Fraud is a growing concern for all businesses and many of them are affected every year, whether they want to admit it or not is another matter. The key to reducing the possibility and therefore the impact on your organization in terms of losing money and potentially getting a bad reputation is having an effective internal control system.
There are five anti-fraud points that companies should implement, starting with having a strong anti-fraud stance, which should be felt throughout the organization.
An empowered audit committee
An audit committee is a necessity in a large organization, especially if the stakeholders are not part of the management (both private and public). The committee must be aware first of all of the fraud risks that are present for the company, as well as other potential risks of scams that may arise in the future. The audit committee should work with management to understand the monitoring systems and how they seek to mitigate those risks. A good committee should make sure to remain skeptical and investigate everything, no matter how small.
Regular and detailed fraud risk assessments
Regular is really key, the threat will be significantly reduced if employees know that accounts and systems will be regularly assessed and any external fraud detected as soon as possible and hopefully before the scam causes too much damage. An effective fraud assessment should cover the different scenarios of fraud schemes that could be carried out, the people in the organization that could carry out those schemes, and the impact it would have on the organization.
Educating employees: anti-fraud policy
It is not uncommon for employees to abuse the company’s refund policy or use the resources for their own gain, which can go unnoticed and not be seen as fraud, however, the misuse of company assets is a waste of time and resources, which costs the company. Fraud, in most cases, starts out small, so nipping it in the bud will eliminate many of the organization’s problems. A scammer will start by taking advantage of the expenses, then he will probably gain confidence and start other scams.
Organizations must implement a non-tolerance policy to send the message to all employees that any type of fraud or misconduct will be dealt with severely.
Respond to fraud claims
Regardless of the size of the organization, all reports of fraud should be investigated, as the potential effect on the organization could be enormous. A policy must be implemented, a printout that the organization will follow for the collection of evidence, the responsibilities that each department and managers have and who will be informed depending on the severity of the allegation.
Efficient reporting system
All businesses should have a hotline to report scams they have found or suspect. Using a hotline is one of the easiest ways for both employees and the company to operate, and it is also the least expensive way to report potential scams.
A regular review of the hotline should be conducted to ensure that it is as efficient as possible, either by management or a third party. The hotline should not be limited to employees. To cover any possible fraud, the number must be external to also cover customers and suppliers and, if the business is global, it must operate 24 hours a day, 7 days a week. As part of employee training, the types of activities that employees should monitor and report should be included.
To learn more about anti-fraud schemes and scam prevention, I suggested attending a dedicated conference, such as the Marcus Evans Scam Lectures.
