By Laurence Fournier-Dumas and Guy St-George
June 2, 2014
When prevention and detection mechanisms fail and a company finds itself the victim of fraud, the measures implemented within the first 48 hours can be crucial to managing the crisis.
Let’s say an employee informs the president of a company that the operations manager, a highly respected, longtime colleague of the president, has been committing fraud. The president is convinced his organization has adequate risk management mechanisms and internal control procedures regarding fraud. While he knows he must act swiftly and discreetly, many questions weigh on his mind:
- Could his operations manager have acted in this manner?
- Are there grounds for the allegations or is the whistleblower on a vendetta?
- Was the alleged fraud committed by a single person or were accomplices involved?
- With whom he share the information in order to shed light on the situation and set up a response team?
- Should he meet with the operations manager to discuss this?
- Should he fire him on the spot?
- Is the alleged fraud still going on? If so, what should be done to stop it?
- What has happened to the misappropriated assets?
- Should the alleged fraudster’s computer and office be searched immediately?
For now, the president has few answers. There are a number of measures that should be taken when fraud is suspected within a company. These measures can help minimize the impact of the situation and ensure an optimal investigation. And there are pitfalls to avoid.
WHAT MEASURES TO TAKE
Assess the allegations
First, it’s important to discreetly conduct a preliminary analysis of the allegations to make sure they are credible. The whistleblower should be met with to fully grasp the allegations and, if applicable, review the evidence. Based on this assessment, a decision can be made on whether or not to conduct a more in-depth investigation.
Identify potential accomplices and inform other organizational stakeholders
If the allegations appear to be serious and founded, the next step is to identify any potential accomplices within (and outside) the company. This should be done before discussing the matter with anyone so as to not to alert any potential accomplices.
Next, a team should be formed to draw up an action plan. To ensure confidentiality, it is better to discuss the matter with only a few people, such as the audit committee chair, the CFO and the heads of the fraud risk management and internal audit functions. The team will decide if an internal preliminary investigation should be conducted first or if external investigators should be called in right away.
Create a multidisciplinary response team
Setting up a multidisciplinary response team is essential and often requires mobilizing resources from outside the organization. The team should include people with expertise in various areas, especially forensic accounting and labour law, to answer key questions that arise when an alleged fraud is discovered. For example, management may need to make quick decisions about such matters as the employment relationship between the company and the alleged fraudster. Obviously, until management has obtained solid proof that fraud occurred, the suspect should be temporarily suspended and not fired. In this regard, a labour lawyer should be consulted to avoid making errors that could prove costly to the company.
Management should also bring in forensic accountants to collect the evidence to ensure it is admissible in court and prepare an independent report of the findings of the investigation.
PROTECT THE COMPANY’S ASSETS AND THE EVIDENCE
The response team should take measures designed to stop the alleged fraudulent activities and protect the company’s assets. If the misappropriated assets are substantial and can be traced, management should consider taking legal action to recover them (Mareva injunctions).
Management should also make sure to protect all related evidence. For example, if the suspect is suspended while the investigation is ongoing, management should, for evidentiary purposes, confiscate the suspect’s work computer and cellphone. It may also consider taking legal action to protect any evidence the fraudster may hold outside the company (Anton-Biller injunctions).
WHAT NOT TO DO
Meet the suspect too soon
Investigative best practices suggest that once allegations of fraud have been levelled, management should meet with any witnesses who might be able to confirm or refute the allegations. The suspect should generally be the last person to be interviewed or informed of the investigation. This will prevent the suspect from destroying evidence before the investigator can get hold of it. It will also give the investigator more time to gather as much evidence as possible to support the allegations before it is presented to the suspect.
Put together a response team that is too big
As mentioned, the response team should be limited to only a few members to ensure confidentiality and protect the evidence. The more people there are on the team, the more likely the suspect will find out about the investigation and destroy any incriminating evidence.
Another thing to consider is that the bigger the investigation team, the greater the risk of leaks to the media. Management must issue clear instructions regarding confidentiality to members of the response team and to all personnel informed of the matter.
Search the suspect’s files and emails prematurely
Analyzing emails, text messages and files in the suspect’s computer and smartphone can shed light on important evidence to the investigation. However, a search of this kind can have catastrophic consequences if not conducted in accordance with proper procedures, especially as regards employees’ right to privacy. Evidence that is gathered hastily and without regard to privacy could be deemed inadmissible in a court of law, and the employer could be sued by the employees concerned.
The issues raised and the solutions recommended only cover the start of the fraud crisis management process. Nevertheless, they can be critical to ensuring a successful investigation.
Fraud can happen in all companies, big or small, in all industries and regardless of the risk management and internal control procedures in place. While collusion lurks everywhere and can make most internal control systems ineffective, experts agree that the best protection against fraud is to educate all personnel about fraud and implement a whistleblower hotline. This way, employees can become the eyes and ears of the organization.
Laurence Fournier-Dumas, CPA, CA, is manager, investigations and forensic accounting, at Richter’s Montreal office. Guy St-Georges, CPA, CA, CFF, CFE, is senior manager, investigations and forensic accounting, at Richter’s Montreal office.