24 September 2020
Fraud is an ever-present risk to business; however, the outbreak of COVID-19 has significantly increased that risk. With mounting financial pressure, management focus diverted to survival mode, and the necessity to conduct business in new and novel ways, it’s easy to understand how senior executives may be distracted from significant changes to their fraud risk profile.
Fraud risk assessments should be undertaken regularly, but it is particularly important to review those assessments when there are significant changes to the structure, function or activities of your business. There are few changes as significant as COVID-19 impacting businesses in recent history. Accordingly, now is the time to reassess your exposure to fraud.
Understanding Where You May Be Exposed
Key fraud risks exist where cash and other assets can legitimately enter or leave the organisation. Typically, these avenues include Accounts Payable, Accounts Receivable and Payroll (including expense reimbursement claims).
Concentrate your efforts on these areas, ask yourself whether any processes have recently changed? For example, is e-commerce or online transactions a new channel for your business? Has the nature of the risk changed or have new risks emerged? How has this impacted on the effectiveness of your control structure? Examine controls such as:
-
Segregation of duties.
-
Authorisation for banking and other transactions.
-
Delegations of authority.
-
Due diligence of supplier and customer records to avoid false suppliers or customers being created.
Don’t forget the risk of corruption, including bribery and exchanging secret commissions (kickbacks) and inappropriate relationships (e.g., inappropriate favourable treatment). These risks exist wherever there is human interaction.
We recommend that you:
-
— Concentrate your efforts on training and awareness for staff so they can recognise inappropriate approaches or offers from third parties.
-
— Consider including clauses in supplier and agent contracts that prohibit bribery and corruption and provide for a ‘right to audit’.
-
— Review procurement practices and controls, particularly if potential suppliers are invited to tender or provide proposals for the supply of goods and/or services.
FRAUD DETECTION
Many large multi-national companies invest millions of dollars in fraud detection systems and practices, but this is unrealistic for most organisations.
Think about how you might be able to make use of your existing resources. The analysis of structured accounting data contained within accounting packages (e.g. SAP or Oracle) can effectively and efficiently identify unusual or anomalous transactions and/or inappropriate human behaviour, for example:
-
— Duplicate payments.
-
— Unusual changes to supplier, customer or employee
master files.
-
— Unusual relationships (e.g. employees who share features, such as address or bank account numbers with suppliers).
-
— Unusual patterns of transactions (e.g. an unexplained spike in sales towards the end of an accounting period).
In many cases, your best fraud detection device will be your workforce. Make use of this resource by:
-
— Developing a corporate culture that encourages employees to raise concerns to their supervisors or senior management without fear of retribution. Encourage suppliers to report concerns of fraud or preferential treatment to senior management.
-
— Implement a whistleblower protection policy and procedure for those employees (and third parties, such as suppliers) who feel uncomfortable reporting directly.
Remember that the law (from 1 July 2019) provides additional protections for whistleblowers with penalties for a failure to comply. Please contact our team if you need to understand the impact of these provisions on your business.
RESPOND TO SUSPECTED FRAUD
If you suspect fraud, even if it might be considered small or petty, respond. Fraudsters often start small and then build up over time.
Remember that fraud and misconduct investigations can be complex so be prepared to seek specialist HR, legal and forensic response advice.
For further information, please contact:
Mark Pulvirenti, Senior Managing Director, FTI Consulting
