In the Fight Against Fraud, How the CFO Leads the Charge
Security, which involves preventing and fighting fraud, is a topic that continues to be more and more critical in today’s world of ongoing digital transformation. The Association of Certified Fraud Examiners reports that U.S. businesses will lose an average of five percent of their gross revenues to fraud.
Responsible for the company’s financial health, the CFO is explicitly involved with any losses caused by fraud. And if he/she is going to be effective in leading the fight against fraud, they will need to adapt their defenses to face fraud and fraudsters who are better organized, more aggressive, and more technologically proficient than ever.
This leads us to three questions that CFOs should be asking and answering to most effectively lead the fight against fraud.
- What exactly are the threats and what risks do they represent?
Threats come in a variety of forms. We are familiar with the most common: Supplier fraud (fake bank details), fraud on finance (stock brokers and bankers) and legal professionals, and client fraud (fake invoices). And the reality is that the human factor is still the main source of vulnerability in terms of exposure to fraud today.
An employee is typically involved in most confirmed cases of fraud. Sadly, in the U.S., fraudsters who have longer tenure with their company (five years or more) stole twice as much! An average of $200,000 compared to employees with tenure of less than five years. And 68 percent of the fraud committed by individuals outside the company is actually the act of people close to the company in some manner, notably partners such as sales agents, clients, service providers, and others.
The risks to the company are obvious:
Financial: Financial impact is not only felt when cash is directly impacted, such as invoices paid or wire transfer made to a fraudulent recipient, but also in terms of operating income, such as bad receivables resulting in loss of cash flow and lower net profit.
Data Theft: One of the greatest riches of a commercial company are its client data files. This threat can take two forms:
- Inaccessibility to data, which would block the company’s commercial, operational, and industrial activities.
- Malicious use of corporate data, which could incur significant legal liability for the company, serious damage to its reputation, and potential financial consequences for its customers.
HR and Psychological Impact: A breach affects employees psychologically when they feel betrayed by a work colleague that they have known for a long time, as well as the fraudster’s managers, who may wonder whether they truly carried out company procedures to the fullest extent, or should have been aware of warning signs.
Reputation: Falling victim to fraud impacts the company’s reputation, from the company’s main commercial partners, namely its clients and suppliers, to its shareholders. How the company manages the crisis also impacts its reputation, so a solid communications plan should be in place and rehearsed frequently.
- Why invest in fraud prevention?
Beyond the understandable peace of mind that security brings and assurance that the company will not (or will no longer) become the victim of attempted or successful fraud, security for processes represents a competitive advantage due to its reinforcement of the company’s reputation for reliability, reassurance for commercial partners, and more.
- What are the most effective tools to mitigate, even prevent, fraud?
Big data enables handling vast volumes of information, often in real-time. Machine learning is a component of artificial intelligence in its broader meaning, seeking to create and use algorithms to obtain predictive analysis based on data. One possible fraud-prevention use is risk scoring clients and suppliers.
Automation technologies that leverage A.I. are an important part of any effort to mitigate risks by creating and organizing a rigorous process that includes complete traceability and security found in Cloud technology.
Raising employee awareness is one of the most important aspects of fraud prevention. Providing training to all departments and every hierarchical level within the company, including top management, is important so everyone knows the role they play in identifying warning signs and exposing potential fraud.
It is also important to implement communications that are adapted to each different stakeholder group within the company that reflect the company’s commitment to fraud prevention and identifies the consequences of not taking fraud prevention seriously as well as the benefits of executing well-defined fraud prevention plans and practices.