A Brief Intro to Fraud

What is fraud?

Fraud is defined by the Merriam-Webster dictionary as “intentional perversion of truth in order to induce another to part with something of value or to surrender a legal right”.

More simply put, fraud is an act of deception, with the intention to achieve financial or personal gain.

The fraud triangle

Typically, three conditions need to be present for fraud to occur. These three conditions are commonly known as the fraud triangle.


Incentive refers to a financial or other type of gain that the perpetrator would achieve as a result of committing the fraud. In small or mid sized businesses, the incentive is typically financial.


Opportunity refers to the perpetrator’s ability to identify the occasion to commit the fraud. Often in smaller businesses, an opportunity arises due to lack of segregation of duties, or insufficient internal controls.


Rationalization refer to the perpetrator’s ability to justify committing the fraud. The rationalization element is typically the element which stops employees from committing a fraud – although they may work for a small business where controls are not strong, they are honest and therefore would not commit the fraud, even if the opportunity existed.

A typical rationalization is that an employee feels they are not paid well enough or that the owner of the business has sufficient wealth, and therefore the employee deserves additional compensation or payment.

Common frauds perpetrated in small to mid sized enterprises

In small to medium sized enterprises, the finance department is often small, consisting of only a few individuals, or even just one full time employee. Accounting staff may also have responsibilities outside of the core finance function. Additionally, small business owners or management often have many things on the go and therefore financial reporting and accounting are sometimes not top priority.

As a result, there are circumstances when all the above noted elements exist and fraud does occur. Below we discuss some frauds that tend to be more common in small to mid sized businesses.

False invoicing or fake vendors

This fraud involves the creation of fictitious invoices or even fake vendors, which are then paid, often using fraudulent bank transfers (described below). Needless to say, although these invoices are paid, the company does not receive any products or services for the cash. Typically these frauds are perpetrated in small dollar amounts over a period of time, to avoid large, noticeable increases in expenses. Over time, these frauds can result in substantial amounts.

Fraudulent bank transfers

This fraud has become more common given the trend towards electronic payments and the move away from paper cheques. In this fraud, the employee may use a bonafide invoice (or a false invoice and/or vendor as described above), but will change the payment details on the electronic transfer request, to pay an account that is not the vendor’s account. Again, these cannot be perpetrated too frequently, otherwise the vendor may notice consistently late payments, or expenses will appear unreasonably high.

Payroll fraud

Payroll fraud is often perpetrated in two ways; fictitious employees and overpayment of overtime (i.e. fictitious hours).

Fictitious employees may be added to the payroll register and paid at each payday. Payroll controls sometimes include the review of changes or anomalies to the payroll for the period, as opposed to a review of the full register – if a fictitious employee is therefore already on payroll and being paid, this could continue for many periods, unless a detailed review of all individuals on the payroll is performed frequently enough.

For hourly employees, if overtime records are not well kept and reviewed/approved, there is the potential for inflated overtime hours to be paid. Employees may not feel this is fraud, however, if all overtime hours claimed were not true hours worked, this is fraud.

Fraud can be committed in an number of ways, the above are just a few of the most common.

Our next blog post will address a few key controls that can be implemented to effectively reduce the risks of these common frauds.