Fraud Risk Management 101: How to Protect Your Business From Corrupt Clients and Employees

Fraud Risk Management 101: How to Protect Your Business From Corrupt Clients and Employees

Maribeth Vander Weele once saved a client from a disastrous $250 million deal. The client was $90 million into the deal when intuition told him something was wrong and he hired her firm to do a fraud risk assessment. Ten days later, her firm had “put together enough red flags about that individual” that the client was able to withdraw from the deal without losing a dime. A year and half later, law enforcement investigated, shut down the company, and sent the leaders to prison, she says.

Wander Weele, whose company, The Vander Weele Group, now specializes in oversight of large-scale grant programs for government agencies, says that more people need to do “pre-diligence.” That is the deep dive into the background of the partners that will tell you whether they are people you want to do business with.

“People come to us when they have some intuition about a deal. Everything else looks good in the deal, but that intuition is kicking in. We deep dive the internet. We put together facts, dive through thousands of references to that individual or company, and put together a story of who this person really is,” she told Robert Jordan, CEO of InterimExecs in an interview.

In another case, her team investigated a company that grew from $27 million to $300 million very quickly — an unbelievable feat given the company’s limited infrastructure. Learning that requires looking beyond the usual data points of the financials.

It turns out the leaders of the company had built a family tree of companies that were involved in 80 pieces of litigation. In some cases, he was being sued for breach of contract, in others, he was suing his customers. The management team boasted of Fortune 500 executives, but the C-suite was a revolving door of top leaders who would take the job, leave within a year, and then sue the company.

Her investigation saved that client more than $100 million because it allowed them an early exit from the deal.

DIY Fraud Detection

While you can hire a company to do this work, you also can do it yourself. It requires taking a deep dive into the background of potential partners before signing a deal.

Due diligence often focuses on the financials. And certainly, that is a critical piece of the deal. But if you can’t trust the person signing the contract, analyzing the quality of the financial statements may not be enough.

How to Spot Scams

Fraud prevention requires looking at these five red flags that will tell you an organization is compromised:

  • Numbers that defy reason
  • Deals that don’t make sense
  • Loyalty to vendors, not clients
  • Purchasing processes in disarray
  • Silent underlings

Cutting through the fog requires finding the gaps in information, Wander Weele says. If you ask for 10 things and you get back answers to numbers 1, 2, 4, 5, 7, 9, and 10, press on for answers to numbers 3, 6, and 8 because that’s where you’ll find the most telling information.

And, Vander Weele says, when you’re evaluating employees, look at their actions, not their words. And don’t be taken in by the schmooze. Credentials can make a person look great, but your intuition — and some investigation — will tell you whether the facts back up the image.

External vs. Internal Fraud: Common Fraud Schemes

External fraud isn’t the only thing you should consider as part of an effective fraud risk management program.

Certainly, 21st-century challenges such as data breaches and cybersecurity threats have to be at the top of your list. But the old-fashioned fraud risk factors, from misappropriation of assets to purchasing kickbacks, still happen and need to be part of your fraud risk management strategy.

In a YouTube series on spotting internal fraud, Vander Weele breaks down the most common types of fraud and recommends mitigation measures for these potential fraud schemes.

They can be divided into five categories:

Purchasing Fraud

Purchasing fraud generally involves bribes, kickbacks, or extortion. Bribes are paid before the deal as an enticement to do wrong. Kickbacks are paid after the deal as a reward for having done wrong. Extortion involves forcing an employee, vendor, or buyer to do something through threats, by denying payment, or via some other economic harm.

How to spot purchasing fraud: Set up internal controls to identify a sudden increase in price from a single vendor or small number of vendors or an unexpected increase in the amount of products purchased or sold.

Bidding Fraud

The risk of fraud here starts before the deal is done.

In some cases, it’s bid rigging. That’s when contractors collude with procurement personnel overseeing the bidding process. The procurement officer might leak bid information to help the favored contractor get the job. Or the collusion might involve setting unreasonable bid expectations so that only one contractor is qualified to do the work.

In other cases, bidding fraud can refer to collusion among bidders who get together and agree that one company will bid a certain amount and the others will bid higher to ensure the first bidders wins the job. On the next project, a different bidder gets the contract thanks to an agreed-upon rotating set of winners.

How to spot bidding fraud: Set up a system of regular bid audits, look for relationships among bidders, and evaluate bids against market rates for similar services or products.

Billing Fraud

Generally, this involves invoice fraud, such as companies that:

  • submit duplicate invoices for the same service,
  • overcharge for the services provided, or
  • add unauthorized charges to the invoice.

How to spot billing fraud: Invoices from unknown vendors or that list unexpected services should raise an immediate red flag, as should urgent cash distribution demands. Invoices ending in round numbers ($1000) rather than a specific amount also should be investigated as possible fraudulent transactions.

Inventory Fraud

Inventory fraud threats include:

  • Employees diverting company-owned equipment — tools, computers, pharmaceuticals — and supplies — toilet paper, office supplies — for personal use.
  • Vendors that deliver inventory that doesn’t meet the agreed-upon specs — substituting used equipment for new, for example.
  • Companies that falsify product safety information either by not completing the safety checks or by falsifying the numbers.

How to spot inventory fraud: Look for out-of-the-ordinary stats, such as a spike in the number of returns.

Payroll Fraud

Payroll-related fraudulent behavior generally involves ghost payrolling — paychecks for work that was never performed — or checks made out to fictitious people.

How to spot payroll fraud: Red flags include suspiciously large checks compensating for an unrealistic number of hours worked, such as more than 24 hours in one day. Also look for missing employee data, such as missing addresses, or more than one employee with the same address, cell number, and email address. Check to see whether they are real people who share the same household.

How to Identify Fraud Patterns Inside Your Company

Fraud investigations need to start somewhere. These are the most common ways fraud risk is first identified:

Internal audits: Purchasing fraud or payment fraud can be detected with an internal audit.

Hotline complaints: A 2021 report shows that only 44 percent of employees say their employer has an anonymous method for them to report ethics violations or fraud suspicions. Yet, a 2024 report from the Association of Certified Fraud Examiners says 43 percent of occupational fraud was found thanks to an employee tip. That’s three times the number of fraud schemes uncovered by the next most common method.

Employee surveys: While an employee survey is primarily a tool for measuring employee satisfaction and engagement, it can also indirectly provide clues about potential fraudulent activities within a company when, for example, several employees bring up the same questionable ethics practice.

Customer surveys: While customer surveys are primarily a tool for understanding customer satisfaction and preferences, they can also indirectly provide clues about potential fraudulent activities within a company. For example, if several customers complain about product quality of service delivery, it can be a clue that someone is selling counterfeit goods or providing substandard services.

Data analytics: This allows companies to identify patterns and anomalies that may indicate fraudulent activity, such as transactions that deviate significantly from normal patterns — larger than normal purchases, multiple transactions in a short period, or purchases outside of typical geographic locations.

Fraud Detection Solutions: The Bottom Line on External and Internal Fraud

Trust your gut.

If something feels off, investigate.

Full data mining means looking beyond current financial reporting and recent news connected to the company you are considering doing business with. The internet is a nearly endless source of information. You can find everything from personal details about the business leaders to customer experience reports, both good and bad. That historical data will help you understand how that person and that company do business.

Don’t ignore suspicious activity inside your own company or in the business practices of a target company.

You can start your search with artificial intelligence (AI) and by searching the web yourself. But we all know that the internet can send false positives and false negatives and fraudsters can be adept at hiding their true selves.

True fraud risk management requires an expert. That’s where a rock star interim executive comes in. You can contract with an executive experienced in risk governance, who:

  • knows how to get beyond financial fraud in rooting out high-risk fraudulent activities,
  • understands transaction monitoring, and
  • is adept at anomaly detection.

Call us at +1-847.849.2800 for a confidential discussion about how a RED Team interim executive can help determine and address your company’s fraud vulnerabilities. We can have an expert CFO, CIO, or other bloodhound onsite in as little as 48 hours. Or, if you’re not ready for a full-time leader, we have experienced executives who will work part-time for a longer period, joining your senior management team to oversee fraud detection efforts.

_____
Read More:

A Surprising Source of Fraud: the IT Department

Why Interim Executives are Right for Fast Growing Companies