Wilmer Cutler & Pickering and PriceWaterhouseCoopers recently released a survey that analyzes economic crimes caused by internal corporate fraud. The results should be interesting to lawyers charged with implementing, investigating, or recovering fraud losses. Important findings include:
- Internal frauds threaten most businesses. Worldwide, 37 percent of the over 3600 companies surveyed reported significant fraud losses during the last two years. The U.S. incident rate was 41%. These percentages are only for specifically identified frauds; company executives perceive that undetected frauds are also significant. The problem exists in every industry, with no industry reporting less than a 30 percent occurrence rate.
- In the United States, the average calculated loss per company was approximately $2.2 million. Only about two-thirds of companies were able to quantify their losses. The remaining companies were unable to do so, usually because their control systems and related record keeping were thoroughly circumvented. Over two-thirds of companies reported that the consequential losses to business relationships, reputation, and staff morale were also significant – sometimes more so than the direct financial loss.
- About three quarters of these corporate victims recovered less than 20 percent of their losses. Less than half recovered anything at all. Only 9 percent succeeded in recovering more than 80 percent. In the few cases when larger recoveries occurred, insurance was often the source.
- In the U.S., around three quarters of companies had insurance for internal fraud losses. This is considerably higher than the approximately 50 percent of companies in other regions. However, only around half of the companies with insurance were able to recover any damages. This occurred because of higher deductibles, and the difficulty of proving losses to the standards required by the policies.
- Most companies have a misplaced confidence in their control systems. Risk management systems detected relatively few economic crimes. Instead, most frauds were discovered either through internal or external audits, through tip-offs (whistleblowers), or by accident. The researchers concluded that this occurred because (i) risk management systems were circumvented through collusion, or (ii) crimes were committed by executives with sufficient rank to override risk management systems.
- Approximately 85% of U.S. respondents believe that their risk of fraud will be the same or greater in the next five years.
- The companies that have not suffered fraud losses (or at least did not know about them) rely more on intangible prevention tools such as codes of conduct. In contrast, fraud victims are now implementing more tangible measures, such as management training and whistleblower programs.
In light of these survey results, it is cost effective to spend more for fraud prevention and early detection measures.
Most prior studies on financial fraud and financial misreporting identified that company employees are aware of key information that is not being reported upwards to management. With this background in mind, we found the performance of whistle blower systems in this recent study to be noteworthy. Whistleblower systems are far less expensive than most other control improvements. They pay for themselves through more rapid fraud discovery.
Relatively few companies currently have formal whistleblower systems for economic crimes. Sarbanes-Oxley Section 301(4) now requires such systems for U.S public companies, with rapidly approaching implementation deadlines. Even though Sarbanes-Oxley’s focus is financial reporting, whistleblower systems will also provide enhanced reporting of economic crimes. Though not required to do so, larger private companies should also implement such systems.