Avoiding the losses that result in cases of fraud is not a matter of luck or good fortune. Strategic fraud prevention programs, strategies, and processes form the front line of fraud defense by identifying and filling gaps before losses happen.
The Association of Certified Fraud Examiners (ACFE) has a valuable resource available to help assess the health of your existing fraud prevention processes. Known as the ACFE Fraud Prevention Check-Up, the self-administered ‘check-up’ can give you a candid view into your company’s vulnerability to fraud and identify major gaps in your processes.
The ACFE’s seven-point assessment covers the following issues, which can be interpreted as the most essential elements or “habits” of an effective fraud prevention program:
1. Fraud Risk Oversight
Effective programs establish a process for the broad oversight of fraud risks. This oversight is governed by the board of directors, an audit committee, or other group charged with governance.
2. Fraud Risk Ownership
Organizations with effective fraud prevention programs assign “ownership” of fraud risks to a senior manager. This individual then assigns down responsibilities to unit-level managers to instill a similar level of ownership across the organization.
3. Fraud Risk Assessment
Having an ongoing process for identifying significant exposure to fraud risk is another characteristic of an effective prevention program.
4. Fraud Risk Tolerance and Risk Management Policy
Certain fraud risks are tolerable and considered an acceptable cost of doing business. Others are simply too risky in their potential to cause catastrophic financial or reputational damage. Effective fraud prevention programs are calculated by their identification and categorization of risks and have a clearly accepted tolerance level for each. Taking this further, when an organization has clearly identified and has approval of its board of directors concerning policies on managing fraud risks, its processes will be more effective.
5. Process-Level Anti-Fraud Controls and Reengineering
Fraud can be prevented by layering controls over existing processes or re-working processes entirely to eliminate or reduce the potential for fraud. Organizations with effective fraud prevention practices conduct a risk assessment and then address those identified risks with process-level controls or reengineering to help prevent, deter, and detect cases of fraud.
6. Environmental-Level Anti-Fraud Controls
“Major frauds usually involve senior members of management who are able to override process-level controls through their high level of authority,” states the ACFE. To combat this, many believe that “soft” controls, such as promoting ethical behavior, deterring wrongdoing, and encouraging all employees to report known or suspected fraud, offer a strong defense against fraud.
7. Proactive Fraud Detection
Having a process in place to proactively detect, investigate, and resolve potentially significant fraud is the final area of the ACFE’s risk check-up. Proactive fraud detection tests, or audit “hooks”, that are designed to spot or flag the potentially meaningful risks uncovered in a fraud risk assessment are particularly beneficial.
Assessing your organization across these seven dimensions will give you a general sense of your performance related to fraud prevention. Click here to view the full ACFE Fraud Prevention Check-Up.
For a more detailed look at fraud prevention, it is wise to consult a Certified Fraud Examiner (contact us to be referred to a CFE on our staff).