Read through any publication and you’ll likely find an article about some form of fraud. Luckily, certain frauds remain statistically rare; however, financial fraud and theft is becoming more common, and can happen anywhere. Law firms can be targeted just like any business, if not more so because of the perception of deep pockets. What can you do, then, to protect your firm from theft or fraud? The best deterrence against suffering significant losses from fraud is a strong internal control environment. The Association of Certified Fraud Examiners’ 2018 “Report to the Nations” notes the following1:
- The median loss from fraud in the U.S. is $108,000.
- Nearly half of all fraud is the result of a weakness in internal controls.
- A typical organization loses an estimated 5 percent of their annual revenues to fraud.
- Most fraud losses result in no recovery for the victim.
The report1 goes on to note that strong anti-fraud controls are shown to result in lower losses and quicker fraud detection. Recent news underlines the financial risk of poor anti-fraud controls. A former managing partner of a law firm was convicted in October 2018 of nearly two dozen counts of wire fraud, colluding with the firm’s controller to take over $20 million from the firm’s operating and client escrow accounts over several years. These thefts managed to go undetected for years through continued collusion between two trusted members of firm management, who incessantly lied to the firm’s shareholders and falsified financial records.
Examples like this can seem extreme, and it’s easy to think (or hope) that fraud won’t happen in your firm, until it does. There is no foolproof prevention mechanism, but a strong internal control environment is your best defense. Yes, it can be time consuming to incorporate a layer of controls around every transaction, but can you afford not to? The statistics and examples already mentioned reinforce Benjamin Franklin’s axiom that “an ounce of prevention is worth a pound of cure.”
Adding to the complexity is the constant advancement of technology and the evolution of fraud to find new ways to exploit it. For this reason, it is essential that today’s law firms continuously reevaluate internal controls to ensure they’re updated to combat contemporary threats and effectively safeguard assets. The good news is that relatively minor control implementations can go a long way in protecting your firm’s assets. Let’s analyze the specific transaction areas that are more commonly susceptible to fraud within law firms, which include:
