COVID-19 Resources

A Crash Course for Avoiding, Recognizing and Remediating Fraud in Your Business

Written by Paul Perry and Sarah Beth Clement on March 6, 2020

Warren Averett fraud image

Fraud, when an individual gains property, money or other value illegally, happens in businesses all too often.

Maintaining inventory, processing payroll, performing in-house accounting duties, partnering with multiple vendors or handling any form of valuables, all increase the opportunity for fraud. As most businesses are producing overwhelming amounts of financial data daily, identifying which transactions may be fraudulent can feel like finding a proverbial needle in a haystack for any business owner.

The encouraging news? With the right processes in place, adequate technology safeguards and an understanding of how to identify and respond to fraudulent activity, a savvy business can make strides to successfully respond to any fraud that occurs, and better yet, reduce the risk of fraud occurring in the first place.

Here, we’ve outlined the fraud prevention safeguards that can help your business avoid fraud, the red flags to help identify fraud if it does happen and the techniques to use if you suspect fraudulent activity is present in your organization.

Fraud Prevention Safeguards

Fraud tends to thrive in environments where there are no clear, widely known processes within a business’s finance and work environments. Key fraud prevention safeguards are designed to prevent an environment where the opportunity to commit fraud is rampant. Businesses should set up a system of checks and balances across all business processes to safeguard against fraud.

To prevent blind spots that open the door to fraud in the cash process, for example, businesses should implement the following safeguards:

  • Detail review each check run for unusual payments for goods or services to vendors.
    • Fraudulent billing is often used as an avenue of attack
    • The review should be performed by someone independent of the check run preparer
  • Use segregation of duties internally to prevent employee fraud.
  • Do not have the same person make deposits and record the accounting in the general ledger
  • Do not have the same person write checks who reconciles the bank statements
  • Do not have the person who approves expenses authorized to sign checks or initiate payments

While the items identified above are a great start to safeguarding cash, they are by no means exhaustive of all considerations and do not guarantee that fraud will not occur.

The Key Signs for Recognizing Fraud

There are certain red flags that can help you to identify fraud, such as discrepancies in your cash accounting, invoicing and even in the hours that are reported by your employees. Some best-practice procedures that may indicate or identify fraudulent discrepancies in your business are outlined below:

  • Duplicate or similar payments
    • Unless a good or service is subscription based, your vendors should not be charging you the same amount every month at the same time for products or services. Your business has cycles, and your payments should look cyclical as well.
  • Invoices just below approval limits
    • If invoices are consistently below the amount required for approval, especially from a small number of vendors, this could be a sign of fraud.
  • Rounded-off billing amounts
    • Be careful to inspect invoices with rounded amounts (e.g., $500, $1,000).
  • Unusual vendor information
    • If a business owner or management cannot contact a vendor, there might be a problem. Your vendors should have up-to-date contact information, such as a phone number, a unique address (not multiple vendors with the same address or phone number) and general contact information. Pay particular attention to vendors with billing addresses that are post office boxes, are in unusual locations, contain misspelled names or addresses or are similar-sounding to other vendors used by the business.
  • Unusual invoice activity
    • Invoices follow patterns, and significant variations from those patterns are a warning sign. Variations like above-average invoiced amounts, unusual number of invoices (or lack thereof) processed for payment or activity occurring at abnormal times (such as processing of invoices for payment after business hours or on weekends) can be a red flag and should be reviewed further.

Once red flags are identified, it’s important to navigate your next steps with care.

The Various Techniques for Identifying Fraud

Identifying fraud, like many modern data-driven security fields, relies on statistical analysis, reviewing data and finding relationships between pieces of data.

Data analytics for fraud prevention looks at information across multiple business systems, locations, data sources and applications. Fraud experts are able to use a variety of statistical techniques to comb through large sets of data looking for anomalies within your applications and business systems.

  • Calculation of statistical standards – Unless you know what your average month looks like financially, you can’t identify activities that are outside the norm. Fraud experts create a pattern that gives the averages or standard deviations within your business systems. This blueprint helps identify any outliers that require more investigation.
  • Stratification of figures – Just like the layers of the earth can tell us about historical timeframes, the layers of your data (or stratification) helps identify suspiciously high or low figures.
  • Classification of data – Often, the data that shows fraudulent activity doesn’t just appear within just the finances. Experts look at different classifications, like geography, to identify patterns and determine outliers in more areas than just finances.
  • Duplicate testing – Fraudsters often repeat themselves, so fraud experts will look for duplicate items within the entire data set to see if there is a pattern of unreasonable duplicates.
  • Gap testing – Fraud experts look for missing data in the gaps of sequential numbering systems.
  • Entry date validation – Are there suspicious outliers in the times when data was entered into your system? Entry date validation calculates the statistical standards for data entry dates.
  • Benford’s law – Nature is not evenly random. Benford’s law analyzes the occurrence of certain numbers within a base 10 system as found in nature and shows the statistical likelihood of a certain digit being in a certain place in a number. Fraud experts can use Benford’s law and other mathematical analysis of real world numbers to look for something that may be too random or not random enough.

It’s important to remember that data analysis techniques are not the final proof that fraud has or hasn’t happened. At the end of the day, statistical analysis helps identify where fraud might have happened but you must investigate further, and use that information as a roadmap for further investigations.

Investigating and Remediating Fraud

At the end of the day, the best way to prevent against, identify and correct fraudulent activities is to partner with an internal controls and data analysis professional who can offer customized insight for your company’s activities and operations.

Learn more about fraud prevention or connect with a Warren Averett advisor who can help.

Obtaining an SOC Report - Download the Guide!

Back to Resources