Fraud investigatory expert Andrew Durant explains how firms can boost their defences
What are the major changes in the financial services fraud scene you have experienced during your career?
The underlying nature of fraud has not changed in the past 20 years or so. A common theme throughout this period has been the granting of loans that have not been repaid. And fraudsters are now taking advantage of loans granted under the various Covid-19 schemes.
Unstructured data analysis tools have developed from simple searches for key words to searches where documents with a common theme are bunched together. For example, fraudsters and their accomplices often use code words in communication. The software can identify the use of such language and group it together with documents that include the key word, uncovering elements that the investigator might not have thought to look for. This type of technology not only helps to identify the ‘smoking gun’ documents but also means that other documents can be reviewed much faster.
On the flip side, fraudsters are also able to use technology for their own gain. Since the onset of the pandemic, we have seen multiple attempts by external fraudsters to hack into corporate systems to enable them to either steal data to be returned on payment of a ransom, or remove monies from the company. As fraudsters become more sophisticated, investigators are having to up their game, both in terms of prevention (identification of additional controls) and cure (finding out what happened, where the money has gone,and how to get it back).
How many types of fraud are there?
Fraud typically falls into five main categories:
- Management fraud – also known as financial statement fraud, is the manipulation of books and records by management, including directors and shareholders, to disguise the true performance of the business.
- Employee fraud – employees working by themselves or with a third party to extract monies from their employer.
- Third-party fraud – someone working outside the company tries to extract monies.
- Asset misappropriation – this can involve the theft of stock or fixed assets. It may also involve the misuse of company assets.
- Breach of regulations – companies, particularly in the financial services sector (where there are a plethora of regulations), may not follow the required rules. This may result in mis-selling such that the consumer is the eventual loser.
In my experience, management fraud involves the largest losses, and can result in the failure of the company and loss of jobs both at the company and in the supply chain. Although there is a smaller volume of such frauds, the consequences are enormous, with potential losses exceeding billions of pounds.
What are some of the telltale signs of fraud?
I could write a book about red flags. I typically see two main ones: behavioural and transactional. If an individual commits fraud, they are unlikely to put the money in the bank. They are more likely to spend it on the ‘3Hs’ – houses, holidays and high-value items. Identifying someone who is living beyond their means is a big red flag. Committing fraud is also a highly stressful activity, so looking out for signs of unusual behaviour is important. It is also time-consuming, so fraudsters tend to put in long hours and weekends, either in the act or covering it up. They may fail to take their annual leave as they are frightened the fraud will unravel while they are away.
Transaction-related telltale signs would include transactions processed early in the morning, late at night, or at weekends. The analysis of transactions using Benford’s Law – which is based on the distribution of the leading digits in any number set – can also highlight suspicious transactions, for example, flagging a series of invoices for £49,000 when the fraudster’s approval limit is £50,000.
What are the chief characteristics of the ‘typical’ fraudster?
It is crucial to understand the ‘fraud triangle’ theory. This suggests that for fraud to occur, two of the three parts of the triangle – opportunity, pressure, and rationalisation – must be in place. The opportunity for fraud is greatest amongst university-educated, middle-aged executives with ten years or more of tenure. Individuals in those positions are more likely to have built up trust, gained a senior position and an understanding of the systems and controls in place, and are able to commit the company to high levels of expenditure. Most importantly, they understand where the weaknesses are in any systems.
However, added to this mix there must either be pressure and/or rationalisation. The rationalisation to commit fraud may be that the individual believes they are underpaid or undervalued (perhaps they have been overlooked for promotion, for example). But it is more usual for pressure to play a part. A seemingly honest employee will come under some form of pressure – maybe divorce, gambling, or health-related – which persuades them to do something that is completely out of character.
What controls and measures can firms adopt to prevent fraud taking place? How important is culture?
Organisations will devise countless policies and procedures and implement numerous controls to prevent fraud and other wrongdoing. However, all of this can be a wasted effort if the company employs the wrong type of individuals.
In my experience of conducting fraud investigations, someone in the company has always known about it. They have either been too scared to report it, or did not know how to report it. Companies should implement an effective whistleblowing programme that encourages employees to come forward with their concerns. It must be made clear that if their concerns are genuine, they will be treated fairly.
Lastly, the company must implement an ethics policy that sets out clearly what is and isn’t acceptable. It needs to be rolled out to all staff through the use of face-to-face training, webinars, and other forms of communication. The policy is most effective if a senior executive leads the charge. The tone at the top of an organisation is important and such involvement will reinforce the message.
You have investigated fraud in every major continent. Does its nature change with location and culture, or is it pretty much the same the world over?
It is universal. Wherever you go in the world, the fraud methodologies are mostly going to be the same, although the investigation will have to take into account differing systems, legislation and cultures.
For example, I recently conducted several investigations in Africa. We had to deal with a larger number of hard copy documents and far fewer emails, although, interestingly, there was a higher use of WhatsApp.
About the expert
Andrew Durant is senior managing director in the forensic & litigation consulting segment at FTI Consulting, an independent global business advisory firm.
The views expressed in this article are those of the author and not necessarily the views of FTI Consulting, its management, its subsidiaries, its affiliates, or its other professionals.
Data protection and other legislation can hinder an investigation. In certain countries it is not possible to review draft or deleted emails (as would be possible in the UK), although the data may be on the corporate laptop or server. In some countries I have also found that it is important to consider family, religion and other ties of loyalty, which can override any loyalty to the company.
Have you seen any changes in the level/type of financial fraud being committed during the pandemic?
In times of most global crises – whether a financial crash or the current pandemic – a spike in corporate fraud typically tends to follow. After the last financial crisis in 2008, figures published by the UK’s Office for National Statistics show a 21% increase in the number of individuals charged with fraud offences in the two years following the crisis. This occurred for a variety of reasons, but first and foremost was the increased opportunity available to fraudsters. Senior management teams are rightly focused on trying to keep their businesses afloat and their staff in jobs in times of crisis. A crafty fraudster will see this as a ripe opportunity to pounce, with minimal chance of being caught as the usual security checks and balances may have temporarily fallen by the wayside.
Increased homeworking, with fewer people at work overseeing finance, security, and operations, may also give fraudsters more opportunity, with less scrutiny, more freedom and fewer questions asked. Added to this mix is the heightened concern over job security, so employees may turn to other means of supporting themselves in desperate times. All of these factors combined make a global crisis the perfect climate for fraud to germinate and gather pace. We are yet to see the spike occur, so companies still have time to protect themselves from the escalating risk.
The original article was published in the June 2021 edition of The Review.
The flipbook edition is now available online for all members.
All CISI members, excluding student members, are eligible to receive a hard copy of the quarterly print edition of the magazine. Members can opt in to receive the print edition by logging in to MyCISI, clicking on My account, then clicking the Communications tab and selecting ‘Yes’.
Once you have read the print edition, keep coming back to the digital edition of The Review, which is updated regularly with news, features and comment about the Institute and the financial services sector.
Seen a blog, news story or discussion online that you think might interest CISI members? Email bethan.rees@wardour.co.uk.