Investigating incidents of fraud in small economies: the case for Cyprus

Investigating incidents of fraudin small economies: the case

for CyprusMaria Krambia-Kapardis and Anastasios Zopiatis

Cyprus University of Technology, Limassol, Cyprus

Abstract

Purpose – The purpose of this paper is to investigate the extent and types of fraud victimization insmall economies or specific industries in such economies. In addition, the paper identifies the state ofthe art in a small economy and considers policy implications.

Design/methodology/approach – Drawing on an extensive literature review, a questionnaire wasdeveloped, pilot tested and administered to individuals working in 600 randomly selectedorganizations in Cyprus. Both descriptive and inferential statistics were utilized to analyze thecollected data and address the postulated research questions.

Findings – It is found that no industry or size of company is immune from fraud. Whilst executivesare well aware of fraud, they do not seem to be able to prevent it in their organizations since85.8 percent are victimized in the last five years. The deterrent impact/effect of both the code ofconduct and the audit committee has been investigated. In addition, findings revealed the types offraud least tolerated as well as those who pose the greatest risk to the local economic environment.Finally, the paper explores the actions taken by local companies when fraud is identified.

Research limitations/implications – Owing to the very sensitive nature of the research topic,many respondents felt reluctant to participate, resulting in an 18.83 percent response rate.

Practical implications – The findings have a practical relevance to both industry stakeholders andacademic scholars who wish to further explore fraud victimization in small economies. Numerouspractical implications for the local industry and regulatory authorities are raised regarding fraudprecaution and the need for a specialized fraud investigation team as well as forensic accountants isemphasized.

Originality/value – Fraud victimization studies have been carried out in bigger economies (G7 or E7)but not in smaller economies. This is the first in-depth attempt to investigate fraud in a small economyin such detail, thus the paper adds to existing knowledge of interest to stakeholders.

Keywords Fraud, Crimes, Cyprus

Paper type Research paper

IntroductionNo company is immune to fraud and no company can be confident that it is not or that itwill not become a victim of fraud by its employees, management or third parties.Corporate scandals in the USA (e.g. Enron, WorldCom, and Tyco) in the UK (Bank ofCredit and Commerce International and Barings Bank) in Italy (Parmalat), and inAustralia (HIH) have “uncovered instances of serious fraud and/or other malpractice bysenior company officials, reckless financial and business management practices and/oringenious creative accounting” (Porter, 2009, p. 157). The repercussions of such corporatescandals are firstly that billions of dollars of shareholders’ values are wiped out, secondly,investor confidence is demolished and third, employee morale, branding, and thecompany’s reputation is destroyed. Also, one must not ignore the cost incurred by theauthorities to investigate and prosecute and the cost of imprisonment of the offenders.

The current issue and full text archive of this journal is available at

www.emeraldinsight.com/1359-0790.htm

Investigatingincidents of fraud

195

Journal of Financial CrimeVol. 17 No. 2, 2010

pp. 195-209q Emerald Group Publishing Limited

1359-0790DOI 10.1108/13590791011033890

Being a small country, people in Cyprus have a feeling that they know each otherand nothing will go on without people finding out about it. While many non-locals arenow working on the island, the executive positions are predominately held by localssince many businesses are family owned. The study reported sets out to investigatefraud in the distinct economic environment of Cyprus. The research team decided tosurvey the Republic of Cyprus due to its unique location (at the cross roads of Europe,Asia, and close to the Middle East), it is in the Euro Zone, a full member of theEuropean Union, while at the same time it is a small country with almost 800,000inhabitants.

Literature reviewFraud victimization surveys are normally carried out by the Big 4 so as to providethem, their clients and the general public with information on what type of frauds isbeing committed. However, these surveys (PricewaterhouseCoopers, 2007; Ernst andYoung, 2006) do not address small companies or small economies. The EuropeanEconomy, for example, is predominately made up of SMEs, thus there is a need toidentify fraud proneness in SMEs in small economies. Bressler and Bressler’s (2007)study, in the USA reported that business ventures of “less than $5 million in sales willbe 35 times more likely victims of business crime than larger firms”. In addition, theystated that, “30 percent of small business failures resulted from internal crime andemployee dishonesty” (p. 23).

The end of the first decade of the twenty-first century brought not only financialcrisis but also at the same time trust and confidence in the capital markets and peoplehas been questioned (Barlaup et al., 2009). As this decade comes to an end, the:

[. . .] changes in the business world makes it harder for people to trust [. . .], there is decline inconfidence [. . .] thus leading to a rise in violent crime [. . .] increased civil litigation,breakdown of family structures and the weakening of intermediate social structures (Barlaupet al., 2009, p. 185).

Widespread cultural changes have undermined shared values and reduced communitysolidarity (Fukuyama, 1995) and scandals like Enron and Parmallat have affectedpeople’s reliance on financial information and the confidence and faith they place inindividuals who hold positions of trust.

Whilst it is acknowledged that businesses will not jeopardize profits byemphasizing ethical behavior, it can be argued that in the long run the businesseswhich will survive are the ethical ones that attract investors and maintain customers.Barlaup et al. (2009) maintain that investors “prefer companies that are managed bytrustworthy people” (p. 185). Ethical behavior thus appears to be a thorny issue inbusiness and would be interesting to see its connection to fraud.

Owing to the limited number of employees and the lack of resources to implementefficient internal controls, small businesses are likely to be more susceptible to fraud(Hano and Hughes, 1999). Wells (2004) has argued that these businesses are vulnerablebecause they are not being audited and do not have hotlines or internal controls. This isreiterated by Bressler and Bressler (2007, p. 27) who stated that “small companies andnonprofits may be reluctant to use background and reference checks due to the cost andthe time involved.” Bressler and Bressler also stated that payroll fraud is frequent in suchbusinesses. Non-profit organizations, according to Larimer (2006), may lose the most with

JFC17,2

196

the loss for employee fraud being higher for companies with less than 100 employees.This point is confirmed by Thomas and Gibson (2003), PricewaterhouseCoopers (2003)and Bierstaker et al. (2006), where the last ones state that “although larger businesses aremore likely to experience economic crime, fraud may be more costly for small businesses”(p. 521). In fact, losses from fraud can be as much as 100 times greater in smaller firmsthan larger ones (Association of Certified Fraud Examiners, 2004; Wells, 2003). Moreover,in the 1990s fraud accounted for 30 percent of small business failure (Bressler andBressler, 2007). Bierstaker et al. (2006) also states that smaller companies do not have theresources or the capital to invest in anti-fraud technology despite the fact that they are themost in need of fraud detection and prevention technology.

When one speaks of fraud victimization studies one needs to address the types offraud; how fraud is detected; who has the prevention role and the action taken postdetection. As far as the types of fraud are concerned, one needs to initially distinguishemployee from management fraud and from third party fraud. Wang and Kleiner(2005) have made an analogy fraud to cancer. They stated that for the same reason thatcancer makes people suffer if not cured, the same is true of fraud. They go on to state,however, that management fraud is similar to malignant tumor in the brain which cankill people sooner or later until a cure is found.

According to Wells (2004), employee fraud or dishonesty, can be “as simple aspilferage of company supplies or as complex as sophisticated financial statementsfraud” (p. 42). Ten years ago, the US Chamber of Commerce estimated employee fraudto cost businesses $20-40 billion yearly (Hanno and Hughes, 1999). The same authorsreported that 30 percent of workers look for ways to steal from employers, and another30 percent will steal if given the opportunity (p. 58). Common employee crimes are:theft of cash, theft of inventory-merchandise or equipment; writing company cheques;falsifying revenue reports; processing fraudulent invoices; customer identity theft;money laundering; intellectual property theft; credit card fraud; overstated expensereports; and, finally payroll fraud (Albrecht et al., 2006).

As Beasley (1996) pointed out, management fraud represents one instance of theagency problem where managers are interested in increasing their own wealth at theexpense of the shareholders. Wang and Kleiner (2005) have argued that the dishonestbehavior of management between January 2001 and June 2002 caused share prices ofEnron, Global Crossing, Adelphia, Pergrine Systems, Qwest, WorldCom, Dynegy, andTyco Inter to fall; ranging from 78.4 to 99.9 percent! (p. 12).

Regarding the fraud prevention role and who should assume it, is a thorny issue(Baker, 2007). Internal audit and management (Baker, 2007) as well as the Board ofDirectors (Neocleous, 2000) and the audit committee (Cyprus Government, 2007) Codeof Corporate Governance have a role to play. As far as the role of the audit committee isconcerned, according to Beasley (1996), it improves the capacity of the board to act as amanagement control by providing them with detailed information and knowledge onthe financial statements. As Saksena (2003) has stated, the Board of Directors assumesinternal monitoring, and their viability is enhanced by having independentnon-executive directors on the Board. However, fraud prevention and detection is arole that ought to be jointly accepted by the Board, senior management and internalauditing (Baker, 2007).

Fraud victimization surveys have been carried over the years by the Big 4accounting firms. More recently, Ernst and Young (2006) carried out a survey in


197

19 countries all of which were large economies ranging from the USA, the UK toSouth Africa, Italy, and Poland. PricewaterhouseCoopers (2007) carried out a similarstudy surveying 40 countries, covering the emerging seven markets as well as G7 andsome medium sized economies. While very important findings have been reported bythese studies, there is still a need for such similar research due to the limited tonon-existent work done on small economies. According to the World Bank, 2007 Reportfor 2007, there are 45 small economies that include Malta, Cyprus, Mauritius,Seychelles, Brunei, etc. These economies, either because they lack the infrastructure, orthe resources and expertise to address fraud in large organizations or because nointerest is expressed by the established research institutions to study them they are leftat their own to address fraud victimization. This is despite the fact that if a majorcorporation collapses in a small economy (e.g. Cyprus), the financial impact on thecountry will be more devastating than in a big country. This is one of the reasons thisstudy was carried. The second reason is to make Board of Directors, managers,authorities, and other stakeholders more sensitive and concerned on issues of fraud soas to force them to begin taking preventive measures.

MethodologyThe primary purpose of this study was to investigate fraud in the distinct economicenvironment of Cyprus, a small economy, with particular attention to the issue ofcompany victimization. The following research questions were formulated, reflectingthe study’s primary purpose and objectives:

RQ1. What is the deterrent effect of both the Code of Conduct and the Auditcommittee in the prevention of fraud in local organizations?

RQ2. Which types of fraud are the least tolerated in the Cypriot businessenvironment?

RQ3. Which types of fraud pose the greatest risk to organizations in the Cyprioteconomic environment?

RQ4. Which types of fraud are more frequently committed by employees,management and external parties in the Cypriot economic environment?

RQ5. Which are the most frequent actions taken by local companies when fraud isidentified?

In addition, the research explores whether significant differences exist when the sizeand type of industry under investigation are taken into account.

A comprehensive literature review was conducted by reviewing secondary datasources collected from books, journal articles and industry reports and surveys.Reflecting the issues revealed from the literature review and fraud victimizationsurveys carried out by PricewaterhouseCoopers (2007), Ernst and Young (2006),KPMG (2007) and Bussman and Werle (2006), a quantitative questionnaire wasdeveloped in order to address the postulated research questions. The questionnaire,considered by the authors as the most effective tool for gathering data from industrystakeholders in the Cyprus specific economic environment, was divided into threesections. The first section gathered demographic and other relevant information thatwould assist to further analyze the data, while section two investigates overall fraud

JFC17,2

198

with 29 related questions. Finally, the third section gathered general information thatwould enable the development of a suggestive fraudster’s profile. The data analysisreported in this paper pertains to data collected by the first two sections of thequestionnaire.

Our research population included individuals working in 600 randomly selectedcompanies in Cyprus. The selection of the 600 companies was made using the CyprusChamber of Commerce database (Cyprus Government, 2007-2008). Having identified theindustries comprising the local economy, specific companies were selected on a randombasis from the database. The aim was to select a representative sample of companiesper industry. Following the selection of the companies, one personalized survey wasadministered to the CEO/CFO, other Board Member, Chief Accountant or InternalAuditor of each company. Owing to the typical low-response rate of related studies inCyprus, a mix method was utilized to administer the questionnaires. Questionnaireswere firstly mailed via post with a prepaid self-addressed envelope, followed by atelephone reminder, and/or were face-to-face administered by research assistants.

Participation in the survey was voluntary and participants were assured ofconfidentiality. Prior to administration, the questionnaire was pilot-tested for reliabilitywith the utilization of the test re-test method, with the assistance of a number ofaccountants and auditors, and for validity with a panel of experts. Descriptive andinferential statistics, namely frequencies, independent sample t-test, and one-wayANOVA with post hoc multiple comparison test (Tukey HSD), were utilized to analyzethe data and answer the formulated research questions. It is important to note thatnumerous multiple response questions were recoded (0 ¼ not selected; 1 ¼ selected) inorder to enable comparisons between specific groups of respondents.

FindingsA total of 600 questionnaires were distributed to the selected organizations. A total of116 questionnaires were returned, three of which were incomplete, and thus excludedfrom the study, reducing the number of usable surveys to 113. The overall responserate of 18.83 percent was viewed as satisfactory considering the low-response ratesexperienced by studies which investigate so-called “sensitive” issues (Keegan andLucas, 2005). It is important to note the hesitation expressed by many to disclose suchsensitive information in a small society like Cyprus with the fear of being madeavailable publicly despite the researchers’ assured anonymity.

Table I displays the demographic profile of the participants in relation to fourdifferent variables: position of the respondent, type of organizations, legal status of theorganization, and the size of the company.

Data analysis revealed that 83.5 percent of respondents exhibit high levels ofawareness towards economic crime, while the vast majority (86.7 percent) believe thatfraud will increase in the near future. The increase in fraud in Cyprus is attributed to a fallin ethical standards (72.7 percent), the global economic crisis (59.6 percent) and the factthat everyone wants to get rich (44.4 percent) are stated as the top three reasons that willcontribute to the increase of fraud in the country. No significant differences according tothe respondent’s position exist on each of these three factors. A respondent’s position in thecompany was not related to the reason given for the expected increase in fraud.

In terms of the stated levels of awareness towards economic fraud and the perceptionas to whether fraud will increase in the near future, no significant differences were


199

revealed in terms of the respondents’ position ( f ¼ 1.366; p ¼ 0.258). In contrast,findings suggest that respondents working in large companies[1] exhibit significantlyhigher levels of awareness towards economic fraud compared to their counterparts insmall and medium organizations (t ¼ 23.146; p ¼ 0.002). In regards to the perceptionas to whether fraud will increase and the type of industry respondents are currentlyworking, ANOVA statistics revealed significant differences ( f ¼ 2.258; p ¼ 0.035)between the manufacturing and semi-government and the other industries with thelater (other industries) being less optimistic stating that fraud will increase. Anothernoteworthy finding is the fact that 85.8 percent of the respondents had fallen victim to afraudster in the last five years. This victimization rate is significantly higher than the50 percent reported by Bussman and Werle (2006) in their international study.

One of the primary objectives of the study was to identify whether the existence of aCode of Conduct and/or an Audit Committee contributed to fraud prevention. UnlikeBarlaup et al. (2009) and PricewaterhouseCooopers (2007) who have indicated thathaving a Code of Conduct, and/or Ethical Guidelines and Compliance Programmescorrelates with having fewer economic crimes, in Cyprus this is not found to be thecase. Whilst 53.7 percent (n ¼ 58) of the respondents reported having a Code ofConduct, it is questionable if this code is complied with or even communicated to theemployees or other stakeholders of the organization. No significant difference wasfound between the companies that were being victimized and those that were not as faras having a Code of Conduct is concerned.

Frequency Valid percentage

Position of respondentCEO/CFO 55 52.4Other board member 20 19.0Chief accountant 19 18.1Internal auditor 11 10.5Type of organizationBanking and insurance 19 17.3Hospitality and tourism 18 16.4Wholesale and retail 15 13.6Manufacturing 14 12.7Construction 13 11.8Health 13 11.8Automobile and transport 11 10.0Semi-government 7 6.4Legal status of the organizationPrivate Co. 86 76.1Public and listed 17 15.1Public but not listed 3 2.6Semi government organizations 7 6.2Size of the companySME 90 79.6Large 23 20.4

Note: Some demographic questions were not answered by all participants, thus, the variation in theactual frequency number

Table I.Demographicsof respondents

JFC17,2

200

When investigating the effect of the Code of Conduct according to the type of fraudcommitted by employees, invoice manipulation by employees is significantly morecommon to organizations without it (t ¼ 22.344; p ¼ 0.021). Similarly, having a Codeof Conduct was not related to a company’s third party or management fraudvictimization. Further investigation may be required in order to ascertain the value andapplication of the Code of Conduct and its impact (theoretical vs actual) in preventingorganizational fraud. It is suggested that future studies identify not only whether thereis a Code of Conduct but, also, if it is communicated to and enforced regularly with thestakeholders.

Another relevant factor found by Saksena (2003) and Uzun (2004) is that companiesthat have an Audit Committee have less fraud. Findings revealed that 45.8 percent(n ¼ 49) of the respondents had an Audit Committee in their organization. Regardingemployee-related fraud types, significant difference exists only in invoice manipulation(t ¼ 23.624; p ¼ 0.000). In other words, such fraud is committed less in organizationswith an audit committee. In regards to management fraud, no significant differenceswere revealed, while for third party fraud one difference exists, namely, on price fixing(t ¼ 22.091; p ¼ 0.039), whereby those without an audit committee experience higherlevels of such fraud victimization. Again, just like the Code of Conduct, the purpose andvalue of the Audit Committee must be further investigated.

Out of a list of ten fraud actions revealed by the literature review, the least toleratedaccording to the findings (Table II) are: corrupt payments, incorrect or falseaccountings, duplicate and overpayments to suppliers, breaches of regulatorycompliance, and overriding of internal standards. No significant differences werefound according to the position of the respondent and the type of fraud that would notbe tolerated by their company. In contrast, data analysis yielded significant differencesbetween industries in three out of the ten fraud actions, namely breaches of regulatorycompliance ( f ¼ 3.712; p ¼ 0.001), duplicated and over payments to suppliers andnon-compliance with preferred supplier lists ( f ¼ 2.296; p ¼ 0.033), and overriding of

n PercentagePercentage

of cases

Corrupt payments 98 15.2 88.3Incorrect or false accounting in the books and recordsto conceal improper activities 84 13.0 75.7Duplicate and/or over payments to suppliers and non-compliance with preferred supplier lists 72 11.2 64.9Breaches of regulatory compliance 69 10.7 62.2Overriding of internal standard operating procedurecontrols such as sign off and approval processes 66 10.2 59.5Unauthorized access to data 64 9.9 57.7Improper entertainment 57 8.8 51.4Donations, sponsorship, and cash payments that areinappropriate or way beyond normal or acceptable levels 55 8.5 49.5Actions taken which cause harm to the environment 42 6.5 37.8Diversion of budget spend to other non-sanctioned partsof an operation 38 5.9 34.2

Note: Multiple response questions n ¼ 113 (645 responses)

Table II.Type of frauds

not to be tolerated


201

internal standards ( f ¼ 3.325; p ¼ 0.003). Regarding breaches of regulatorycompliance, significant differences exists between the automotive industry and thebanking industry, semi-government and retail/wholesale, with the former (automotiveindustry) being more tolerant towards such an eventuality. In duplication andoverpayments, differences exist between the automotive industry and themanufacturing, retail/wholesale industries on the one hand and semi-government onthe other, with the former being more tolerant. In regards to overriding of internalstandards, again differences exist between the automotive industry and the industriesof banking, retail/wholesale and semi-government, with the former being moretolerant. Finally, when comparing small and medium organizations with large onessignificant difference exists in the fraud actions of corrupt payments (t ¼ 22.126;p ¼ 0.036) and improper entertainments (t ¼ 22.574; p ¼ 0.011) with largeorganization being least tolerant of both types of fraud.

As shown in Table III, theft of cash, corruption and bribery, and breach of secretswere considered, by the respondents as the types of fraud posing the highest level ofrisk for their organizations. Comparing these findings according to the size of theorganizations (small/medium vs large) significant differences were found only for falsefinancial reporting (t ¼ 22.953; p ¼ 0.004) and theft of data and confidentialinformation (t ¼ 22.014; p ¼ 0.046). Findings suggest that both fraud types pose ahigher risk to large organizations. In regards to the industries, the only significantdifference exist in theft of cash ( f ¼ 4.227; p ¼ 0.000), in which such a fraud poses thegreatest risk to the industries of hospitality and retail/wholesale compared to thesemi-government sector, the manufacturing and construction industries.

Employee fraud is more frequent than third party and management fraud.Regarding the type of fraud committed by employees, management and third partiesin the respondents’ organizations, numerous differences were found (Table IV).In particular, theft of cash, petty cash fraud and theft of assets were the three mostcommon types of fraud committed by employees. In contrast, conflict of interest,unnecessary purchases and window dressing/financial statement manipulation wererevealed as the three most common types of fraud involving managerial levelemployees. Finally, when it comes to external parties such as customers and suppliers,the three most common types of fraud committed were bounced cheques or chequeforgery, poor quality of goods and services provided, and theft of assets.

n Percentage Percentage of cases

Theft of cash 62 17.2 56.4Corruption and bribery 53 14.7 48.2Breach of secrets 40 11.1 36.4Theft of data/confidential information 39 10.8 35.5Theft of other assets 38 10.6 34.5Embezzlement 31 8.6 28.2False financial reporting/accounting fraud 28 7.8 25.5Counterfeit 18 5.0 16.4Money laundering 16 4.4 14.5Industrial espionage 15 4.2 13.6


Table III.Types of fraudwith greatest riskto organizations

JFC17,2

202

Em

plo

yee

sM

anag

emen

tT

hir

dp

arti

es(c

ust

omer

s,su

pp

lier

s,et

c.)

Ty

pe

offr

aud

nP

erce

nta

ge

Val

idp

erce

nta

ge

nP

erce

nta

ge

Val

idp

erce

nta

ge

nP

erce

nta

ge

Val

idp

erce

nta

ge

Bou

nce

dch

equ

esor

cheq

ue

forg

ery

53.

36.

91

2.4

4.8

25

24.5

43.9

Con

flic

tof

inte

rest

117.

315

.312

28.6

57.1

54.

98.

8C

orru

pti

on/b

rib

ery

(tak

en)

149.

319

.42

4.8

9.5

65.

910

.5C

orru

pti

on/b

rib

ery

(off

ered

)1

0.7

1.4

24.

89.

57

6.9

12.3

Ex

pen

seac

cou

nts

21.

32.

82

4.8

9.5

22.

03.

5In

du

stri

ales

pio

nag

e4

2.7

5.6

24.

89.

52

2.0

3.5

Inv

oice

man

ipu

lati

on15

10.0

20.8

00

04

3.9

7.0

Mon

eyla

un

der

ing

00

00

00

22.

03.

5O

ver

pri

cin

g1

0.7

1.4

24.

89.

56

5.9

10.5

Pay

roll

frau

d5

3.3

6.9

00

01

1.0

1.8

Pet

tyca

shfr

aud

18

12.0

25.0

12.

44.

80

00

Poo

rq

ual

ity

ofg

ood

s/se

rvic

esp

rov

ided

106.

713

.91

2.4

4.8

20

19.6

35.1

Pri

cefi

xin

g/c

ollu

sion

00

00

00

98.

815

.8T

hef

tof

asse

ts17

11.3

23.6

12.

44.

810

9.8

17.5

Th

eft

ofca

sh(t

hro

ug

hfa

lse

clai

ms)

33

22.0

45.8

24.

89.

52

2.0

3.5

Un

nec

essa

ryp

urc

has

es14

9.3

19.4

11

26.2

52.4

11.

01.

8W

ind

owd

ress

ing

/fin

anci

alst

atem

ent

man

ipu

lati

on0

00

37.1

14.3

00

0

Notes:

Mu

ltip

lere

spon

se:

(em

plo

yee

s15

0re

spon

ses)

;m

anag

emen

t(4

2re

spon

ses)

;an

dth

ird

par

ties

(102

resp

onse

s);n¼

nu

mb

erof

resp

onse

s

Table IV.Types of fraud

committed to theorganization by

employees, management,and third parties


203

It was also investigated whether the size of the organization and the industrydifferentiate the findings. In regards to the size of the organization and the type offraud committed by employees, no significant differences were revealed. In termsof fraud committed by management, significant difference exist on the variable ofwindow dressing (t ¼ 22.056; p ¼ 0.042), with individuals working in largeorganizations being more susceptible to such an eventuality. Finally, no significantdifference exists between the small/medium and large companies in the types of fraudcommitted by external parties. In addition, analysis of variance was utilized to identifydifferences between the industries in the type of fraud committed by employees,management, and external parties. Findings suggest significant differences in thefollowing three employee fraud types: corruption bribery (taken) ( f ¼ 2.610;p ¼ 0.017), invoice manipulation ( f ¼ 2.931; p ¼ 0.008) and theft of cash ( f ¼ 2.194;p ¼ 0.041). Individuals working in the automotive industry are more vulnerable toboth corruption bribery (taken) and invoice manipulation in comparison to individualsworking in the semi-government sector, the banking and the retail/wholesaleindustries. When it comes to theft of cash, employees working in the automotive,retail/wholesale and hospitality industry are more prone towards such theft.

No significant differences were found amongst management and type of industry,while four differences were revealed when investigating industries and fraud types bythird parties. Namely bounced cheques or cheque forgery ( f ¼ 2.123; p ¼ 0.048),industrial espionage ( f ¼ 2.156; p ¼ 0.045), poor quality of goods/services provided( f ¼ 3.275; p ¼ 0.004) and price fixing ( f ¼ 3.168; p ¼ 0.005). Bounced cheques orcheque forgery is more common in the retail/wholesale industry compared to otherindustries; industrial espionage poses a problem only for the manufacturing industry;and, finally, poor quality of goods/services provided and price fixing constitutes amajor problem for the health industry.

Comparing the types of fraud being committed overseas and in Cyprus, Bussmamand Werle (2006), summarising international fraud victimization studies, haveidentified the following seven types of economic crime being perpetrated against theoverseas victimized companies: asset misappropriation (e.g. theft, embezzlement); falsepretences; financial misrepresentation; corruption and bribery; insider trading; moneylaundering; counterfeiting. As indicated in Table IV, there are some differences andthese can relate to the size of the companies in question, as well as to cultural issues.For example, money laundering or counterfeiting is not occurring as much in Cypruswhereas it is acceptable that if one cannot pay a bill one can post date a cheque, withthe risk that by the time the cheque is deposited it may well bounce. On the other hand,asset misappropriation and corruption do exist in both small and large economies.

Another objective of the study was to identify the most common action undertakenby local organizations when fraud is discovered. Respondents were asked to identifythe steps, from a list of 18 actions, they would most likely take or have taken whenfraud is identified in their organization. Table V, reveals that internal investigation,immediate dismissal and disciplinary actions, all describing internal functions, werethe most likely responses when fraud is detected. On only rare occasions and where thefraudster is an external party and/or they are trying to recover some of the money lostand the fraudster is not cooperating would they go to the police or other authorities. Inthe KPMG (2004) study, reporting to the police, internal investigation, and immediatedismissal were the most prevalent actions taken once fraud was discovered.

JFC17,2

204

When investigating whether differences exist between small/medium and largecompanies in the actions taken when fraud is identified, significant differenceswere revealed concerning only immediate dismissal (t ¼ 2.064; p ¼ 0.041), an actionmore frequent in small and medium size organizations. Going a step further, therespondents were also asked whether the fraudster’s position in the organizationalhierarchy (management level) would influence the initiation of these actions. Thisfinding is in agreement with other studies (PricewaterhouseCoopers, 2007), suggestingthat the action taken varies depending on whether the perpetrator is a member ofsenior management.

It has been reported both local and overseas studies (PricewaterhouseCoopers,2007; Bussman and Werle, 2006) that victimized companies first consider initiatinginternal investigation, and then call in the authorities. PricewaterhouseCoopers (2007,p. 15) also identified that the most popular action taken was dismissal, and very oftenthey would proceed with criminal or civil action, whereas in the local study this wasnot the case. In agreement with the other studies, the local respondents stated that theposition of the offender would determine the action to be taken (i.e. if the offenderwas from management rather than an employee the action will differ). In support ofthe PricewaterhouseCoopers (2007) survey, there appears to be an inconsistency ofactions taken when fraud is committed; more specifically, it is stated that “actionsbrought against management are usually less severe than those brought against othergrades” (p. 4).

Summing up the main results of the data analysis, the survey found that:. The Code of Conduct and Audit Committee do not impact significantly on fraud

committed in an organization.. The least fraud actions tolerated by the respondents appear to be corrupt

payments, incorrect or false accounting, duplicate and overpayments tosuppliers, breaches of regulatory compliance and overriding of internalstandards. The automotive industry appears to be more tolerant of breaches ofregulatory compliance compared to the banking, retail/wholesale industries andsemi-government. Another significant difference appears to be again in theautomotive industry where they are more tolerant of duplication andoverpayments compared with manufacturing and retail/wholesalers and semi-government. Finally, the automotive industry appears to be more tolerant of the

n Percentage Percentage of cases

Internal investigation 67 13.9 63.8Immediate dismissal 58 12.1 55.2Disciplinary action 54 11.2 51.4Report to the police 43 8.9 41.0Warning/reprimand 38 7.9 36.2Civil action for recovery 31 6.4 29.5Permitted individual to resign 31 6.4 29.5Settled out of court 24 5.0 22.9Referred to appropriate authority 20 4.2 19.0


Table V.Top actions taken when

fraud is identified


205

overriding of internal standards as opposed to banking, retail/wholesale, andsemi-government.

. Theft of cash, corruption and bribery, and breach of secrets were revealed asbeing the type of frauds posing the highest level of risk for their organizations.Larger organizations appear to have higher risk than SMEs by theft of data andconfidential information. The other significant difference was found in theft ofcash where it appears to pose a higher risk to the hospitality and retail/wholesaleindustries than semi-government, manufacturing, and construction industries.

. Based on the number of frauds the organizations were victimized, we can statethat employee fraud, third party fraud and finally management fraud appear tobe in this order the most frequent types of frauds. As far as employee fraudthe most frequent type are theft of cash, petty cash fraud, and theft of assets.In regards to third party fraud the most frequent types are bounced cheques,poor quality of goods/services provided, and theft of assets. Finally, conflict ofinterest, unnecessary purchases, and window dressing appear to be the mostfrequent management frauds.

. Similarly to overseas studies, the Cypriot fraud victimized organizations opt tocarry out internal investigation, or immediate dismissal, disciplinary action andthen consider reporting the matter to the police.

Discussion and conclusionSmall economies are not immune from fraud. In view of the finding that half of thecompanies worldwide fall victims to fraudsters (Bussman and Werle, 2006), it comes asno surprise to find that 85.8 percent of the companies participating in the survey inCyprus had indeed been similarly victimized. This finding supports the view that smalleconomies are as likely to experience fraud as bigger economies.

In contrast to Saksena (2003) and Uzun et al. (2004), the present study found thathaving a Code of Conduct or an Audit Committee made no significance difference.However, on the basis of the survey data available, it is not possible to point to factorsthat explain it. Of course, one possible explanation is that for a number of companies:

. A Code of Conduct may only exists in theory; and/or

. Audit Committees do not perform their role diligently to deter or to otherwiseimpact significantly on company fraud victimization.

Further investigation should be undertaken to ascertain the association between theimplementation of an effective Code of Conduct and Audit Committee and fraud beingcommitted in a company.

In support of other studies (PricewaterhouseCoopers, 2007), upon discovering fraud,the management of the Cypriot companies being victimized, like their counterparts inother countries, first prefer to deal with the matter internally and then considerwhether to report it to the police. Furthermore, the management’s decision to call inthe police in Cyprus reflects the seniority of the fraudster in the company hierarchy.The more senior he/she is, the less likely the fraud is to be reported to the police.It seems that companies are more concerned with preventing collateral damage to thecompany’s reputation than creating a corporate culture with increased corporatetransparency.

JFC17,2

206

The types of fraud and the actions to be followed indicate that reporting the matterto the police is rarely happening. As mentioned by the inspector in charge of theeconomic crime squad in an interview (Karide, 2009), even if the matter were to bereported to the squad, it would take long to investigate and prosecute a fraud.Furthermore, the squad’s ability to do so successfully is reduced by the fact that it isunder-staffed and does not employee a qualified accountant.

It is evident therefore that regardless of the size of the economy, fraud is likely tooccur and the regulators as well as the Board of Directors need to take a proactiveaction in fraud, prevention since prevention is better than cure. The companies oughtto be encouraged not only to actually implement a Code of Conduct and set up an AuditCommittee but also, to ensure the former is properly enforced and the latter isencouraged to assume its role and responsibilities as set out in the relevant legislationand the Code of Corporate Governance.

The limitations of the research methodology used and the response rate to thesurvey notwithstanding the findings obtained need to be replicated with a largersample in another small economy. The survey has nevertheless revealed that companyfraud victimization needs to be addressed more professionally by both management aswell as the economic crime squad alike in order to reduce its incidence by the formerinvesting in its prevention and the latter in its investigation and prosecution. As longForensic Accountants are non-existent in the country and accountants are notemployed by the economic crime squad, the fraudsters feel the absence of capableguardians and become more aggressive.

Findings from fraud victimization studies identify the modus operandi of fraudstersand assist the victim in setting up prevention and detection procedures. Futureresearch in the field of fraud could address the cost of the criminal justice system in aneffort to identify what is the real cost of fraud. Furthermore, studies on profiling fraudoffenders can and will assist in the prevention of fraud in the long-term.

The policy implications of studies like the present, sensitize the stakeholders andencourages them to take out measures to prevent and detect fraud. At the same time,policy makers realize the implications of not addressing issues concerning fraud andforces them to implement a better system regarding the criminal justice. Finally,researchers and academics recognize that small economies face similar problems aslarger ones and will begin to study them as well.

Note

1. According to the EU Commission, 2005 the definition of what constitutes SMEs are thosewith less than 250 employees and annual turnover less than e50 million or less thane43 annual balance sheet total. Thus, large companies are those not SMEs.

References

Albrecht, W.S., Albrecht, C.C. and Albrecht, C.O. (2006), Fraud Examination 2e, ThompsonSouthwestern, Mason, OH.

Association of Certified Fraud Examiners (2004), Report to the Nation: Occupational Fraud andAbuse, Association of Certified Fraud Examiners, Austin, TX.

Baker, N. (2007), “The fraud disconnect”, Internal Auditor, Vol. 64 No. 2, pp. 38-44.


207

Barlaup, K., Dronen, H.R. and Stuart, I. (2009), “Restoring trust in auditing: ethical discernmentand the Adelphia scandal”, Managerial Auditing Journal, Vol. 24 No. 2, pp. 183-203.

Beasley, M. (1996), “An empirical analysis of the relation between corporate governance andmanagement fraud”, Accounting Review, Vol. 71 No. 4, pp. 443-65.

Bierstaker, J.L., Brody, R.G. and Pacini, C. (2006), “Accountants’ perceptions regarding frauddetection and prevention methods”, Managerial Auditing Journal, Vol. 21 No. 5, pp. 520-35.

Bressler, M.S. and Bressler, L.A. (2007), “A model for prevention and detection of criminalactivity impacting small business”, The Entrepreneurial Executive, Vol. 12, pp. 23-36.

Bussman, K.D. and Werle, M. (2006), “Addressing crime in companies”, British Journal ofCriminology, Vol. 46, pp. 118-1144.

Cyprus Government (2007), Corporate Governance Code, 2nd ed., available at: www.cse.com.cy/en/MarketData/Data/corp%20%20gover%20code%202nd%20Anatheorimeno%20edition%20%209-3-07.doc (accessed April 6, 2009).

Cyprus Government, Cyprus Chamber of Commerce and Industry (2007-2008), Cyprus Servicesand Cyprus Exports (manufacturers – exporters), Cyprus Government, Cyprus Chamber ofCommerce and Industry, Nicosia.

Ernst and Young (2006), Fraud Risk in Emerging Markets, Ernst and Young, available at: www.ey.com/perspectives (accessed March 13, 2009).

European Commission (2005), The New SME Definition, User Guide and Model Declaration,Enterprise and Industry, Brussels.

Fukuyama, F. (1995), Trust: The Social Virtues and The Creation of Prosperity, The Free Press,New York, NY.

Hanno, D.M. and Hughes, T.A. (1999), “Defending your dollars”, Strategic Finance, Vol. 81 No. 2,pp. 56-60.

Karide, A. (2009), “Most fraud does not get reported”, Alithia Newspaper, May 29, p. 23.

Keegan, S.N. and Lucas, R. (2005), “Hospitality and hostility: dealing with low response rates inpostal surveys”, International Journal of Hospitality Management, Vol. 24 No. 2, pp. 157-69.

KPMG (2004), KPMG Fraud Survey, available at: www.kpmg.com.au/aci/docs/Fraud-Survey-2004.pdf (accessed April 3, 2009).

KPMG (2007), Fighting Fraud, Vol. 24, available at: www.kpmg.ch/docs/20071210_Magazine_Fighting_Fraud_-_Issue_24_-_Autumn_-_Winter_2007_2007.pdf

Larimer, R. (2006), “American businesses lose nearly $652 billion to fraud and embezzlementeach year”, Colorado Springs Business Journal, October 13.

Neocleous, E.A. (2000), Introduction to Cyprus Law, Yorkhill Law, Albany, NY.

Porter, B. (2009), “The audit trinity: the key to securing corporate accountability”, ManagerialAuditing Journal, Vol. 24 No. 2, pp. 156-82.

PricewaterhouseCoopers (2003), Global Economic Survey 2003, available at: www.pwcglobal.com/extweb/ncsurvers.nsf (accessed January 12, 2009).

PricewaterhouseCoopers (2007), Economic Crime: People, Culture and Controls, The 4th BiennialGlobal Economic Crime Survey, available at: www.pwc.com/extweb/pwcpublications.nsf/docid/1E0890149345149E8525737000705AF1/$file/PwC_2007GECS.pdf (accessed January12, 2009).

Saksena, P. (2003), “The relationship between corporate governance and management fraud:an empirical analysis”, Academy of Accounting and Financial Studies Journal, Vol. 7 No. 3,pp. 21-37.

JFC17,2

208

Thomas, A.R. and Gibson, K.M. (2003), “Management is responsible, too”, Journal ofAccountancy, Vol. 195 No. 4, pp. 53-5.

Uzun, H., Szewczyk, S.H. and Varma, R. (2004), “Board composition and corporate fraud”,Financial Analysis Journal, Vol. 60 No. 3, pp. 33-43.

Wang, Y. and Kleiner, B.H. (2005), “Defining employee dishonesty”, Management ResearchNews, Vol. 28 Nos 2/3, pp. 11-22.

Wells, J.T. (2003), “The fraud examiners”, Journal of Accountancy, Vol. 196 No. 4, pp. 76-80.

Wells, J.T. (2004), “Small business big losses”, Journal of Accountancy, Vol. 198 No. 6, pp. 42-7.

World Bank (2007), Defining Small Economy, World Bank, Washington, DC, available at: http://go.worldbank.org/QLCDU7B8T0 (accessed May 6, 2009).

Corresponding authorMaria Krambia-Kapardis can be contacted at: [email protected]


209

To purchase reprints of this article please e-mail: [email protected] visit our web site for further details: www.emeraldinsight.com/reprints

Date post:	13-Dec-2016
Category:	Documents
Upload:	anastasios
View:	214 times
Download:	1 times

Investigating incidents of fraud in small economies: the case for Cyprus

Documents