Smaller Companies More Vulnerable to Employee Theft

It stands to reason that larger organizations would be more at risk of embezzlement by employees, but the reverse has been shown to be the case. Organizations with fewer than 150 employees are particularly at risk, accounting for 82% of all embezzlement cases, HiscoxHiscox2 found in its new report, Embezzlement Study: A report on White Collar Crime in America. Smaller organizations with tight-knit workforces are particularly vulnerable because of the trust and empowerment given to employees.

Incorporating employee theft cases active in the U.S. federal court system in 2015, the study found that 69% represented companies with less than 500 employees. Perpetrators are often “regular people who are smart, well-liked, and those you’d least expect to steal,” according to Hiscox. How does a trusted employee become a criminal? Motivations can range from financial pressure to a belief that they are underpaid by the company.

Employees with more tenure, access and control over finances are found to take the largest amounts. While the type of fraud can vary by industry, what is consistent is access to funds. In fact, managers were found more likely to steal than other employees.

Hiscox3

For the second year in a row, the greatest number of cases, 17%, was in the financial services industry and second was nonprofits at 16%. Labor unions ranked third, followed by real estate/construction. The largest scheme was a $16.7 million loss in Texas; followed by ones in Connecticut at $9 million, Ohio at $8.7 million and Utah at $4 million.

Hiscox4

Schemes include taking cash or bank deposits, forging checks, fraudulent credit card use, fake invoices and false billing of vendors and payroll fraud.

Companies can protect themselves in a number of ways, including putting checks and balances in place, performing background checks on employees who handle money and teaching employees how to detect fraud, according to Hiscox.

Hiscox5

The study findings also include:

Hiscox

Crime Expert Reveals Biggest Gaps in Company Security

WINNIPEG, MANITOBA, Canada – After decades of working undercover for the Royal Canadian Mounted Police, the U.S. Drug Enforcement Administration and U.S. Customs Service, crime and risk expert Chris Mathers knows where companies are vulnerable and what it takes to protect them.

“In a world where popular culture tells us that the ends justify the means, crime is all about perception,” he said in a keynote address at the 2014 RIMS Canada Conference. “Young people are bombarded with it all the time, but we are in business, too. So the question is, how vulnerable is your business?”

Mathers, who joined the forensic division of KPMG and was later named president of corporate intelligence, shared his insight into how companies can best guard against “the business of crime, and crime in business.”

During his 20 years dealing with drug traffickers, money launderers and members of organized crime syndicates, Mathers developed what he calls a “10/80/10” theory – 10% of the population is truly bad, 10% is truly good and would never lie (but you will probably never meet), and the other 80% is everywhere in between. Identifying and managing the risks of that 80% requires far more work than employers are currently doing, he said.

Background checks may be the single biggest thing companies can do better, Mathers said. While most businesses perform background checks when an employee is hired, such investigations are seldom conducted during the course of employment. As an example, he cited a case where a company had a director who was serving jail time on the weekends. Due to Canadian privacy laws, however, the case was never reported, so no one knew he had been convicted and imprisoned while on staff. In addition to possible reputation implications, the company could have been exposed to liability if any incidents had occurred at work.

While searching for criminal records of new hires is an excellent start, periodic checks should be implemented for all employees. High levels of drug use in the workplace in industries like manufacturing can be further compounded by the lack of drug testing in Canada, Mathers said. Further, 90% of corporate theft cases he have involved perpetrators who were gamblers.

He suggested that investigations should examine whether employees: have extreme views, use or are addicted to drugs, exhibit signs of alcoholism, are addicted to gambling or participate in illegal gambling, frequent prostitutes, or have relatives or a spouse associated with a criminal organization.

Associating with criminals can be a significant risk factor, regardless of the nature of the relationship. “Prostitutes are criminals and associate with criminals,” Mathers said. “They are around that activity and more likely to engage in it, which may mean they steal a client’s wallet or steal the sensitive intellectual property he’s carrying.” Similarly, an administrative assistant who is married to a member of the Hell’s Angels can introduce far more than just reputation risk if the spouse gets involved in illegal activities like drug smuggling.

Employees within a company can also rationalize criminal behavior. In the case of a man found to have stolen thousands of dollars through expense account fraud, for example, Mathers said the company faced a wrongful dismissal suit from the thief. He was never told that he could not steal, the man said, claiming the practice was an “unofficial bonus program.” Further, he claimed his boss had been doing it for years. “People see that behavior and come to think it is OK because they become accustomed to seeing it,” Mathers said. Maintaining regular internal investigations and ensuring compliance does not just bust wrong-doers, but prevents others from developing, especially as new technology continually emerges to make theft easier to commit and harder to track.

“There are no new crimes – they’re the same crimes, they’re just using new techniques to get them to you,” he said. Companies need to keep updating their monitoring strategies to match.

 

Who’s Committing Economic Crime?

According to a recent survey from PricewaterhouseCoopers, economic crime is on the rise, particularly in the United States. Of organizations in the U.S., 45% suffered from some type of fraud in the past two years, compared to the global average of 37%. Further, 23% of companies that reported economic crime experienced accounting fraud, up from 16% in 2011.

So who is committing these crimes?

External perpetrators are on the rise, closing the gap with internal perpetrators — it’s now 45% versus 50%, respectively. But the profile of these internal actors has changed since the last survey in 2011. Now, most internal frauds are perpetrated by middle management (54%, compared to 45% in 2011), and fraud by junior staff has dropped by almost half, now totaling 31%. The typical internal fraudster is now a white male in middle management, age 31-40, who has been with the company for six years or more.

Internal Fraudster Profile

In good news, PwC also found that awareness of risk is higher among U.S. companies, for example, seven out of 10 American respondents perceived an increased risk of cybercrime in the last two years, compared to just under half globally. The C-suite is also increasingly getting the message about the risk of economic crime:

C-Suite and Economic Crime

For more details on the 2014 Global Economic Crime Survey, check out the report from PwC here.