Understanding How Employees & Suppliers Rationalize Spend Fraud

Joshua Danielson
Joshua Danielson
Senior Product Manager, AI/Machine Learning, Coupa Software

Joshua Danielson holds an MBA from IESE Business School in Barcelona and resides in San Francisco.

Read time: 12 mins
Businessman Walking as Shadow Shows Him Running with a Bag

What’s the Typical Fraudster Thinking?

If somebody asked you to describe a typical fraudster, what would you say? How would you define a fraudulent act in your workplace – is it stealing money, compromising legal documentation, trying to claim expenses that aren’t allowed? Fraud is a very real issue for companies globally, but those committing it aren’t necessarily who you think. People that get caught submitting non-compliant spend generally are not career criminals or sociopaths – in fact, 96% of those caught committing fraud are first-time offenders.

Why does this matter? Well, humans are complex, and as policy and process implementers, we sometimes forget to take that into consideration. Many companies rely on generic policies and controls to protect against fraud, thinking such measures are enough to detect and prevent most suspicious spend. But fully preventing the problem of spend fraud includes understanding why fraudsters do what they do.

The Missing Piece of the Fraud Prevention Puzzle

In a recent article in CPA Journal, Rationalizing Fraud – How Thinking Like a Crook Can Help Prevent Fraud, the authors state, “understanding the techniques that allow fraudsters to justify their crimes may prove to be the missing piece of the fraud prevention puzzle, and that better understanding of rationalizations could help corporate governance experts and auditors strengthen their antifraud programs.”

How Big is the Problem? 

According to the 2018 Global Study On Occupational Fraud And Abuse by the Association of Certified Fraud Examiners, companies lose up to 5% of their revenue due to asset misappropriation, corruption and financial statement fraud. Losing 5% of revenues to fraud can significantly hurt a company’s bottom line and profitability. If one could prevent this fraud from happening, it’s a beautiful example of “a penny saved is a penny earned.”

Of the types of fraud, asset misappropriation is by far the most common, accounting for a staggering 89% of all cases. These involve noncash, billing, expense reimbursement, and payment tampering incidents, with the average loss per case at $114,000. Weak internal controls were responsible for nearly half of all instances of fraud.

How it Starts – Perceived Financial Pressures

While there are exceptions, in general the process people go through on their way to committing enterprise fraud follows a common path and trajectory. It starts when an employee or supplier is feeling financial pressures in their personal or professional life, pressures that the person often feels they can’t share with anyone.
fraudster mind

Then, For Some, the Rationalization Process Begins

Feeling financial pressure isn’t enough to motivate most people to fraud. In order to take the next step and plan or commit an illegal act, most people need to first go through a process of rationalizing their behavior to themselves to remove feelings of guilt and justify their actions.

People at this stage of the process say things to themselves like:

  • "I need to do this for my family,” or “for my team..."
  • "It’s the auditors’ job to catch this..."
  • "Come on, it’s not like this is as bad as Enron...”
  • "They owe me this..."
  • "You know, other people in my shoes would do the same, if not a lot worse..."

After Rationalization, Would-Be Fraudsters Look for Opportunities

If a person is feeling enough financial pressure, and then succeeds in rationalizing to themselves that committing a fraudulent act is “justified,” they start looking for opportunities – which often leads to conscripting others to be part of their scheme. While fraud is generally conceived by an individual, it is often perpetrated by a group of employees or a group of employees and suppliers working together.

This isn’t just conjecture. Some of the largest companies we know – including Facebook and Wells Fargo – have been in the news this past year for losing millions of dollars due to employee and supplier fraud. And it’s not just financial losses, these events damage brand reputation. The bottom line is that fraud happens more often than we think, and it can be perpetrated by people we’re unlikely to suspect.

Coupa Spend Guard – Going Beyond What is Humanly Possible

To address these challenges, we developed Spend Guard, Coupa’s AI-powered fraud protection and audit solution. Because fraud is a behavioral issue, you need tools that can track behavioral patterns in order to combat it. Spend Guard’s advanced algorithms, user-level profiles, and in-flight transaction controls to do just that – helping to minimize and stop asset misappropriation and other fraud before it happens. Since Spend Guard is integrated into the Coupa platform, its algorithms look at a user’s spend across the entire organization to identify suspicious activities. This capability is critical to proactively detecting potential fraud, and it’s a radical shift in audit detection that’s unique to Coupa.

Spend Guard’s capabilities are centered around three key areas:

AI-Powered Auditing: Traditional manual auditing is tedious, expensive, and only gets you so far. At best, it discovers fraud after the fact, which makes recovery of losses difficult, if not impossible. Spend Guard has automated AI-powered auditing that surfaces to auditors any anomalous activity across all your spend. Coupa’s models detect these activities using AI-powered machine learning algorithms that automatically learn from what’s normal for users based on their location, function and seniority level within your organization – while also leveraging data from Coupa’s community-sourced intelligence for even more effective detection of abnormal behavior.

User-Level Profiles: One issue with traditional audit technology today is that it looks at behavior in silos by type or activity - for example, by expense or contract violations. But employees and suppliers who submit non-compliant spend (and get away with it the first time) usually won’t limit themselves to just one scheme. They keep looking for opportunities in all of the spend activities they’re involved with, and soon, money can be trickling steadily out of company accounts. Coupa’s user-level profiles provide a more comprehensive approach to detect and prevent fraudulent activity.

In-Flight Transaction Control: We don’t want to just detect non-compliant spend after it happens – Spend Guard exists to prevent and stop this spend before it happens altogether. That’s why Coupa offers in-flight transaction controls that flag suspicious transactions for additional review before approval. We’ve built automatic controls into Spend Guard that help ensure all your transactions are reviewed by the right people at the right time.

When we recognize how easy it is for average people feeling financial pressures to get drawn into fraud through a process of rationalization, we can better protect against it. Coupa Spend Guard, underpinned by Coupa’s Business Spend Management Platform, provides a comprehensive spend fraud detection and prevention system unmatched by anything else available today.