As business processes and employee spending become more complex in today’s rapidly evolving business climate, issues around compliance and fraud are following suit. Many organizations currently perceive that their policies and processes are “good enough”—likely because they not yet needed to contend with security breaches or other compliance issues. However, today’s business world has changed, and the way finance departments manage spend needs to change with it.
Employee behavior has complicated spend management
Employees today are spending more money across more categories and using more payment methods than ever before. Additionally, suppliers are developing direct and personal relationships with employees, and the consumer-focused technology used to make purchases is the new normal. This behavior is what we call “employee-initiated spend,” and the influx of channels of employee spend creates numerous points of potential risk for accidental or intentional policy violations and fraud, without a capacity to capture spend across all categories and from all suppliers:
- 37% of business travelers have had at least one exception on their T&E reports.
- US$2,448 was the average reimbursement amount requested by employees who submit fraudulent claims.
Additionally, travel vendor choices and payment methods are continually expanding:
- Mobile payments volume is expected to triple to $282 billion by 2021
- $20 billion in gross bookings on Uber in 2016
- $77 million worth of Airbnb stays – more than 320,000 expenses – by end users of SAP Concur solutions in a recent two-year period
Travel expense is vulnerable to fraud and compliance risks
The Association of Certified Fraud Examiners (ACFE) conducts a study every two years on the topic of occupational fraud—when employees are the perpetrators of schemes defrauding their organizations. Asset misappropriation was by far the most common form of occupational fraud, occurring in more than 83% of cases and resulting in a median loss of $125,000. Examples of asset misappropriation include employees embezzling company assets, falsifying timecards, and padding travel and expense claims.
The ACFE has identified travel fraud schemes occurring at organizations today, including:
- Profitable per-diems: Fraudulent activity can occur when even ethical travelers use only a small portion of the daily allowance (per-diem) and pocket the rest.
- Mileage padding: Without proper controls in place, it’s difficult to validate mileage claims, especially if you’re still utilizing a manual log instead of GPS tracking capabilities. This leaves the door open for fraud perpetrators to pad by a little or a lot.
- Fake expenses: If your policy does not require a receipt for expenses under a certain amount, employees could take advantage of it. For example, they could submit an expense for breakfast under the limit amount without a receipt, when in fact, they ate breakfast free at the hotel.
- Unused airline tickets: Fraudulent activity occurs when a ticket has been booked for a business trip that gets canceled or rescheduled, then the employee books and claims a second ticket instead of paying a small fee to cancel or rebook on the first ticket. Now, the employee has a free airline trip at the expense of your organization.
- Last-minute flight bookings: The closer to a travel date a ticket is purchased, the more it costs – and frequent travelers will know that more expensive tickets are easier to upgrade. The cost of the ticket opens the door for an opportunist to obtain upgrades and rewards by booking travel at the last minute.
Additionally, difficult-to-detect expense fraud schemes include:
- Double-dipping: This occurs when an expense is claimed twice. For example, if two employees dine together and each gets a receipt for the total bill, both employees can claim the entire meal instead of only their own meal.
- Pattern identification: Without an integrated spend management system in place, you miss a huge opportunity for reporting capabilities to analyze and uncover spend patterns and prevent fraud that is hard to detect.
- Schemes that work across different financial systems (AP, T&E, P-card): Opportunists will inevitably continue to find new ways to defraud a singular system. Therefore, predictive learning across multiple systems will help you catch fraudulent activity and patterns – whether it’s a T&E or corporate card scheme – by pulling in data from your CRM, accounting systems, and more.
Fraud and compliance violations are expensive
With the overwhelming number of regulations and standards globally, it’s challenging for organizations to have confidence in their spend data for ensuring compliance. It’s now more critical than ever to put the right technology in place to detect and prevent risks around fraud and compliance. Without the right systems, it takes a lot of time and resources to build and maintain the expertise required just to understand all the regulations and policies necessary to create a culture of compliance.
Noncompliance with government rules and regulations is not an option for any organization. Furthermore, not playing by the rules can lead to crippling fines, property seizure, incarceration, and more.
Top fraud expenses organizations incur include:
- 5% of a typical organization’s annual revenues are lost due to fraud.
- 83% of fraud cases involve asset misappropriation, including padding T&E claims.
- $154,000 is the median loss from asset misappropriation.
Top penalties for Foreign Corrupt Practices Act (FCPA) violations include:
- $965 million by a European telco
- $800 million by a multinational technology company
- $795 million by a global telecom company
Monetary loss is not the only risk that fraud and noncompliance can bring to an organization. Reputational risks and legal ramifications can be worse than losing money.
- Risk to reputation: In 40.7% of cases analyzed by the ACFE, the victim organization decided not to refer fraud cases to law enforcement due to the fear of bad publicity; loss of confidence with the board, partners, and shareholders; and potential employee fallout.
- Legal ramifications: FCPA violations can cast a three-year cloud over a company under investigation of fraud, and the overall cost can reach 9% of profit before accounting for interest, taxes, and depreciation over that time period.
Safeguards are essential
When employees accidentally violate the rules, or worse, commit outright fraud, the cost can be substantial, and your organization is exposed to unnecessary risk.
- Organizations with anti-fraud safeguards detected fraud up to 50% more quickly.
- Anti-fraud safeguards can lower fraud losses as much as 54%.
Fraud and compliance risks exist at every organization of every size, of every industry, and in every location. To learn more, download the infographic Minimizing Fraud, Maximizing Compliance.
This article originally appeared in the SAP Concur Newsroom and is republished by permission.