1. Assess risk. Identify what activities are outsourced, moved between different groups, and transferred across borders, and which activities are performed by the board of directors, top managers, employees, suppliers, customers, competitors and external contractors. Recognizing risk spots determines where prevention and detection mechanisms should be placed.
2. Assess corporate culture. Identify the ethical tone of the organization and pressure points that may motivate employees to cross the line. Employees who are unclear of the firm’s ethical expectations may find it easier to rationalize fraudulent behavior.
3. Know who you hire. Contact references and verify educational backgrounds of potential employees before hiring them. Conduct criminal and financial background checks on prospective employees who are under consideration for financially sensitive positions.
4. Create an ownership environment. Employees who act and feel like owners of the company are generally less likely to steal. A culture of ownership promotes shared responsibility of company successes and failures and a more committed workforce.
5. Take away temptation. From a security standpoint, organizations should perform regular ethical and social hacking to make sure Internet access and systems controls are secure. Internal auditors should be charged with ensuring the effectiveness of the organization’s internal controls.
6. Keep employees informed. Make sure employees know and understand new policies and procedures. Annual organization-wide ethics training helps to ensure that a consistent message is delivered to all employees. Most organizations find that a strong ethical environment encourages self-policing, thereby increasing the level of oversight far beyond what internal control methods alone provide.
7. Set up a hotline. According to the ACFE, at least 60 percent of all fraud is uncovered because of employee tips. Establish an anonymous reporting hotline that employees can use if they know or suspect fraud. When a call comes in, act quickly to confirm the validity of the call and take action if necessary.
8. Establish detection mechanisms. Executives should use a combination of internal audits, surprise audits and senior management reviews to help ensure that the right questions are being asked and answered at every level. This oversight should also be extended to remote locations.
9. Implement checks and balances. While most fraud occurs in the non-management ranks, fraud by executives and managers often is more costly. Create an advisory committee to provide oversight at all levels. When people know they are being watched, they’re less likely to steal.
10. Take action. If fraud is detected, implement a rapid-response plan with strategies for investigating, reporting and prosecuting misconduct, fraud or corruption. Follow-up procedures are critical to ensuring that questionable behavior is not overlooked. Then put controls into place to prevent this specific type of fraud from happening again.
Accounting firm Crowe Horwath LLP has advice on the top 10 ways that corporations can reduce occupational fraud by WebCPA