IT Brief Australia - Technology news for CIOs & IT decision-makers
Story image
Protecting organisations against internal fraud
Tue, 11th Dec 2018
FYI, this story is more than a year old

Internal fraud costs companies time and money, and often goes under-reported or even unrecognised by the organisation depending on the quality of its detection systems.

Internal staff members are a third more likely than external actors to be the perpetrators of the most disruptive frauds.

Organisations therefore need to put policies in place to mitigate this risk or else face significant financial losses. SAP Concur ANZ managing director Matthew Goss says, "While the risk level of fraud probably hasn't changed in the past decade, increased visibility is bringing more cases of fraud to light.

“This is contributing to businesses taking a more proactive approach to detecting and mitigating the risk of fraud.

Goss adds, “Internal fraud costs range from direct monetary losses and damaged supplier relationships to reputational harm and inefficiency due to resources being diverted to investigate and deal with fraud. It's therefore in a company's best interests to prevent fraud wherever possible."

When it comes to protecting against fraud, most companies tend to take a basic approach that focuses on numbers and compliance, without much room for grey areas or negotiation.

Or else they're likely to take a more mature approach that focuses on continuous improvement and allows for negotiation or exceptions.

Not many companies elect to take a hands-off approach to fraud and even fewer have reached the maturity stage of fraud management in which fraud becomes a non-issue for the organisation.

There are five ways to protect against internal fraud: 1. Set policies and enforce them

Having good policies in place is a start but it's not enough.

Businesses must enforce these policies consistently and visibly so that employees can see there's no room for dishonest behaviour. 2. Create a strong culture

Given most employees want to do the right thing, it's important to educate them about the policies that are in place and what to do if a situation isn't covered by a policy.

By setting a strong culture in which fraud is clearly not tolerated, as well as making fraud prevention everyone's responsibility, organisations can develop a culture in which fraud is less likely to occur. 3. Educate employees

Letting employees know how to spot potential fraud and what to do if they suspect someone is behaving fraudulently is essential.

Some organisations gamify the process while others run regular information sessions and follow them up with tests.

Rather than punishment, organisations should opt to create a preventative mindset in which employees are rewarded for doing the right thing. 4. Take control

Keeping control over payment methods, for example, requiring employees to use company credit cards for all business expenses, can help companies keep a closer eye on activity.

The company can also verify expense reports against actual vendors to ensure people aren't claiming out-of-policy expenses.

It's important to set a time limit on expense reimbursements so the business can manage cash flow effectively and gain meaningful insight into expenditure. 5. Use digital systems

Paper-based receipts and processes that are manually completed and signed off create myriad opportunities for error.

It makes fraud easy to commit and conceal; by the time anyone realises something is wrong, the perpetrator has usually caused significant damage. Goss says, "Even after setting a culture that's unfriendly to fraud and putting policies in place to reduce it, companies still need a range of weapons to fight this ongoing battle.

“Automated expense management and accounts payable technology can dramatically reduce the risk of employee fraud by providing sophisticated, real-time reporting and rules-based processes."