#
SAPCompliance
Employees stealing from their employers is a global problem that hits companies deeply in the pocket. And although only a small minority take this illegal path, here is a startling statistic: 60% of employees would steal if they knew they could get away with it (according to the FBI).
And what does all this mean? It means some staff members operating within a company's SAP ERP or S/4HANA enterprise risk management system will do the same - if they believe they won't get caught.
Therefore, a fundamental job at the top of every internal controls team's priority list should be to enable processes fit for purpose in 2023 to detect, prevent, and mitigate employee fraud.
But what are the illegal schemes that internal fraudsters utilize? And what systems can your internal controls team implement to mitigate the risk within SAP?
Read on - because this VOQUZ Labs article reveals everything you need to know.
Employees with criminal intentions who can access the payroll processing system can commit payroll fraud (more about how it works in a moment).
But first this: A staggering 27 percent of all businesses and organizations fall prey to payroll fraud. And according to the Association of Certified Fraud Examiners (ACFE), the typical duration of payroll fraud is around two and a half years - leading to an estimated loss of $63,000 for each incident.
However, the financial losses don't just stop there.
Companies may also face monetary penalties from regulatory authorities due to non-compliance with payroll regulations (depending on the jurisdiction) in payroll fraud cases. But now, let's turn our attention to how payroll fraud works. In practical terms, it manifests in various ways.
Here are the most common:
Many of you reading from the internal controls profession will be very aware of all these schemes and their associated risks. In this article, we can't go into detail for each one, but all of them have the following in common:
They exploit vulnerabilities within the organization's internal controls systems and processes.
And the question now is: How can companies strengthen their internal controls system to reduce workplace payroll fraud within their SAP ERP and S/4HANA environments?
The most common reason companies get stung for hundreds of thousands of dollars (and even more in some instances) with occupational fraud in 2023 is this: They haven't yet switched to internal controls automation for SAP.
You can learn more about internal controls automation in the VOQUZ Labs' guide.
But in a nutshell, the problem is that legacy, outdated manual internal control systems are no longer fit for purpose in a 24/7, digitalized world. For example, did you know that it takes an average of 18 months for companies with manual internal controls processes to discover employee fraud, such as nefarious payroll schemes?
For any CFO in 2023, this figure should be shocking and unacceptable. Why? Because of the incredible technology utilized in internal controls automation, red-flag alerts are now possible (for review by internal controls teams) on the same day suspicious activity occurs.
And the best way to mitigate payroll fraud within SAP is to embrace internal controls automation for real-time monitoring. For example, VOQUZ Labs' remQ Business Inspector is a best-in-class controls automation software add-on for SAP.
The next scheme that employers favor when stealing from the companies they work for involves manipulating invoices to funnel funds into their own pockets. And it's a crime that experts say is on the rise.
It's also a criminal act making headlines in the newspapers worldwide in 2023. How? Because middle-management workers from e-commerce behemoth Amazon defrauded the company of more than $9.4 million (invoice fraud is a central part of the case).
Recommended reading: If you'd like to read more about the Amazon case, our whitepaper will be of interest - Reduce Fraud & Boost Cost Savings by Automating Internal Controls.
But how does invoice fraud work? In its simplest form, here are the key steps:
In this article, we can't go into detail about each step. However, each stage has the following in common: It exploits weaknesses in the internal controls system.
remQ is a continuous monitoring software for SAP ERP and S/4HANA, with a large library of built-in controls that help check master data and business processes to avoid financial losses through errors and fraud. remQ can be set up in less than a day, works regardless of organization size and industry, requires no consulting project, and reduces the cost of compliance through automation.
We'll now examine the most effective way to battle invoice fraud committed by employees within SAP ERP and S/4HANA environments. But before that, it's important to remember that most bad actors always embrace the latest technology to help them beat the system they are against.
Therefore, battling employee invoice fraud using outdated manual controls systems in 2023 is like putting out a forest fire with a bucket of water (obviously, an approach destined to fail).
And remember the FBI statistic from the beginning of the article? Manual controls may encourage invoice fraud because employees with criminal intentions may feel the odds are in their favor of getting away with it.
The best way to put the odds back in your company's favor (like replacing that bucket of water with an air tanker plane) is to get started with internal controls automation.
For example, VOQUZ Labs' remQ Business Inspector is a SAP add-on that intelligently battles invoice fraud using technology such as automated Segregation of Duties (SoD) and real-time audit trails.
And the bottom line is this: Setting up internal controls automation within your SAP environment doesn't just detect invoice fraud (and many other types of fraud) committed by employees - it also deters them from even trying it.
The next common way employees steal from their employees is through expense reimbursement fraud. And can internals controls automation software for SAP help reduce this global problem? Yes - absolutely.
More about how in a moment. But how does this type of fraud work? The Association of Certified Fraud Examiners (ACFE) defines expense reimbursement fraud as when employees make reimbursement claims for fictitious or inflated business expenses. Examples include meals that did not exist or were not business-related, overstated travel expenses, or receipts manipulated to a higher price.
This guide has revealed many tangible ways internal controls automation within a SAP environment can significantly reduce internal fraud. We examined the following:
The ways listed above also help slash illegal expense reimbursement activity cases.
However, there are even more ways that automated internal controls software for SAP can further assist companies in cutting expense reimbursement fraud (and all types of internal fraud) within SAP ERP or S/4HANA environments. For example:
In this article, we revealed some of the most common schemes that employees seeking to enrich themselves illegally deploy to steal money from their companies. It's a massive problem that greatly contributes to the following statistic: Businesses, on average, lose 5% of their revenue to fraud and errors.
And how can companies and organizations who use SAP as their enterprise risk management (ERM) system make inroads in slashing this percentage?
By embracing internal controls automation solutions for SAP.
VOQUZ Labs remQ Business Inspector software is best-in-class automated internal controls software that operates as a SAP add-on with a library of 100+ pre-built shipped controls ready to run. You can click here to learn more about how remQ can assist your business with its goals to reduce fraud, cut audit errors, and stay compliant within your SAP ERP or S/4HANA environment.
Paul is a RegTech content writer & strategist with extensive experience in digital marketing and journalism. His work has appeared in the Guardian newspaper. He also holds a degree in International Relations, where he studied global sanctions compliance and cross-border finance.
Do you have any questions or something to add? Just leave us a message, please! Your message will be delivered by e-mail to us and will not be published.
