Self-Reporting: 'Fess Up and Move On


James D. Ratley, CFE
ACFE President and CEO

When we were kids, we always knew we had choices. When we fibbed to our parents, we could wait for the truth to emerge, or we could quickly go back to them and come clean with all the details. Our choices: harsh punishment or a possible lighter sentence.

Large U.S. conglomerates have a similar problem. As they acquire companies around the globe and transform them into subsidiaries, they often have to reconfigure them to conform to U.S. laws and regulations such as the Foreign Corrupt Practices Act and the Sarbanes-Oxley Act. Now, that's not necessarily the hardest part. Policing those subsidiaries is much more difficult.

Let's say that years later a whistleblower from one of the subsidiaries reports to the company widespread corruption — a resurrected remnant of long-followed practices. What does the conglomerate do? Manage its risks, keep the infractions under wraps and work to clean up the mess? Or report the problems immediately to the U.S. Department of Justice?

In our latest Fraud Magazine cover article, Leslie R. Caldwell, assistant U.S. attorney general for the DOJ's Criminal Division, in essence, says go for the second option: 'Fess up and make amends — quickly.

"We encourage companies, particularly public companies, if they discover a significant compliance problem that also is a significant criminal issue to self-report to the Department of Justice," Caldwell says during a recent Fraud Magazine interview. Caldwell will be a keynote speaker at the 26th Annual ACFE Global Fraud Conference, June 14-19 in Baltimore, Maryland. 

"We encourage them to cooperate with us in our investigation," Caldwell says. "And they should be prepared to give us the relevant facts, documents and evidence in a timely fashion. They should include who is responsible for what went wrong and what these individuals did in the form of facts, not in the form of opinions or privileged attorney-client information. It's very important for companies to understand that they tell us which employees did what — even if it's senior executives."

Of course, a corporation's first responsibility is to avoid a situation in which it has to self-report. But if it finds itself in a legal bind, it should lace up its running shoes and race to the DOJ.

How Fraud Can Creep Into the Tiniest of Fractures During Change and Transition


Comcast and Time Warner Cable. AT&T and DirecTV. Facebook and WhatsApp. In 2014, mergers and acquisitions were particularly prevalent, and these three deals made notable headlines. And for most corporations, organizational transformation enables adaptation to an ever-changing global business environment. However, change can also expose companies to significant financial, occupational and compliance fraud risks.

In the newest article on, Chris Dogas, CFE, CPA, CRMA, explores the internal control structure of large corporations during a transition and how fraud can creep into even the tiniest of fractures. Using real-world case studies and the Fraud Triangle, Dogas provides valuable insight into how executives and employees find opportunities to commit fraud during times of change. He also outlines key steps that senior management and corporate boards can take to control risk.

Here are some points of action that management and boards in changing organizations should heed:

  1. Maintain effective corporate governance and periodically communicate key governance activities to employees to remind them that despite the transition, the corporation continues to implement internal controls and it requires compliance with them. Governance activities could include audit committee meetings to review internal controls, including interactions with external and internal auditors.
  2. Maintain strong company-level controls. This includes strong Tone at the Top, hiring practices (such as background checks), training and retaining clear policies and procedures.
  3. Maintain and promote strong anti-fraud controls, including internal control risk assessments, fraud risk assessments and an incident hotline. The ACFE's 2014 Report to the Nations states that tips continue to be the primary method of fraud detection in 42 percent of incidents. When organizations identify violations, they should communicate to employees the nature of the incidents and the related disciplinary decisions and actions.
  4. Perform monitoring activities, including internal control reviews, internal audits and segregation of duties reviews.
  5. Most importantly, actively involve internal control and anti-fraud professionals during the integration process (i.e. planning, strategy integration meetings and discussions). These experts can perform risk assessments and identify leading indicators of weakening controls. They also can provide advice on remediation. Their involvement sends messages to the rest of the management team, and the whole organization overall, that the company continues to adhere to its internal control structure.

You can read more from Dogas in the full article on

Not in My House: Companies Take a Proactive Stand Against Fraud


Mandy Moody, CFE
ACFE Social Media Specialist

With the changing mindset towards the subject of white-collar crime, corporations around the world are interested in making it clear to shareholders, regulators, the media and investors that they are taking proactive measures to prevent, detect and deter fraud. And it’s no wonder, as a recent COSO study found that news of an alleged fraud resulted in a 17 percent stock price decline in the two days surrounding the announcement. It is only imaginable what a fraud conviction’s effects are on a company. Think Enron, Olympus, Parmalat and WorldCom. 

Just as the effects are becoming more profound, so are the proactive steps companies are taking to prevent fraud from happening in the first place. As the ACFE’s Marketing and Business Development Director Kevin Taparauskas, CFE, said in a blog last year about the evolution of fraud over the past 15 years, “It is no longer a question of whether it is taking place within a company, but rather what are people doing about it?”

One thing companies like Raiffeisen Bank International (RBI) are doing is joining the ACFE’s Corporate Alliance program. The program, which began as a pilot program with anti-fraud teams at USAA and Walmart, provides companies wanting to take a proactive stance against fraud the opportunity to partner with the ACFE to help educate and grow their fraud-fighting teams. Benefits of the program include access to exclusive resources, training and membership pricing.

“Fraud can seriously harm a company,” Dr. Michael Wittenburg, CFE, Head of Risk Quality & Fraud Risk Management at RBI, said. “We need to fight it in every possible manner. We hope that with this alliance we will be able to significantly improve our know-how and get access to global best practices.”

RBI is based in Austria and is one of the most recent companies to join the ACFE’s Corporate Alliance program. RBI is one of the leading banking groups in Austria and Central and Eastern Europe with more than 60,000 employees servicing about 14.2 million customers. According to Wittenburg, they plan on implementing mandatory initial and continuous fraud training to employees and hosting tailor-made advanced trainings. They also plan to make the Certified Fraud Examiner (CFE) credential mandatory for staff in their fraud risk management department. 

Read the full Global Spotlight article.

Corporate Governance in Japan: Memories of the “Japanese Miracle”


Roger Aradi, CFE 
ACFE Marketing Manager

It’s one thing to get a conservative culture to change; it’s quite another to get a successful conservative culture to change.

The Economist has been examining corporate governance in Japan in the aftermath of the Olympus scandal. In the article “Back to the Drawing Board,” they describe how Japan Inc. has resisted attempts to revise legal requirements for corporate boards and point out how Japanese requirements differ from the standards of other nations, including many of their Asian neighbors. And in “Olympian Depths,” they go on to say, “The refusal to embrace higher standards of corporate governance is a further sign of short-sightedness.”

I am certainly not going to argue in favor of a system of corporate governance that can be described as insular and opaque. Clearly any system of governance that does not include a truly independent audit committee is lacking a vital component, undermining any internal controls they may have in place. But to write off the resistance to change as mere “short-sightedness” is to overlook one key factor. Japanese leadership may be reluctant to change their system of governance in part because their current system has worked so well for them in the past.

Japan went from being a nation in ruins at the end of World War II to a global economic powerhouse in the span of a few decades, a feat often referred to as the “Japanese miracle.” While many have researched the factors that made this “miracle” possible (see, for example, “MITI and the Japanese Miracle”), the current system of tightly interlocked, opaque and insider boards governed the Japanese corporations that drove this economic growth. In fact, I’m old enough to remember a time when the Japanese model was held up as a positive example, their long-term focus praised as an alternative to the American system’s obsession with short-term numbers. So perhaps Japanese business leaders, many of whom rose through the ranks during the Japanese miracle, can be forgiven for being reluctant to overhaul a system that seems to have served them well.

Improving corporate governance is a crucial part of the fight against fraud – not just in Japan, but worldwide. As anti-fraud professionals push for systems that proactively prevent and deter fraud, it is important to keep in mind that resistance may not be a sign of greed or malice – your client or organization may, like Japanese business leaders, be held back by memories of their own past successes.

Even if it Ain’t Broke, Consider Fixing It


Catherine Lofland, CPA
ACFE Research Specialist

The average person can name several corporate scandals off the top of their head. Once a fraud scandal becomes a household name, the victim organization may never recover from the damage to its reputation. The effects are far-reaching: employees, investors, creditors, vendors, customers and the community are among those who can suffer tremendously from fraud. The pervasive threat of corporate malfeasance indicates companies need to seriously consider whether they have effective systems in place to prevent such scandals. While strong internal controls, independent external audits, an ethics program and a whistleblower policy are effective fraud deterrents and detection methods, these measures succeed only when supported by a robust corporate governance system.

Corporate governance refers to the procedures and processes according to which an organization is controlled. It consists of the official policies promoting oversight and accountability in a variety of areas, including financial reporting, corporate strategy and risk management. You can think of corporate governance as a system of checks and balances similar to those outlined in the U.S. Constitution, which allows each branch of the government to regulate one another. An organization’s checks and balances are designed to protect the diverse interests of its stakeholder groups by keeping management and the board in line.

One of the biggest challenges in implementing a corporate governance system is that some companies, especially smaller organizations, don’t see any reason to change the status quo. This “if it ain’t broke, don’t fix it” attitude toward fraud prevention can be dangerous. Managers who exhibit this attitude aren’t concerned about fraud simply because they haven’t suffered from it yet. However, if an organization has a weak corporate governance structure, a devastating fraud might be just around the corner.

Our latest online self-study course, Corporate Governance for Fraud Prevention, describes the principles, functions and essential components of a corporate governance system. It addresses the controversy of CEO duality, the recommended committees any organization should have on its board of directors and how to set the appropriate tone at the top. The course discusses corporate governance best practices that you can tailor to your organization’s structure and needs, since there is no one-size-fits-all approach.

Many corporate governance programs are born from a crisis. But it is critical not to wait until disaster strikes at your organization to begin implementing an effective corporate governance system. While establishing preventive measures might seem costly and burdensome, they are vital to the success, reputation and longevity of your company.

Read more about the new course here.