As the Pandemic increases so does the rise in the potential for Internal Fraud.
We all know that the pandemic is resulting in job losses and decreases in household income. Despite loss of wage-earner jobs, the bills keep coming in. Simultaneously, the pandemic results in ever increasing prices for basic household commodities. A family member may be or may have been hospitalized due to COVID. All of this occurs in conjunction with a time when household stress levels are at their highest.
Something that is often put on the backburner in organizational Internal Audit Departments is testing for Internal Fraud. There has never been a greater time to ensure that Fraud Testing occupies a place in your Internal Audit Schedule on a recurring basis.
In considering the test sample for Internal Fraud, one key point to remember is that experts agree, the least likely candidate to commit Internal Fraud is often the most likely.
You have an employee named Susan. Susan is frequently the one to answer the phone when customers call. She makes the effort to always greet customers, is active in the community and is well liked by staff and customers alike. She solely supports her household and her elderly parents. Her husband has been out of work for the past nine months as the pandemic resulted in closure of his restaurant. No change in Susan’s lifestyle has been noted, however. In fact, just this past week, she came to work in her new car. On Facebook she frequently mentions her shopping trips.
Susan is indeed an employee whose activities you want to review. If she has customer contact and works for a financial institution, you want to review her employee account activity. You want to pay particular attention to the sources of funding for her account. You want to ensure she does not have fiduciary responsibility for any account in your financial institution (in fact, your company policy should prohibit such a relationship). If she does have such responsibility, you want to review the activity for that account as well. If she has responsibility for an elderly parent account, you want to review the activity of such account to ensure Elder Financial Abuse is not a possibility. Remember that Elder Financial Abuse triggers a Suspicious Activity report in a Financial Institution setting.
If Susan handles account reconcilements, you want to ensure review of her assigned account reconcilements to ensure such reconcilements are current and no unusual activity is present. If she handles cash or petty cash, you want to ensure all balances and there are no irregularities. If Susan has access to a company credit card you want to ensure account activity is legitimate. For example, you would not want to see entries for payments to restaurant suppliers.
If Susan is an IT staff employee, you want to review her access level assignment for reasonableness in relation to her job function.
If Susan is a sales commission-driven employee, you want to review her commissions received for normalcy and reasonableness and perhaps test further to ensure legitimacy of commissions.
If Susan works in Loan Administration in a Financial Institution and her husband’s restaurant had loans with your institution, check the legitimacy of payment postings. Company policy should prohibit payment postings by employees to their own or closely related accounts.
In summary, there are many reasons why you want to include Susan in your testing sample – risk based on position, IT related access controls, lifestyle, Facebook postings, etc.
Pandemic-related stresses increase the necessity of Employee Fraud review in any organization… thus, a critical component of your current Internal Audit schedule.