Fraud has repercussions far more than just financial losses. Fraud does not stop on its own unless it is detected and stopped. People find ways to continue fraudulent activities even after getting caught. Serious actions to stop the fraud can only help.
The question is who is responsible for fraud detection?
Management as they are owners or internal auditors since they have technology and are involved day in and out with highlighting indiscrepencies? The responsibility lies in the corporate culture and a mutual understanding among audit, fraud investigators, and senior management. There are many standards who establish auditor’s duty in fraud detection. However they state that auditors are not responsible to prevent or detect fraud on basis of audit. Management on the other hand is responsible for monitoring operations in the company. They are responsible to create a corporate culture that helps employees either auditors or non-auditors to highlight a fraud. Basically answer lies in good governance and in developing a fraud resistant company culture. A fraud awareness program in the company, trainings, encouraging ethical behavior by appreciation, mandatory background check of employees before their onboarding and a corporate fraud policy will help in anti-fraud environment.
Fraud policy must haves:
- Corporate fraud policy is a formal statement to set the tone against attempt to and fraudulent activities in the company.
- What fraud means to the company and what act will be regarded as fraud.
- Must mention that fraud is not only against the company but also an illegal activity in favor of company but against any organization or individual
- Must define what will be the repercussions of fraud
- Who is responsible for flagging fraudulent activities
- Lawful actions or any actions that will be taken in case of fraud detection
- Rights of company to publish fraud
- Reporting procedure and escalation matrix for fraud