Fraud, whether perpetrated internally or externally, can inflict severe financial losses, tarnish reputations, and undermine stakeholder trust. Moreover, the rise of sophisticated cyber threats and rapidly evolving techniques employed by fraudsters pose unprecedented challenges to many small and large businesses.
Implementing robust fraud risk management strategies is not only essential for protecting an organisation’s bottom line but also for upholding its ethical integrity and sustaining long-term success.
Building a culture of fraud reporting is crucial. By fostering an environment where employees feel safe and empowered to report suspicious activities, organisations can identify and address fraud early, protecting their interests and stakeholders.
In this publication, the InConsult team explore the essential steps in creating a culture of fraud reporting within an organisation to help combat such unethical behaviour.
Establish a Clear Code of Ethics and Conduct
A robust and transparent code of ethics and conduct serves as the foundation for fostering integrity within an organisation. This code should clearly outline the expectations for ethical behaviour, including zero tolerance for fraud, bribery, corruption, and other dishonest practices. It should also emphasize the importance of reporting any violations or suspicions without fear of retaliation.
The Code of Ethics and Conduct should be provided to all employees during onboarding. It should be reviewed and signed as acknowledgement. Elements of the organisations Code of Ethics and Conduct should be included in induction training and reinforced periodically at least annually by leaders and executives. Regular communication sets the tone for the entire organisation.
Lead by Example
Culture is usually top-down and not bottom-up, so creating a culture of fraud reporting starts at the top. Leaders must “walk the talk” and demonstrate a real commitment to fraud prevention. They must explain to employees that fraud is morally wrong and it will not be tolerated. Leaders and executives must:
- actively encourage employees to report incidents and do so themselves,
- lead by example and consistently adhere to the organisation’s ethical standards, and
- demonstrate integrity in decision-making and day-to-day behaviours.
Establish Clear Boundaries, Policies and Procedures
Guided by the governing body or board, leaders and executives need to provide clear and transparent fraud and corruption prevention policies as well as clear reporting guidelines and procedures that include the expectations, responsibilities and appropriate channels for reporting fraud incidents.
Ensure such policies are communicated to all employees and stakeholders and easily accessible to employees and external service providers/public.
Consider using the AS 8001:2021 Fraud & Corruption Control standard as a guide to establish the foundations of your fraud and corruption prevention framework, including reporting. AS 8001:2021 is very comprehensive and covers all elements of fraud and corruption, including reporting.
Key aspects of the framework should be modified for local laws that are specific to each country the organisation operates in. Also, whilst many fraud risks are homogenous, some fraud risks that can be specific to an industry.
Communicate the Importance of Fraud Reporting
Regular communication about the significance of fraud reporting is essential.
Organisations should conduct workshops, training sessions, and awareness campaigns to educate employees about the potential consequences of fraud, the reporting process, and the protection provided to whistleblowers. Employees need to understand that their actions play a crucial role in safeguarding the organisation’s financial and reputational well-being.
Anonymous Fraud Reporting Channels
Many employees are reluctant to report fraud due to fear of retaliation or reprisals from colleagues or superiors. Providing anonymous reporting channels for whistleblowers, such as hotlines or dedicated email accounts, can address these concerns. Anonymity empowers employees to come forward without the fear of their identity being revealed.
Whistleblowers play an important role in identifying and calling out misconduct and harm to consumers and the community. Research by the Association of Certified Fraud Examiners (ACFE) found that 46% of all frauds were uncovered by whistleblowers i.e. anonymous reporting channels, while only 3% were detected by law enforcement.
Ensuring the protection of whistleblowers is paramount in creating a culture of fraud reporting. Implementing strict policies against retaliation and taking measures to safeguard the identity of the reporter will encourage more individuals to step forward with crucial information. Whistleblower protection laws may vary by jurisdiction, so organisations should be compliant with the relevant legislation.
In Australia, the Corporations Act 2001 (Corporations Act) gives certain people legal rights and protections as whistleblowers to encourage them to come forward with their concerns and protect them when they do.
Company officers, company auditors, and other senior people within companies have obligations under the Corporations Act if they receive a report from a whistleblower.
Both the ACFE and the Organisation for Economic Co-operation and Development (OECD) recognise the important role of whistleblowers and whistleblower protection in the detection of fraud, bribery and corruption.
Foster Trust and Open Communication
Organisations must build trust with their employees to encourage honest and open communication. Creating an environment where employees feel comfortable discussing their concerns or suspicions with supervisors or designated compliance officers is essential. Trust can be built through transparency, responsiveness, and consistent support for ethical behaviour.
Implement a Comprehensive Fraud Reporting Process
A well-defined and comprehensive fraud reporting process simplifies the reporting procedure for employees, suppliers and the public. This process should specify the types of fraudulent activities that should be reported, the channels for reporting, and the steps that will be taken to investigate and address reported incidents. Regularly updating employees on the status of reported cases ensures confidence in the system.
Conduct Regular Audits and Fraud Monitoring
Frequent internal audits and monitoring mechanisms can help identify potential fraudulent activities proactively. Audits provide an opportunity to assess the effectiveness of the fraud reporting culture and ensure that the organisation is adhering to its code of ethics.
AS 8001:2021 Fraud & Corruption Control standard requires an organisation implement procedures aimed at assessing the effectiveness of internal controls that are specifically designed or intended to mitigate fraud and corruption risks. Examples of pressure tests include desktop review of case studies, process walk-throughs and data analysis.
Creating a culture of fraud reporting is an ongoing effort that requires commitment and dedication from an organisation’s leadership and employees. By fostering transparency, trust, and open communication, organisations can build a robust framework that encourages employees to report fraud without hesitation. Emphasizing the importance of ethics and providing effective reporting channels and protection for whistleblowers can significantly contribute to detecting and preventing fraudulent activities, safeguarding the organisation’s reputation and financial health in the long run.
How we can help
InConsult is committed to helping organisations better understand the benefits and value of fraud and corruption control. We have extensive experience in fraud and corruption prevention, cyber security, investigations, crisis management, internal auditing, risk management, probity, business continuity, climate risk management and pandemic planning.
#fraud #corruption #control #FCCS #fraudcorruption #as8001 #whistleblowing