Fraud risk management: A guide to good practice

Fraud risk management: A guide to good practice

Periodically, the latest major fraud hits the headlines as other organisations sit back and watch, telling themselves that ‘it couldn’t happen here’.

But the reality is that fraud can happen anywhere. While only relatively few major frauds are picked up by the media, huge sums are lost by all kinds of businesses as a result of the high number of smaller frauds that are committed.

Surveys are regularly carried out to estimate the true scale and cost of fraud to business and society. Findings vary and it is difficult to obtain a complete picture as to the full extent of the issue, but these surveys all indicate that fraud is prevalent within organisations and remains a serious and costly problem for virtually every type of organisation in every part of the world.

The risks of fraud may only be increasing, as we see growing globalisation, more competitive markets, rapid developments in technology and periods of economic difficulty.

There is a wealth of surveys and research which demonstrate the extent and effect of corporate fraud. Typical findings are that:

  • Organisations may be losing as much of 5% of their annual revenues as a result of fraud.
  • Small organisations are disproportionately affected by fraud.
  • Anti-fraud controls help to reduce the cost and duration of frauds.
  • A high percentage of frauds are committed by senior management and executives.
  • Fraudsters often work in the finance function.
  • Fraud losses are not restricted to a particular sector.
  • The prevalence of fraud is increasing in emerging markets.
  • The threat of fraud is evolving and organisations which actively manage fraud risk stand to benefit.

Despite the serious risk that fraud presents to business, many organisations still do not have formal systems and procedures in place to prevent, detect and respond to fraud. While no system is completely fool-proof, there are steps which can be taken to deter fraud and make it much less attractive to commit.

As one recent survey of 1,265 executives worldwide concluded, “All businesses are confronted with the risk of fraud. How they respond – the nature of their approach to prevention, detection, investigation and disclosure will separate those who manage through the issues from those who suffer significant loss.”

This guide aims to help CGMA professionals and others with an interest in tackling fraud in their organisations to take practical steps towards establishing more robust procedures to tackle fraud, particularly in terms of prevention, detection and response. It is aimed at readers across the world – as the law relating to fraud varies from country to country, we strongly advise readers to ensure that they are familiar with the law relating to fraud in their own jurisdiction.

However, the general principles of good fraud risk management are universally applicable and we hope that the emphasis on the practical in this guide will provide plenty of pointers for action.