Seminal Efforts in Fraud Research

Much of the current understanding of why perpetrators commit fraud is grounded in the fraud triangle. The concept of a fraud triangle dates back to the work of Edwin Sutherland, who coined the term white-collar crime, and Donald Cressey, who wrote Other People's Money (Patterson Smith, 1973). Cressey, a PhD student of Sutherland in the 1940s, concentrated his research on the circumstances that led fraudsters to initially violate ethical standards and engage in their first fraudulent act. Over the years, his research findings became known as the fraud triangle, whose points represent the causal factors of perceived pressure (or nonshareable financial need), perceived opportunity, and rationalization (Exhibit 2).

EXHIBIT 2

The Fraud Triangle

The benefit of using personal integrity is that it may be a readily observable characteristic than rationalization. By observing both a person's decisions as well as the decision-making processes, his commitment to ethical decision making can be gauged. As noted by Zabihollah Rezaee and Richard A. Riley, Jr., in Financial Statement Fraud: Prevention and Detection (Wiley, 2010), central to the idea of deterrence is the reliance on personal decision making and responsibility. Violations of ethics, trust, and responsibility are at the heart of fraudulent activities. Ethics addresses the rationalization and, to a certain extent, the pressure associated with fraud by considering the conditions under which a potential fraudster might consider an action right or wrong. By considering the ethics of a decision, professionals may be able to assess integrity and thus the relative likelihood of an individual committing fraud.

The Fraud Diamond: Adding the Fraudster's Capabilities

In “The Fraud Diamond: Considering the Four Elements of Fraud,” (The CPA Journal, December 2004), David T. Wolfe and Dana R. Hermanson present a four-sided fraud diamond that extends the fraud triangle to incorporate an individual's capability: personal traits and abilities that play a major role in whether fraud will actually occur given the presence of pressure, opportunity, and rationalization. The authors suggest that many frauds, especially some of the multibillion-dollar financial statement frauds, would not have occurred without the right person with the right capabilities implementing the details of the fraud. Opportunity opens the door, and incentive and rationalization draw the potential fraudster toward the open doorway, but the individual must have the capability to walk through that opening. Accordingly, the critical question is: Who could turn an opportunity for fraud into reality? Wolfe and Hermanson suggest four observable traits for committing fraud, especially when it involves large sums of money or it continues for an extended period of time:

• Authoritative position or function within the organization;

• Capacity to understand and exploit accounting systems and internal control weaknesses, possibly leveraging responsibility and abusing authority to complete and conceal the fraud;

• Confidence (ego) that she will not be detected, or, if caught, that she will talk herself out of trouble;

• Capability to deal with the stress created within an otherwise good person when she commits bad acts. (See Exhibit 4.)

EXHIBIT 4

The Fraud Diamond

Focusing on capability requires organizations and their auditors to observe, assess, and document the capabilities of top executives, key personnel, and employees who have the capability to perpetrate and conceal fraud acts.

The MICE Model

Another challenge for the fraud triangle is that it does not explain every fraud act. Consider the example of Thomas M. Coughlin as presented by James Bandler and Ann Zimmerman in “A Wal-Mart Legend's Trail of Deceit” (Wall Street Journal, April 5, 2005). On January 24, 2005, Coughlin, vice chairman of Wal-Mart, resigned from Wal-Mart's board of directors amid allegations of fraud and deceit. Documents reviewed by the Wall Street Journal —

• suggest that Mr. Coughlin periodically had subordinates create false invoices to get Wal-Mart to pay for his personal expenses. The questionable activity, spanning a period of more than five years, appears to involve dozens of transactions including hunting vacations, a $1,359 pair of alligator boots custom made for Mr. Coughlin, and a $2,590 dog pen for Mr. Coughlin's Arkansas home.

According to the article, Wal-Mart found questionable transactions totaling between $100,000 and $500,000 over three to five years. What is particularly interesting is that in the year immediately prior to his resignation, Coughlin's compensation totaled more than $6 million. Risking $6 million in annual compensation and reputation for a $500,000 payoff does not appear to make sense. Nonetheless, the risks taken by Coughlin were similar to those taken by other millionaire CEOs and CFOs who chose to perpetrate financial statement fraud.

With financial reporting fraud, the first leg of the fraud triangle has been adjusted from pressure to focus on motivators such as monetary incentives, bonuses, or stock options. While top executives clearly feel pressure to deliver solid financial results, such pressure is not the same as the nonshareable individual pressure described by Cressey.

To address this issue—presented in Forensic Accounting and Fraud Examination by Mary-Jo Kranacher, Richard A. Riley, Jr., and Joseph T. Wells, (Wiley, 2010)—Professor Jason Thomas suggests that the motivations of fraud perpetrators may be more appropriately expanded and identified with the acronym MICE: money, ideology, coercion, and ego (entitlement).

Enron, WorldCom, Adelphia, Phar-Mor, and ZZZZ Best provide good examples where the convicted perpetrators appeared to be motivated by money, ego, and entitlement. Less frequently, individuals may be unwillingly pulled into a fraud scheme (i.e., coercion). In the Wal-Mart case, Coughlin was sued by Patsy Stephens, who claimed that she was coerced into submitting vouchers and laundering the money through her own bank account (Brian White, “Former Wal-Mart Manager Sues Tom Coughlin—for Her Own Misdeeds,” www.bloggingstocks.com, April 1, 2008). Low-level or unwilling individuals can become whistleblowers, and they often provide testimony against fraud ringleaders.

Ideology is most often associated with frauds like tax evasion and, more recently, terrorist financing. For example, a tax evader may believe the government is not entitled to his money, and terrorists may feel justified in committing credit card fraud to finance their activities. Ideological motivators allow the end to justify the means; perpetrators steal money or participate in a fraud act or financial crime to achieve some perceived greater good that is consistent with their beliefs.

While the MICE heuristic oversimplifies fraudulent motivations, and some motivations fit several categories, it is easily remembered. In addition, it provides professionals with a broader framework beyond pressure and rationalization within which to consider the likelihood of fraud by considering an expanded set of motivators.

The ‘Predator' Versus the ‘Accidental Fraudster'

The common fraudster is usually depicted as having the following characteristics: first-time offender; middle-aged; well-educated; trusted employee; in a position of responsibility; and considered a good citizen through service works at the office, in the community, or at a charitable organization. This individual succumbs to pressure; develops one or more fraud schemes, and commits some fraud act. In Forensic Accounting and Fraud Examination, Kranacher, Riley, and Wells characterize this type of perpetrator as the “accidental fraudster.” Notwithstanding the fraud act, the accidental fraudster is considered to be a good, law-abiding person, who under normal circumstances would never consider theft, breaking the law, or harming others. The fraud triangle was created with the accidental fraudster in mind.

What if an individual had committed an act of fraud at a prior organization? Illegal acts tend to be followed by more illegal acts, and a continuum of illegal acts defines the pathological fraudster or “predator”:

• Predators seek out organizations where they can start to scheme almost immediately upon being hired.

• At some point, many accidental fraudsters, if not caught beforehand, will move from the behavior characteristic of an accidental fraudster to that of a predator.

• Financial statement fraud perpetrators often appear to start as accidental fraudsters, or even just as earnings managers, and sooner or later become predators.

Predators focused on criminal activities exist, and they can be individuals or organizations. Predators are far more deliberate than the accidental fraudster; they are better organized, have better concealment schemes, and are better prepared to deal with auditors and other oversight mechanisms. With regard to the fraud triangle, all the predator seeks is opportunity. The predator requires no pressure and needs no rationalization. The antifraud professional can address this concern by recognizing that predators exist—professional skepticism, brainstorming, and critical thinking are essential tools for exposing the predatory fraudster.

Concerns of Collusive Fraud and Management Override

Because the fraud triangle generally considers individuals acting alone, it does not provide a good basis for assessing the likelihood of fraud under conditions of collusion. Yet this is one of the central elements of complex frauds and financial crimes. Collusion may take place among individuals within an organization or across organizations. According to data collected during the ACFE's recent study, when collusion is involved, the sizes of fraud losses increase dramatically, from $100,000 to $366,000 per incident. The losses caused by individual predators can be substantial, but when those individuals work in concert with others, the damage can be devastating and far more pervasive.

In cases of collusion, internal controls centered on segregation of duties are generally ineffective in preventing fraud and other financial crimes. Although internal controls cannot prevent collusive fraud acts, they can assist in the detection of such activities. For example, independent monitoring may reveal that internal controls have been circumvented through collusion. Management override is not inherently collusive, but most acts of management override involve collusion.

Proactive fraud detection includes a search for collusion and management override. Fraud from management override can be very difficult to detect. Ultimately, the board of directors and audit committee have an obligation and responsibility to shareholders to police management. The AICPA guide, “Management Override of Internal Controls: The Achilles' Heel of Fraud Prevention—The Audit Committee and Oversight of Financial Reporting,” identifies six key actions that the audit committee should consider in performing these duties:

• Maintaining skepticism,

• Strengthening committee understanding of the business,

• Brainstorming to identify fraud risks,

• Using the code of conduct to assess the financial reporting culture,

• Ensuring the entity cultivates a vigorous whistleblower program, and

• Developing a broad information and feedback network.

In the article, “Preventing and Detecting Collusive Management Fraud” (The CPA Journal, October 2008), Stephen E. Silver, Arron Scott Fleming, and Richard A. Riley, Jr., suggest that, beyond the review of management's fraud risk assessment, an audit committee should consider the following questions:

• Do the internal auditors and the audit committee have the knowledge, education, and awareness of the various fraudulent management override and collusive schemes that may be perpetrated by management?

• Has the audit committee reviewed a comprehensive fraud risk assessment, including how collusive fraud and management override schemes are mitigated and detected?

• Have audit committee members participated in continuing education programs that can prepare them for appraising management's fraud risk assessment?

• Did the audit committee assist in the collusive and management override fraud risk assessment process, or did it rely solely on the internal or external audit group?

• Does the audit committee have direct oversight of the internal audit (as required by the New York Stock Exchange), or do the internal auditors report to management?

A proactive approach by the audit committee reinforces the tone at the top, sends a positive signal to all levels of management, and acts as a deterrent to those contemplating a collusive fraud scheme. The perception of available collusive fraud opportunities and the likelihood of being detected in such a proactive environment may, in fact, reduce the occurrence of most costly frauds within an organization. One can use this knowledge of collusive frauds and management override to evaluate different environments for the likelihood of fraud acts that would be undetected by traditional corporate governance mechanisms. To further assist professionals, Exhibit 5 presents the impact of predators, collusion, and override in contrast to the lone fraud perpetrator.

EXHIBIT 5

Fraud Assessment Tools by Fraudster Type

A Basis for Fraud Deterrence

Fraud deterrence refers to creating an environment in which people are discouraged from committing fraud, although it is still possible. Because opportunity involves both access to commit the fraud and the perception that the fraudster can get away with it, one aspect of deterrence is the fear of getting caught. In Theft by Employees (Simon & Schuster, 1983), Richard C. Hollinger and John P. Clark found that the perceived certainty of detection is inversely related to employee theft—that is, the stronger the perception that theft will be detected, the less likely it is that an employee will steal.

The second aspect of deterrence is fear of punishment. The 2005 Federal Sentencing Guidelines Manual defines deterrence as a clear message sent to society that repeated criminal behavior will increase the severity of punishment with each recurrence.

In addition, Sutherland suggests that employees, particularly those in senior positions, set the ethical tone for the entire organization. When leaders model questionable, unethical, or fraudulent behavior, normally honest employees are more likely to rationalize fraud. Conversely, Sutherland's theory also suggests that ethical employees might influence those who have fraudulent tendencies.

As a result of these concepts, deterrence is usually accomplished through a variety of efforts associated with internal controls and antifraud programs that create a workplace of integrity and encourage employees to report potential wrongdoing. Such actions increase the perceived likelihood that an act of fraud will be detected and reported.

Fraud deterrence can also be achieved through the use of continuous monitoring and auditing software tools. It is enhanced when the perception of detection is present and when potential perpetrators recognize that they will be caught and punished.

Antifraud techniques and controls include—

• an ethical tone at the top;

• a meaningful code of conduct;

• open communications with employees, vendors, suppliers, and customers;

• employee activity monitoring;

• hotlines;

• whistleblower protection;

• a protocol for punishing perpetrators;

• the monitoring of contractual parties; and

• proactive fraud auditing.

These items are included as part of a checklist shown in Exhibit 6. The deterrence fabric includes all corporate governance professionals, including the board of directors, audit committee, top management, and external and internal auditors. The notion of deterrence tends to address two aspects of the fraud triangle: opportunity and rationalization. When controls and antifraud programs are introduced as a deterrent, the fraudster perceives that the opportunity to commit and conceal fraud has been reduced or eliminated.

EXHIBIT 6

Fraud Deterrence Checklist Focusing on Fear of Getting Caught and Fear of Punishment

The fraudster's rationalization may be deterred or reduced through training programs and a strong corporate culture that commands a high ethical standard. Importantly for professionals, deterrence efforts are observable and can be used to assess the likelihood of fraud. Exhibit 6 provides a checklist to assess antifraud efforts aimed at addressing opportunity and rationalization. Understanding who commits fraud—and how and why it is committed— will enhance a professional's ability to prevent, deter, detect, and investigate fraud.