Governor Walz issued a proclamation declaring November 15– 21, 2020 Fraud Awareness and Prevention Week. Fraud is knowingly misrepresenting the truth or concealing important facts to harm another or benefit oneself. The actions of a fraudster are intentional and purposely concealed, often making it difficult to detect or even separate from honest errors or mistakes. If fraud occurs in our state government, all taxpayers, state employees, and state agencies feel the impact, in financial terms, reputational damage, and loss of confidence in government officials. Occupational fraud in government accounts for median losses of $100,000 for every scheme duration.
We have all experienced many life-altering changes this year, some of which include remote work locations, changes to many state business processes, and challenges connecting to fellow employees and agency management. These changes add to the difficulty of preventing and detecting fraudulent activity. This week, we will focus on:
Fraud risks and the impacts of fraud while working remotely;
Controls to prevent and knowledge to detect fraud while being away from the office;
Our responsibility to protect state assets and report fraud, waste, and abuse.
With most state employees working remotely and no timetable on returning to the office on a consistent basis, it is important we all recognize the impacts of fraud and the unique fraud risks associated with working in this environment.
Financial repercussions of fraud against government include:
Loss of public funds and resources
Reallocation of resources for fraud investigations and methods for prevention
Increased cost of many government services
Increased fees and taxes
Less money for government operations, staff development and retention, and technology
Significant expenses for prosecution and incarceration of convicted fraudsters
Other consequences of fraud can include:
Negative news and bad publicity
Decreased confidence in public officials
Increased scrutiny and/or sanctions
Inability to meet organizational goals
Tarnished reputations
Low employee morale
Fraud risks while working remotely.
Cyberfraud – according to the Association of Certified Fraud Examiners (ACFE) Fraud in the Wake of COVID-19: Benchmarking Report, September 2020 Edition, cyberfraud is the most heightened risk for organizations, as 83% of respondents already observed an increase in schemes and 90% anticipated further increase over the next year. Adding to cybersecurity risk is remote work locations can lead to using unsecure networks (public Wi-Fi).
Employee Access – Increased employee access to certain systems, sensitive data, and more information due to re-deployment and/or additional work responsibilities for current and new employees. This can also include lack of access to anti-fraud training programs.
Time theft – the inability to monitor employees’ actions in our current setting is a major risk leading to employees recording work hours that are simply not used for work. Results can be lower productivity, paying wages for non-work activities and reputational damage in the eyes of taxpayers and stakeholders.
Worker’s Compensation Fraud – the fact that home is now a workplace can lead to a possible grey area with worker’s compensation claims and the inability to decipher whether potential injuries are a result of work of personal activities.
Physical security – work assets such as computers, screens, chairs, etc. and physical sensitive data are at risk when proper safeguards are not in place. Potential break-ins, regular visitors, roommates, or even family members could have access to work assets and data if left in an unlocked room or car leading to damage or theft.
Vendor or grantee fraud – in the wake of additional federal funding and state funding due to the pandemic, the risks of vendor or grant fraud may be harder to detect.
Each day this week, we will continue to highlight things all state employees need to learn about what fraud and how to prevent, detect, and report it:
Check Tuesday’s Daily Fraud Fact for more on internal controls to stop fraud before it starts.
View Wednesday’s Daily Fraud Fact to learn about behavioral ‘red flags’ and tips to detect fraud.
Thursday’s Daily Fraud Fact will focus on fraud reporting channels.
Read Friday’s Daily Fraud Fact to understand how agency culture and training matters!
Thank you, State of Minnesota, for all you are doing to Prevent. Detect. Protect.
Acknowledging that fraud can happen anywhere and at any time is the first step in proper fraud prevention and thinking that it can only happen elsewhere only increases the chances of fraud. This is now even more true as we all work in different locations. According to ACFE’s Fraud in the Wake of COVID-19: Benchmarking Report, September 2020 Edition, the most common challenges in the fight against fraud are tied to restrictions placed on accessing physical locations. As we discussed yesterday, this issue can present new risk factors to consider.
Prevent fraud with effective internal controls.
Stop fraud before it starts and be proactive about fraud awareness and prevention. Strong internal controls are the best way of decreasing the chance for fraud. Internal controls are the plans, methods, policies, and procedures implemented to provide reasonable assurance that our agency goals will be achieved, which includes safeguarding our state assets. Here are some internal controls for fraud prevention:
Written Code of Conduct/Code of Ethics policies – employees should read, understand, and comply with the State of Minnesota’s Code of Ethics and Code of Conduct.
Implement and follow specific fraud reporting mechanisms. Provide avenues for employees, contractors, and stakeholders to report suspicious activities.
Increase the perception of detection. Regular discussion, training, and emphasis about fraud policies, reporting mechanisms, and consequences of fraudulent behavior (termination and criminal prosecution) will make fraudsters re-think their actions out of fear.
Follow established hiring policies and procedures requiring reference and background checks, including educational and employment history (as permitted by law).
Use risk assessment to identify areas of operations susceptible to fraud and implement proper controls.
Periodic job rotation
Monitor employee work through daily communication, including hours worked and tasks completed, to verify time sheet reporting.
Segregation of duties for transaction recording, approvals, reconciliation, and ownership of a process.
Assignment of SWIFT and SEMA4 security roles to limit employee access to perform their assigned job duties
Follow tips, guidance, and policies to prevent cybersecurity risks as provided by MN.IT in last month’s Cybersecurity Awareness Month.
Supervisory review and approval of transactions
Formal documented delegations of authorities and responsibilities.
The median duration of a fraud scheme is 14 months, according to the ACFE Report to the Nations, 2020 Global Study on Occupational Fraud and Abuse. Occupational fraud occurs through asset misappropriation, corruption, and financial statement fraud, and there is an attempt to conceal the scheme in 88% of cases. This makes it extremely difficult in detecting fraud schemes and even more important in knowing how to detect it quickly. The longer the scheme, the greater the financial loss.
Adding to the difficulty in detection is the inability to easily monitor employee behavior and have casual watercooler conversations with peers. Traditionally, recognizing the ‘red flags’ of fraud, which are behavioral characteristics most associated with fraudulent conduct, could have been easier.
The most common “red flags” of a fraudster’s behavior include:
living beyond their means
financial difficulties
unusually close association with a vendor or customer
control issues or unwillingness to share duties
irritability, suspiciousness, or defensiveness
“wheeler-dealer” attitude
There are 3 things needed for fraud to occur, as depicted on what is known as the fraud triangle.
Pressure – the motivation for committing fraud can be triggered by various things, which can include financial stress, addictions, or sudden health issues.
Rationalization – the way the actions are justified, including thinking they will pay back the money, feeling as though they are not being paid enough, or that nobody will know anything is missing.
Opportunity – taking advantage of an internal control weakness and exploiting it. This is the only aspect of the fraud triangle an agency can control, and lack of internal controls is the primary contributor to occupational fraud. Strengthening internal controls within business processes by using examples provided yesterday can significantly reduce fraud from occurring.
Employees knowing how to spot the behavioral ‘red flags’ of fraud and the 3 aspects needed for fraud to occur is critical in stopping fraud as 43% of fraud reporting is done through tips and half of those come from employees. Even though detecting fraud is now harder due to the work environment, knowing these items and the fact that strong internal controls take away the opportunity for fraud to occur can help to reduce the occurrence.
For Certified Fraud Examiners (CFE) in our state, The Association of Certified Fraud Examiners (ACFE) website has information such as publications, podcasts, reports, and videos to help in learning to detect fraud. Even if you are not certified, many state agencies have employees with this certification and should use these resources for prevention and detection.
Check back tomorrow to learn how to report fraud to protect our state!
Thank you, State of Minnesota, for all you are doing to Prevent. Detect. Protect.
Despite our increased awareness, education, and best efforts fraud can and will still happen. The goal of increased knowledge of prevention and detection techniques are to significantly reduce the likelihood of fraud, waste, and abuse. If something is happening that is not right, we all have the responsibility to protect our state assets and report it!
Follow established Anti-Fraud Policies.
The statewide Code of Conduct Policy requires employees, contractors, and stakeholders report “any suspected code of conduct and ethics violations, significant internal control deficiencies, evidence of theft, embezzlement, unlawful use of public funds or property, or any other irregularities or wrongdoings.” Agencies need to implement a fraud reporting mechanism, such as a reporting hotline or other anonymous channels, as tips are by far the most common reporting method. Organizations with fraud awareness training are 19% more likely to gather tips through formal reporting mechanisms.
Know your agency’s specific reporting channels.
Each of us must be familiar with our agency’s specific channel(s) for reporting such activity. Employees must also report certain cases of suspected fraud to the Minnesota Office of the Legislative Auditor. State managers, supevisors, and agency senior staff need to understand their agency’s reporting channels and be ready to assist in reporting. The state’s Whistle-blower Act protects any state worker who reports a suspected violation in good faith.
This week, we focused on limiting the opportunity for fraud, waste, and abuse to occur in our agencies while we are working remotely. This included learning about new and traditional risks, fraud prevention and detection methods, and how to report misuse of state assets. As the occurrences of fraud are predicted to increase and new fraud schemes are created daily, we must be aware that our high-risk processes and state assets are vulnerable. It is now more important than ever to ensure strong internal controls are in place to limit a fraudster’s actions.
Promote an Anti-Fraud Culture.
Increase the perception of detection! Agency managers and supervisors should ensure a culture that celebrates honesty and integrity and takes a proactive approach to implement effective anti-fraud strategies. Provide employees with training and resources necessary to perform their anti-fraud internal control duties. Regularly communicate to staff about the importance of fraud prevention and ensure employees understand their responsibilities. Awareness should not end after this week!
Thank you for participating in Fraud Awareness and Prevention Week and thank you for all you are doing to Prevent. Detect. Protect.