The risk of corporate fraud, whether internal or external, is on the rise today due to complex procedures implemented, the introduction of new technologies and ever-changing operational management methods within companies. All these factors hinder companies in their efforts to control the risks of corruption, misappropriation of assets and manipulation.
Not only does fraud cost a company money, but it also undermines its reputation and jeopardises trust within the workplace. According to a study by Ernst and Young, 85% of fraud incidents are committed by an employee. With this in mind, companies need to establish appropriate policies and procedures for fraud prevention and detection.
Which prevention strategies should be adopted?
Risk control is based above all on the accurate assessment of risks. Moreover, 46% of frauds are detected thanks to well thought-out internal control and audit systems. For example, the COSO (Committee of Sponsoring Organisations) internal control framework is used by companies to limit fraud attempts.
This internal control must meet three objectives: efficiency of operations, reliability of financial information, and compliance with laws and regulations.
To achieve these objectives, five components have been defined:
- a favourable corporate culture,
- risk assessment,
- data collection and communication,
- control activities
- and finally the monitoring of the internal control including the regular evaluation of the control activities and the updating of the procedures.
An audit committee will be responsible for evaluating the control activities. Among other preventive tasks, it will have to take notice of the measures designed to combat money laundering and examine the effectiveness of actions against internal and external fraud within the group. It will also be required to assess the frauds identified and the costs incurred, and to ensure that a structure is developed to deal with complaints concerning accounting and financial operations.
The implementation of governance codes, codes of conduct and a whistleblowing policy are all strategies that companies can use. Raising awareness among employees through the communication of guidelines is also an aspect that should not be overlooked.
Risk management tools and practices
Analysis of accounting and operational data helps in detecting fraud. A transaction that takes place on a holiday or an unusual transfer may alert control staff to a potential fraud. Or a keyword search of the transaction list can be helpful in identifying unjustified expense claims or unnecessary purchases. Also, the monitoring of payment deadlines can reveal suspicious transfers.
The automation of these processes enables companies to be time-efficient. Some software for managing all accounting and financial processes are programmed to prevent fraud, for example by stopping the double billing of an item. Other tools are built to import accounting records and operational expense information to generate anomaly reports.
However, the adoption of good practices within the company will help to control the risks. This includes the allocation of tasks and responsibilities. By clearly distributing tasks, the company ensures that no single person is responsible for managing an entire process. Otherwise, fraud attempts may increase. Limited physical access to documents and data, such as lists of authorised cheque signatories or specimen signatures of signatories, may reduce exposure to fraud.
Vigilance: the key word
Awareness raising within companies remains the key to counter the risks of fraud. With the advent of cybercrime and increasingly sophisticated fraud techniques, organisations will have to be more cautious and establish IT security policies. And for more agility and security in their internal and external control operations, companies can now equip themselves with suitable software.