How to protect your organisation against fraud
A recent survey found that more than half the world's largest companies were victims of fraud during the previous fiscal year, 25 per cent of them losing millions of dollars each during the previous five years. Many organisations are often too embarrassed to admit publicly that their employees have stolen from them. They fire the employees - but often fail to fix the underlying problems. In some places, trivial fraud and pilfering are accepted as normal practice. Fraud, to any degree, should not be tolerated. Before it's too late, it may be wise to implement fraud protection measures in your organisation...
1. Be aware: your staff are usually the villains.
Regrettably, your own employees pose the greatest threat when it comes to fraud - some are highly motivated to get rich quickly; they usually know what controls are in place; and they often have the ability to circumvent those controls and exploit company weaknesses.
Remember, the core element in all fraud is people; so effective human resource management in all forms is vital.
2. Check the references of potential employees.
Although previous employers are often reluctant to provide anything but confirmation of employment dates and positions held, as a rule they also do not want any other organisation burned by an unscrupulous worker. So, check all references - not just the last job held. As well, verify education qualifications and certifications - 'She claimed she was a CPA!' comes too late when the damage is already done.
3. Document and enforce policies and procedures.
Ensure that all internal control policies and procedures are well documented, communicated, and enforced. Your policies should address such issues as: Can staff accept gifts? When do gifts become bribes? When do hospitality and perks become corruption? When does pilfering become fraud? Written guidelines are needed so employees can differentiate between accepted custom and what is not acceptable. And how can suspicions of fraud be raised? Who is responsible for dealing with it? And how? If necessary, put in place an audit committee with a policy-development, monitoring, and investigative role.
