This article originally appeared on NEDOnBoard on 29 September 2020.
The 2008 financial crisis changed how organisations—and their boards—viewed risk mitigation. Now, as the global economy reels from a pandemic and seeks to return to normalcy, there is little question boards will need to keep risk mitigation top of mind, particularly as it relates to fraud.
In times of economic stress, companies face heightened fraud risk—both within and outside the organisation. With additional pressures placed on employees, customers, and suppliers, nefarious actors can take advantage of a bad situation and make it worse.
To protect their bottom lines and cash positions, it is critical for organisations and their boards to take a 360-degree view of their fraud risk profiles. In addition to financial losses, fraud can damage reputation; weaken consumer and investor confidence, share price, and employee morale; and lead to costly regulatory investigations from which organisations may fail to recover.
Businesses are dynamic and evolving; controls must adapt in turn to address changing areas of risk. As part of their role, non-executive directors should constructively challenge and seek to improve—as well as help develop—risk mitigation strategies.
Non-Executive Directors’ Role in Fraud Mitigation
Given the impact of the current economic downturn on organisations of all types, now is the time to implement processes to detect and mitigate fraud. Non-executive directors play a critical role in advising the board on how to do this effectively, in a way that minimises losses and aids in recovery.
Instances of fraud are on the rise. Law enforcement agencies are revealing how bad actors are exploiting vulnerabilities in the current crisis, while entities searching for cost-cutting measures are uncovering ongoing frauds they may have otherwise missed, such as unusual behaviours or transactions between suppliers and buyers, or salespeople and customers.
It’s important to be able to identify high-risk or unusual transactions quickly. Such behaviours can be an indication of supply chain fraud, financial statement fraud, insider fraud, or investment fraud, among others. All of these frauds are interlinked—disturbances in normal business processes, weak internal controls, and working conditions levy opportunities to commit fraud, while the chaos and uncertainty of the economic crisis enable individuals to rationalise bad behaviour that might otherwise have been checked.
Considering the current focus on revenues and cost management, the organisation that can root out and protect against fraud will bolster and protect its bottom line. Without question, a multifaceted fraud mitigation program works best. It would include the following:
- Independent assessments: A regular, independent fraud risk assessment provides a focused check-up of a company around fraud issues—one that combines data with investigative skills to help flag potential problem areas for the organisation. This will be especially prudent during and following the COVID-19 pandemic and subsequent economic crisis, where organisations may find weak spots that previously were undetected. Organisations can implement targeted internal controls and significantly improve their ability to detect future frauds before they cause significant damage.
- Identification and investigation of fraud Incidents: A typical business in the UK incurs a total fraud loss of five to ten percent of revenues each year, according to the 2020 Report to the Nations issued by the ACFE. An organisation may already have suspicions about a location, division, team, or employee; the longer suspicions are left unaddressed, however, the higher the potential losses. A swift and effective investigation will uncover any misconduct, determine the amount of fraud losses incurred, and provide a path forward for both loss recovery and preventive control improvements. Non-executive directors should ensure there is a clear process in place for follow-ups to fraud concerns, as response time will impact the bottom line. Additionally, undetected fraud can be detrimental to morale, set a tone amongst stakeholders, damage the reputation of the company, and negatively affect its share price.
- Regular testing and monitoring: It is key for organisations to implement proactive monitoring, and to regularly undergo testing and assessment to identify potential anomalies pointing to possible fraud. When fraud is detected proactively, such as through document examination or monitoring, it tends to be detected more quickly, incurring less loss. However, relying on passive detection—such as through an accident or confession—may result in lengthier periods of fraud, subsequently incurring more loss. While implementing key controls from the outset is critical, they must be constantly updated, as the risk landscape is constantly evolving, and businesses must ensure their processes are keeping pace.
Non-executive directors should be mindful of not only the design of their organisation’s fraud mitigation program but also the results it is generating, and encourage the organisation to constantly undergo improvements to its processes—both in times of stress and during “normal” operations.
Organisations can get ahead of fraud risks, and it’s critical to examine weak points in times of crises. Small, proactive steps now can have a lasting impact in the future. A comprehensive assessment process, timely identification and swift investigation of incidents, and regular testing and monitoring can set the tone for a robust fraud mitigation program.
K2 Intelligence brings together experts in compliance, forensic accounting, law enforcement, government regulation, and financial services, who work with clients on a continuous basis to ensure that their businesses stay ahead of fraud and corruption issues.