How to tackle fraud in business

IN the wake of numerous corporate scandals in recent years, business leaders are acutely aware that they must address fraud and fraud prevention initiatives – either because regulations require it or their organisation’s survival depends on it. Yet, implementing a comprehensive and integrated approach to fraud risk management across the enterprise remains a significant challenge.

Effective fraud risk management requires more than just ensuring an effective system of internal controls. Companies need to take a strategic approach to fraud risk management by aligning corporate values with performance.

An effective, business-driven fraud risk management approach encompasses controls that have three objectives – prevention, detection and response.


Fraud and misconduct risk assessment. When performed across an entire organisation, this assessment helps management understand their businesses’ unique risks, identify gaps or weaknesses in its controls and develop a plan for targeting the right resources and controls to reduce fraud and misconduct risk.

Code of conduct. A well-written code of conduct is one of the most important mechanisms to communicate with employees about acceptable business standards. It sets the organisation’s tone on control culture, raises awareness of management’s commitment to integrity and provides the resources to help employees achieve management’s compliance goals.

Employee and third-party due diligence. An important part of an effective fraud and misconduct prevention strategy is using appropriate due diligence in the hiring, retention and promotion of employees, agents, vendors and other third parties. Such due diligence becomes especially important for those employees with authority over the financial reporting process.

Communication and training. Raising employees’ awareness of their obligations concerning fraud and misconduct control begins with communications and training. While many organisations take an ad hoc approach, careful planning behind this effort can help send employees a clear message to take their control responsibilities seriously.


Hotlines. Hotlines can provide employees and third parties with a way to report possible fraud and misconduct and to seek advice when the appropriate course of action is unclear. A hotline is usually intended for use when the normal channels of informing a supervisor, human resources or the compliance officer are impractical or ineffective.

Audit and monitoring. Since it is impossible to monitor every fraud and potential misconduct risk, management should develop a comprehensive auditing and monitoring plan that is based on the organisation’s fraud risk assessment process.

Proactive forensic data analysis. Many indicators of fraud and misconduct reside within an organisation’s financial, operational and transactional data. Proactive data analysis tools – such as sophisticated analytic testing, computer-based cross matching, and non-obvious relationship identification – can help identify potential fraud and misconduct that otherwise would remain unnoticed by management, possibly for years.


Internal investigation protocols. When information relating to actual or potential fraud or misconduct is uncovered, management should conduct a comprehensive internal investigation, addressing the situation and potentially lessening the likelihood of a government inquiry.

Enforcement and accountability protocols. A consistent disciplinary system is key to effectively deterring fraud and misconduct. By mandating meaningful discipline, management can send a signal that it considers managing fraud and misconduct risk a top priority.

Disclosure protocols. Although it may be embarrassing to an organisation, management may consider public disclosure of fraud and misconduct potentially to combat or pre-empt negative publicity, demonstrate good faith and assist in putting the matter to rest.

Remedial action protocols. Once fraud and misconduct have been discovered, management may take the following steps when appropriate:

● voluntarily disclose the results of the investigation to a regulator or other relevant body;

● remedy the harm caused;

● examine the causes of the breakdowns to help ensure that risk is mitigated;

● discipline those involved as well as those in management positions who failed to prevent or detect such events;

● communicate to employees that management took appropriate, responsive action.

To develop an effective fraud and misconduct risk management program, the following phased approach can be used:

Assessment of risks. Identify the scope of the analysis and key stakeholders, profile the current state of fraud risk management, set targets for improvement, and define steps necessary to close the “gap”.

Design. Developing controls to prevent, detect, and respond to identified risks in a manner consistent with legal and regulatory criteria and other leading practices.

Implementation. Deploy a process for implementing the new controls throughout the organisation and assign responsibility for leading the overall effort to a senior individual.

Evaluation. Assess the design and operating effectiveness of existing controls through self assessment, substantive testing, routine monitoring, and separate evaluations.

The development of an integrated fraud risk management programme will not only help support compliance with regulatory mandates but also assist an organisation protect its assets, including its reputation.

For latest Bursa Malaysia indices, charts and other information click here

For latest Bursa Malaysia indices, charts and other information click here

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights

Next In Business News

RHB group exits asset management business in Indonesia
DNeX completes Silterra acquisition
Serba Dinamik nominates Nexia as new external auditor
Strong demand for handformers lifts ES Ceramics' revenue and profit
KLCI falls 10.91 points as regional markets slip
The path to net zero should be an integrated initiative
RAM: No credit concerns due to Edra Energy's delay in completing power plant
Gross fixed capital formation shrank 14.5% to RM281.1b
China shares tumble on regulatory clampdown; education firms selloff heavily
Oil falls US$1/bbl as coronavirus, floods threaten demand

Stories You'll Enjoy