ROOT CAUSE ANALYSIS USING FRAUD PENTAGON THEORY APPROACH (A Conceptual Framework)

DOI: 10.21532/apfjournal.v5i1.142 ABTRACT Fraud and corruption are two types of crimes that can harm others. According to Transparency International, the perceived level of public sector corruption in Indonesia was ranked 89 out of 180 countries in the world in 2018. Seeing this condition, more attention should be paid to the prevention and deterrence process to reduce the more losses. This study aims to develop a conceptual framework for fraud prevention and deterrence by developing root cause analysis using the pentagon fraud approach. Through a literature review, researcher tries to combine root cause analysis with fraud pentagon, called RCAFP Matrix (Root Cause Analysis Fraud Pentagon Matrix) as an effective tool to prevent and deter fraud and corruption. This study also provides an example of the application of RCA-FP Matrix. First, determining the list of root causes associated with Fraud Pentagon; second, choosing one of the causes, as the root cause of fraud findings. In this study, fraud findings are calculated based on account numbers. Finally, the frequency of all causes can be counted, and the main root causes can be found. The results using the RCA-FP matrix show that there are different dominant causes in different regions. Capability is the most frequent case in company-wide. The RCA-FP matrix can be applied in all types of industries and government agencies. As an antifraud measure, the RCA-FP Matrix can be adjusted according to the nature of the organization.


INTRODUCTION
Fraud and corruption are kinds of crimes that can harm others both individually and collectively, such as companies, communities, countries, and nations. Referring to the corruption perception index of countries in the world released by Transparency International in 2018, Indonesia was ranked 89th out of 180 countries. The rating improved compared to 2017, which was in the 96th rank.
Corruption is a fraudulent act to illegally benefit perpetrators by abusing power. Fraud is an act of cheating that anyone can do, whether they have power or not. Corruption is usually carried out by the state administrators, while fraud commonly occurs in private companies.
In the financial industry, fraud usually involves internal company actors. Quoted from Antara News (April 1, 2017) that according to the OJK 2 Bank Supervision Director, 90% of banking fraud cases involve "insiders". One of the triggers is the customer's indifference to fund management because they already trust the bank. Such a condition causes the bank employees to commit fraud.
The established theory of fraud causes is the Fraud Triangle model, which is later developed into Fraud Diamond and Fraud Pentagon. These three models basically explain the types of motivation why a person commits Fraud. In other words, the Fraud Triangle, Fraud Diamond, and Fraud Pentagon are the root causes of the fraud.
This study aims to develop a conceptual framework for the analysis of the root causes of Fraud using the Fraud Pentagon approach. The output of the analysis will be the basis for determining improvement recommendations, both in sub-organizations such as regions, products, and divisions, and in company at large. Presentation of the results of the study will be arranged into introduction, theoretical basis, methodology, results and discussion, and conclusions and discussions.

LITERATURE REVIEW AND HYPO-THESIS Definition of Fraud
Fraud is defined as manipulative deviations aimed at benefiting perpetrators and harming banks, customers and other parties (Bank Indonesia, 2011). While ACFE defines fraud as a deliberate fraudulent act that is carried out in such a way as to benefit oneself, groups or other parties (individuals, companies or institutions). Corruption is an abuse of power to gain profits improperly (Kratcoski, 2018). The difference between fraud and corruption is on the element of power or authority possessed by the perpetrators. Corruption is carried out by the authorities, while fraud can be done by anyone. Another difference between fraud and corruption is that corruption is more directed at state administrators, while fraud is more directed at private sector or private companies.
Fraud is one type of operational risk that is classified as internal and external fraud (Chorafas, 2004). This classification is based on the fraud actors, whether from internal or external companies or a combination of both. Internal fraud can be caused by a non-transparent corporate culture and less optimal fraud prevention training, in which internal parties are not encouraged to understand the essence of compliance (Chorafas, 2004).
Elements of fraud are materially false statements that are expressed to the victims so as to believe the false statements, and the victims eventually suffer loss (Hood, 2015). Types of internal fraud are misuse of assets (embezzlement), corruption, and financial reporting fraud (Hood, 2015). The Association of Certified Fraud Examiners (ACFE), in the Report to the Nation 2018, stated that internal Fraud occurred in 89% of cases.

Motivation to Commit Fraud
There are three models that explain why people commit fraud: Fraud Triangle Theory, Fraud Diamond Theory, and Fraud Pentagon Theory. The Fraud Triangle Theory was proposed by Cressey in 1953. The model mentions three main elements that cause people to commit fraud: pressure, opportunity, and rationalization (Zulfa, Bayagub & Firdausi, 2018). The first element is pressure. One of the dimensions of pressure is financial pressure, relating to someone who has financial problems that are difficult to overcome through legal means or according to the rules. These financial problems can occur due to several factors, such as being unable to pay debts, involved in narcotics and illegal drugs, the need to fulfill promises to investors, the need to meet productivity targets, and the desire to have social status symbols, like big house, luxurious cars, and others. The second element is opportunity. The possibility to detect this fraud is quite small. This is because the perpetrators intrigue so that it is difficult to know, or because of the weaknesses of the organization control functions. The third element is rationalization. This element is based on the majority of those who commit fraud for the first time. The fraud perpetrators do not feel guilty, but are in the wrong situation. Rationalizations that are commonly used as reasons are "borrowing not stealing", "entitled to get more", and "forced to steal because of necessity". Source: Crowe (2011) In line with the development of cases, the Fraud Triangle Theory was then considered less able to explain the causes of fraud as in the case of predatory employees who intended to steal from the company, or rationalization is only relevant for the first time committing a fraud (Hood, 2015). Another idea is that the cause of the Fraud Triangle is still at the level of the plan that needs to be realized. To realize this fraud plan, the actors need capability so that the fraud can be carried out. The capability element is an extension of the Fraud Triangle model (Wolfe & Hermanson, 2004). The final element is arrogance. It is the development of the existing fraud causal model. Arrogance, which is associated with greed, is one of the causes of fraud. Characteristics of arrogance element are high ego and arrogance, having ability and power so that they can evade internal control systems, and usually the purpose of arrogance is on non-financial benefits, such as social status, lifestyle, and fear of losing their positions (Crowe, 2011).
Thus it can be concluded that the five fraud motivations summarized in the Fraud Pentagon concept are: 1. Pressure. Fraud can occur because of the pressure of a compelling condition. The pressure includes the existence of targets to be achieved or difficult conditions, such as sick family members. 2. Opportunity. Fraud can occur because of the opportunity to do the fraud. Opportunity in this context refers to the lack of control functions within the organization so that the actors, who initially have no intention to do Fraud, finally can do Fraud. 3. Rationalization. The perception that the fraud committed is not a violation, but something that is indeed reasonable to do. Rationalization is justification for Fraud's actions. The rationalization is done partly because they feel they are not getting a fair salary and the opinion "it is not stealing but borrowing." 4. Capability. Fraud action requires ability to make it happen. This opinion is based on the fact that fraud is originated from the intention to do so. Fraud occurs when the intention can be done because the perpetrator has capabilities. 5. Arrogance. Fraud can occur due to arrogance. Arrogance motivation explains the fraud that is committed due to greed and arrogance so as to evade the internal control system. The purpose of committing fraud is more on non-material aspects, such as social class and lifestyle.

Root Cause Analysis (RCA)
Root Cause Analysis (RCA) is one of the methods of improving quality management. In the context of handling fraud, there are two aspects to be done: prevention and / or deterrence. Prevention is conducted using RCA method which eliminates the root cause in order to prevent fraud, while deterrence is more about behavior modification, such as the application of strict sanctions so that perpetrators do not take action of fraud (AICPA., 2002;Furlan & Bajec, 2008) RCA is one method to get insights from identified findings. RCA analyzes the underlying causes of the problem (The Institution of Internal Auditors, 2013). Assumptions related to RCA include that the root of the problem can be identified so that it can be corrected, and the output of the RCA is an effective recommendation (having an impact, not merely normative) (Tomić & Spasojević Brkić, 2011). The benefits of RCA are as an added value to the organization, the potential for cost efficiency, learning about understanding cause-effect relationships and solutions, providing a logical approach in the problem-solving process, reducing risk, preventing repeated failures, improving performance, encouraging system strengthening, and streamlining examiner team reports (Chartered Institute of Internal Auditors, 2018). Some skills are needed to carry out RCA, such as collaboration, critical thinking, communication, business understanding, and creative problem solving (Las Vegas IIA Chapter, 2013). For the RCA to be effective, it is necessary to practice the following guidelines, (The Institute of Chartered Accountants in England and Wales, 2016): 1. RCA is not a media to build a culture of "blaming"; 2. Criticizing "shallow" answers and existing ideas; 3. Avoiding the answer "quick fix"; 4. Identifying things that might be difficult to fix; 5. Identifying the root causes that are connected directly to one or more review findings; 6. Stop when it is inappropriate to go further with RCA; 7. Making an action plan to correct the root causes of the problem including clear responsibility and sense of belonging to the action.
The steps in carrying out an RCA are: collecting data, compiling diagrams of causative factors, identifying root causes, and formulating recommendations for improvement (Tomić & Spasojević Brkić, 2011). In Practice Advisory 2320-2 about Root Cause Analysis (The Institution of Internal Auditors, 2013) provides techniques and tools that can be used in the RCA, including "Five whys", SIPOC analysis (suppliers, inputs, processes, outputs, customers), "Fishbone / Ishikawa diagrams", and statistical procedures such as correlation or scatter diagrams. The use of techniques and tools must of course take into account organizational conditions such as the duration and skills of the RCA implementers (inspection team).
It is necessary to arrange types of root causes to simplify reporting and analysis of RCA results. The root of the problem can be arranged deductively, starting from the general aspects to the details of the general aspects. Categorization of root causes can be arranged, among others, from general aspects, such as resources, personal, process, and leadership to client aspects (The Institute of Chartered Accountants in England and Wales, 2016). The Practice Advisory 2320-2 regarding Root Cause Analysis focuses on the human aspects related to decisions and actions taken or not taken. The root problem categories that can be compiled are competency, personal quality, inadequate training, technology, organizational culture, number of resources, and decision making process. The Chartered Institute of Internal Auditors (2018) details human factors, such as training, communication, management style, supervision, capability, and motivation. The root of the problems mentioned earlier can certainly be adjusted to the type of industry and business model of the organization.

METHODS Conceptual Framework
RCA results are used to prevent fraud, in the context of both prevention and deterrence. Fraud prevention will be effective if the root cause of the fraud can be overcome or eliminated. Factors causing fraud are formulated in the Fraud Pentagon model, which is a development of the Fraud Triangle and Fraud Diamond. The expected outcome of the study is RCA tools from the fraud incident through the Fraud Pentagon approach. The conceptual framework of this study can be seen in the following figure 4.

RCA and Fraud Pentagon (RCA-FP)
The RCA-FP matrix is a combination of the root cause type on the row side and Pentagon Fraud on the column side. The RCA-FP matrix can be seen in the following Table 1.
Each root of the problem is then arranged and recapitulated as to the frequency of occurrence as seen in the following Table 2.

RESULTS AND DISCUSSION
The most crucial stage of the preparation of the RCA-FP matrix is the determination of the types of root causes associated with the  Source: Processed data Note: • For the sake of recapitulation and reporting, the root of the problem is given a code.
• Types of root problems can be adapted to each organization. The data needed are data about the findings or fraud occurrences with the respective units of measurement. In this example, the author uses the account or account number unit to calculate the frequency of fraud findings. The account or account number attribute can be equipped with a function or region code so that the RCA-FP matrix output can be derived at the division, region, function, or other levels. Each account number or account is mapped into the RCA-FP matrix by dropping down a list of one of the RCA-FP categories, so that aggregate RCA-FP categories can be calculated in total.
After all the data have been collected, the reports are then compiled which are divided into reports per region and company-wide in the form of crosstabulation. Then to simplify the analysis, the data are then converted into radar diagrams to see what the most dominant elements, both regionally and in companywide. From the visualization of the radar diagram, it can be drawn a conclusion about the cause of the fraud event. Based on this conclusion, recommendations for improvement are made, in the context of the prevention of fraud, both prevention and deterrence. The following are examples of recapitulation and visualization of the RCA-FP Matrix output. Source: Processed data The visualization of radar or spider web diagrams is a tool in analyzing the results of the RCA-FP Matrix which makes it easy to draw conclusions. The conclusions of the RCA-FP Matrix must be communicated to the parties concerned. An example of the result of the RCA-FP matrix is that the biggest fraud motivation is the capability category. This finding certainly must be communicated, especially with the human resources section, regarding the corrective steps to be taken.

CONCLUSION
From the results of the application of the RCA-FP Matrix, it can be concluded that the root of the problem at the regional levels is different. In Region 1, the dominant cause is pressure element. In Region 2, the dominant cause is capability element. And in Region 3, the dominant cause is rationalization element. From these results it can be determined improvement  The root causes of fraud in companywide based on the frequency of events are: pressure (40), opportunity (15), rationalization (37), capability (50), and arrogance (2). Thus in the company wide, fraud prevention action plan can be focused on the capability aspect, such as the optimization of a collective internal control system (preventive) and the application of sanctions for different fraud actions for each level of position (deterrence).
This study is still general in nature related to the preparation of the RCA-FP Matrix. The RCA-FP matrix can certainly be adjusted to each industry, especially in relation to determining the type of root cause. Therefore, it is suggested that further researchers carry out empirical tests on several types of industries as a stage of testing and classification of the RCA-FP Matrix. In addition to being applied in different industries, further research can also be carried out in public organizations such as government and private companies.