Kristin Moody, CPA, CFE
As restrictions put in place to limit the spread of COVID-19 have been lifted, many business owners and members of organizational management have been faced with decisions related to nearly every aspect of their organizations’ functions in a post-pandemic world. Over the past year and a half, shifts related to the pandemic have been noted in individual business operations (such as the shift to remote work), general economic impacts (supply chain issues or disruptions, stimulus programs), and consumer behavior (a shift to mostly online transactions), and these will likely remain significant going forward.
Because of these fundamental shifts, fraud risks affecting businesses and other organizations have also changed. In a survey titled The Next Normal completed by the Association of Certified Fraud Examiners (ACFE), more than two-thirds of respondents indicated that these shifts have had a significant impact or moderate impact on their organization’s fraud risk management or fraud risk landscape, and 71% of respondents expect the level of fraud impacting their organizations to increase over the next 12 months.
Increases are expected in nearly all types of fraud, especially cyber fraud and social engineering (over 80%). Other significant expected areas of increase are identity crime, unemployment fraud, and payment fraud, all with expected increases of over 70%. In an attempt to combat the expected increased risk, organizations have increased their budgets for anti-fraud programs and technologies.
Construction Contractors
According to the Association of Certified Fraud Examiners (ACFE) Report to the Nations, 2020 Global Study on Occupational Fraud and Abuse, the median loss per fraud scheme in the construction industry was $200,000, however, the average loss was over $1.8 million. Based on this same report, the most common fraud schemes to contractors are:
- Corruption (occurs in 47% of schemes) — This category includes conflicts of interest, bribery, kickbacks, and economic extortion, as well as collusion or bid rigging or unauthorized access and subsequent disclosure of confidential information related to bids.
- Financial statement fraud (occurs in 25% of schemes)—This involves an intentional material misstatement or omission in financial statements. In the construction industry this may be to meet debt covenants or bonding requirements.
- Billing (occurs in 22% of schemes)— Invoices may be submitted for fictitious goods or services or from fictitious vendors, or invoices may be inflated as a result of the substitution of materials for those of a lower quality, billings calculated with incorrect labor rates, or for uncompleted work.
- Check and payment tampering (occurs in 17% of schemes) — Fraudsters may intercept, forge, or alter checks in order to divert assets. Office employees may also be able to write checks to fictitious vendors, while project or field employees may be able to submit fictitious invoices and intercept payment.
It is important to note that the data in the 2020 Report to the Nations was gathered prior to the onset of the pandemic.
Post-Pandemic
Because the construction industry was declared an essential industry, many projects were not shut down even early on in the pandemic, leading many to believe the industry was not impacted the same way many others were. However, there were more shifts in business operations and general economic factors that had an effect on contractors. There is also continued uncertainty in the market related to overall economic conditions and government funding necessary for infrastructure projects.
Those factors include:
- Delays likely initially triggered by other issues during the lockdown periods
- Labor shortages,
- Supply chain delays,
- Increased materials costs, and
- Technology changes.
When coupling these factors with the types of construction fraud common among contractors, as well as expected increases in nearly all types of fraud, here are some things you should keep an eye out for in the wake of COVID-19:
- Cyberfraud and social engineering—Cyberfraud can take many forms, such as email compromise, hacking, ransomware or malware, phishing, baiting, smishing, or brandjacking and as the use of technology has changed for companies as a result of COVID-19, organizations are increasingly susceptible. The Colonial Pipeline gas shortage was a result of economic extortion caused by cyberfraud. To combat this risk, beware of phishing emails, fraudulent text messages, or other potentially false hyperlinks; be skeptical of unsolicited communications from governmental agencies asking for information or payment; and when in doubt, pick up the telephone to verify.
- Payment frauds—Check or payment tampering is not a new scheme to fraud-aware contractors, but coupling it with technology can present new issues. Business owners should continue to watch out for credit card fraud, as it can be much harder for businesses to make recoveries. There should also be strong controls in place, such as multi-party verifications, to prevent wire transfer scams. Be wary of urgent emails to transfer funds. Lastly, in merchant identity schemes, a fake company can be set up, using your company’s information, to target your customers, steal credit card or personal information, or make false charges, typically disappearing as soon as the scheme is discovered.
- Vendor or seller fraud—This can occur internally or externally and can include scenarios from both payment and billing frauds for contractors, aspects of which may be magnified due to increased materials costs, supply chain issues, or contract delays.
The ACFE concluded in The Next Normal that improvement opportunities exist to enhance the effectiveness of anti-fraud programs in our new environment. Going forward, enhanced fraud risk awareness and increased coordination and collaboration across the organization will be imperative to be effective in the post-pandemic world. Suttle & Stalnaker, PLLC is here to help you navigate the post-pandemic business world, help you increase fraud risk awareness across your business, and reduce susceptibility to fraud in the future.
Kristin Moody is an audit and consulting Senior Manager at Suttle & Stalnaker, PLLC and has over 10 years of experience in public accounting. She is a Certified Public Accountant (CPA) and Certified Fraud Examiner (CFE).