It’s quite alarming that 54% of Philippine businesses have experienced fraud or economic crime over the last two years — higher than 2016 levels by 20%. This was one of the key findings of the 2018 PwC Global Economic Crime Survey (GECS) Report for the Philippines, where organizations from various industries were asked to participate and share their encounters with fraud in the workplace.
The report also highlighted Asset Misappropriation as the Philippines’ top economic crime; this has always been the most prevalent type of fraud in public and private organizations globally. Even more alarming is that one out of four organizations in the Philippines have experienced the most disruptive type of fraud — Consumer-related Fraud — over the last 24 months. Direct losses incurred by the affected organizations range from P1.3 million to P5.3 billion.
The report further revealed that even though Philippine organizations admit to having experienced fraud, quite a number of them were unwilling to disclose critical details about the incident. This was even considering that the survey was designed to be totally anonymous, with no questions that could associate any response with a particular respondent.
Philippine organizations, unlike their global counterparts, are not as open to sharing “internal issues” publicly. In my personal view, the primary reason for this is that these organizations do not want any unnecessary exposure to regulators and/or the general public to protect their reputations.
It’s the corporate power that matters
The elements of the fraud triangle include pressure, opportunities and rationalization — these are the complete ingredients for (potential) fraudsters to commit fraud. With the addition of a fourth key element, that is, the misuse and abuse of “power” or “corporate authority,” the fraud triangle has now evolved into a “fraud diamond.”
It appears that global corporate scandals were not perpetrated by ordinary staff but by employees who take advantage of their corporate power — those who can persuade staff to follow their instructions without any questions asked. This was captured in the global GECS results, which revealed that fraud was mostly done by internal actors over the last 24 months, with 87% of reported fraud committed by members of management, i.e. junior (26%), mid (37%) and senior (24%) corporate officers.
I remember one time when the head of a large organization, in need of cash, asked his driver to go to an accounting clerk to process a P30,000 cash advance. Since he couldn’t find any paper, he used a table napkin to instruct the clerk to process the request. Despite the clear violation of basic internal controls, the accounting clerk processed the transaction without any questions asked.
In my past life as an auditor, I’ve seen this happen a lot of times; corporate officers flouting standard processes for their convenience despite the controls in place. Of course, such as in the above scenario, staff would usually not dare question the intention of the executives, for fear of losing their jobs.
The 2018 GECS Philippines report revealed that almost 50% of companies who have experienced fraud in the workplace focused mainly on making immediate improvements to various business processes and key management controls. This shows how Philippine businesses are truly resilient in managing internal matters and are able to move forward after bearing the impact of fraud in the organization.
Furthermore, one out of three companies focused on handling organizational and external influencers by establishing an ethical culture across the organization, as well as elevating their corporate governance framework and anti-fraud mechanisms (e.g. a whistle-blowing platform/hotline) in order to be on top of the situation.
The key here is to invest in people. Investment in anti-fraud technology and business process improvements is futile if companies do not invest in training their people. As an anti-fraud consultant, I’ve seen how investment in people’s awareness about the prevalence of fraud in the workplace and its corresponding financial and reputational impact have created long-term benefits for organizations.
Fraudsters are getting smarter these days and organizations need to be fully aware of this. If there is extreme pressure to commit fraud (pressure) and any number of control weaknesses exist within the organization (opportunity), fraudsters are free to execute their fraudulent schemes because they believe that what they are doing is “just right” for them to do (rationalization). This problem is further compounded if they have the ability to do so (power). Again, all elements of the fraud diamond exist.
I want to share with you the four basic steps in fighting fraud:
1. Know the various types of fraud in the workplace. Organizations need to educate their employees about the types of fraud and how to prevent them.
2. Take a dynamic approach. Conducting an enterprise-wide fraud risk assessment is the best way to identify the organization’s vulnerabilities and implement the necessary controls to address fraud risks.
3. Invest in people and technology. Investment in people, coupled with the implementation of appropriate anti-fraud technology, helps to boost the effectiveness and efficiency of corporate governance and anti-fraud initiatives.
4. Establish an efficient anti-fraud framework. Mature organizations have whistle-blowing processes, as well as a whistle-blowing portal or “hotline” in place to facilitate the reporting of anomalies and fraudulent activities.
In fact, most workplace fraud is uncovered via “tips” from employees. Furthermore, reports received through these whistle-blowing channels must be properly handled, investigated in a timely fashion, and treated with utmost confidentiality. It is also important to protect whistle-blowers against potential retaliation from fraudsters.
Adopting these four basic steps will not only bring your organization’s corporate governance to the next level but will also allow your organization to align its anti-fraud initiatives with that of other global organizations. Ultimately, this should mitigate (if not totally eliminate) the risk of fraud within your organization.
The views or opinions expressed in this article are solely those of the author and do not necessarily represent those of PricewaterhouseCoopers Consulting Services Philippines Co. Ltd. The content is for general information purposes only, and should not be used as a substitute for specific advice.
Aurelio Mari G. Gueco is a senior manager with the Risk Consulting practice of PricewaterhouseCoopers Consulting Services Philippines Co. Ltd., a Philippine member firm of the PwC network.
+63 (2) 845-2728 local 3086