As the Covid-19 pandemic continues, governments around the world have ordered lockdowns and companies have told staff to work from home. A side-effect – and one that is worrying finance professionals – is that the myriad new ways of working are making it difficult for companies to effectively deploy due diligence, compliance and training, which could lead to a spike in white-collar crime.
Covid-19 has caused unprecedented disruption to businesses and created an environment outside the contingency plans most corporations have in place. The disruption has changed where work is conducted and how people interact. For those in charge of compliance, lockdowns have made communication and evidence-gathering for the enquiry process much harder.
‘In some cases, respondents are unable to provide the required answers or documents within the prescribed time, or even to provide them at all, as a result of reduced staffing in their offices or restricted access to document repositories,’ says Johnson Kong, president of the Hong Kong Institute of Certified Public Accountants.
Existing compliance programmes, such as in-person training or investigative due diligence and interviews, are also in peril as economies take hard hits. With due diligence interviews being conducted by telephone or video conference, and forensic investigations being carried out remotely, the related economic downturn may prompt companies to scale back or delay certain mitigation measures, such as introducing compliance programmes, and there is also a danger that they may shift their focus to struggling operations.
There are a number of reasons why white-collar crime, which is typically financially motivated and non-violent, may be more prevalent during the current pandemic. History suggests that at times of economic crisis, factors like delays in enforcement activities, rapid disbursements of cash in stimulus spending and backlogs in the courts all come together to open up opportunities for profitable illegal activities.
During the 2008 global financial crisis, investment scams, supply-chain fraud and bribery attempts spiked as wrongdoers tried to make money wherever possible. Insider trading also soared between 2007 and 2009, according to a study by a team from the University of Pennsylvania’s Wharton School, Stanford University, the University of Cambridge and IESE Business School.
‘Even if changes may not have the bugs worked out, accountants should still perform effective evaluation to identify potential gaps in the system’
Guard against the crime spike
Compliance experts have already seen a spike in white-collar crime as the Covid-19 pandemic puts pressure on company systems.
One area of concern is invoice-type fraud, which can take many forms and can grow thanks to disruption to supply chains. Another concern is insider trading, which is made easier by the lax nature of being away from the office environment, says Nick Parfitt, head of market planning, and Christophe Barel, managing director, APAC, at Acuris Risk Intelligence.
‘We have already been approached by a number of private equity firms to conduct forensic reviews of some of their portfolios, especially in emerging markets around Asia,’ says Stuart Witchell, managing director at Berkeley Research Group (Hong Kong).
‘There is concern about fraudulent transactions and the siphoning of assets out of companies due to coronavirus affecting economies and supply chains,’ To guard against these risks, companies should step up their game to ensure compliance, he notes.
‘It is important for companies to manage and understand how and where they are likely to be vulnerable and to make sure their systems, controls and policies are revisited and scrutinised,’ say Parfitt and Barel.
They suggest several preventative steps businesses can take, the first being to double down on educating staff around the risks posed to themselves and the organisation. Executives then need to consider what activities may be postponed while also making sure each employee assesses risks in their home lives for potential espionage, fraud and ‘joint venture’ collusion.
Companies should also find out what sensitive information about the business and employees could be accessed by criminals.
This time around, disruption to supply chains has also increased the risk of bribery and corruption as critical items became scarce, says Wilson Ang, a dispute resolution partner at the law firm Norton Rose Fulbright Singapore.
‘In these circumstances, a ‘grey market’ may arise and business functions, such as procurement, may resort to improper conduct in an attempt to obtain items,’ he says, adding that employees who are under pressure to meet unrealistic targets could resort to accounting fraud or financial misaccounting.
Stress test for security
Ang suggests that companies stress-test their existing compliance policies and procedures to ensure that they are digitalised. ‘In-person compliance training should be moved to online training and continue to be rolled out,’ he says, adding that it is critical that compliance programmes run as if it were business as usual.
He emphasises that decisions to defer or modify compliance initiatives must be defensible and properly documented, so that they can be justified to stakeholders and regulators. Putting in place whistleblowing hotlines can also help.
Meanwhile, internal audit functions should be made aware of the heightened risks of white-collar crime during this period, with finance professionals building additional checks into audit mechanisms to ensure that any weaknesses in a company’s systems and controls are identified. There are also concerns about the sophistication of criminals who are devising complicated ways of circumventing laws and compliance checks by making it harder to assess their culture and integrity.
‘Companies ought to be building an improved compliance programme to include new risks such as business continuity, ownership changes, government interactions and others to prepare in advance for the long-term consequences of the pandemic,’ says the Red Flag Group, a Hong Kong-based integrity and compliance risk firm.
Focus on internal control
Accounting professionals can play a more active role in preventing losses to activities such as fraud and embezzlement, even when it becomes more difficult to effectively carry out due diligence.
Kong suggests that accountants in business pay extra attention to internal control systems during the lockdown. Special work or approval arrangements with loopholes – for example, fewer levels of approval for expenses – may have been rapidly developed and implemented. These procedures may be open to misuse or easily be circumvented, he warns.
‘Even if the procedural changes may not have the bugs worked out, accountants and companies should still perform effective evaluation to identify potential gaps in the system to minimise risks,’ Kong says.
Accountants in public practice, such as auditors, may also need to spend more time assessing their clients’ control environments to determine if there have been changes that may present threats to the integrity of clients’ operations. These could result in material misstatements to financial statements.
‘Accountants can assume the watchdog role of auditors, exercising professional scepticism when in doubt,’ Kong says. ‘They should maintain a sceptical mindset, alert to situations which may suggest possible fraud, embezzlement and other crime.’
With this in mind, accountants can challenge inconsistent or unsupportable assertions and determine whether the supporting evidence is sufficient to persuade them about the proper treatment of the transaction. In these unprecedented times, accountants need to understand what types of activities may be susceptible to fraud and take the initiative to dig deeper into any suspicious results or activities.
‘Where physical contact is restricted, more focus needs to be placed on the use of IT in securing the working of key control points’
Meanwhile, preventing irregularities is a key responsibility of management, one that requires solid internal controls. Kong says that accountants employed in management positions should ensure the effective functioning of a well-designed internal control system.
‘In current circumstances where physical contact is restricted, more focus needs to be placed on the use of IT in securing the working of key control points, such as detecting unusual transactions and approving transactions,’ he says.
To some extent, Kong believes accountants acting as external auditors also play a role in fraud detection. The audit process is designed to uncover material misstatements in the financial statements, some of which may result from fraudulent activities.
Speaking as an external auditor, Louis Lau, a Hong Kong-based partner at the Capital Markets Advisory Group at KPMG China, highlights the importance of internal controls and processes. While many corporations have reduced non-core activities to the greatest extent possible, he reminds accountants and those charged with governance that such scaling down does not apply to critical internal controls and processes.
‘These cannot be eliminated but only substituted by carefully designed alternative means or procedures to avoid creating any loopholes,’ he says.
‘While technology enablement makes working-from-home arrangements possible for many corporations, it doesn’t equate to the cutting of corners in corporate governance if entities have sound internal control systems and the same protocols are followed.’