Practical Fraud Prevention Strategies – Part 3 in a series By Glen Moulton, Sole Proprietor of The Fraud Triangle Forensic Services
Last week, we set out the elements of a world-class fraud prevention strategy. However, before we go into the detail of each element, let’s consider issues around the development of the strategy.
The ultimate objective of the strategy is to prevent losses being suffered by your organisation and the strategy achieves this by ensuring that the opportunity for fraud to occur is reduced. It is also vital to detect fraud that does occur as soon as possible. Your plan should also aim to deter and disrupt the potential fraudster so that he is obliged to move on to an easier target. So, how is this achieved?
Firstly, regard fraud risk as an integral part of the overall corporate risk management strategy of the organisation. Effective fraud prevention is not a one-time intervention that can be forgotten about as soon as the consultant walks out the door. It needs continuous review and improvement. Believe me, the fraudster is continually updating his technique and so should you.
Next – self-help gurus constantly remind us that if a goal is not written down it is never achieved; the same goes for fraud prevention plans. The plan must not only document the measures that will be implemented, it must also name the persons responsible for the implementation thereof and set time frames within which this is to be achieved. Now, for practical implementation steps:
1. Evaluate the adequacy and effectiveness of current prevention and detection strategies. Benchmark your prevention measures against best practice and identify the gaps. You must have answers to questions like:
- Where is the organisation most vulnerable to fraud?
- What controls do I have in place, are they being implemented and how effective are they?
- Do staff members believe the controls are effective?
- How easily could my staff identify fraud or would it have to “bite” them before they recognise it?
- How comfortable are my staff to report fraud and do they regard it as part of their responsibility?
2. Implement the measures designed to plug the gaps. Ensure accountability for implementation and continued enforcement; and
3. Set up a system of regular monitoring, review and improvement.