Managing Risk: Fraud Deterrence Is Always a Priority

6/1/2023 - By Michael Maricelli, CIA, AAP

As we inch closer to marking a quarter of the way through the 21st century, one thing has become very apparent: the 21st century is anything but stable. In 22 years, the world and its economies have endured the threat of international terrorism, a global banking crisis, a worldwide health pandemic, high inflation here in the US, and overseas, the largest European conflict since World War II. Each incident presented unique challenges to consumers and businesses alike, but one thing remained constant: fraud.

As the economy continues to rebound from Covid-19 while simultaneously combating the inflationary pressures currently impacting markets, it is becoming clear that fraudsters have done and continue to do very well for themselves in the 21st century. This should worry both consumers and businesses alike. As a consumer, every dollar lost to fraud is a dollar that cannot be spent on essentials such as food, clothing and preventative medical care. As a business, every dollar lost by a consumer is one dollar less the consumer can spend at your business. But just how well have fraudsters done?

Let’s look at some numbers published by the Federal Trade Commission (FTC) in February 2023. The FTC reported that consumers lost almost $8.8 billion to fraud in 2022, a 30% increase from 2021, which in turn was an astonishing 70% increase from 2020. Specifically, the FTC noted consumers lost more than $3.8 billion to investment scams. Other top fraud categories noted were Imposter Fraud, Online Shopping Fraud, Prizes, Sweepstakes, Lotteries Fraud and Business and Job Opportunities Fraud.    

Consider also the most recent study completed by the Association of Certified Fraud Examiners (ACFE) in 2022. Their study, “Occupational Fraud 2022: A Report to the Nations”, which is published every two years regarding occupational fraud and abuse tracks, trends in the growth and detection of various internal fraud schemes such as embezzlement, misappropriation of funds, phony expenses, bribes and kickbacks. The ACFE’s study examined 2,110 fraud cases across 133 countries. These cases resulted in $3.6 billion in fraud losses.  

COVID’s Effect on Occupational Fraud

What makes this 2022 report unique from prior releases, is that it attempts to determine the effect of COVID-19 on occupational fraud. The ACFE asked respondents whether several pandemic-related issues such as operational process changes, technology challenges, organizational staffing changes, internal control changes, shift to remote work, changes to strategic priorities, changes to anti-fraud programs and supply chain disruptions contributed to instances of fraud they were experiencing. Organizational staffing changes were the most common factors of fraud cases (42%) initiated by respondents. Operational process changes and internal control changes tied for the second highest rated at 39%.  

The ACFE anticipates seeing additional pandemic-related factors underlying fraud cases in their 2023 study because the 2022 study analyzed cases occurring between January 2020 and September 2021. Given that the median duration of frauds in the 2022 study was 12 months, many of the frauds analyzed were perpetrated before the COVID-19 pandemic began.

Cryptocurrency Schemes

As with any new product or service, fraudsters eventually find the gap in controls and exploit them to their advantage. An emerging trend in business over the last few years has been the use of cryptocurrencies. Due to the increasing use of cryptocurrency into the regular operations of businesses and the potential fraud opportunities presented, the ACFE examined the use of cryptocurrency in fraud and determined only 8% of cases in their study involved the use of cryptocurrency. Cryptocurrencies were most commonly utilized to make bribery and kickback payments (48%) and converting misappropriated assets to cryptocurrencies (43%). Another interesting use of cryptocurrency cited was its use to launder proceeds of fraud (35%).  

Ways to Prevent Fraud

Now that we’ve seen the numbers and know that doing nothing is not an option, what can we do to prevent fraud or at least detect it timely to limit losses? First, let’s put ourselves into the mind of someone who would commit fraud. Have you ever wondered what it would take for you to perpetrate a fraud? Have you ever known someone who has committed fraud and though, “I never would have guessed it would be them?” Fortunately for us, the question of what drives someone to commit fraud was addressed by two criminology researchers, Edwin Sutherland and Donald Cressey, whose work led to the creation of the Fraud Triangle Model.  The triangle model states that individuals are motivated to commit fraud when three elements come together:  

  1. Some kind of perceived pressure (motivation); 
  2. Some way to rationalize the fraud as not being inconsistent with one’s values (rationalization);
  3. Some perceived opportunity (how easy is it to commit fraud and walk away unnoticed).

Opportunity is the element over which organizations have the most control. Opportunities to commit fraud can be limited by a variety of security controls. Common controls include physical controls, logical access, segregation of duties and human resources security. We will dive into these controls in our next feature. 

Questions?

Contact our IT team if you would like to discuss security controls and fraud prevention. 

About the Author | Michael Maricelli, CIA, AAP

Michael is a senior consultant in the Financial Institutions Advisory Group at Saltmarsh, Cleaveland & Gund. Michael specializes in providing information security assessments, vulnerability and penetration testing, third-party risk management reviews, risk-based Nacha compliance audits and digital banking reviews. Michael has over 14 years of financial institution experience and has held positions in mortgage lending and internal audit. Before joining Saltmarsh, Michael was a director of payments risk and compliance at a regional payments association where he provided audit and risk assessment services for a variety of payment channels (ACH, wire transfer, remote deposit capture).


Related Posts