5 ways to help establish a fraud-averse environment

Written by Holly Whitehead on Friday February 15, 2019

A major reason why people commit fraud is because they are allowed to do so. There are a wide range of threats facing businesses and according to a 2016 report by KPMG, entitled Global profiles of the fraudster, the majority of fraudsters were either current or former employees of the victim organisation.  

When correctly motivated, employees remain honest and become the most effective frontline defence against the fraudster.

Employees become motivated when they believe that:  

• their institution is honest and ethical in its business dealings, including dealings with customers, suppliers and employees 

• their employer treats them with respect, rewards them fairly, imposes discipline fairly and, when, regrettably, redundancy becomes necessary, dismisses them fairly 

• fraud prevention is a common objective throughout the organisation at all levels, they have been trained to play their part in the fight, and their efforts to do so are acknowledged

In any case, the likelihood that a fraud will be committed is greatly decreased if the potential fraudster believes that the rewards will only be modest, that they will be detected or that the potential punishment will be unacceptably high. The main way of achieving this must be to establish a comprehensive system of controls that aims to prevent fraud and, where fraud is not prevented, increases the likelihood of detection and the cost to the fraudster. 

With this in mind, in this blog we explore establishing a fraud-averse environment within an institution and how this can help in the fight against fraud. So here are five factors for businesses to consider that could help to create an anti-fraud culture:  

1) Demonstrating the institution’s honest ethical intent 

As the first bullet point above mentions, having an ethical business helps employees remain honest and motivated by enabling them to believe in their company and the fact that they are doing the right thing.  

Within the formal policies for corporate and social responsibilities, there should be clear statements of business principles and ethics. 

While detailed guidance can be found on such polices from the Institute of Business Ethics, there are a number of key features when it comes to the detail, structure and content of the policy, which include: 

• compliance with all laws and regulatory obligations, with particular reference to those related to financial crime 

• the requirement for all employees to act honestly and in the best interests of the company 

• what constitutes dishonesty and the elements that will constitute grave misconduct under the disciplinary process 

• how the business values employees, including policies on recruitment, organisation, development and training, equal employment opportunities, retirement, severance and redundancy

 2) Open communication/whistle-blowing 

Whistle-blowing is acknowledged as an important safeguard in the UK Combined Code on Corporate Governance and is now recognised as a successful method of detecting internal fraud and corruption.  

In the UK the law is set out in the Public Interest Disclosure Act 1998. The objective of the Act was to foster a climate of openness within the workplace and create a positive environment in which employees at all levels could raise their concerns without fear of reprisal. Under the terms of the Act, employees who make ‘protected qualifying disclosures’ have statutory protection from dismissal and from being subjected to discriminatory treatment. 

3) Establishing the strategy 

The board must establish a clear corporate strategy, which defines objectives as well as the concept of fraud, and assigns clear responsibilities and accountabilities for risk management. The strategy and policy must then be communicated in an appropriate way to all employees at every level. 

Above all, employees must see the strategy in action: they must see that controls apply to all levels of employees and management; they must see that vigorous action is taken when fraud occurs; and they must see that if an employee is involved, then they are treated in the same way regardless of their seniority. 

4) Setting policies and procedures 

The policies and standards should indicate the institution’s clear commitment to preventing and detecting fraud, define the institution’s objectives and set out definitions, responsibilities and accountabilities, internal reporting and investigation procedures. These should set the minimum standards, leaving the business units to determine their individual fraud strategy. 

The Fraud Advisory Panel publishes two useful leaflets dealing with anti-fraud policy statements, including a sample policy. 

5) Fraud risk assessments 

The objective of management of fraud risk is to permit the implementation of cost-effective fraud prevention, detection and response procedures.

In order to achieve this objective, risk assessment provides a structured approach by which to identify, document and evaluate details such as: 

• the threats facing the sector in which the institution operates 
• the level of risk appetite of the institution 
• the threats from fraudulent use of products and services provided in this institution

Analysis of an institution’s ‘threat profile’ needs to include the identification of fraud threats specific to the products and services provided and, additionally, of the general factors that might make the institution more susceptible to fraud. It is important to document the threat profile both for the record and to assist the next stage of risk assessment.

Points to remember: 

• Have the proper plans in place as this can considerably decrease the probability of fraudulent activity occurring

• Make company policy known to employees as this will deter fraudulent behaviour

• When an employee is caught, make sure the policy is followed through and enforced as this is a big deterrent

However, even with everything in place, we must also remember that some people are dishonest and will take any opportunity to defraud.

Having the correct culture in place will go a long way toward keeping most honest employees honest and away from temptation.

Click to view the ICA Advanced Certificate in Managing Fraud:

You may also like: 

• Skills and Attributes of a Compliance Professional
• South America: can a continent conquer corruption in 2019?
• 10 ways to instil a culture of compliance

 This article forms part of the #BigCompConvo - Join us as we explore and debate the latest challenges and issues facing you and regulatory and financial crime compliance professionals all over the world. If you’d like to contribute an article as part of the Big Compliance Conversation get in touch with us at contributions@int-comp.org