Globally organizations are growing in size and diversifying in different countries . Business strategies focus on leveraging the local market benefits and generally do not detail out various execution and management challenges. Senior management thinks one size fits all and doesn’t assess the fraud risk before expanding into a new region. Multinationals generally assume that what worked in US and Europe will work in emerging markets. However, this is far from truth, a geographically distributed organization is extremely difficult to manage.
As mentioned in the book Greed and Corporate Failure Royal Ahold debacle succulently exemplifies the challenges of fast growth in diverse geographical areas. Briefly explaining the case, the organization undertook large-scale expansion in remote areas. However, some locations business operations were not integrated with internal control structures of the organization. Over-expansion in various countries resulted in management having insufficient time to monitor activities of regions. There were no integrated financial systems implemented which would enable the head office to check financial performance.
However, organizations are slowly learning some tough lessons. Kroll Fraud Report 2010 states, “48% of respondents indicated that fraud has deterred them from engaging in business in at least one foreign country.” It also notes that 92% Asia-Pacific region companies reported an incidence of fraud, which is the highest for any region.
KPMG Fraud Survey India 2010 states that 75% of respondents said that frauds are increasing and 82% reported financial statements frauds are a concern. As I have mentioned before, frauds occur when senior management overrides controls and acts in collision. KPMG report adds, “An alarming increase in the use of falsified documentation to give a semblance of legitimacy to fraudulent transactions has been observed. Perpetration of fraud in this manner makes detection immensely difficult during regular audits or management reviews, unless these are focused Forensic reviews.”
With plummeting ethical values and mounting greed, employees have become the biggest threats for organizations. The geographically distributed offices just make the task easier for unethical employees. Regional heads can control the office by threats and bribes, and conduct frauds. Since head office management trusts regional heads their fraudulent activity remains undetected.
To understand the intricacies of multi-region fraud read the case study “Across Borders” I had written for the Internal Audit Magazine (publications page). Now let us consider that the fraudsters were successful in fleecing the bank. In such a case, all they needed to do was identify a deviant fraud investigator. The fraudsters rope in the fraud investigator to give information on the process, control weaknesses and/or pass the transaction if it was on Fraud Alert List. If the fraud investigator delays informing the concerned business operations team about the fraud, the fraudsters can withdraw the money from beneficiary bank accounts and simply disappear. Hence, ensuring regional fraud teams keep up integrity and transparency is extremely essential for fraud risk mitigation
The complexity in investigating multi-regional frauds increases when integrity of fraud teams is questionable. In matrix-structure, the local risk management head may report to regional operational head and global risk head. Hence, were corporate governance structures are weak, the local risk managers may comply with regional heads due to social and official pressures.
Secondly, since there are deep relationships within risk management teams at a global level; whistle blowing to another location risk management team doesn’t help. It is unlikely that another location’s risk manager will give preference to the whistleblower over the regional risk manager. Corporate orthodoxy ensures that all regional teams maintain silence and no one tattles to senior management. Whistle blowing mechanisms are full of hype and tokenism in most organizations. Hence, the senior management finds it difficult to detect regional frauds and it is far more challenging to investigate them.
1. Senior management should ensure that there is reasonable focus on internal controls and corporate governance at local level. Out of sight should not mean out of mind. Surprise visits by head office senior management to check the performance of regional office results in early detection of fraudulent activities. Head office must independently review regional MIS to identify red flags. Follow up all suspicious with an investigation.
2. In case frauds are occurring in various regions, and integrity of the fraud teams is in question, it is advisable to hire external consultants for fraud investigations. External consultants are less likely to be influenced by internal politics, informal relations and connections. In such cases, the senior management should form an investigation team with trusted employees and external consultants. The trusted employees will be able to give background information on the workings of the organization, while external consultants will ensure independence in the investigation. Where senior management level investigations are required, certain areas should be kept off limits from junior level external consultants to maintain confidentiality.
3. For sensitive investigations, senior management should ensure safekeeping on electronic data and documentary records. If external consultants are hired, confidentiality agreements should be signed by the organization and if required at employee level.
- Kroll Global Fraud Report 2010 (Economic Intelligence Unit Survey Results)
- Greed and Corporate Failure – The Lessons from Recent Disasters ( Authors Stewart Hamilton and Alicia Micklethwait)
- KPMG India Fraud Survey Report 2010
To read the full list of Fraud Symptoms click here.