Occupational fraud is an ever-increasing cost to organizations in the United States and worldwide. The Association of Certified Fraud Examiners (ACFE) estimates that a typical organization loses approximately 5 percent of its gross revenues to fraud annually, that's $2.9 trillion in gross world product.

So what does this mean to an average U.S. company? According to the ACFE, more than 56 percent of the cases investigated and reported during 2009 and 2010 occurred in the U.S. Th e U.S. had the lowest median loss per case at $105,000, with the majority of fraud schemes involving cash misappropriation. Europe had the highest median loss of $600,000 with the highest amount of fraud schemes involving corruption. A startling 25 percent of the cases investigated from 2007-2010 resulted in losses in excess of $1 million, with the typical fraud scheme underway at least two years prior to its detection. Small businesses in the U.S. are particularly vulnerable and realized significantly higher median loss per case at $150,000.

Larger and medium-sized organizations tend to have integrated financial systems that replace manual processes typically found in smaller organizations. An integrated system serves operational and anti-fraud control purposes. Solid financial systems have controls built within that help ensure that subledgers reconcile to the general ledger, transactions cannot be reopened and subsequently modified, and most importantly a sophisticated audit trail. Audit trails keep a history of transactions, changes to transactions and identifies the person involved and date and time of transactions. These trails enable critical forensic examiners to research questionable transactions.

Increase anti-fraud controls

Anti-fraud internal controls in the following areas can help all businesses reduce their fraud risks:

• Cash schemes - Billing, skimming, larcenies, check tampering, cash on hand, register disbursements and payments to employees (expense reimbursement, benefits and payroll)
• Non-cash - Inventory
• Financial statement frauds

Understand occupational fraud

A solid anti-fraud program can reduce risk, deter employees considering fraudulent activities, provide a mechanism for reporting suspected fraud, and demonstrate the organization's intolerance policy. Anti-fraud measures and internal controls should be customized based on specific risks faced by the organization and its operations.

The following fairly standard controls can easily be tailored and implemented quickly and cost-effectively to help companies reduce their risk of fraud:

Fraud risk reductions

Code of business conduct and ethics

Establish a code of business conduct and ethics and disseminate it to all employees annually for review and sign off . The code promotes honesty, ethics and integrity within the organization, with demonstrated action by the senior officials and modeled by each and every employee. Consult with your legal counsel before releasing your company code to ensure it complies with applicable federal and state laws.

Employee handbook
Employee handbooks provide written guidance of the company's policies. Handbooks may also contain methods to report violations of company policies. Again, consult with your legal counsel to ensure federal and state employment law compliance.

Background checks
Verify an applicant's prior employment history and education as well as involvement in any criminal and civil action. Oftentimes individuals who committed fraudulent actions at a prior employer were not criminally prosecuted. However, they may have been sued for damages in a civil action.

Job rotation and mandatory vacations
Requiring job rotation and mandatory vacations is one of the most impactful anti-fraud controls a company can implement. Most asset misappropriation fraud schemes occur for a considerable period of time prior to detection, generally 18 to 24 months, and need constant attention from the perpetrator to avoid discovery.

Monitoring of bookkeeping
Careful monitoring of bookkeeping services performed by an outsourced service provider is essential. Bookkeepers have access to cash receipts, cash disbursements and payroll processing, areas at high risk of fraud. Management should consider requiring the firm to provide proof of professional liability insurance. In addition, conduct background checks on any individual the bookkeeping firm has working on your account, including verification of their current CPA license with the Board of Accountancy. Monitor individuals without CPA licensure to ensure they have the proper accounting knowledge to perform these services. Currently, there are no licensing requirements for bookkeeping services so additional diligence is practical.

What should you do if you suspect fraud?

Employee should discuss concerns with their immediate supervisor. If you believe your supervisor might be involved, consider following the organization's procedures for reporting concerns related to accounting, auditing and internal accounting controls. Be as specific as possible, include the names of individuals you believe are involved, dates the transactions occurred, identify information about the transactions (e.g., vendor name, vendor invoice number, journal entry reference number) and why you believe the transactions were inappropriate.

Most organizations have a non-retaliation policy for reporting in good faith and mechanisms to research and resolve reports of accounting, auditing and internal accounting control concerns. If your organization does not have a reporting mechanism, consider discussing your concerns with another member of management.

If you are part of a CPA firm hired by the organization, discuss your concerns within the hierarchy of the firm. If you are the firm owner, discuss your concerns with your client. These conversations can be a difficult; approach them with caution and thought. Whether you discuss your concerns internally within the firm or directly with the client, provide specific examples of the transactions. Focus on why the transactions concern you rather than focusing on the individual or individuals who may have been involved. Your client should discuss the matter with their legal counsel.

Business owners think fraud will never happen in their company, and when it does, it can be devastating, both financially and through violation of trust. Oftentimes the fraudster is in a position of trust and has been with the company for several years. You are in the role of trusted advisor with a fiduciary responsibility to your client. You must balance this responsibility with the risks you encounter if the person is innocent. Determination of fraud is the role of a judge or jury during criminal prosecution.

A proactive approach to fraud prevention reduces your company or your clients' risk, protects their investment and conveys a high standard of ethics and integrity within the organization. CPAs and internal audit experts play a critical role in designing the appropriate internal controls based on the size and type of organization as well as your product or service provided.

Abigail Grenfell is president of Internal Control & Anti-Fraud Experts, LLC, a firm specializing in fraud prevention, detection and investigation, development of anti-fraud programs, design and assessment of internal controls. She is a member of the MNCPA and can be reached at abby.grenfell@icafemn.com.