Last week, the Association of Certified Fraud Examiners (” ACFE”) published the results of a survey taken by more than 1,800 anti-fraud professionals in late April and early May 2020, while we were deep into the Covid-19 crisis. The findings, for the most part, are not surprising, but does reveal some disappointing information. While I have not seen a raw copy of the survey, I was surprised the ACFE didn’t ask if the company’s fraud risk assessment was reviewed and modified accordingly.
A summary of key findings from the ACFE’s Survey are listed below-
- 68 percent said they had already seen an increase in fraud activity at their organizations since Covid-19 began;
- 93 percent expect fraud to increase over the next 12 months, and 51 percent expect a significant increase; and,
- Cyberfraud (defined as business email exploits, malware, and ransomware) is leading the way, with 81 percent of respondents already seeing an increase in those specific threats in the last three months.
How COVID-19 is affecting specific fraud risks
In addition to trends in the overall level of fraud, survey respondents provided information about their current observations and expected changes regarding ten (10) specific types of fraud.
Across the board, anti-fraud professionals already see increased levels for each of these risks, and they anticipate further increases through May 2021.
As reflected above, cyber fraud, which includes schemes such as business email compromise, hacking, ransomware, and malware risk increased the most during the COVID-19 pandemic The majority of survey respondents (81%) have already seen an increase in these schemes, and 93% expect them to increase over the next 12 months.
Frauds perpetrated by vendors and sellers (e.g., price gouging, product misrepresentation, and overbilling) also top the list of risks in the wake of the coronavirus as 86% of respondents expect to see more of this type of fraud over the coming year, and 68% have already seen an increase in these schemes. Payment fraud (e.g., credit card fraud and fraudulent mobile payments) and health care fraud ranked third and fourth, respectively, in terms of frauds that are expected to increase over the coming year.
Payment fraud (e.g., credit card fraud and fraudulent mobile payments) and health care
fraud ranked in the top five of risks, respectively, in terms of frauds that are expected to increase over the coming year.
Investment and resources
What’s alarming to me is 43 percent, and 62 percent of the respondents don’t plan on increasing the investment in anti-fraud programs or staffing resources, respectively. This is despite the increase in fraud activity, the expected rise in fraud, and the increased difficulty in preventing, detecting and investigating fraud. I am perplexed and hope that the Boards’ of Directors are asking tough questions and challenging these decisions.
Expected change in investment in anti-fraud programs over the next 12 months
Expected change in investment in anti-fraud staffing over the next 12 months
Difficulty in preventing, detecting, and investigating fraud
The survey respondents stated that preventing, detecting, and investigating fraud has become notably more difficult in the current environment. Nearly three-quarters of the respondents face additional challenges in preventing (24%), detecting (20%), and investigating fraud (32%), saying that those activities have become significantly more difficult. Likewise, 68 percent of anti-fraud professionals note that detecting fraud has become more difficult during the global pandemic.
According to the survey, the top three challenges in combating fraud in the wake of COVID-19 are the inability to travel, canceled or postponed engagements or investigations, the lack of access to evidence, and conducting remote interviews.
Fraudulent activity has increased and will continue to grow. Boards and senior management need to remain vigilant and ensure anti-fraud activities and investigations are being performed timely, correctly, and effectively. Fraud risk assessments must be promptly reviewed and updated accordingly. Boards should be challenging senior management on the company’s fraud risk management framework to ensure that the company maintains effective programs and controls designed to deter, detect, investigate and remediate instances of fraud and misconduct.
A listing of Other Risks that Should be Considered by Boards and Senior Leadership can be found here.
Coincidence? This survey was released the same week the DOJ’s revisions to the Evaluation of Corporate Compliance Programs (“ECCP”). One of the changes to the ECCP was ensuring the compliance program adequately resourced. Adequately resourced to me is more than having the right number of professionals assigned to the function. It means filling these roles with professionals that possess the right experience and skills to deter, detect, and investigate fraud. I believe the ACFE’s Survey bolsters the DOJ’s revision to one of the three overarching questions that prosecutors ask when evaluating compliance programs.
A copy of the ACFE Survey can be found here ACFE COVID-19-Benchmarking-Report.
Stay safe, and be well!
Association of Certified Fraud Examiners (“ACFE”)