Corporate fraud is more likely to occur when there is a gap in the company's first line of defence — internal controls. Additional factors contributing to the current high level of corporate fraud include the growing complexity of organisations, computerisation, aggressive accounting practices, increasingly transient employees and global expansion dreams combined with unfamiliarity with local business practices. There is also growing acceptance of some level of fraud as the “cost of doing business”.

However, businesses large or small are subject to fraud risks even with robust internal controls. Many frauds go undetected due to ineffective fraud risk management and, in some cases, when the management overrides internal controls.

The good news is that the risk of fraud can be identified, managed and minimised like any other business risk. Effective fraud risk management is an essential part of corporate governance. Those charged with governance and management should give it top priority. The board and management are expected to put in place an effective fraud risk management system to prevent, detect and respond to any wrongdoing.

The key challenges faced by an organisation in fraud risk control are:

Implementation: There is no ‘one size fits all' or checklist approach to fraud risk management. Quite often, organisations mistakenly assume that a Code of Conduct is sufficient for fraud risk management. After considering the size and nature of its operations, an organisation should tailor a suitable fraud risk management strategy. The management and the board should be aware of the likelihood of frauds in the business environment specific to the organisation. The anti-fraud programme should be dynamic as the risks the organisation faces keep changing and evolving with the change in internal policies and regulations.

Ownership: The senior management struggles to implement fraud risk management when employees fail to take ownership of the process. The management should understand that fraud risk management is the responsibility of each and every employee and should not be centred around a handful of people. The management should establish roles and responsibilities for coordination and monitoring of the anti-fraud programme. Performance evaluations should cover participation in fraud control efforts.

Monitor: Fraud risk is as dynamic as the business and regulatory environment, and keeps changing over time. Organisations fail to update the risks and controls, rendering the process ineffective over time. Companies should continuously evaluate the effectiveness of their anti-fraud controls.

The most effective way to counter fraud is to prevent it. Risks arising from fraud pose a danger to the company's reputation and profitability. The Association of Certified Fraud Examiners's ‘2012 Report to the Nations' estimates the cost of fraud to be 5 per cent of annual revenues. Globally this translates to approximately $2.9 trillion of economic losses due to fraud. In other words, this big money could be potentially saved by putting in place effective fraud risk management structures.

Investment in corporate governance, including fraud risk management, can yield significant returns — directly and indirectly. It has been observed that investors pay a premium for companies that show improvements in governance — a direct return from improved stock performance. Companies with good governance also receive better credit ratings, interest rates and supplier terms — indirect returns from improved working capital.

Organisations should align corporate strategy and culture to protect financial asset and reputation. In the long run, only the organisations that can manage risk, drive business performance ethically, and achieve regulatory compliance will succeed.

Sumit Makhija is Senior Director and Rohit Goel is Senior Manager, Deloitte Touche Tohmatsu India Pvt Ltd.

Related Topics
comment COMMENT NOW