Wednesday, November 13, 2013

Top Five Areas to Monitor for Employee Fraud

This is from John Verver writing at

The most recent edition of The Association of Certified Fraud Examiners (ACFE)“Report to the Nations on Occupational Fraud and Abuse,” issued in 2012, states that the median loss of each instance of employee fraud in their study was $140,000. More than one-fifth of these cases caused losses of at least $1 million. Even in a large, multi-billion dollar organization, that amount is significant. ...

According to the ACFE report, the majority of asset misappropriation occurs in the procurement, payment and expense areas. This is where most organizations start monitoring activities. In fact, by analyzing transactions in these areas (such as with continuous monitoring systems that are driven by data analysis), it is usually possible to test for a wide range of employee fraud schemes, as well as bribery and conflicts of interest.

Here are five areas in which employee fraud commonly occurs:


Potential fraud risks include (a) an employee initiating purchase orders (P.O.) for goods and services that are diverted for personal use and (b) an employee setting up a “phantom” vendor account, through which fraudulent invoices are processed and payments are made to the employee.

In these situations, fraud tests can detect if the same individual both enters and approves a P.O. or if an individual enters or approves multiple “split” P.O.’s, just under an authorized limit. Other evidence that can be discovered includes whether the delivery address for goods or services is the same as an employee’s, whether the goods being purchased are typically consumer items, or whether the vendor master file information (address, bank account, etc.) is the same as that of an employee.

Corporate Credit Cards

A common fraud risk is an employee using a corporate credit card for personal gain instead of legitimate corporate purchases or travel and entertainment expenses.

Fraud tests can detect purchasing cards (P-Cards) being used to acquire goods and services from vendors with suspect merchant codes (e.g., home supplies, personal entertainment, etc.) and corporate cards being used by employees on weekends or while the employee is on vacation. Additionally, tests can determine whether fuel is purchased in unusually large quantities, mileage charges are made in the same period as rental-car charges, and corporate-card transactions are approved by the card holder.


Payroll fraud can consist of (a) “phantom” employees being set up on payroll systems; (b) excessive overtime payments; and (c) employees remaining on the payroll after death or termination.

Tests can detect if there is more than one employee with the same bank account details or the same address. In addition, they can find invalid address information for employees, invalid social security numbers, unusually high overtime amounts, and payroll payments made to employees who were terminated or deceased according to HR records.

Sales and receivables

Some potential frauds include (a) employee collusion with vendors and (b) sales representatives inflating sales to achieve higher commissions and bonuses.

Fraud tests can detect customer accounts with exceptional credit terms; customer accounts that have unusually large or frequent credit memos; customers receiving unusually large discounts; customers returning goods without corresponding adjustments to sales representatives’ commissions; and sales shipment addresses that are the same as an employee’s address.

Information systems and critical data

This kind of fraud includes (a) employee theft of critical data and (b) employees providing corporate data to external individuals.

The right tests can discover databases accessed by individuals without appropriate authorities and reports  generated by individuals without appropriate authorization. Similarly, fraud tests can detect customer accounts with exceptional credit terms and network logs that indicate unauthorized copying and movement of data files. Tests can also help discover if email attachments include sensitive data.