Countering Fraud for Competitive Advantage E-Book

Contents

Cover

Title Page

Copyright

Chapter 1: Introduction

1.1 BOOK OUTLINE

END NOTES

Chapter 2: The Fraud Problem

2.1 INTRODUCTION

2.2 THE FRAUD PROBLEM

2.3 THE EXTENT OF FRAUD

2.4 TRENDS IN FRAUD

2.5 THE IMPACT OF FRAUD

2.6 CONCLUSION

FURTHER READING

END NOTES

Chapter 3: The Fraudster and the Culture of Fraud

3.1 INTRODUCTION

3.2 UNDERSTANDING THE FRAUDSTER

3.3 CULTURES AND FRAUD

3.4 CONCLUSION

FURTHER READING

END NOTES

Chapter 4: The Resilience to Fraud

4.1 INTRODUCTION

4.2 NATIONAL RESILIENCE

4.3 ORGANISATIONAL RESILIENCE

4.4 FURTHER RESEARCH

4.5 ACFE RESEARCH

4.6 UNDERSTANDING THE PROBLEM: FUSING THE FRAUDSTER, THE CULTURE, AND THE STRUCTURES OF RESILIENCE

4.7 CONCLUSION

FURTHER READING

END NOTES

Chapter 5: Measuring Fraud Losses and Tailoring the Strategy

5.1 INTRODUCTION

5.2 THE PROBLEM WITH RISK MANAGEMENT

5.3 MEASURING FRAUD

5.4 WIDER BENEFITS OF FRAUD MEASUREMENT

5.5 CONCLUSION

FURTHER READING

END NOTES

Chapter 6: Creating an Anti-Fraud Culture and Preventing Fraud

6.1 INTRODUCTION

6.2 SITUATIONAL MEASURES

6.3 CREATING AN ANTI-FRAUD CULTURE

6.4 CONCLUSION

FURTHER READING

END NOTES

Chapter 7: Detecting Fraud and Investigating Professionally

7.1 INTRODUCTION

7.2 THE COSTS OF INVESTIGATION

7.3 WHO WILL INVESTIGATE?

7.4 PROACTIVE INVESTIGATIONS

7.5 REACTIVE INVESTIGATIONS

7.6 CONDUCTING FRAUD INVESTIGATIONS

7.7 PSYCHOLOGY AND INVESTIGATION

7.8 CONCLUSION

FURTHER READING

END NOTES

Chapter 8: Sanctioning Fraudsters and Pursuing Redress

8.1 INTRODUCTION

8.2 UNDERSTANDING FRAUDSTERS AND THE PLACE OF DETERRENCE

8.3 THE SANCTIONS TOOL BOX

8.4 PUBLICISING SANCTIONS

8.5 CONCLUSION

FURTHER READING

END NOTES

Chapter 9: Enhancing Performance through Counter-Fraud Metrics

9.1 INTRODUCTION

9.2 NEW WAYS OF THINKING ABOUT SECURITY AND FRAUD

9.3 DEVELOPING A COUNTER-FRAUD METRICS PROGRAMME

9.4 DEFINE OVERALL OBJECTIVES/METRICS

9.5 DECIDE METRICS THAT MEET THOSE OBJECTIVES

9.6 DEVELOP STRATEGIES FOR GENERATING METRICS

9.7 ESTABLISH BENCHMARKS AND TARGETS

9.8 DETERMINE HOW METRICS WILL BE REPORTED

9.9 CREATE ACTION PLAN

9.10 REVIEW/REFINE CYCLE

9.11 CHALLENGES AND CRITIQUE OF METRICS

9.12 CONCLUSION

FURTHER READING

END NOTES

Chapter 10: The Counter-Fraud Professional

10.1 INTRODUCTION

10.2 COUNTER-FRAUD PROFESSIONAL INFRASTRUCTURE

10.3 THE ESSENCE OF THE COUNTER-FRAUD PROFESSIONAL

10.4 REDEFINING THE COUNTER-FRAUD PROFESSIONAL

10.5 THE COUNTER-FRAUD DEPARTMENT

10.6 CONCLUSION

FURTHER READING

END NOTES

Chapter 11: Reaping the New Competitive Advantage

11.1 INTRODUCTION

11.2 BRINGING THE COUNTER-FRAUD STRATEGY TOGETHER

11.3 REAPING THE BENEFITS

11.4 HOW QUICKLY CAN LOSSES BE REDUCED AND BY HOW MUCH?

11.5 THE WORLD'S 500 LARGEST COMPANIES

11.6 UK FTSE 350 COMPANIES

11.7 FRENCH CAC 40 LISTED COMPANIES

11.8 GERMAN DAX 100 LISTED COMPANIES

11.9 CONCLUDING REMARKS: REAP THE ADVANTAGE!

FURTHER READING

END NOTES

Index

© 2013 Mark Button and Jim Gee

Registered office John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex, PO19 8SQ, United Kingdom

For details of our global editorial offices, for customer services and for information about how to apply for permission to reuse the copyright material in this book please see our website at www.wiley.com.

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, except as permitted by the UK Copyright, Designs and Patents Act 1988, without the prior permission of the publisher.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.

Designations used by companies to distinguish their products are often claimed as trademarks. All brand names and product names used in this book are trade names, service marks, trademarks or registered trademarks of their respective owners. The publisher is not associated with any product or vendor mentioned in this book.

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with the respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. It is sold on the understanding that the publisher is not engaged in rendering professional services and neither the publisher nor the author shall be liable for damages arising herefrom. If professional advice or other expert assistance is required, the services of a competent professional should be sought.

Library of Congress Cataloging-in-Publication Data

Button, Mark, 1969– Countering fraud for competitive advantage : the professional approach to reducing the last great hidden cost / Mark Button and Jim Gee. pages cm Includes bibliographical references and index. ISBN 978-1-119-99474-9 (hardback) 1. Fraud–Prevention. 2. Employee theft–Prevention. 3. Auditing, Internal. I. Gee, Jim, 1957– II. Title. HV6691.G44 2013 658.4–73–dc23 2012045977

A catalogue record for this book is available from the British Library.

ISBN 978-1-119-99474-9 (hardback) ISBN 978-1-118-45425-1 (ebk)

ISBN 978-1-119-96040-9 (ebk) ISBN 978-1-119-96041-6 (ebk)

1

Introduction

In an era of tighter budgets and more competitive markets, organisations are looking for innovative ways to reduce costs and increase profits. Many strategies and innovative ideas have been pursued and advocated by gurus, from contracting out to flatter management structures. Much is made of their potential to achieve what is often described as ‘competitive advantage’.1 Business schools in universities around the world are full of academics who advocate lots of ways to achieve this. One measure, however, has not been on the ‘radar’ of the vast majority – investing in measures to counter fraud. This is largely because fraud is a hidden cost. Frequently it is not measured, or it is gauged using detected fraud losses, which hide the true costs. This book will show that it is reasonable to assume that in most organisations fraud losses are around 5 per cent, something ACFE, through less valid research, have been showing for some time.2 Now consider 5 per cent of the procurement budget or payroll in your organisation; in most cases that would amount to a significant sum of money. The good news is that there are measures to substantially reduce this, and the application of appropriate methods can reap 30 per cent plus reductions in fraud losses. This can be done relatively cheaply, thus producing returns on investment of 12× or more.3 This book will outline a model to achieve this: the professional approach to reducing fraud – the last great hidden cost – to reap competitive advantage.

There are lots of books on the market which tell you how to prevent or investigate fraud. Some of these are very good. However, they all miss one obvious point – fraud is a business cost like staff, capital, marketing etc. All organisations suffer from fraud, even if they think they don't because there have been no detected frauds. Most frauds by their nature are undetected, and fraud costs money. Because of the lack of accurate measurement, it is the last great cost many organisations unknowingly have, which could also be substantially reduced. In the commercial sector this could reap a competitive advantage, and in the increasingly financially strained public sector, it could stave off cuts in services. Countering Fraud for Competitive Advantage (CFCA) therefore offers more than a book on how to prevent and investigate fraud. It offers a completely new way of looking at the problem and a holistic model for countering it.

There are some organisations which don't even compile regular statistics on detected frauds, because they are seen as unusual and rare. Others do use statistics, but focus on detected frauds. Such measures are flawed because many frauds are undetected and many go on for a long time before they are detected. Our research shows that average losses from fraud and error are around 5 per cent. In many organisations this is even higher. So consider an organisation with a $100 million turnover: if they are performing in an average way they could be losing around $5 million to fraud. Now just answer the four questions below about what you are currently doing to counter fraud:

If the answer to any of these is no you are at higher risk of fraud and you are likely to be above average in fraud losses, so the $100 million organisation could be losing well over $5 million to fraud. Similarly consider the traits of an organisation at higher risk from fraud from its staff:

If any of these apply to your organisation you may be at greater risk of fraud. Also consider one of the most common reasons perfectly law-abiding and honest employees turn to fraud: personal financial problems. The USA, UK and many other countries are in the midst of one of the worst recessions since the end of the Second World War. This has led to many people losing their jobs, downgrading to lower-paid work, having to take pay cuts, losing over-time, living in houses with negative equity so they are unable to move, amongst many others. Indeed in America an article on the impact of the recession found that:

Consider some of the impacts on the UK which have been noted:

Consider how many of your staff and families might be experiencing some of the above. Most will not turn to fraud as a consequence, but some will.

CFCA, however, will set out a holistic strategy to counter fraud which has been shown to produce a 12 to 1 return on investment.10 Fraud losses can be reduced at a very reasonable cost and those saved resources can be used to enhance profitability in the commercial sector, or be invested in frontline services in the public and not-for-profit sectors.

This book is aimed at those who run organisations and want them to be more financially healthy and stable. It is aimed at those who directly undertake counter-fraud work and who want to be more effective and see greater tangible results. And it is aimed at all those who suffer from the cost of fraud currently being too high – shareholders whose companies are not as profitable as they might be; employees whose job security is undermined; taxpayers who do not get the quality of public services that they pay for; and those donating to charities where the charitable purpose is undermined. We all have a stake in fraud being tackled effectively.

1.1 BOOK OUTLINE

In the next chapter we begin by considering what fraud is; the diversity of it as well as the scale of it. It will show how diverse it can be as well as how significant a drain it can represent on an organisation. The chapter will also consider what the impact of fraud on an organisation can be.

In Chapter 3 the book considers the fraudster and the culture of fraud. There has been limited interest in fraud amongst researchers, but the chapter unpicks some of the research to reveal types, profiles and the motivation of fraudsters. Culture also plays a very important part in influencing levels of fraud and this chapter examines some of the factors contributing to this.

The resilience of organisations and countries to fraud is the subject of Chapter 4. The chapter shows that resources and attention on fraud at a national level is often lacking. This is also often replicated in the strategies to counter fraud. Data on the quality of organisations' strategies to counter fraud are explored.

In Chapter 5 the book turns to strategies which can be used to reduce fraud. This chapter focuses upon the mechanics of measuring fraud and how this is very important in the overall strategy to counter fraud. The chapter describes the basic principles of fraud measurement and examines how this should shape the overall counter-fraud strategy.

Changing attitudes towards fraud is as important as measures to prevent fraud. There are a very wide range of measures which can be used to achieve these aims. Chapter 6 builds upon the research on fraudsters, as well as the extensive crime prevention research to demonstrate a wide range of tools to prevent fraud and create an anti-fraud culture.

Unfortunately it is never possible to prevent all frauds and those that do occur need to be detected quickly, and investigated to the highest standards. In Chapter 7 the tools to detect and investigate fraud effectively are examined. In doing so the chapter draws upon some of the extensive research from psychology for detecting deception.

Once an investigation has been completed there is a wide range of options open to an organisation to sanction the fraudster and secure redress. Chapter 8 will show that the traditional criminal sanctions are only one of many that a fully equipped counter-fraud professional can use.

Central to this book is making fraud a cost. In Chapter 9 the importance of this metric, as well as many others, is identified. The chapter examines the importance of metrics (or key performance indicators as some call them) and how they can be created for an organisation. Some of the potential drawbacks are also explored.

Much of what is advocated in this book could not be undertaken without professional counter-fraud staff who possess the appropriate knowledge and skills. They are needed to influence the organisation towards this professional approach, to develop the strategy, to lead on developing an anti-fraud culture and prevention, to detect and investigate fraud, to pursue sanctions and redress, and to manage performance. Chapter 10 explores the origin of these functions, what they need to do and why organisations should invest in them.

In the final chapter the model is drawn together and reasonable reductions in fraud losses are applied to the leading companies in the world, the USA, UK, France and Germany. The chapter shows the substantial gains in profitability some companies could achieve if they pursued the professional approach to countering fraud.

END NOTES

1. See for example Porter, M.E. (2004) Competitive Advantage. New York: Free Press; Briggs, R. and Edwards, C. (2006) The Business of Resilience. London: Demos; Champy, J. and Hammer, M. (1993) Reengineering the Corporation: a Manifesto for Business Revolution. New York: Harper Collins; Hamel, G. and Prahalad, C.K. (1996) Competing for the Future. Harvard: Harvard Business School Press. See also http://www.time.com/time/specials/packages/completelist/0,29569,2086680,00.html for the 25 most influential business books.

2. See ACFE (2010) Report to the Nation on Occupational Fraud and Abuse. Austin: ACFE; and Gee, J. Button, M. and Brooks, G. (2011) The Financial Cost of Fraud. What the data from around the world shows. London: PKF/CCFS.

3. NHSCFSMS (2007) Countering Fraud in the NHS: Protecting Resources for Patients. 1999–2006 Performance Statistics. London: CFSMS.

4. Warner, J. (2010) What the Great Recession Has Done to Family Life. New York Times. http://www.nytimes.com/2010/08/08/magazine/08FOB-wwln-t.html.

5. New Policy Institute (2012) Living on the Edge: Pay in Local Government. Retrieved 12 April 2012 from http://www.unison.org.uk/acrobat/5821.pdf.

6. BBC News (2011) Osborne Confirms Pay and Jobs Pain as Growth Slows. Retrieved 12 April 2012 from http://www.bbc.co.uk/news/uk-politics-15931086.

7. BBC News (2012) Business Tracker. Retrieved 12 April 2012 from http://www.bbc.co.uk/news/10604117.

8. BBC News (2012) Economy Tracker. Retrieved 12 April 2012 from http://www.bbc.co.uk/news/10612209.

9. Top News (2010) Impact of the Recession in the Lives of Families. Retrieved 12 April 2012 from http://topnews.us/content/221202-impact-recession-lives-families.

10. NHSCFSMS (2007) op. cit.

2

The Fraud Problem

2.1 INTRODUCTION

In most organisations the fraud problem is under-estimated because senior managers confuse detected levels of fraud with the real level of fraud, and detected levels are often very low or even zero. This chapter will seek to dispel this myth. It will begin by illustrating the fraud iceberg which shows the detected levels of fraud as the small tip above the surface, but with the substantial undetected frauds below the surface. The chapter will then shock the reader with the wide variety of ways fraud can occur in an organisation. The amount of fraud an organisation can expect to suffer from will then be examined. It will show a loss rate of around 5 per cent to be normal, with much higher rates also possible. A brief analysis of recent trends in fraud will be undertaken to highlight the increasing risk. Finally the chapter will consider the impact of fraud and show that the effect upon an organisation is more than financial.

2.2 THE FRAUD PROBLEM

A very common view amongst many senior employees in organisations is that ‘there is no fraud in my patch’. This view is largely driven by the line of thought that if there is no detected fraud, then there can't be any fraud. When the authors discuss their and others' research with senior managers, which suggests levels of fraud around 5 per cent as average, they often just look bemused and cannot comprehend that their organisation could suffer such losses from fraud.

What these and many managers are doing is mistaking detected fraud for the true measure of fraud. Detected fraud, however, is the tip of the iceberg. Many frauds are never detected and many go undetected for a long time (some forever). Indeed the Association of Certified Fraud Examiners (ACFE) estimates that the median length of time internal frauds last before being detected is 18 months.1 Some actions are also disputed as to whether they are fraud, but may well come close to it. By its very nature most fraud is invisible with the malefactor determined to hide all traces of it. Thus what will be the real situation in most organisations is a tiny number of detected frauds and a substantially larger number of undetected frauds, as the pyramid in Figure 2.1 illustrates.

2.2.1 What is Fraud?

Fraud encompasses a wide range of behaviours. What unites most definitions is the act of deception to perpetrate the crime; as Wells argues, fraud is ‘any crime which uses deception as its principal modus operandi’.2 Legally there is also the distinction between civil and criminal definitions. The starting point for civil law definitions of fraud in England and Wales is the case of Derry v Peek (1889) (UK House of Lords). Here, Lord Herschell, giving judgement on the case, defined ‘fraud’ to include a false statement ‘made knowingly, or without belief in its truth, or recklessly, careless whether it be true or false’. This definition covers a number of possibilities, ranging from:

In 2005 the Swiss Institute of Comparative Law provided the following definition, which broadly follows the English law:

Civil fraud is the use or presentation of false, incorrect or incomplete statements and/or documents, or the non-disclosure of information in violation of a legally enforceable obligation to disclose, having as its effect the misappropriation or wrongful retention of funds or property of others, or their misuse for purposes other than those specified.3

In England and Wales the criminal definition of fraud has been codified with the passage of the Fraud Act 2006.4 There are a huge number of advantages this new law brings and there is much to debate about the use of it. As this book is aimed at an international audience, only the main provisions of it will be outlined. Those interested in it further should review Farrell et al.'s book.5 This sets out a number of ways in which fraud can be committed:

The legislation also set out a series of other offences such as:

In addition to this the old common law offence of conspiracy to defraud was maintained, which gives wide scope to the potential behaviours when two or more are acting together. Various fraud-related offences in sectors/activities were also maintained in social security, elections, forgery and counterfeiting, false accounting, insider dealing, etc.

It is also common to link fraud with corruption. Corruption is also very broad, covering a wide range of behaviours. The Asian Development Bank defines corruption as:

… behaviour on the part of officials in the public and private sectors, in which they improperly and unlawfully enrich themselves and/or those close to them, or induce others to do so, by misusing the position in which they are placed.6

Central to corruption is bribery, where a person covertly pays someone in a position of power to act in a particular way, where such payments are not allowed. Clearly there are elements of fraud where a person in a position of responsibility abuses that position by accepting a bribe. Thus many examples of occupational fraud where an employee is involved can also be seen as corruption. But the person paying the bribe may not be committing a fraud. There are also many frauds committed which do not involve the abuse of a position of responsibility, such as an external person submitting false invoices to a company to be paid. It is important to note that this book is focused upon fraud, but that clearly because of the overlap (see Figure 2.2) corruption is considered as well. It is not the intention, however, to become deeply involved in the different aspects of corruption.

It would now seem appropriate after this brief legal description of fraud to consider the huge variety of fraud, by illustrating some of the many diverse types.

2.2.2 Types of Fraud

Senior managers in organisations therefore need to be aware that there are numerous ways employees, contractors, suppliers, clients, etc. can defraud their organisation if they do not have an appropriate counter-fraud strategy in place. Fraudsters are often very creative and there is a risk in virtually every aspect of a business. To illustrate this we will now identify 43 ways that fraud can occur in an organisation. This list is by no means exhaustive.

It is important to note that the list above is not exhaustive. Fraud is a dynamic crime which is constantly changing with fraudsters identifying new ways to perpetrate it. Now if we return to the sceptical senior manager in an organisation and ask the question: does their organisation suffer from fraud? Can they really go through the above list of frauds and – just because none have been detected – honestly say that none of these are occurring? The reality is that in most organisations it will vary according to a variety of factors which will gradually be unfolded in this book. But almost all will have a good number of these frauds occurring. Every year PKF produces a list of the 10 worst frauds. Below in the box are the bottom five from 2011 – which also illustrates the diversity of the risk of fraud. The next section will draw upon research to illustrate how much fraud an organisation can expect to have.

2.3 THE EXTENT OF FRAUD

The discussion of fraud above sheds some light on the challenges of measuring fraud. This section will now illustrate, using a variety of measures, the likely scale of the problem of fraud in an organisation. Broadly there are two types of indicators of fraud: those that identify the number of frauds and those that gauge the financial losses from fraud. These can be further divided between detected and estimated.

The most common and the most flawed indicators of levels of fraud are detected frauds. These are usually presented as the number of frauds detected and the losses from each. Some organisations might only present one or the other. Many organisations keep statistics illustrating their detected frauds (this is at least better than some organisations, which don't even compile statistics on detected losses). As demonstrated above, these do not offer a realistic measure of the actual size of the problem because the vast majority of frauds are usually undetected. Understandably, many organisations that keep these statistics do not publish them. It is generally in the public sector where one can find this type of data published, for reasons of public accountability and transparency.

In the UK, HM Treasury Department used to conduct an annual survey among Government Departments and other central public bodies of detected internal fraud (amongst other issues related to fraud).8 In the last survey, conducted in 2008–9, of the 45 bodies that responded, 20 entered a nil return. These are bodies with budgets of millions and billions of pounds employing hundreds and thousands of staff. Even among those that detected fraud, of the 25 who did report it there were a total of 1,320 cases amounting to just over £4.2 million.9 This is in reality likely to be the tip of the iceberg, because the vast majority of frauds go undetected.

Overseas aid is an area of expenditure well known for the risk of fraud and corruption. Many countries who give aid do not publish statistics on the extent of fraud. One of the few is Australia. AusAID is the body responsible and its approach to fraud is laid out in its Fraud Policy Statement and figures are given in its annual Fraud Fact Sheet.10 During 2010–11 125 cases of alleged, suspected or detected fraud were reported to AusAID. In addition, a further 24 potential instances were reported during the year, but were found not to have involved fraud or not to have involved AusAID. It is likely that, as the remaining active cases are further investigated, some additional cases will be found not to have involved fraud and/or AusAID. AusAID estimates that the amount involved in the 125 2010–11 cases is AUD $1.6m. Of this amount, AUD $400,000 had been recovered or prevented from being lost and the potential net loss to AusAID is therefore estimated to be approximately AUD $1.26m. This represents 0.028 per cent of the $4.498 billion appropriated to AusAID in 2010–11, a percentage consistent with previous years (0.02 per cent). Given the risk of fraud in this area, this is likely to under-estimate the true extent of fraud in this area.

More realistic measures are those which seek to gauge the extent of fraud beyond the detected frauds. Some of these surveys are, however, based upon unsound methodologies, as they ask the respondent to guess the size of the fraud problem in their organisation. By their very methodology, therefore, they are not truly accurate. The most salient example of this type of report is the ACFE Report to the Nation, which is regularly published. Prior to the 2010 report it focused upon the USA, but this report now provides a global picture. ACFE ask respondents to estimate the losses to fraud their organisation suffers as a percentage. In the 2012 report the median response was 5 per cent which if translated across the world would amount to $3.5 trillion.11 Clearly one has to be careful of research based upon estimates, although the 5 per cent figure is similar to the authors' estimate which will be shortly discussed.

The most accurate measures of fraud are fraud loss measurement exercises. This will be the subject of much more depth in Chapter 5. The principles of these measures are focusing upon a particular type of transaction, such as procurement expenditure, then identifying a statistically valid sample of transactions, investigating them to a higher standard than normal auditing processes to identify whether they are fraudulent or not. From this it is possible to identify the numbers of frauds (Fraud Frequency Rate – FFR) and losses (Percentage Loss Rate – PLR) to a particular level of statistical confidence.12

The authors (along with Graham Brooks) have assessed 203 exercises to accurately measure fraud and error losses, covering 32 different types of expenditure totalling almost £800 billion, in 44 organisations from nine countries. Including the types of expenditure where exercises have been repeated, they have examined a total of expenditure valued at £5 trillion, sterling equivalent. From this we found the PLR was found to be between 0.12 and 10.60 per cent with an average PLR of 5.67 per cent as shown in Figure 2.3. To further analyse this, the authors broke this down into exercises showing less than 3 per cent, 3 to 8 per cent and over 8 per cent. As Figure 2.4 illustrates, around 70 per cent of the exercises showed PLR figures of more than 3 per cent with a quarter with a PLR over 8 per cent.13

The first report on the financial cost of fraud also assessed FFR. The range of FFR was found to be between 0.47 and 9.6 per cent, with an average FFR of 4.28 per cent as shown in Figure 2.5. There was a much more common grouping on this criterion with 90 per cent of exercises assessed recording a FFR of 3 to 8 per cent, and only 1.67 per cent recording over 8 per cent as shown in Figure 2.6. Given the dominance of the 3 to 8 per cent this may suggest that a fraud and error rate of between 3 to 8 per cent is the norm.14

A significant finding was that organisations that repeated the fraud measurement exercises tended to a show a reduction in the PLR. The average PLR when first measured has been found to be 5.40 per cent; the average PLR when last measured was found to be 4.61 per cent as shown in Figure 2.7. This represents an average reduction of just under 15 per cent. The authors would argue that once an organisation discovers an accurate measure of fraud losses this acts as an incentive and spur to introduce measures to reduce fraud losses. It also shows that fraud can be reduced and that in many organisations a saving of 15 per cent of fraud losses would amount to a significant sum of money. This book will also show later how savings of 40 per cent are not unreasonable to achieve.