In January, many companies are preoccupied preparing budgets, forecasts and performance-related goals for the year. So, it's all too easy to overlook plans for preventing fraud. But to avoid financial losses and maintain a healthy organization, you need to give your fraud prevention efforts some attention this month. Here are five things your business can do to reinvigorate your internal controls and other fraud deterrents.
1. Revisit Your Fraud Risk Assessment
A fraud risk assessment (FRA) is a document that captures the threats facing your organization, as well as the internal controls you have in place to mitigate such risk. To ensure your FRA delivers the most value, assign ownership of every internal control to an individual within your company. If an internal control requires changes to improve its effectiveness, the individual who "owns" that internal control should assume responsibility for the update.
If your fraud risk assessment is older than 12 months, or you think the risk environment has changed, consider conducting a new risk assessment.
2. Educate Employees
Your first line of defense against fraud is your employees. If you haven't provided training recently, it's time to get employees back into the "classroom." Fraud prevention training should cover the types of occupational and external fraud facing your company, including cybercrime.
Also educate workers about what steps they should take if they spot or suspect fraudulent activities. And make sure your employees clearly understand what your company is doing to detect and prevent fraud, and the potential consequences of stealing — for example, dismissal or legal action.
3. Address Past Incidents
If your business experienced fraud last year, your executive team should review the incident and ensure they understand what happened and what your company is doing to prevent it from happening again. The postmortem should consider people, process and technology failings. Also discuss whether the problem is your internal controls or adherence to the controls. In many organizations, fraud occurs despite the existence of detailed controls because owners and managers neglect to enforce them — or they routinely override controls themselves. If changes are needed, assign one person to take the lead and complete the process as swiftly as possible.
4. Keep Your Eyes Open
Some companies can go years without experiencing a fraud incident or fraud losses. If that's your business, congratulations! But it's important not to become complacent, particularly if you haven't kept your anti-fraud measures current. Keep abreast of fraud reported by other businesses in your industry and geographic region and pay attention to alerts from federal agencies such as the Federal Trade Commission and FBI. Regular IT security updates are particularly critical, as cybercriminals are constantly devising security workarounds and launching new attacks on unwary companies.
5. Make Smart Hires
If your business plans to hire employees this year, make sure you screen candidates carefully. Allow enough time to thoroughly interview potential employees, check their references and perform background checks. The types of checks depend largely on the position. For example, you should review the credit reports of accounting staffers and others who will have access to financial functions. And you'll want to perform criminal background checks on anyone who will work with children or other vulnerable populations, such as the elderly. If you simply don't have the internal resources to investigate job applicants yourself, outsource the function to one of the many services that can do it for you.
New Year, New Opportunities
The new year is a good time to review past errors and challenges, such as fraud incidents, and take steps to improve. Take some time this January to review and bolster your anti-fraud program. Your financial advisors can provide you tips and, if required, recommend more comprehensive fraud prevention plans.