What are some of the elements of good fraud policy?
Your fraud policy needs to based on a clear understanding of the relevant fraud risks for your company and your industry and it must support the continuous re-alignment of your fraud strategy with risk. Fraud prevention needs to be built into your organisational culture and your staff should receive regular fraud awareness training. The organization's commitment to fraud prevention must be endorsed and supported at the most senior level. Employees must understand the consequences of fraud and operate within a zero-tolerance environment. The fraud policy statement should be clearly communicated to all employees, contractors and suppliers.
The Fraud Policy should detail how to prepare for and respond to fraud incidents. As well as sector specific fraud MO's (Modus Operandi), more generic fraud types should be considered include ABC regulation (Anti-bribery and corruption) and invoice fraud.
A fraud policy statement should be simple, focused and easily understood
Key aspects that should also be covered in an organisations fraud policy should be;
• A definition of fraud as endorsed and communicated by the executive committee
• Key personnel responsible for managing fraud from a 1st, 2nd and 3rd line of defence model
• Reference to the processes involved in reporting and detecting fraud
• A commitment to repatriating assets involved in fraud and identifying offenders
• A commitment as to how fraud teams will be resourced, training and supported
• A Fraud Response Plan
Tolerances and acceptance thresholds for fraud (sometimes referencing risk and control