The Association of Certified Fraud Examiners estimates the loss from occupational fraud and abuse at approximately $600 billion per year, or about $4,500 per employee. The FBI has labeled fraud the fastest growing crime, and accordingly allocates a large portion of its resources to fighting fraud. There are many types of fraud, but all can be classified as those committed against the corporation or those committed on behalf of the organization.
This article reports the results of a survey developed by the authors and sent to members of the Government Finance Officers Association of Texas via electronic mail. Responses were received from 54 governmental entities. The results of the survey are compared to the KPMG 1998 U. S. Fraud Survey to determine if the fraud statistics from governmental entities echoed those from a national survey which primarily included large corporations.
With the Sarbanes-Oxley Act of 2002 and the implementation of SAS 99, management and auditors of publicly held companies will become more adept at recognizing fraud risk factors. Hopefully, some of this awareness and strengthening of internal control systems will transfer to the governmental sector.
During most of the 19th century, fraud was somewhat ignored by both public and private companies. As a result, fraud thrived and cost companies an untold amount of money. At one time, the U. S. Chamber of Commerce estimated that the cost of employee and management fraud exceeded $100 billion annually (Davia, 2000). Other groups estimated a much higher figure.
In 1996 the Association of Certified Fraud Examiners (ACFE) published its first Report to the Nation on Occupational Fraud and Abuse. At that time, the results indicated fraud cost U. S. organizations more than $400 billion per year or roughly $9 per day per employee or 6 percent the company' s total annual revenue (The Association of Certified Fraud Examiners, 1996). Recently, the 2002 Report to the Nation on Occupational Fraud and Abuse was released. The latest report was more extensive than the first and was based on 663 occupational fraud cases which were reported to the ACFE by Certified Fraud Examiners and accounted for more than $7 billion in losses. Only six years after the first fraud study, the ACFE now estimates the loss from occupational fraud and abuse at approximately $600 billion per year, or about $4,500 per employee (The Association of Certified Fraud Examiners, 2002). The percentage of fraud losses remained relatively constant at 3 percent of revenues. However, during the six-year period the Gross Domestic Product increased from approximately $7 trillion to about $10 trillion which accounted for the $200 billion increase in losses. For purposes of this research, occupational fraud and abuse is defined as: "The use of one's occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization's resources or assets" (Wells, 1997). Fraud embraces a wide variety of actions committed by company employees from the chief executive officer to the lowest level employee and ranges from sophisticated investment schemes to petty theft. Abuse covers a multitude of activities often accepted by both employees and employers as a cost of doing business. Abusive activities include such things as padding expense accounts, taking long, unapproved lunch breaks and employees falsely claiming sick leave. Obviously, flagrant abuses are normally reprimanded or prosecuted, but lessor offenses are often overlooked.
The FBI has labeled fraud the fastest growing crime and, accordingly, allocates a large portion of its resources to fraud investigation. On a continual basis, the bureau is investigating several hundred fraud and embezzlement cases involving amounts in excess of $100,000 per case (Albrecht, 2003).
At the Principles of Fraud Examination Conference held in June 2003, Toby Bishop, ACFE President and CEO, was asked the question, "What is the state of fraud in this country?" He replied, "Booming. It appears that people' s willingness to rationalize committing fraud is much greater than before and fraud is much more pervasive than before. In the past, fraud was viewed as a rare event that happened to unlucky organizations. Now it is commonly accepted that fraud is taking place at virtually every organization, every business" (The Fraud Examiner, 2003).
Fraud losses to an organization are very costly because they impact dollar per dollar the organization's bottom line. How much additional revenue will be required for an organization to financially recover a fraud loss? Assuming that an organization has a $100 fraud loss and their normal profit is 10 percent, it will take $1,000 in additional revenue to offset the $100 loss. Obviously, the amount of additional revenue organizations must generate to recover their fraud losses will vary from organization to organization due to the difference in their profit margins.
Researchers have compared the psychological and demographic characteristics of white collar criminals, violent criminals and the general public and found significant differences between the white collar and violent criminals. Surprisingly, the characteristics of white collar criminals, those who commit illegal activities within the realm of their occupation, and the general public are basically the same. They tend to have a college education, upper/middle-class socioeconomic background and no previous criminal record. White collar criminals tend to spend the profits from their fraudulent schemes and become dependent on their increased income. Many perpetrators steal relatively insignificant amounts/items, and when they are not caught immediately, their theft becomes more frequent and/or increases in magnitude. If the fraud is allowed to continue, the perpetrator eventually gets greedy, over confident and/or careless which leads to mistakes and the ultimate detection of the fraudulent activity.
According to the ACFE' s report, frauds are more likely to be committed by males (53.5%) than females (46. 5%), and the median fraud loss for males ($200,000) was 3.3 times higher than that of females ($60,000). There was a direct correlation between the age of the perpetrator and the median loss. Persons under the age of 26 were only responsible for 6 percent of the reported frauds with a median loss of $18,000. The median losses for the 30 to 40-age group were $100,000 and increased dramatically after age 40. Individuals over the age of 40 perpetrated 47.3 percent of the frauds. Employees more than 60 years of age were responsible for the largest median loss, $500,000.
Only 7 percent of the perpetrators in the cases reported had prior convictions, while 3 percent were known to have been accused of fraud-related offenses but were not convicted. The highest percentage (69%) had never been charged or convicted of a fraud-related activity. The results relating to the education level of the offender were somewhat surprising. Unlike the 1996 Report which showed that median losses increased as the perpetrator' s education level increased, the 2002 Report showed that median losses caused by perpetrators who had a college degree were approximately $80,000 higher than those caused by individuals having a postgraduate degree. The highest percentage of offenders (57%) had a high school education or less; however, the median loss for this class was 3.5 times lower than offenders with a bachelor's degree.
The above results support the premise that knowledge and access are a dangerous combination. Employees with higher educations and those who are older have more knowledge and normally occupy higher-ranking positions within the organization; therefore, they have greater access to revenues, assets and other resources. The correlation between gender and median loss is probably due to the "glass ceiling" phenomenon. The presence of women in the accounting profession has become a norm, but in many organizations, males still occupy the vast majority of upper-management positions.
TYPES OF FRAUD
Frauds can be classified as those committed against the corporation or those committed on behalf of the organization. Typically, frauds committed on behalf of the organization are committed by those in top management and take the form of fraudulent financial reporting. Both the 1996 and 2002 ACFE Reports identify the three major categories of occupational fraud as asset misappropriations, corruption and fraudulent statements. The first two would be classified as frauds committed against the organization. While 85.7 percent of the cases were attributed to asset misappropriations, corruption and fraudulent statement cases accounted for 12.8 and 5.1 percent respectively. In dollars, however, the median loss reported from fraudulent statements ($4,250,000) was eight times more than the median loss from corruption ($530,000) and 53 times more than the median loss from asset misappropriations. The study also revealed that employees were more likely (64. 1%) to perpetrate fraud than managers or executives (41.9%), but the $250,000 median loss for the manager and executive group was more than 3.5 times greater than the median loss of $70,000 for the employee group (The Association of Certified Fraud Examiners, 2002).
Asset misappropriations can be divided into cash and non-cash misappropriations with cash misappropriations accounting for 90.1 percent of the cases reported. Cash misappro-priations can be further broken down into three types: fraudulent disbursements, skimming (where cash is stolen before it is recorded on the books) and cash larceny (where cash is stolen after it is recorded on the books.) Fraudulent disbursements account for the majority of cases reported (71.1%) with a median cost to the organization of $100,000. Within this category, billing schemes, check tampering and expense reimbursements represent the frauds most frequently perpetrated with median losses of $160,000, $140,000 and $60,000 respectively. The reported incidences of asset misappropriations have increased from 81.1 percent in 1996 to 85.7 percent in 2002 with a $15,000 increase in the median loss (The Association of Certified Fraud Examiners, 2002).
DURATION OF SCHEMES
There are reports of fraud schemes that have run undetected for years. The July 11, 1996, edition of the Tyler Morning Telegraph reported that a former treasurer of the Episcopal Church was sentenced to five years in prison for embezzling $2.2 million over a nine-year period while working at the church's headquarters in New York. The perpetrator, Ellen Cooke, was fired from the church because of manipulative and autocratic behavior, not embezzlement. Church officers became suspicious and notified the FBI when Ms. Cooke became greedy and asked for $86,000 in back vacation pay. In addition to stealing cash, she charged the church $40,000 for jewelry, $30,000 in restaurant bills and thousands more in gifts from exclusive shops in the New York area. One must wonder how fraud schemes such as this go for extended periods of time without being detected. Perhaps it is due to the lack of internal controls or that neither internal nor external auditors traditionally have pro-actively audited for fraud. In this case, a simple separation of duties and a review of documentation before approving an invoice for payment would have caught the expenditures to such establishments as Tiffany's Glass and Stubbens.
Table 1 indicates that the largest percentage of fraud cases reported were not discovered for 12 to 23 months. The median time from inception to detection was 18 months. Two thirds of the schemes continued for more than a year before being detected, and 13.5 percent of the frauds ran for more than five years. Compared to the 3 percent of frauds that were caught during the first month, these statistics are discouraging, at best. Fraudulent financial statements, expense reimbursements, check tampering, billing and corruption schemes all ran for a duration of approximately two years before being detected (The Association of Certified Fraud Examiners, 2002).
KPMG FRAUD SURVEY
In 1998 KPMG released the results of its third U. S. Fraud Survey (K98). They greatly expanded their survey pool from their 1 994 survey to include five thousand leading U. S. companies and organizations, including municipalities, federal agencies and universities. This survey again revealed that fraud continues to be ever-present in our society and an ongoing problem for businesses. Many of the survey responses supported the results of the 1994 Fraud Survey (K94); however, there were several very noticeable differences. First, there was a 7 percent (52% to 59%) increase in the number of respondents who believe that fraud will become more of a problem in the future. Second, 94 percent of the entities reported fraud investigation as the leading response to the discovery of fraud, an increase of 1 1 percent over the K94 survey.
In an effort to determine the magnitude of fraud in governmental agencies in the state of Texas and whether or not the fraud statistics from governmental entities echoed those of the KPMG national surveys, the authors developed a fraud survey which was sent via electronic mail to individuals in the survey pool. This survey will be referred to as the Tl survey.
The target population of the research data was derived from the Government Finance Officers Association of Texas (GFOAT) Membership Directory II dated July 7, 2003, which listed 787 contacts of which 1 1 had no email addresses. From the 776 remaining contacts, an analysis of the members listed in the directory was completed in order to eliminate multiple officers within the same governmental entity. The elimination process removed any bias in the survey results as only one survey was allowed per entity. For example, if three contacts were listed for the City of Houston, the highest-ranking governmental employee most qualified to answer the survey was selected for the entity. After completing the elimination process, the survey pool consisted of 305 contacts. Of this number, 30 contact email addresses were invalid, and three contacts refused to respond to the survey. Ultimately, 54 responses were received yielding approximately a 18 percent response rate.
Eighty-seven percent of the respondents were employed by city governments, 2 percent by the state of Texas and 1 1 percent by other governmental units. None of the respondents were employed at the county level. Seventy-four percent of the respondents employed more than one hundred and less than a thousand employees.
A number of individuals at all organizational levels responded to the surveys. Table 2 compares the respondents to both the K98 and Tl surveys. Finance officers and internal auditors comprised a total of 67 percent of respondents to the Tl survey compared to 43 percent in the K98 survey.
Ninety-five percent of the respondents to the TI survey worked for entities with less than $250 million in revenue compared to only 36 percent in the K98 survey. Thirty-one percent of the K98 respondents reported working for entities with one to five billion dollars in revenues. This difference is primarily due to the fact that the K98 survey pool included major corporations.
When asked if the respondent believes that fraud is a maj or problem in his/her organization, the K98 and Tl respondents answered negatively, 65 and 78 percent respectively. However, almost twice as many (59%) of the K98 respondents believe that fraud will increase in the future, in comparison to Tl respondents, and twice as many (13%) of the Tl respondents believe that the incidence of fraud will decrease in the future, in comparison to the K98 respondents. As reflected in Table 3, a number of factors will influence the increase or decrease of fraud in the future including, but not limited to, the economy, the awareness of fraud indicators by management and auditors and their willingness to prosecute offenders. Between the requirements of the United States' Public Company Reform and Investor Act of 2002, commonly referred to as the SarbanesOxI ey Act of 2002 and the implementation of SAS 99, management and auditors of publicly held companies will become much more adept at recognizing fraud risk factors. Hopefully, some of this awareness will spill over into the governmental sector. However, according to both the K98 and Tl surveys, the reporting organizations feel they are (80% and 84% respectively) knowledgeable or extremely knowledgeable about the way fraud can occur in their organizations.
The following three factors cited for the predicted rise in fraud increased significantly from the K94 survey to the K98 survey: (1) insufficient emphasis on prevention and detected, (2) inadequate training of individuals responsible for fraud prevention and detection, and (3) more sophisticated criminals. With the results of the K94 and 1996 ACFE surveys being made public, one would think that organizations would have increased their emphasis on fraud prevention and detection, adequately trained managers and employees to recognize symptoms of fraud and to increase internal controls by the year 1998.
Economic pressures are ranked number one in both the K98 and Tl surveys. The responses differed dramatically between the two surveys in the following areas: (1) increased technological capabilities/Internet/electronic commerce, (2) inadequate punishment of convicted criminals (3) motive/opportunity, and (4) more sophisticated criminals. Numbers one and three were ranked higher in the Tl survey, while numbers two and four were ranked higher in the K98 survey. It would be difficult to argue that criminals are not more sophisticated now than several years ago, but it is surprising that so few respondents to the K98 survey thought motive and opportunity were not a compelling reason for the increase of fraud. The historic Fraud Triangle describes three conditions typically present when fraud is committed: incentives/pressures, opportunities, and attitudes/rationalizations. The results indicate that perhaps respondents from governmental units believe that convicted criminals are already adequately punished or that measures have been taken to ensure they will be in the future.
The types of fraud compared between the two surveys are detailed in Table 4. The K98 and Tl surveys include 413 and 61 organizations respectively reporting one or more instances of fraud. For the Tl survey, the table indicates the number of reporting entities and the cases as a percentage of the total cases reported.
The areas of fraud reported in the K98 survey that accounted for 10 percent or more of the total include: check fraud, false invoices and phantom vendors, credit card fraud, expense account abuse, inventory theft and unnecessary purchases or purchases for personal use. In the Tl survey, diversion of revenues accounted for 18 percent of losses while check fraud, false invoices, or inventory theft accounted for only 8, 5 and 9 percent respectfully. Both conflict of interest and payroll fraud accounted for 7 percent of reported frauds in the Tl survey.
What concerns the authors most is the frequency of occurrence in the T 1 survey for diversion of revenues (32 times), expense account abuse (30 times), unnecessary purchases or purchases for personal use (27 times), credit card fraud (20 times), and inventory theft (16 times). Compared to the number of responding entities, these numbers are high and indicate multiple cases of the same type of fraud within a single reporting entity. In addition, these abuses are particularly troubling because the Governmental Accounting Standards Board in Concepts Statement No. 1 established accountability as the "cornerstone" of financial accounting and reporting. This statement indicates governmental entities must be accountable for public monies. The authors argue that with the reported frequencies of frauds in Table 4, perhaps internal controls are not well established and followed in some governmental entities. Since the number of occurrences for each type of fraud was not reported in the K98 survey, a comparison cannot be made. Sarbanes-Oxley requires organizations to identify risks by subsystem and the controls that organizations have in place to prevent various activities from happening. Perhaps governmental entities need to follow a similar model.
From the results of the 2002 Report to the Nation on Occupational Fraud and Abuse, the KPMG 1998 and the Tl surveys, occupational fraud and abuse are considered to be a serious and ever increasing problem. Large, publicly traded corporations which are now subject to SarbanesOxley are currently identifying risks and internal controls by subsystems. Gap analysis will allow these companies to identify areas in which they are vulnerable in order to establish a new and more extensive system of internal controls in the future. Perhaps a similar model should be enacted for governmental entities. This may be a tough sell, however, since the majority of Tl respondents (1) do not think fraud is a problem in their agency, (2) believe that fraud will not increase in the future, and (3) are not aware that fraud has occurred in their organization in the last three years.
Albrecht, W. S. (2003). Fraud Examination. Ohio: Thomson/South-Western.
Association of Certified Fraud Examiners. (2002). The Report to theNation on Occupational Fraud and Abuse. Austin, TX: ACEF.
Association of Certified Fraud Examiners. (1996). TheReportto theNation on Occupational Fraud and Abuse. Austin, TX: ACEF.
Davia, H. R. (2000). Fraud 101. New York: John Wiley and Sons.
Fraud questions and answers. (2003, June). The Fraud Examiner, 3, 2.
Wells, J. T. (1997). Occupational Fraud and Abuse. Austin, TX: Obsidian Publishing Co.
Sharron M. Graves, Stephen F. Austin State University
Treba Lilley Marsh, Stephen F. Austin State University
Miguel Lozano III, Stephen F. Austin State University…