Skip to content

Inside job: guarding against business fraud

Fraud is a crime of opportunity. More often than not, it’s also personal, which leaves private enterprises particularly vulnerable.
Laurie Bissonette, CA, is a partner with KPMG Enterprise. She can be reached at 705-669-2521 or

Fraud is a crime of opportunity. More often than not, it’s also personal, which leaves private enterprises particularly vulnerable.

The sense of betrayal can run deep, especially in companies that have fostered a culture based on close personal ties in which employees are considered friends, leading to a loss of trust and reputation as well as potentially devastating financial consequences, not to mention diverting attention and effort away from running the business and making it successful.

Entrepreneurial businesses are often at greater risk because they lack many of the basic controls needed to minimize and detect frauds.

They have not set up internal systems to do so, either because of a lack of expertise or time. These employers tend to develop deeper personal relationships with their employees and are thus more inclined to entrust them with significant responsibilities, such as allowing them to work independently, and in many cases, handle a broad cross-section of tasks that would never be allowed in larger enterprises, such as opening mail, making deposits, reconciling expenses and bank statements.

A recent KPMG study, Who is the typical fraudster?, looked at hundreds of cases worldwide, including Canada, in order to help identify the characteristics and methods of fraudsters.

It found that the typical criminal profile was a male employee, 36 to 45 years old, working in a finance-related role who conspires with another perpetrator. Not surprisingly, the primary reason most frauds occurred in the first place was an ability to exploit weaknesses in internal controls.

Along with opportunity, motive is the other risk factor. I will admit that we have seen fraud in recent years where the criminal did not meet this profile—but I thought it would prove interesting. While the majority of fraudulent acts are attempts to conceal losses or poor performance, the overriding motivation is greed often fueled by an addiction or financial crisis. Psychological factors also play a key role in enabling people to rationalize their behaviour. For example, they convince themselves they’re being denied their fair share, or are simply “borrowing” funds that they intend to repay later.

While it’s the large frauds that make the headlines, smaller crimes, including forging cheques, paying falsified invoices, manipulating payrolls and host of other schemes are all too common.

Cybercrime is also on the rise as criminals shift their focus away from consumers to finding ways of stealing the online banking credentials of businesses, primarily because there is more money in corporate bank accounts to plunder.

Many businesses that do not have the wherewithal to detect or deal with fraud are quick to accept defeat rather than taking necessary and simple precautions to defend themselves.

As with larger enterprises, there are steps any size business can take to mitigate these risks:

1. Don’t have a single person controlling all your financial assets.

2. Make sure you have access to your e-banking activity and check your accounts regularly.

3. Insist upon monthly statement reporting and financial reviews.

4. Do not sign blank cheques!!!

5. Perform regular independent reviews of financial activities.

6. Do background checks on new hires.

7. Watch for any unusual change in employee behaviour,signs of stress, etc.

8. Implement a confidential ‘whistleblower’ program for employees to share concerns.

Sadly, while trusted insiders perpetrate most types of fraud, segregation of duties and management supported by wellstructured policies and processes will go a long way to preventing potential abuses.