Fraud is an unseen crime and is often active within a business, carrying on beneath the surface. Often it goes on for years, discovered by accident or when times are tight and belts are being pulled in. Protecting against fraud seems to be the obvious course, given the scale of losses it can cause. Just being aware of the problem is not enough, there are firm steps that should be taken to protect your assets.
After you have realised that fraud is a serious risk and are no longer complacent about the subject, you then need to cascade this new outlook down to your staff. You have obtained a few examples of fraud policy documents written by a range of other organisations and have drafted your own suitable for the size and nature of your business. Now that you have your biggest anti-fraud control in place there are a number of important and constructive steps that need to be followed to strengthen your security and provide some peace of mind that the fraudster Crimes against Humanity will find your business a difficult proposition.
1. You will have circulated your new fraud policy throughout your business in order to improve the overall culture within the business. A request for comments should be made – this should include comments on areas of fraud risk within the business and a request for volunteers to sit on a small anti-fraud steering committee that will meet once every couple of months at the most to review the anti-fraud control framework generally. Attendees from management and finance functions should be joined by representatives from sales, purchasing, manufacturing and other departments. Information technology or computer support departments should certainly have a place on this committee. The fraud group would probably be steered by a senior member of the finance department or board of directors.
2. Apportion roles to people with different skills and perspectives to review fraud risk in different areas. For example a senior manager and a manufacturing supervisor who sit on the committee might be assigned the finance department, with a senior bookkeeper being responsible for looking at purchasing. Key roles would be always changing and overall membership of the group rotated each year. By doing this the whole business is examined by cross department personnel continually. This sort of system can be adjusted to suit the size of the organisation in question, but is suited to medium and large concerns having a large enough workforce and an adequate pool of supervisory “white collar” staff and management. However, do not forget the junior staff who can sometimes usefully challenge management and provide a valuable contribution to the fraud prevention process.
3. You have now set up what is effectively a specialized “audit committee” that is part of your company’s system of governance. It can strongly support any large organisation, public authority, bank, insurance company or listed company if properly promoted. Fraud skills and experience can make it more effective. The fraud prevention matrix needs specialist fraud skills and experience in the same way as general corporate governance requires solid business and financial acumen to succeed. Audit committees invite participants from outside the business, such as a member from the statutory auditing firm used for the company’s annual audit and the management board will include non executive directors. Similarly, benefit would be gained if the newly formed fraud group asks somebody with formal fraud expertise to join to advise on matters being discussed.