The no one-size-fits-all fraudster


The no one-size-fits-all fraudster

Too often we read articles in which fraudsters are categorised, e.g. “The typical insider is approaching middle age, has been with the same employer for over a decade, has frustrated career aspirations, believes they earn less than they deserve, and they feel under appreciated by their employer.” Whilst there is an element of truth in this, the common elements of a fraudster will always vary across continents, industries and cultures.


This article originally appeared on Fraud Intelligence


In our experience there is no one-size-fits-all fraudster.  They come in all shapes and sizes and at all stages of their careers. The fact is they are often able to defraud by keeping below the radar and being astute in the areas they choose to attack.


The key to success is ensuring that clues are not visible to routine audit. For example:


  1. In procurement a buyer may agree to pay an inflated price or to accept shoddy material in return for an off-record (often cash) kickback;  
  2. A Facilities Manager may prematurely write off equipment or a Quality Control Manager may reject perfectly good stock and in each case the commodity is jobbed off for pennies again in return for a kickback;
  3. A Quantity Surveyor (QS), charged with overseeing new construction or refurbishment, may sign off inferior materials in return for free building work at his private home.


In all of the above examples, and many more, fraud is invisible in the company accounts and routine audit will, quite simply, never detect it. There are many more examples where the clever fraudster can abuse his employer organisation knowing there is a zero or very low risk of detection through routine audit. The consequence is that an organisation can suffer undiscovered fraud for years and the fact that none has been discovered often leads to what is termed “Control Delusion” where organisations believe their controls are effective because nothing has been discovered. In reality the opposite is often true, i.e. fraud has thrived quite simply because the controls are not effective in identifying it.


The answer to the above is very simple. Organisations have to understand that there is a crying need to go beyond routine audit by implementing proactive fraud detection techniques to ensure they optimise the opportunity to detect what could be described as “invisible” fraud.


Cross checks, staff rotation, segregation of duties and management sign-off will go a long way in preventing the types of fraud detailed at (1) to (3) above. However, detection relies upon “outside the box” thinking, e.g. in regards to (1), implementing purchase enquiries via an unconnected entity (usually an investigator posing as a procurement broker) to test the best prices available. If the “broker” can buy for less than your organisation is paying then the probability is that your company is paying inflated prices.


In regards to (2), pretext purchases of stock or equipment from the selling entity (often market traders) that stock or equipment has been sold through will often allow tests to identify whether there was genuine reason to write off.


With respect to (3), simple tests such as checking Planning to see whether the QS has submitted any plans for alterations or extensions simultaneous to the company’s new construction work, may well flush out evidence of unauthorised private work at home by the company’s contractor. Equally,  having a Forensic QS remeasure the cost of elements of the work will often identify the overcharging.


Added to the above, for many organisations, the use of data analytics is now at the forefront of proactive fraud detection. Where retained to do so, specialist corporate fraud detection investigators will run comparisons between the client company’s internal databases to identify clues to fraud. Tests will quickly identify clues to fraud in a plethora of areas, e.g.:


  1. an employee at the same address or with a common mobile telephone number as a supplier;
  2. split invoicing whereby a buyer signs off four or five invoices from the same supplier in quick succession – this is collusive manipulation to ensure each invoice amount falls below the buyer’s sign off level (often indicative of a corrupt relationship);
  3. sequentially numbered invoices from the same supplier over a prolonged period is a clear indication that you are the only customer – often indicative of a fraudulent relationship;
  4. sequentially numbered invoices to your company with large date gaps between each again suggests your company is the only customer and again merits attention.


Going a step further, we have developed our own database of accommodation addresses in the UK. Running a client’s supplier master file against this database allows us to quickly identify every supplier operating from an accommodation address. Similar comparison tests with other databases available to Haymarket, including postcodes, Companies House etc, will detect clues in a plethora of other areas.


In all of the above it is important to remember that data analytics is detecting clues to fraud and each has to be fully investigated before definitive conclusions can be drawn and suspects confronted. In these circumstances great care is needed in the approach. In regards to managing an investigation from start to finish) please see “First moves – how to respond to suspected fraud”. [1]




For further information please click here