As corporate treasurers prepare for post-pandemic trading, they would be well advised to review their fraud investigation mechanisms to ensure they are fit for purpose.
Fraud committed by employees continues to take its toll on businesses. According to data from Action Fraud, losses from corporate employee fraud in the UK amounted to £277m in 2019/20, with almost two-thirds (64%) suffering some kind of fraud. This chimes with the findings of Bottomline’s 2021 treasury fraud and controls research report, in which 54% of treasurers in larger firms across North America and EMEA reported experiencing a loss in 2020.
Cases of fraud perpetrated by employees rarely make the headlines for a variety of reasons, with the reluctance of the company involved to expose itself to negative publicity high on this list. Many incidents are resolved internally – fewer than one in six incidents of fraud reported in the UK last year ended up in the judicial system according to Action Fraud.
One of the highest profile examples of alleged corporate employee fraud in the UK in recent years was Patisserie Valerie. In 2019 the Serious Fraud Office arrested and questioned five people over allegations of accounting fraud at the company, following on from the arrest and bailing of its former finance director. More recently, car dealership chain Lookers corrected its accounts in November 2020, partly due to ‘a number of fraudulent expense claims’.
Technology is a vital weapon in the battle against employee fraud, but treasury also plays an important role and it is the responsibility of treasury staff members to report suspicious activities by their colleagues. Bottomline describes assessing organisational payment processes to reduce exposures and speed up detection as a good first step.
Once suspicious activity has been detected, it might be tempting to confront the perpetrator immediately. However, corporate fraud investigation firm Ten Intelligence advises companies who suspect they have been victims of fraud to analyse the available evidence and circumstances surrounding the suspicion, retain accurate records, develop a fraud theory, and set out their objectives in an investigation plan.
Once the suspicious activity has been identified, fraud investigators can begin their investigation. As part of this they will ascertain the facts and make a judgement as to whether the incident demands disciplinary action or a more severe course of action.
“The scope of fraud investigators varies across different companies and sectors,” explains Tracey Carpenter, Proposition Manager – Insider Threat at Cifas. “Some organisations may allow fraud investigators to access confidential information such as human resources records, which would show if an employee had previously faced disciplinary issues or had difficult personal circumstances and could offer vital intelligence as part of the investigation.”
Law firm Kingsley Napley observes that companies should proceed with caution when engaging an investigator, noting that illegally obtained information can have serious adverse consequences. In extreme circumstances it could result in criminal proceedings being brought against the victim of the fraud personally and could also result in the loss of legal professional privilege over the instructions to (and the report of) the investigator, the discharge of injunctive relief obtained, and a costs order being made against the victim. Its advice is to provide clear instructions as to what the investigator is not permitted to do and to carefully define what they are being asked to do.
A comprehensive background check is going to add a certain cost to each hire as well as add time to the onboarding process, but this trade-off is increasingly deemed essential for certain positions.
Steven Smith, Managing Director EMEA, Sterling
According to Avi Kahalani, CEO and Chief Financial Officer at Blackhawk Intelligence, compromised evidence is one of the main reasons why cases that are brought to the attention of the police may proceed slowly.
Upon learning about fraud, many company managers and directors tend to confront the alleged perpetrators immediately, giving them – or their accomplices – a chance to tamper with any incriminating evidence. If the alleged perpetrators are employees, this type of confrontation may also see directors risk breaking employment laws and give the affected employees a chance to take action against the company later.
For corporates that want to ensure they are not recruiting someone who has previously committed fraud, Steven Smith, Managing Director EMEA at background and identity services specialist Sterling explains that there are several elements to a background check.
“The first is identity, confirming that individuals are who they say they are and verifying what they claim to have done in the past,” he says. “Then you have additional components such as criminal and reference checks. There are three levels of criminal record check in the UK, but for roles outside regulated industries the basic check is probably the most appropriate and will show up any conviction that is unspent.”
Checks take anywhere from several hours to several weeks to complete, with the average check taking around ten days to complete and costing less than £100. Costs have fallen in recent years as the cost of accessing the source data has gone down, making background checks accessible to a wider range of businesses.
“The final report goes to the client and it is then up to them how they use that information,” says Smith. “If there is a discrepancy or a significant finding, the employer may choose to have a conversation with that individual. Some will decide not to move that person into employment, while others may proceed but with caveats around probation periods.” He suggests there has been a sharp increase in non-regulated organisations choosing to commission background checks.
“Companies need to consider the cost of doing these checks in terms of time and money in the context of their wider onboarding process,” says Smith. “A comprehensive background check is going to add a certain cost to each hire as well as add time to the onboarding process, but this trade-off is increasingly deemed essential for certain positions.”
ACAS has produced guidance (https://www.acas.org.uk/investigations-for-discipline-and-grievance-step-by-step) for conducting workplace investigations. This guidance provides information on the rights of people being investigated at different stages of the investigation.
At disciplinary investigations, there is no statutory right for a worker to be accompanied to the meeting, whereas at a grievance investigation the worker does have this right. But even in a situation where there is no statutory right to be accompanied into an interview there are instances where it may be allowed – for instance under the Equality Act 2010 where it would be considered a reasonable adjustment for a disabled worker.
Case study
Vince Tickel is the owner of wholesale trading group Hunter Worldwide. In 2018 he took a private prosecution against his former financial controller, who stole more than £1.5m from his various businesses over more than a decade.
Having set up a marketing agency he decided to build a group of businesses and realised that he needed a better finance function. “This person came to us on a freelance basis in 1996,” he recalls. “He seemed to know what he was doing.”
Over the following years the group of companies including Hunter grew into an organisation with turnover of £15m and around 220 full and part time staff across offices in the UK and Portugal. What Tickel didn’t know was that his financial controller had put processes in place that allowed him to defraud the business.
“For example he changed the bank mandates after they were signed by directors and himself with ‘anyone to sign’ so he could write cheques to cash, taking cash directly and posting the amount to cost of sale,” he says.
Credit card statements were sent directly to his home and the total amount of the company’s three credit cards was paid by direct debit, so his individual expenditure was ‘hidden’.
“The fraud we discovered was in full swing as far back as at least 2003 (he was dismissed in 2014),” explains Tickel. “It was uncovered when we closed one of the businesses and the final credit card statement was sent to the office instead of his home.”
“I was leaving the office one evening and noticed the statement among the post,” he says. “It was addressed to him and when I opened it I found that there was nothing on my card, about £300 on my managing director’s card but more than £3,500 on our financial director’s card, which all appeared to be personal expenditure.”
Tickel contacted the card company but was told he wasn’t an authorised signatory, so he had to ask his managing director to retrieve previous statements from all the group’s cards. This revealed expenditure of hundreds of thousands of pounds over just a two-year period. In addition, the company’s bank had set up an online payment system that was in theory designed to be more secure but in reality prevented visibility on payments by batching them together so it was impossible to see who was being paid. Tickel says he recently spoke to another business that had been defrauded and that it was the same bank and method used in their case.
Over the period the fraud was perpetrated the group’s accounts were audited and it had VAT investigations, but the financial director managed to keep his activities hidden by misleading the auditors.
“I had thought that once he went to a lawyer they would get together with our lawyers and he would sell his house and pay back at least a significant amount of money,” says Tickel. “But after about a year it was clear this wasn’t going to happen so I went to the police and explained the situation.”
However, he says the police didn’t even visit him and that he was told white collar crime was too difficult and expensive to prosecute. He then instructed Edmonds Marshall McMahon to investigate and commence a private prosecution, which culminated in his former financial controller receiving concurrent sentences of seven and a half and five years imprisonment for fraud by abuse of position and theft and a ten year director disqualification.
Tickel says pursuing the case has cost him almost as much as the original fraud but that he couldn’t let the perpetrator get away with it.
“Looking back there are a number of things I would have done differently,” he says. “The systems we had in place were not robust enough and I wasn’t sufficiently experienced to know that. I would tell my younger self to ask my external auditors for a pressure check on the business to see where we should tighten up our systems to reduce the opportunity for fraud. Some people think that if they steal money and there are no consequences it is victimless, so the answer is to not leave temptation in people’s way.”
Tickel is an advocate of changing auditor every three years and also suggests companies should ‘change things up’ occasionally, especially if they are working with the same accountant for a long period of time.
“The business got so large that I didn’t look at the bank accounts, I didn’t sign off on the credit cards and the auditors didn’t look at the credit card statements in detail – it was only when we made changes that we discovered the fraud,” he concludes. “When we interview people for financial positions now, I ask them if they steal money and make it clear that the last person who stole from us is doing seven and a half years in prison.”