Paul Grewal thought something funny was going on when he looked over a client's accounts and found numerous cash transactions with no back-up documents. Shortly after, a lunch meeting with the client's controller set off even more alarm bells.
"He was bragging about buying a $2,500 massage chair and how he eats out all the time, so I started to wonder how he could afford such an extravagant lifestyle on his modest salary," recalls Mr. Grewal, a chartered accountant in Surrey, B.C.. "It turns out he had been taking a lot of cash from the company."
Mr. Grewal had uncovered a case of workplace fraud – an economic crime committed within a company, typically with an employee as the perpetrator and the employer as the victim.
A 2011 global survey by accounting and management consulting firm PwC points to the pervasiveness of workplace fraud: About 35 per cent of almost 4,000 senior executives surveyed said their company had experienced at least one case of fraud in the past year. Of the companies that reported fraud, almost 60 per cent said the crime was committed by an employee.
The Association of Certified Fraud Examiners in Austin, Tex., says organizations lose about 5 per cent of their revenue each year to fraud, translating to total losses worldwide of more than $2.9-trillion (U.S.). Small businesses are more vulnerable to fraud than medium and large companies, notes the association.
"The actual incidences and costs of fraud are probably higher than reported statistics would indicate," says Pamela Murphy, professor of accounting at Queen's University in Kingston, Ont. "Many cases of fraud go undetected and unreported."
Ms. Murphy cites three main types of workplace fraud: theft or misappropriation of assets, corruption or conflict of interest, and fraudulent reporting. There are various reasons why employees commit fraud, says Ms. Murphy, including a desperate need for money, feelings of resentment against an employer, or just plain greed.
Many people who pilfer money from their employers don't really believe they're stealing.
"In their minds, they're just borrowing the money and have every intention of putting it back," says Ms. Murphy. "Besides, they're only 'borrowing' a small amount; except, of course, we know that most frauds start small and pretty soon, they're in too deep and now they have no way of returning what they took."
In some cases, intense pressure to meet business targets have driven managers to fudge their department's results. Bonuses tied to performance can also increase the temptation to falsify business reports, says Ms. Murphy.
"People often jump to the conclusion that someone who has committed fraud is inherently evil," she says. "I think most people are good people but, in my view, what happens oftentimes is situational factors come together that cause an otherwise good person to commit an act of fraud."
These situational factors can include a poor workplace culture – typically, where employees feel they are not treated fairly – and a lack of internal controls against fraud. Chartered accountant Sarah MacGregor, director of forensic services at PwC Canada, says there are a number of steps companies can take to protect themselves against fraud.
As a starting point, companies need to have a good understanding of which areas of their business are particularly at risk for fraud. Functions that deal with cash carry the highest risk, but other areas such as warehousing, intellectual property management, and financial reporting are also vulnerable to fraud.
Once they've identified at-risk areas, companies need to put fraud safeguards in place. A good rule of thumb, says Ms. MacGregor, is to segregate duties within these areas to avoid putting control in the hands of one person. For example, in accounting, ideally three different people should handle bank reconciliation, bank deposits, and recording of the bank deposits. In the warehouse, the person who oversees the day-to-day operations should not be same person in charge of inventory audits.
When it's not possible to segregate duties – as is often the case in small companies – it's important for the company to do frequent checks, says Ms. MacGregor.
"Have regularly and timely reconciliation of accounts and conduct independent reviews of these reconciliations," she says. "Apply the same rule in other areas of your business – conduct regular reviews and make sure people know you're doing these reviews, because the perception of oversight is an important fraud deterrent."
How companies deal with fraud can have a great impact on future incidences of workplace economic crime, says Ms. MacGregor. Companies need to make it clear they won't tolerate fraud.
For starters, they should set up a mechanism for whistle blowing, such as an internal crime hotline.
When they discover a potential fraud, they should investigate it thoroughly and, if proven, follow through with an action that will put an end to the fraud and punish the perpetrator. This usually means firing the culprit and even pressing criminal charges.
Mr. Grewal says it's important for companies to act quickly once they suspect fraud. They should also document every stage of the investigation and resolution process, "in case the employee decides to sue the company for wrongful dismissal or perhaps for slander," he says.
Not all employers bring in the police, notes Mr. Grewal. But whether or not they get law enforcement involved, companies need to be tough with employees who commit fraud.
In cases where the crime involved a relatively small amount of money, some companies may decide to take a light-handed approach to fraud, Ms. MacGregor says. They may let the perpetrator off with a word of warning, or they may ask the suspected culprit to leave quietly without an investigation.
But fraud should not be viewed in pure financial terms, says Ms. MacGregor, because financial loss isn't the only consequence of fraud. A company's reputation can also be damaged by an act of fraud – one of the main reasons why some companies don't report these crimes to police – and workplace morale and culture can deteriorate
"Fraud is a crime that organizations cannot afford to minimize," says Ms. MacGregor. "They stand to lose more than just money, so they need to deal with it decisively."
Key steps to dealing with fraud
Find your weak spots. Determine which areas of your company are particularly vulnerable for fraud, then put the proper controls in place.
Distribute control. Segregate duties in vulnerable areas, such as accounting and banking, so that control doesn't reside with one person.
Do regular checks. Conduct regular account reconciliations, internal reviews and third-party audits.
Act quickly. If you suspect fraud, don't wait. Launch an investigation right away and push through for a timely resolution.
Document, document, document. Keep records and take detailed notes throughout the investigation and resolution process.
Get tough. Let everyone know you won't tolerate fraud by meting out tough consequences to fraud culprits, including job termination and criminal charges.
Special to The Globe and Mail