Addressing the Mind of the Perpetrator
/You probably hear it a lot in your role as a fraud examiner: preventing fraud is a lot easier, and cheaper, than detecting it. Organizations need strong internal controls to stop potential frauds. According to Steven Dawson, CFE, CPA and president of Dawson Forensic Analytics, the best internal control that can be implemented at organizations, regardless of size or complexity, is increasing the perception of detection. That was the subject of his educational session, “Increasing the Perception of Detection: Controls that Address the Mind of the Perpetrator,” presented virtually during the 35th Annual ACFE Global Fraud Conference.
Dawson said we need to target the mind of the perpetrator to first determine why people commit fraud. According to him, 95% of perpetrators commit fraud out of necessity, such as due to credit card debt or gambling issues, which he categorizes as “decent people.” He identifies about another 4.5% of frauds committed are greedy, whom he labels as “evil.” The remaining 0.5% commit fraud due to pathological reasons, whom he describes as “sick.” Dawson believes this shows that it is time for a different approach.
When Dawson investigates cases, he not only tries to figure out the why, but also tries to get an answer to “Was there ever a thought in your mind that you would get caught?” By increasing the perception of detection, potential perpetrators will have that little voice in their heads asking, “Will I get caught?”
Dawson presented the example of police vehicles parked near a roadway. When drivers see the vehicle, they slow down and correct their driving behavior because they do not want to be ticketed. Many times, there is not an officer inside those vehicles. Still, the vehicle’s presence makes potential speeders think that they are being watched and should be exhibiting good driving. This is perception of detection.
“If we can do something to back up our control processes to the ‘Should I?’ stage in this evolution of thought, prior to looking up to the wall of internal controls, possibly we can stop it there,” said Dawson. “We want to put something in the place that can help the individual answer the question ‘Will I get caught?’ with a ‘Yes.’” He said you do not want to get rid of other internal controls, but you should have something before you get to that point.
Dawson said you can increase the perception of detection with five steps:
1. Education:
Determine if your employees know what is and is not fraud and who could commit it.
Make sure to express that leadership cares about this subject.
Present fraud schemes, trends and indicators to employees.
Explain the costs of fraud (potential layoffs, pay decreases, etc.) and more.
2. Execute targeted control activities:
Fraud risk assessment.
Mandatory consecutive days of vacation.
Job rotation.
Provide rewards for whistleblowers.
Conduct surprise audits.
Communication of the internal audit workplan.
Mandatory annual completion of the conflict-of-interest form.
3. Establish an effective fraud reporting program.
4. Make sure leadership is modeling ethical leadership.
5. Other physical controls.
“If we can increase the perception of detection, even if [internal] controls are weak, if they’re perceived to exist, then fraud can be prevented,” said Dawson.