourc- es (e.g., theft of company cash, false billing schemes, or inflated expense reports) Billing scheme: A fraudulent disbursement scheme in which a person causes their employer to issue a payment by submitting invoices for fictitious goods or services, inflated invoices, or invoices for personal purchases (e.g., employee creates a shell company and bills employer for services not actually rendered; employee purchases personal items and submits an invoice to employer for payment) Cash larceny: A scheme in which an incoming payment is stolen from an organization after it has been recorded on the organization's books and records (e.g., employee steals cash and checks from daily receipts before they can be deposited in the bank) Cash-on-hand misappropriations: A scheme in which the perpetrator misappropriates cash kept on hand at the victim organization's premises (e.g., employee steals cash from a company vault) Check or payment tampering scheme: A fraudulent dis- bursement scheme in which a person steals their employ- er's funds by intercepting, forging, or altering a check or electronic payment drawn on one of the organization's bank accounts (e.g., employee steals blank company checks and makes them out to themself or an accomplice; employee re-routes an outgoing electronic payment to a vendor to be deposited into their own bank account) Corruption: A scheme in which an employee misuses their influence in a business transaction in a way that violates their duty to the employer in order to gain a direct or indi- rect benefit (e.g., schemes involving bribery or conflicts of interest) Employee support programs: Programs that provide assistance to employees dealing with personal issues or challenges, such as counseling services for drug, family, or financial problems Expense reimbursements scheme: A fraudulent disburse- ment scheme in which an employee makes a claim for reim- bursement of fictitious or inflated business expenses (e.g., employee files fraudulent expense report, claiming personal travel, nonexistent meals) April 5, 2022 Glossary of Terminology Report to the Nations Financial statement fraud: A scheme in which an employee intentionally causes a misstatement or omission of mate- rial information in the organization's financial reports (e.g., recording fictitious revenues, understating reported expens- es, or artificially inflating reported assets) Hotline: A mechanism to report fraud or other violations, whether managed internally or by an external party. This might include, in addition to telephone hotlines, web-based platforms and other mechanisms established to facilitate fraud reporting. Management review: The process of management review- ing organizational controls, processes, accounts, or transac- tions for adherence to company policies and expectations Noncash misappropriations: Any scheme in which an employee steals or misuses noncash assets of the victim organization (e.g., employee steals inventory from a ware- house or storeroom; employee steals or misuses confiden- tial customer information) Occupational fraud: The use of one's occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization's resources or assets Payroll scheme: A fraudulent disbursement scheme in which an employee causes their employer to issue a payment by making false claims for compensation (e.g., employee claims overtime for hours not worked; employee adds ghost employees to the payroll) Primary perpetrator: The person who worked for the victim organization and who was reasonably confirmed as the primary culprit in the case Register disbursements scheme: A fraudulent disburse- ment scheme in which an employee makes false entries on a cash register to conceal the fraudulent removal of cash (e.g., employee fraudulently voids a sale on his or her cash register and steals the cash) Skimming: A scheme in which an incoming payment is stolen from an organization before it is recorded on the organization's books and records (e.g., employee accepts payment from a customer but does not record the sale and instead pockets the money) Item #11 Page 92 of 96 ABOUT THE ACFE Founded in 1988 by Dr. Joseph T. Wells, CFE, CPA, the Association of Certified Fraud Examiners (ACFE) is the world's largest anti-fraud organization and premier provider of anti-fraud training and education. Together with more than 85,000 members, the ACFE is reducing business fraud worldwide and providing the training and resources needed to fight fraud more effectively. The ACFE provides educational tools and practical solutions for anti-fraud professionals through events, education, publications, networking, and educational tools for colleges and universities. Certified Fraud Examiners The ACFE offers its members the opportunity for professional certification with the Certified Fraud Examiner (CFE) credential. The CFE is preferred by businesses and government entities around the world, and indicates expertise in fraud prevention and detection. CFEs are anti-fraud experts who have demonstrated knowledge in four critica l areas: Financial Transactions and Fraud Schemes, Law, Investigation, and Fraud Prevention and Deterrence. Membership • Members of the ACFE include accountants, internal auditors, fraud investigators, law enforcement officers, lawyers, business leaders, risk/compliance professionals, and educators, all of whom have access to expert training, educational tools, and resources. Whether their career is focused exclusively on preventing and de- tecting fraudulent activities or they just want to learn more about fraud, the ACFE provides the essential tools and resources necessary for anti-fraud professionals to accomplish their objectives. To learn more, visit ACFE.com or call (800) 245-3321 / +1 (512) 478-9000. Contact Association of Certified Fraud Examiners Global Headquarters 716 West Ave I Austin, TX 78701-2727 I USA Phone: (800) 245-3321 / +1 (512) 478-9000 ACFE.com I info@ACFE.com TERMS OF USE: The Report to the Nations is available for use free of charge as a public service of the ACFE. You may download, copy and/or dis- tribute the Report to the Notions for personal or business use on the following conditions: 1. No portion of the Report to the Nations may be sold or otherwise licensed, shared or transferred to any party for a fee, or included in any work that is to be sold, licensed, shared or transferred to any party for a fee, without the express written consent of the ACFE. The foregoing notwithstanding, you are permitted to use the Report to the Nations as part of a speech or presentation for which an admission fee is charged. 2. The Report to the Nations must be properly attributed to the ACFE, including the name of the publication. An example of proper attribution is: "2020 Report to the Notions. Copyright 2020 by the Association of Certified Fraud Examiners, Inc." April 5, 2022 Item #11 Page 93 of 96 About the ACFE Report to the Nations - State of California GOVERNMENT CODE Section 53087 .6 Exhibit 3 53087.6. (a) (1) A city, county, or city and county auditor or controller who is elected to office may maintain a whistleblower hotline to receive calls from persons who have information regarding fraud, waste, or abuse by local government employees. (2) A city, county, or city and county auditor or controller who is appointed by, or is an employee of, a legislative body or the government agency that is governed by the city, county, or city and county, shall obtain approval of that legislative body or the government agency, as the case may be, prior to establishing the whistleblower hotline. (b) The auditor or controller may refer calls received on the whistleblower hotline to the appropriate government authority for review and possible investigation. (c) During the initial review of a call received pursuant to subdivision (a), the auditor or controller, or other appropriate governmental agency, shall hold in confidence information disclosed through the whistleblower hotline, including the identity of the caller disclosing the information and the parties identified by the caller. (d) A call made 'to the whistleblower hotline pursuant to subdivision (a), or its referral to an appropriate agency under subdivision (b ), may not be the sole basis for a time period under a statute of limitation to commence. This section does not change existing law relating to statutes of limitation. ( e) (I) Upon receiving specific information that an employee or local government has engaged in an improper government activity, as defined by paragraph (2) of subdivision (f), a city or county auditor or controller may conduct an investigative audit of the matter. The identity of the person providing the information that initiated the investigative audit shall not be disclosed without the written permission of that person, unless the disclosure is to a law enforcement agency that is conducting a criminal investigation. If the specific information is in regard to improper government activity that occurred under the jurisdiction of another city, county, or city and county, the information shall be forwarded to the appropriate auditor or controller for that city, county, or city and county. (2) Any investigative audit conducted pursuant to this subdivision shall be kept confidential, except to issue any report of an investigation that has been substantiated, or to release any findings resulting from a completed investigation that are deemed necessary to serve the interests of the public. In any event, the identity of the individual or individuals reporting the improper government activity, and the subject employee or employees shall be kept confidential. (3) Notwithstanding paragraph (2), the auditor or controller may provide a copy of a substantiated audit report that includes the identities of the subject employee or April 5, 2022 Item #11 Page 95 of 96 employees and other pertinent information concerning the investigation to the appropriate appointing authority for disciplinary purposes. The substantiated audit report, any subsequent investigatory materials or information, and the disposition of any resulting disciplinary proceedings are subject to the confidentiality provisions of applicable local, state, and federal statutes, rules, and regulations. ( f) ( 1) For purposes of this section, "employee" means any individual employed by any county, city, or city and county, including any charter city or county, and any school district, community college district, municipal or public corporation, or political subdivision that falls under the auditor's or controller's jurisdiction. (2) For purposes of this section, "fraud, waste, or abuse" means any activity by a local agency or employee that is undertaken in the performance of the employee's official duties, including activities deemed to be outside the scope of his or her employment, that is in violation of any local, state, or federal law or regulation relating to corruption, malfeasance, bribery, theft of government property, fraudulent claims, fraud, coercion, conversion, malicious prosecution, misuse of government property, or willful omission to perform duty, is economically wasteful, or involves gross misconduct. (Amended by Stats. 20 I 0, Ch. 80, Sec. I. (AB 1666) Effective January I, 2011.) April 5, 2022 Item #11 Page 96 of 96