Four Simple Steps to Better Manage the Risk of Fraud in 2015
A new year often means new resolutions, such as eat healthier, save money, exercise more, read a new book every month, and the list could go on and on. I suggest a resolution to improve your business by better managing the risk of fraud this year. There is no better time than the present! This is something companies of all sizes and across all industries can implement. Here are four simple steps you can take now or throughout the year to better manage the risk of fraud.
- Review internal controls – Internal controls are essential to preventing fraud, and need to be monitored once they are in place to determine whether they are working as they were originally intended. Over time, changes that occur within the company – staffing changes, software changes, location changes, etc. – may alter the effectiveness of certain internal controls. Controls that are ineffective can increase the risk of fraud. Some questions to consider during the review are: Which controls work well? What are the biggest areas of weakness? Are duties properly segregated? Does the benefit of the control outweigh the cost?
- Implement a whistleblower hotline – According to the Association of Certified Fraud Examiners’ 2014 Report to the Nations on Occupational Fraud and Abuse, over 40% of frauds were initially detected by tips. More than half of these tips were reported through a whistleblower/fraud hotline. People may be reluctant to report fraud to a superior for fear of retaliation. Hotlines give employees, customers, vendors, shareholders, etc. an anonymous avenue to report wrongdoing. The company should make all of these stakeholders aware of the hotline and the hotline should be easy to use. Most importantly, the company must follow up on the tips received through the hotline. Hotlines are often considered a fraud detection tool, and while this is true, the knowledge of having an anonymous hotline can also act as a fraud prevention tool.
- Implement an employee code of conduct and conflict of interest policy – Codes of conduct and conflict of interest statements go a long way in expressing the management’s tone that fraud and other unethical behaviors will not be tolerated by the company. Codes of conduct define how an employee will conduct him or herself while representing the company. Conflict of interest policies dissuade an employee from entering into relationships and transactions that benefit him or her rather than benefitting the company. It is important to have employees sign the documents verifying they have read and understand both policies.
- Consider anti-fraud or ethics training for your entire staff – Employees don’t know what they don’t know. They may be witnessing (or participating in) fraud and may not be aware of it. Providing mandatory anti-fraud or ethics training once a year can help employees understand the definition of fraud, the different types of red flags, and the devastating effects fraud can have on the entire organization.
While these four steps are not the only steps necessary to prevent fraud, they are relatively easy to conduct and will get the company well on its way to implementing a full fraud risk management program.