I recently had the opportunity to catch up with Joanne Taylor, a Managing Director at K2 Integrity and Ray Dookhie, a Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. We chatted on the top fraud trends you might expect to see in 2021 and what the regulatory landscape may well look like in 2021.
Top Fraud Trends in 2021
In the Association of Certified Fraud Examiners (ACFE) survey in December 2020, it found a range of organizations said they had seen an upward trend in fraud over the second half of 2020 and 90% of participants expected that to increase over the next 12 months. This puts a real pressure on organizations anti-fraud program. Taylor feels this pressure comes largely from remote working arrangements, which she believes “is here to stay”. Certainly, in the UK and from my perspective in the US as well, I think remote working is really here to stay. While organizations may well be working across a hybrid model of some office working and remote working down the road, it means that “organizations really have to take a good look at their anti-fraud controls.”
Taylor believes that the key risks from an anti-fraud perspective is “basically no one’s looking over your shoulder”. Next up is that people outside your organization getting access to confidential data. This comes from the broader issue around blurring of the professional with the personal life and people forgetting what professional behavior means. When you add the Pressure side of the fraud triangle, to continue to deliver in this stressful environment, “particularly those in a sales role or a target driven role, you can see real incentive for people to commit misconduct”.
Taylor cautioned it is more than simply theft of funds in this environment. She can also see “pressure on senior management to hit sales targets and show good performance”; which could life to financial miss-statements. She also noted that another fraud risk is cyber related because employees were settled very quickly on laptops and given certain access rights. While many businesses expected that they would be back in the office quite quickly, that simply did not happen. She cautioned, “we now need to be in a situation where firms need to reflect around their fraud program broadly and their cyber controls to make sure that this environment is as risk-free as is possible.”
One important area for companies and fraud protection to consider is unemployment fraud in its broadest reach. This is not simply fraudulently applying for unemployment or other benefits an individual may not deserve but a full range of fraud relating to employment issues during the pandemic. In the US, this can mean fraud around the Paycheck Protection Program (PPP) and similar programs in the UK. It can also occur in the race to outfit organizations with Personal Protective Equipment (PPE).
We concluded by considering some of the things organizations can perform right now to help get ahead of some of these fraud issues. Taylor said that it all starts with a fraud risk assessment which she described as “fundamental to understanding where your risks lie.” It can also let you know where some weak points might be “whether it’s internal fraud or fraud perpetrated by third parties, business, or email compromise fraud, which is massive. I think defining those schemes upfront and then assessing your controls against potential schemes is really important to truly understand your risk.” Equally important is your whistleblower program, which can be “the best source of tips for fraud.”
It is a real no-brainer in my book to make sure that the lines work. You should test your hotline and “if you’re not getting any calls, ask yourself why that might be the case and consider a training and awareness campaign.” Taylor believes you should also make your whistleblowing hotline available to your suppliers, to help prevent kickbacks or other similar fraud schemes. Finally, Taylor concluded that now would also be an appropriate time to perform a gap analysis on your internal fraud controls or your financial controls. This would include making sure there is a second set of eyes, segregation of duties (SODs) and all of those basic protections that financial controls bring.
Regulatory Landscape in 2021
Dookhie began by commenting on the change in focus in the new administration around areas of fraud risk. We went from one administration that was pro Wall Street to one which is “more pro Main Street and pro consumers.” Moreover, he believes that the new administration is laying out an ambitious plans for the next four years, which he believes “has certain implications for corporate compliance officers.” Many of the agency heads have significant government experience and a history focused on enforcement. “I think all of this points to an uptick in regulatory enforcement activities. We’re starting to see some of these shifts as well in recent regulations, but I think you would expect to see more in the coming years.”
In an earlier K2 integrity podcast, we explored the new National Defense Authorization Act (NDAA) specifically around the amendments to the Bank Secrecy Act (BSA). I was very surprised to read in the Wall Street Journal (WSJ) that banks and financial institutions are looking for regulatory guidance around that law. Is that what you would have expected the Biden administration to move forward with, to give banks or other institutions in operations that the law applies to regulatory guidance on the things they need to do to comply with that law?
Dookhie believes that the NDAA will be a bellwether around increased regulatory guidance in the Biden Administration. He excepts both more regulation and guidance against terrorist financing, protection for consumers and potential cyber fraud and other frauds. He also believes this will lead to an uptick in enforcement in a wide variety of areas from the Foreign Corrupt Practices Act (FCPA) to environmental laws under the Environmental Protection Agency (EPA). Of course, the original Paycheck Protection Program (PPP) loans will likely be extended in some form and that could also lead to more fraud enforcement actions.
Interestingly, Dookhie sees several other Biden Administration initiatives from a fraud risk and compliance perspective. He noted President Biden has talked about racial equality, criminal justice reform and certainly immigration laws. He believes those conversations may manifest in what we see in terms of the Consumer Finance Protection Bureau (CFPB) or other government agencies, most particularly in the context of “regulating corporations against under serving communities such as through the concept of red lining.”
Another key insight by Dookhie was to tie these trends to the nomination of Merrick Garland for Attorney General. Although the fight against domestic terrorism will be the top priority of the Biden Justice Department, Garland also talked about racial justice and equality as key initiatives going forward. Here Dookhie emphasized “Garland is a very seasoned veteran of law enforcement. I think sitting in a CCO chair that would give me a little bit of pause if there are flaws in our cases. This also means thorough, buttoned up investigations that we conduct internally, and then present that to the DOJ.”
We concluded by considering what Chief Compliance Officers (CCOs) and fraud risk professionals need to do right now in response to these changes. Dookhie said now would be a good time for “companies to step back with a macro view of their fraud risk management program in the form of a fraud risk assessment, testing controls, performing a gap analysis, seeing if there were gaps that they needed to remediate to be more in line with this type of new regulatory framework.” Moreover, “Organizations need to refresh their thinking around what’s happening in the current environment and regulatory landscape. They need to understand the risk and exposures for their organization and the implications for their compliance program. And, as such, I think they need to do a detailed assessment and gap analysis of where their programs may be at risk and how to remediate those risks in a timely manner.”
[View source.]
