Would you leave the front door unlocked to your business? Of course not. That would give thieves easy access to your assets. Yet a surprising number of organizations do not have strong antifraud controls in place to protect against dishonest people inside their organizations. And theft from insiders — also referred to as “occupational fraud” — can be costly.
Fraud losses vary significantly, depending on the nature of the scam and how soon it is detected. Globally, the median loss is $130,000, according to the findings from the 2018 Report to the Nations on Occupational Fraud and Abuse by the Association of Certified Fraud Examiners (ACFE). Here is a closer look at who was affected and how much was lost, as reported in the latest version of this biennial study.
Fraud can strike any organization regardless of the nature of its operations or its size. The latest ACFE study included 2,690 fraud cases occurring between January 2016 and July 2017.
While the news media focuses on high profile fraud incidents involving public companies, the median loss for those companies was only $117,000. Private companies suffered far greater losses — their median loss was a whopping $164,000. By comparison, the median losses for government and not-for-profit entities were approximately $118,000 and $75,000, respectively.
In addition, there are subtle distinctions between the types of fraud schemes that strike small and large organizations.
Top 5 Fraud Schemes by Size
Percent of Cases
|Rank||<100 Employees||100+ Employees|
|1||Corruption (32%)||Corruption (43%)|
|2||Billing (29%)||Non-cash schemes (22%) |
|3||Check tampering (22%)||Billing (18%)|
|4||Expense reimbursement (21%)||Cash on hand (14%)|
|5||Skimming and cash on hand (20%)||Expense reimbursment (11%)|
To Catch a Thief
Small and large organizations also differ in how they catch fraudsters. Tips were the detection method in 29% of the cases involving small entities, compared to 44% of the cases involving large ones. This could result from the prevalence of reporting hotlines, which are more common among larger companies than small ones with limited resources.
Overall, tips are the most common way fraud is initially detected. But it is important to remember outside stakeholders may also provide tips on unethical behavior. In the 2018 study, 21% of tips came from customers and 9% came from vendors. So, it is important to educate your supply chain partners about any reporting mechanisms you set up.
Beyond tips, a robust system of internal controls may help detect and prevent fraud. The latest study found that 15% of frauds were detected by internal audit procedures and 13% by management review.
What are the critical elements of an internal control system? In terms of lowering fraud losses, the most effective internal controls in the 2018 study were:
|Control||Percent Reduction in Fraud Loss|
|Code of conduct||50%|
|Proactive data monitoring and analysis||52%|
On the flip side, weak internal controls often provide dishonest people with the opportunity to steal assets or “cook the books.” In the 2018 study, a lack of internal controls and the ability to override internal controls were cited as the leading factors that contributed to fraud. Together, these factors were present in nearly half of the fraud cases in the latest study.
In addition, the 2018 ACFE study inquired about the types of antifraud controls fraud victims had implemented. The report revealed that 25% of frauds at larger organizations were caused by a lack of internal controls. In contrast, 42% of frauds at small organizations stemmed from weak controls. This finding helps explain why fraud seems to hit smaller organizations harder than larger ones.
Over the last two decades, the ACFE’s fraud report has taught important lessons including: No organization is immune to white collar crime. Driven by this report and recent high-profile public fraud cases, companies have increasingly implemented antifraud controls in recent years.
How do your internal controls measure up? Although strong internal controls do not guarantee fraud won’t occur at your organization, they can minimize your losses.
Searching for an audit firm can be a time consuming and stressful task. However, it can be maneuvered easier if you know what to look for, have realistic expectations and ask the right questions.
BELOW ARE 5 ITEMS TO ASK YOURSELF DURING THE SELECTION PROCESS:
We have a CPA who prepares our taxes; can they do our audit?
Perhaps, and this is often a good place to start, but, not all CPAs are auditors and not all CPA firms audit all industries. Auditors and audit firms are held to different standards for continuing education, independence and oversight. This works both ways, the CPA you find to do your audit is probably not the same CPA you want completing your taxes. If part of your goal is to have a single CPA firm complete both your audit and tax work, be sure this is clear from the start of your search.
“An audit is an audit, find the best price!” Is there a benefit to paying more?
As with most purchases, “you get what you pay for,” is true for audits. Audit standards need to be followed, but a low cost auditor could drastically change how your organization works with an auditor. A better question to ask is, “do we want our audit to be a commodity or do we want it to provide a service?” If expectations are for your auditor to assist throughout the year with questions, attend board meetings, or give internal monthly financial statements a quick review, you have to determine if these services are included in the quote or at what rate you will be charged. Countless CPA firms can do an audit, but if you are looking for more than a once a year visit, the low cost provider may not be in your best interest.
Does our industry really matter?
Different industries can make a huge difference for an audit. Within the nonprofit sector, for example, organizations who receive federal funding maybe subject to a yellow book or single audit and Generally Accepted Government Auditing Standards, while others receive their funds through donors or user fees and are subject to Generally Accepted Auditing Standards. Within for-profit organizations, manufactures with inventory, equipment and cost of goods sold have different risks, accounting needs and audit approach than a service based organization. Accordingly, requesting references within your industry is an important part of your search. Inquiries of references should include questions related to the auditor’s industry knowledge and expertise.
Will I be able to work alongside the auditor we select?
There needs to be a comfort level between you and the audit team so you can go to them with concerns and feel confident in the guidance they are providing. Reviewing their background and qualifications is an important first step. However, this trust can start being established during the interview process. The interview is an opportunity to discuss the audit process, what will happen if problems occur and who will actually be on site during the audit. If answers are too technical or vague, it may be a sign you will not be able to work successfully with this particular auditor.
We have checked references and interviewed our prospective auditor, what additional information should we look for?
Audit firms are required to have a peer review at least once every three years, conducted by an independent CPA firm reviews their policies and audit procedures. The peer review’s conclusions, which are provided in a letter, should be reviewed and discussed with a potential auditor.
Every situation is different, if you have questions or are interested in more information on our audit practice, please contact your Smith Schafer professional by clicking here.
Submit a Request for Proposal
In December 2013, OMB released final guidance on administrative requirements, cost principles and audit requirements for federal awards.
The final guidance, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (“Uniform Guidance”), supersedes and streamlines eight existing OMB Circulars into one document that includes OMB Circulars A-21, A-87, A-89, A-102, A-110, A-122, A-133, and the guidance in OMB Circular A-50 on Single Audit Act follow-up. The Uniform Guidance can be accessed at https://federalregister.gov/a/2013-30465.
The Uniform Guidance, which is located in Title 2 of the Code of Federal Regulations, consolidates previous guidance into a streamlined format that aims to improve both its clarity and accessibility, lessen administrative burdens for federal award recipients, and reduce the risk of waste, fraud, and abuse.
While the Uniform Guidance does not broaden the scope of applicability of existing government-wide requirements, parts of it may apply to for-profit entities and foreign entities.
MAJOR POLICY IMPROVEMENTS
Major policy improvements in the Uniform Guidance include:
- Eliminating duplicative and conflicting guidance.
- Enhancing accountability for federal funds.
- Encouraging efficient use of IT.
- More consistent and transparent treatment of costs.
- Strengthening language to limit costs.
- Strengthening oversight through pre-award requirements.
- Targeting audit requirements on risk of waste, fraud, and abuse.
SINGLE AUDIT CHANGES
Among other matters of specific applicability to auditors, changes in the Uniform Guidance include:
- Raising both the threshold that triggers a Single Audit and the threshold for Type A/B program determination to $750,000.
- Changing the high-risk program criteria for Type A programs.
- Reducing the number of high-risk Type B programs that must be tested as major programs.
- Revising the Type B small program floor.
- Reducing the percentage of coverage requirement to 40% for normal auditees and 20% for low-risk auditees.
- Revising the criteria for low-risk auditee status.
- Referring to Appendix XI to Part 200, Compliance Supplement, for identification of compliance requirements. (This was formerly known as the OMB Circular A-133 Compliance Supplement.)
- Increasing the threshold for reporting findings to $25,000 in questioned costs and requiring more detailed information to be reported.
- Pay close attention to the definitions, especially contract and supplies.
- Review guidance on applicability of the requirements to different types of awards (e.g., grants, loans).
- Pay close attention to recipient administrative requirements, especially the new procurement requirements and the new requirements for pass-through entities.
- Determine whether the recipient’s existing written policies are adequate. Having a written policy is referred to numerous times in the Uniform Guidance, including in:
- Financial management
- Relocation costs
- Travel costs
- Carefully read the audit requirements.
- Check the crosswalk, “Audit Requirements Comparison Chart.”
The Uniform Guidance has several different effective dates (early implementation is not allowed):
- Federal agencies have six months to submit implementing regulations to the OMB. Nonfederal entities are required to comply with the Uniform Guidance once the new regulations are in effect. OMB officials have stated that they expect to have all of the implementing regulations in effect by December 2014.
- Audit requirements would apply to fiscal years beginning after the federal agencies publish their implementing regulations. Thus, the audit requirements will be effective for single audits of years beginning on or after January 1, 2015 (i.e., December 31, 2015 year-end Single Audits).
- Other requirements will affect federal awards and funding drawdowns made on or after January 1, 2015.
If you have questions regarding your tax situation, click here to contact us. We look forward to speaking with you soon.