How do you spot a fraudulent employee? Hitesh Patel gives some guidelines

As long as the motivation for employees to commit fraud exists, companies will never be able to fully eradicate its impact. However, there is much that can be done to spot the warning signs that a fraud may be occurring, and to reduce the opportunity for crime by creating the right anti-fraud environment, as well as proactively addressing the risks.

According to KPMG's Fraud Barometer, a third of all the fraud cases committed in 2004 were carried out by management and employees. They defrauded their employers of approximately £106 m. The research revealed a growing problem of workers processing payments to bogus companies, or adding non-existent workers to the payroll. Last year, UK businesses paid several million pounds to phantom workers and almost £70m in bogus invoices. Stealing or forging company cheques also remained a popular way to remove money from a business.

Why do employees choose to commit fraud?

There are several reasons why an employee chooses to commit fraud. Personal gain is the most common. External pressures are also a trigger, for example if the perpetrator has got into financial difficulties. A weak control environment is a primary motivator because it can be easily exploited by a fraudster who, operating alone or in alliance with others, can circumvent controls.

There are two common types of fraud. Firstly there is the theft of assets, tangible or intangible, from a business. Secondly, there is the manipulation of financial statements by a company's management, in order to conceal losses or boost low profits. In prosperous times the business may have sufficient reserves to withstand a fraud, but in a downturn cash may be tight, making any significant loss a threat to the continued existence of the business. Even if the fraud is identified, it is often too late to stem the losses and save the business.

Last year, KPMG commissioned a 'Fraud in the Workplace' survey to find out how many people had witnessed dishonest behaviour at work. Incidents of wrong-doing or fraud, perpetrated either by colleagues or management, had been witnessed by some 44% of workers. However, only 17% said that they would definitely report someone they suspected of wrong-doing in their workplace.

The warning signs are often apparent; the key is knowing how to spot them.

How to spot a potential fraudster

KPMG recently analysed fraud cases over a two year period to try and build a profile of a fraudster. The most alarming finding from this study was the seniority of the perpetrators - directors or senior managers committed almost two thirds of the 100 fraud cases surveyed. They were often long serving employees: 32% of them had been working for their companies for between 10 and 25 years. And they tended not to operate alone - in more than half of all the cases (51%) two to five parties were involved in the fraud, compared with only a third of cases carried out by the perpetrator alone. The number of people involved (more than five people in 10% of cases) indicates that fraud can be endemic within some departments, and consequently more difficult to detect. In one case, 207 individuals were involved in a single fraud.

Men are overwhelmingly more likely to perpetrate fraud than women, with nearly 70% of cases only involving a man. This compares with only 2% of cases involving a woman working alone. The age of the principal fraudster was typically between 36 and 45 years old (39% of cases). People aged between 46 and 55 years old were involved in 29% of cases. Those aged between 18 and 25 made up only 1% of perpetrators.

The most likely business function for a fraudster to work in is the finance department (42% of cases), with procurement the next most likely area with 12.5% of frauds surveyed. One in 10 frauds occurred in the sales department.

Employee behaviour

There are certain key behavioural characteristics which, when taken in context of the environment they operate in, should raise suspicions of potential impropriety within an organisation.


- certain customers or suppliers dealt with exclusively by one employee
- disproportionate amount of entertainment expenditure on certain business contacts
- personal purchases (holidays, cars) not matching known financial circumstances or salary
- refusal to take holiday entitlement
- evasive or complicated answers to routine queries
- mundane tasks retained rather than delegated
- performance levels out of proportion with competence or equally able colleagues
- recruitment of poor quality team members
- unnecessarily confusing or complex transactions undertaken
- actions and decisions with no clear purpose
- autocratic management style


- low morale, high staff turnover
- poor employee attitude to internal controls and disrespect for systems
- overriding management attitude of results at all costs
- regular failure to follow company procedure or policy.

To a forensic investigator these behavioural indicators provide signposts to where evidence of a fraud is likely to be found.

So, is it reasonable to conclude that all workers and managers are potential crooks? What has prompted this rise in dishonest behaviour, and what should companies be doing to protect themselves?

Clearly there is always a grey area. For example, how seriously should the occasional disappearance of stationery be taken? However, what is clearly evident is that in the current environment, incidents of more serious fraud are on the increase.

What impact has company culture on fraud?

The simple answer is a great deal. Senior management must lead by example if they are to expect good behaviour from their staff. This can make a significant contribution to reducing the risk of fraud in their businesses.

The so-called 'tone at the top' and the setting of clear codes of conduct is crucial if employees are to make the connection between the wrong-doing they may see amongst their colleagues, and the success of the companies they work for.

The KPMG 'Fraud in the Workplace' survey showed that such cultural best practices are not widespread enough. When asked whether they believed that the management at their companies set a good example for honest behaviour, 43% said that 'some were more trustworthy than others', and 12% stated that management did not set a good example.

Worryingly, 47% of workers surveyed had witnessed bullying either towards themselves or others. Trust, loyalty and honesty are hardly likely to flourish in this type of environment. The behaviour that management exhibit becomes 'the way we do things around here' - and that can work against the company as well as for it.

Assess your risks

It is essential that businesses adopt a proactive approach to the identification and assessment of fraud. One approach adopted in both the public and private sectors is fraud risk assessment (FRA). This method considers both internal and external fraud risks, seeks to ensure that the organisation concerned is involved in fraud risk identification and prevention, and heightens awareness on appropriate fraud prevention.

Workshops are an important part of this approach. These are usually interactive sessions with experienced commercial fraud risk specialists. They are able to extract potential risk from fraud by skilled probing and develop pragmatic fraud mitigation solutions.

Fraud risk assessment should not only be proactive and practical, but should also provide effective and flexible solutions. Excessive rigidity may provide the fraudster with an opportunity to circumvent controls or avoid detection. The potential fraudster should also be deterred by effective communication of the penalties for those caught committing fraud within the organisation.

Unfortunately, a significant number of organisations do not have an accurate idea of their overall fraud risk profile. Nor do they deal with the most basic issue, namely that most frauds are committed by dishonest people within the organisation. When reviewing the effectiveness of any control system, one must look at the situation from the fraudster's perspective and ask the simple question 'If I worked in this position, what personal financial gain could I make?' It is also crucial to identify where in the organisation the greatest fraud risks exist. Management should produce a considered and comprehensive fraud response plan, which should be reviewed and updated on a regular basis. An organisation cannot afford to ignore these risks or be anything other than highly diligent.


Many company directors may believe that their internal controls are robust enough to pick up fraud; however they have often been left sorely disappointed.

Our recent whistle-blowing study found that 50% of fraud is uncovered by an employee whistle-blower, an anonymous tip-off, or by an external third party. Only a quarter was detected by a management review. The survey also found that four out of 10 employees suspected that a fraud was occurring, but took no action.

This highlights the importance of an effective whistle-blowing policy as a weapon in the fight against fraud. It is important that staff are not only aware that such a policy is in place, but know that any suspicions of fraud they report will be kept strictly confidential and the matter dealt with robustly.

Reducing the risk

It is important for all businesses to maintain an ongoing programme of fraud risk assessment, as this is not an issue which only applies to huge multinational companies. Regular testing of key controls against the key fraud risks will identify potential weaknesses in the system. Those involved in assessing these risks must have the right skills, tools and methodologies to tackle the continuing and ever-more sophisticated threats posed by the modern fraudsters

Hitesh Patel is director of fraud services with KPMG's Forensic Services, Tel: 020 7311 1000


Examples of specific fraud risks include:

- fraudulent diversion of funds
- fraudulently creating and approving purchases
- falsifying, either individually or in collusion with another, the financial accounts to enable the payment of salary, incentives or the exercising of share options
- external parties falsifying the provision of goods or services
- the unauthorised sale or transfer of intellectual property.


Solutions to these risks include, but are not limited to:

- implementing proactive and targeted fraud vulnerability reviews
- enhancing or amending existing internal controls to match the dynamics of the business function
- reviewing segregation of duties, taking into account the individual businesses operations
- use of software-driven monitoring and control systems, which generate exception reports
- setting and communicating clear, delegated authorities for all levels of the business
- enhancing the use of existing reporting mechanisms