English - UK	English-Overseas	Brain Teasers
Français	What I need is...	Links
Deutsch	newsletter	email us

Commercial Angles' Newsletter - July 2001

Fraud Prevention - Part III

Fraud control measures

Articles in previous newsletters concerned identifying common types of fraud and fraud detection. This last section discusses the deterrence and prevention of fraud.

Fraud is a crime and the best means of prevention is to understand why it occurs. Fraudsters generally identify an opportunity for exploiting a weakness in the control procedures and then assess whether their potential rewards will outweigh the penalties should they be caught.

Prevention of fraud is a two stage process:

ensure that opportunities for fraud are minimised, (fraud prevention), and
ensure that potential fraudsters believe they will be caught, (fraud deterrence).

Prevention of fraud

In the previous article ways of detecting fraud were discussed. This was in the context of how a suspected fraud could be exposed. Fraud prevention extends this method to examining all the key company systems and viewing them with the mindset of a potential fraudster. This review will need to be carried out by senior personnel who are familiar with the detailed operations within the company's various branches and departments.

The review will bring to light a number of weaknesses in the current systems which could be exploited by a fraudster. Having identified the weaknesses in the current systems, the company must then change those systems by introducing new or different controls. Simple controls are often the most effective and frequently require little management time or effort. For example:

credit notes over a threshhold amount must be explained to and authorised by a senior independent manager before issue.
inventory write-downs must be investigated before authorisation by an independent manager.
key balance sheet accounts must be reconciled monthly and the reconciliation reviewed regularly by senior managers.
fixed assets must be tagged and checked periodically - this can often be combined with the regular testing of electrical and lifting equipment.
ensure that no goods or assets leave a site without a despatch note or other documentation.
sickness absence must be monitored and controlled.
wherever practical, duties must be segregated so that no one person is responsible for both approving expenditure and authorising payment.
physical and electronic access to sensitive areas and procedures must be restricted.
employees must take their vacation entitlement and the work of employees on vacation must be covered by others.
all employees' expense claims must be authorised by their immediate managers before payment.
new employees must be screened and their references must be checked.

The introduction and enforcement of controls like these will reduce the opportunities for fraudsters. The controls themselves warn potential fraudsters that management is actively monitoring the business and that in turn deters fraud.

Deterrence of fraud

In the previous article, the conditions under which fraud thrives were listed. These included an unhealthy corporate culture, domineering management, management abusing or overriding internal controls, low staff morale and weak management. Collectively they reflect the culture of the organisation. Until there is a healthy culture and strong management in all branches and departments of an organisation, attempts to deter fraud will not be very successful. Only when potential fraudsters believe fraud will be detected and when whistle-blowers believe they will be protected will there be an effective deterrence of fraud. The most effective ways of detecting fraud have been found to be:

Internal controls.
Internal audit.
Management review.
Whistle-blowers.
Change of management.
Anonymous tip-offs.
Outside information.
Security of passwords.
External audit.
Accident.
Access/exit controls.

This list emphasises the importance of having strong management and a healthy corporate culture to detect and therefore deter fraud. Physical controls such as passwords and access/exit controls come at the bottom of the list in detecting fraud but have a big deterrent effect on potential fraudsters and are very important in reducing fraud.

Fraud policy and contingency plans

A good way of instilling a healthy culture in the organisation is to give every employee a copy of the organisation's ethics policy as part of their contract of employment or company handbook. This ensures that every employee knows what is expected of them by the organisation. The ethics policy will:

define and give examples of fraud.
explain what external interests may give rise to a conflict of interests.
define the organisation's policy on receiving gifts from external parties.
explain why it is necessary to keep certain information about the organisation confidential.
require employees to report suspected fraud to a named individual.
state that breach of the policy will be treated as a disciplinary offence.
give details of the fraud contingency plan.

The fraud contingency plan should be drawn up and approved by the directors of the organisation as it is they who are responsible for preventing and dealing effectively with fraud. It will contain a description of what should be done if fraud is suspected or detected. This will include nominating the person to lead the investigation, defining the objectives and authority of the investigation team, include information on working with the police and who is responsible for dealing with media interest. As with preventing and deterring fraud, forethought in the event of discovering fraud will lead to a smoother and more professional handling of the matter.

Articles from previous newsletters