Fraud Prevention in the Manufacturing Industry
According to a 2022 survey from the Association of Certified Fraud Examiners, the median financial loss for manufacturing companies due to occupational fraud is approximately $177,000. Most of the fraud schemes at companies, regardless of industry, involve the human element of corruption or collusion. This commonality is due to the fact that many perpetuators operate their scheme by working around or overriding existing internal controls. Understanding the nature by which fraud can be perpetrated can help a Company design strong entity-level controls to prevent or detect fraud.
The second most common category of fraud schemes impacting the manufacturing industry is billing schemes. More than a quarter of manufacturing companies affected by fraud are impacted by billing schemes, which is an asset misappropriation scheme commonly manifested through fraudulent disbursements. In a billing scheme, a fraudster typically submits a fictitious invoice or alters the payment information of a valid invoice to induce a victim company to either make payments that should not be made or should not be made to the fraudster. Across all of the asset misappropriation frauds, billing schemes incur the largest median loss, are the most common, and last the longest before detection.
Understanding why and how these billing schemes occur is critical in determining what your company can do to prevent and detect them. Individuals committing occupational fraud are motivated to do so when three elements, referred to as the ‘fraud triangle’, exist: (1) some kind of perceived pressure, (2) some kind of perceived opportunity, and (3) some way to rationalize the fraud as not inconsistent with the individual’s values. Owners and management have the most control over the opportunity for individuals to carry out a fraud scheme by designing and implementing effective internal controls at the entity and activity levels.
Entity Level Controls
The Committee of Sponsoring Organizations of the Treadway Commission provide an internal control framework through five interrelated components, commonly referred to as entity level controls:
- Control Environment – which forms the foundation for all other components of internal control, providing discipline and structure.
- Risk Assessment – a company should identify and analyze the risks, including fraud risks, relating to achieving its objectives.
- Control Activities – are the actions established through policies and procedures that help ensure that management’s directives to mitigate risks are carried out.
- Information and Communication – relevant and quality information must be identified, captured, and communicated in a form and timeframe that enables people to carry out their responsibilities.
- Monitoring Activities – the entire system of internal control should be monitored and modifications made as necessary.
These five components are interdependent. They help provide a framework for manufacturers to design controls at the activity level (e.g., segregation of duties for cash receipts and cash application) and communicate the importance of ethical behavior in an entity. Entity level controls include such considerations as commitment to integrity and ethical values, anti-fraud policies and training, oversight by the board of directors, whistleblower/ethics hotline, and tone at the top. These entity level controls will reduce the fraud risk related to collusion but sadly won’t eliminate it.
Earlier on we discussed the frequency and magnitude of frauds perpetrated through billing schemes at manufacturing companies. To mitigate fraud risk at the business process level, like those involving cash payments, manufacturers should design and implement control activities to both prevent and detect errors and fraud based on the flow of the company’s financial information and transactions. Specifically for billing schemes, internal controls such as segregation of duties, positive pay for vendor payments, new vendor approval and setup safeguards/authorizations, purchase order approval, and vendor payment audits can mitigate fraud risk when properly designed.
Sadly, there isn’t a fool-proof one size fits all solution to mitigating fraud at manufacturing companies either at the entity or business process level, but when a company has a sound control environment, dynamic and continual monitoring, and robust system of control activities they are well suited to lower fraud losses and enable quicker fraud detection.