Communicate expectations. Governance and Senior Management of the organization must ensure that clear expectations are developed regarding the fraud risk management program, and it is communicated to every department and employee.
Communicate Expectations: Step 5 In Fraud Risk Management
Departmental heads must ensure that all the employees understand their roles and requirements laid down in the policies and procedures. Departmental heads being primary process owners, must assess their staff and team’s capabilities and intentions. A clear message must be given to the employees by departmental heads and senior management to follow the designed internal controls.
Departmental heads must formulate internal processes where team feedback is taken regarding work progress and identification of any potential fraud risks. It should be the responsibility of departmental heads to identify those employees who deeply understand the processes and procedures, and these employees must be part of the fraud risk assessment program. These are the employees who must be given the authority with a clear message of prevention and detection of fraud incidents.
Employees only implement and comply with the policies and procedures when they are provided with the training.
The senior management must devise the appropriate training program for the employees to ensure that they clearly understand the management’s expectations and the requirements laid down in the fraud risk management components such as policies, procedures, manuals, and service level agreements.
The well-developed training programs enable employees to clear the misconceptions and provide a roadmap to perform the roles and responsibilities, to follow the processes to prevent the occurrence of frauds in their respective areas.
Which Businesses Are Affected?
Fraud is a problem that can affect any organization, regardless of size, industry, or country. Fraud may be attempted if the organization has valuable property. High-profile frauds in large multi-national corporations are frequently reported in the media, and smaller businesses may believe they are unlikely to be a target of fraudsters.
According to the ACFE report, small businesses (defined as those with fewer than 100 employees) experience fraud more frequently than large organizations and suffer higher average losses. Small businesses are less likely to be able to absorb large fraud losses than larger businesses and may even go out of business as a result.
According to the findings of PwC’s survey, companies reporting fraud were spread across many industries, with at least a quarter of respondents in any one industry experiencing fraudulent incidents. Insurance and industrial manufacturing suffered the highest average losses. Losses in the financial services industry, which is frequently mentioned in the press and is often associated with fraud, were actually lower than average. Even non-profit organizations are vulnerable to fraud, with government institutions and many charities falling prey to unscrupulous con artists.
‘In my sector, fraud is not a possibility, it is a reality, and we are always dealing with a number of suspicious incidents on a more or less permanent basis,’ said one director working in international development and aid.
Why Do People Commit Fraud?
There is no single cause of fraud, and any explanation must take into account a variety of factors. From the perspective of the fraudster, the following factors must be considered:
- potential offenders’ motivation
- conditions in which people can rationalize their actions
keep potential criminals at bay
- opportunities for criminal activity (s)
- Targets’ perceived suitability for fraud
- The fraudster’s technical ability
- The expected and actual risk of being discovered after the fraud has been committed
- anticipations of discovery’s consequences (including non-penal consequences such as job loss and family stigma, proceeds of crime confiscation, and traditional criminal sanctions)
- actual outcomes of discovery
The Fraud Triangle is a common model that combines many of these elements. This model is based on the assumption that fraud is most likely caused by a combination of three factors: motivation, opportunity, and rationalization.
One of the primary reasons people commit fraud is because they are permitted to do so. Businesses face a wide variety of threats. The threat of fraud can come from within or without the organization, but the likelihood of committing fraud is greatly reduced if the potential fraudster believes that the rewards will be modest, that they will be detected, or that the potential punishment will be unacceptably high.
The main way to accomplish this is to establish a comprehensive control system that aims to prevent fraud and, where fraud cannot be prevented, increases the likelihood of detection and the cost to the fraudster.
Later chapters of this guide detail some of the measures that can be implemented to reduce the organization’s fraud risk. Before delving into the specifics of fraud risk, the guide considers risk management in general.