Fraud can disrupt business continuity, reduce the quality and effectiveness of critical services or products, and threaten financial stability. Fraud will also damage an organisation’s public image and reputation.
The keys to minimising the incidence of fraud and its impact on an organisation’s bottom line include the existence of sound operational policies and procedures to mitigate the risk of fraud occurring, a fraud awareness culture across the organisation, and taking appropriate action when suspected fraud or corrupt activity occurs.
There are a number of specific things that can be done to mitigate the risk of fraud, and promote fraud awareness. These include:
A fraud control policy will demonstrate resolve to mitigate and manage the incidence of fraud.
The policy should clearly communicate the organisation’s values and promote its ethical business practices, it should articulate the commitment of senior people to these principles, be based on a risk management ethos, and contain pre-determined responses to identified fraud related threats.
A process to identify and assess fraud risk must consider current threats from both internal and external sources, as well as potential or emerging threats.
Fraud can occur in many parts of a business. Management needs to identify where the business could be most susceptible to fraud (higher risk areas include payroll, procurement, inventory management, cash/credit transactions, electronic banking).
It can be useful to talk to your auditors about a fraud review to identify the risks and possible safeguards.
Internal controls are the first line of defence against fraud. You need to ensure that internal controls are strong enough to either eliminate or severely limit the possibility of fraud, or to trigger an alarm when a potential fraud may be occurring.
Internal controls must also cover operational performance and compliance not just financial management.
Many software products can produce audit trails which, used effectively, may assist preventing fraud.
Employees are crucial in reporting and controlling fraud in an organisation. Accordingly, organisations need formal mechanisms for people to report suspicious actions or potential wrong doing. Staff must be clear about whom they report to, in what manner, and when.
Reporting frameworks should also include requirements about reporting incidents (or suspected incidents) of fraud to the police.
An effective internal reporting mechanism can also be important in identifying areas of actual/potential fraud risk that are not currently known, and in obtaining suggestions from staff for system improvements.
Education and training
This is a key ingredient for fostering a fraud awareness culture across organisations. Employee induction programs should set the scene early and include elements related to fraud management such as a reference to the fraud control policy, a statement from the chief executive that fraudulent activity will not be tolerated, and specific processes and practices covering the identification/management/ reporting of fraud.
Organisations can also develop a more structured education and awareness program focused on assisting employees to recognise, detect and prevent fraud. This will continually reinforce the fraud controls that all staff are required to know and adopt.
Being fraud aware
Owners can be confident that an effective fraud awareness culture exists when fraud prevention becomes a way of life in an organisation.
More specifically, managing fraud will be something that everybody knows because it is “simply the way we do things around here”.
This information is provided as a guide only and is not intended to constitute advice whether legal or professional. You should obtain appropriate advice concerning your particular circumstances.