Why some companies put fraud risk management in the "too hard basket"

There are two main reasons why some companies find fraud risk management difficult to implement:

1.They base their decisions on probability rather than possibility.
2.Fraud risk management can seem to contravene other positive workplace and governance philosophies and models (emphasis on trust not control).

Some types of companies (such as banks) are accustomed to the notion of fraud and so usually have comprehensive fraud risk management systems.

Fraud risks are generally based on the probability formula contained in Australian New Zealand Standard 4360:2004 of an assessment of likelihood and consequence.

If your company does not deal with such risks on a daily basis, then you may assume that the probability of fraud is low. Therefore your fraud risk management systems may be underdeveloped.

Companies that value a positive workplace culture can sometimes be reluctant or slow to implement fraud risk management, due to a fear of creating a culture of suspicion.

Organisations who have implemented a good corporate governance and risk management framework find when it comes to fraud, if there are loopholes in the controls, fraudsters will exploit them, sometimes with catastrophic results.

However, fraud does happen and it can have devastating effects on companies, employees, customers and investors.

According to KPMG’s 2008 Australian/New Zealand Fraud Survey, whistleblowing is still the most effective mechanism to identify fraud. The survey reported that of all frauds investigated, 22% were identified by employees, 23% by external third parties and 2% through anonymous letters or calls. Whistleblowing accounts for a total of 47% of all frauds uncovered in the workplace.

Your workplace cannot afford to be without effective mechanisms for safe, confidential and easy to use whistleblowing practices.

Fraud risk management can be difficult to implement internally

Asking internal managers to assess fraud risk is not always easy or appropriate.

Standard risk self-assessment methodologies have not been of much use in identifying such loopholes.

What can a Risk Manager do to gain an accurate understanding of fraud risks across the organisation and raise them at the appropriate level?

One way is to look at the controls and procedures from the fraudster’s viewpoint and ask whether they can be bypassed by using a particular method of fraud.

An honest person will not always be able to identify the possibilities for fraud because they are not used to looking for fraudulent opportunities.

Also, internal staff are trained to create systems that ensure ease of operation, rather than systems that can potentially “catch out” dishonest people or intentions.

The two objectives do not necessarily complement each other

Why external fraud risk management assessments work

An external assessment of your fraud risk management may be able to clearly identify areas that have potential gaps or loopholes.

Effective fraud risk management needs to assess the possibility of fraud by dishonest or external persons, rather than the probability of fraud within a usual or honest “circle of expectations”.

Assist your internal managers to create checklists of possible areas of fraud by enlisting the assistance of a Risk Management Specialist or other Disclosure Management Agency and conducting focus groups with employees who may be able to identify system weakness(es).

After your managers have been educated about the possible ways fraudsters might exploit or avoid existing controls, they will be in a better position to implement some fraud risk management systems.

Your employees, suppliers, vendors and other personnel are your most powerful anti-fraud agents

Front line employees and those at the daily coal face of your business are in the best position to identify and stop fraud.

These people will notice small changes in systems, inconsistencies in processes or strange behaviour all of which may indicate fraudulent activity.

Reporting evidence or suspicion of fraud is not always an easy thing for honest people to do. They may doubt themselves or fear a sleight to their own reputation.

That is why it is essential for your company to provide secure whistleblowing and feedback mechanisms in the one location

Your-Call has developed a new approach to fraud risk management, fraud reporting and the receipt of information from whistleblowers. Our approach blends traditional telephone-based disclosure management functions with powerful web-based reporting.

Your-Call offers 24/7 reporting that is 100% independent, secure and confidential in real time. We can initiate an audit of your fraud risk. We can then advise you on the most effective way(s) to encourage staff and other personnel to report. Our Disclosure Management Systems are dynamic. We will re-assess your company needs on a regular basis to ensure your reporting systems and processes are in line with company change and growth.

Your-Call’s online reporting solution of Your-Alert allows Directors, Officers and Managers to enhance their fraud risk management by tapping into real-time 24/7, live information on matters of concern in 4 key areas: dishonesty; behavioural issues(including culture, bullying & harassment); regulation; and safety, and Your-Say enables employees, customers, vendors and suppliers to provide feedback on the effectiveness or otherwise of the fraud risk management policies and procedures, identification of risks and suggestions for improvement.

Your-Alert and Your-Say operate independently of your organisation. Our processes have been benchmarked against Standards Australia AS 8004-2003 “Whistleblower protection programs for entities”. They sit alongside the organisation’s Code of Conduct promoting honesty, integrity and transparency. They do not replace existing processes for raising concerns or providing feedback in the workplace, rather they complement these reporting mechanisms by providing an external independent reporting option to an organisation’s whistleblower policy.

It provides Directors, Officers and Management three fraud risk management tools in one; deterrence, compliance/behaviour monitoring and risk mitigation.

Get Started?

If you’re looking to implement a more effective fraud risk management policy that will bring added fraud risk protection to your company click here to email us and download our FREE The Ultimate Whistleblowing Checklist on how to establish a best-practice whistleblowing program, or call 1300 788 712 to discuss how Your-Call can benefit your organisation.

Launch a modern whistleblowing hotline at your organisation today & create a speak up culture

Speak to an expert Download checklist

I’m looking for a best practice guide!

Download the Whistleblowing Program Checklist

How to comply with Australia’s Whistleblower Legislation

Download Your Call’s Leader Guide to understand its impacts.