Lack of effective corporate governance seriously undermines any fraud risk management programme. The organisation’s overall tone at the top sets the standard regarding its tolerance of fraud.
That’s the view of Richard Walker, Head of Business risk services at Grant Thornton Johannesburg.
“Even with numerous checklists in place, we observe that many companies are still losing valuable assets by not setting the right tone at the top regarding fraud,” says Walker.
He emphasises that it depends on a company’s senior management and directors to determine the attitude which the business has towards fraud. “It ultimately comes down to what management is saying about fraud, for example, are they prepared to prosecute – on criminal and civil counts – or ask the person to resign with a payback clause?”
According to Walker, it is essential to remember that it is the people in a business – not a computer or accounting systems – that perpetrate fraud. “When trying to prevent fraud, businesses should start by looking carefully at the kind of people they hire, by simply thinking about its recruitment practices.”
These include doing proper background checks, such as the verification of credit status, research into criminal records and confirming education levels.
While companies might focus on big items for fraud detection, Walker warns that it is very often the smaller items that can have the biggest impact.
“The smallest of crimes start with cash. The fraudulent use of company credit cards and expense claims for personal gain are simple, but well-known examples of where some of the worst instances of fraud occur. These might seem like insignificant amounts in the greater scheme of a company’s expenses, but it all adds up eventually.”
Another area where fraud is rife is in the accounts payables division where duplicate payments are made internally and externally. “This is one of the biggest fraud activities. It can involve false invoices or payments, or alternatively cash or cheque payments.”
An aspect that people often forget when it comes to fraud is that it doesn’t only revolve around money. “Theft of data and corporate information, as well as intellectual property, seems to be the norm nowadays,” he says.
Walker believes it ultimately boils down to the management’s approach to dealing with fraud. “It should never be too much trouble for a company to report fraud. One trend we see is that some companies are prepared to understate the amount of assets believed to be taken, so that they are not obliged to report it to the police.”
He refers to the Prevention and Combating of Corrupt Activities Act which requires people in a position of authority to report any fraud amounting to more than R100 000 to the authorities.
While audit committees and legislation can give guidelines on how companies should be dealing with fraud, Walker says it is about much more than merely ticking a box. Management should consider their strategy with regards to fraud is and develop a fraud prevention plan accordingly.
“Red flags should be raised when the internal and external audits do not believe a company’s control systems are adequate especially if they are seeing instances of inconsistency,” says Walker.
He advises that all companies, no matter how small, should have strict internal controls, on handling cash, including segregation of duties and training on how to spot a stolen credit card. There should also be systems that can monitor duplicate payments and very strict rules on the distribution of bank details.
“It is of vital importance to have a data handling policy for what is considered sensitive data, along with confidentiality agreements for all employees.”
In this era of information moving increasingly freely, he believes companies should consider an information classification program or text analytics system. This would, based on the usage of keywords, prohibit the transfer of sensitive data.
Control mechanisms such as anti-virus software and complex passwords will ensure protection against hacking. The frequent review and reconciliation of company bank accounts should not be forgotten.
“Simply complying with regulations by having a fraud hotline, for example, will not solve any deeper problems that your company might have. It depends on management’s attitude and principles which will ultimately be able to save companies a lot of monetary and possible reputational damage,” concludes Walker.
Notes to editors
You may quote freely from this publication, provided you acknowledge the source. This publication is an outline for information purposes and should not be relied upon for detailed planning. Readers are advised to consult professional advisors for guidance relating to new or existing legislation which might affect their business and personal decisions.
About Grant Thornton South Africa
Grant Thornton South Africa is a member firm of Grant Thornton International Ltd (Grant Thornton International). Grant Thornton South Africa was founded in 1920 (previously Kessel Feinstein). We are leaders in our chosen market, providing assurance, tax and specialist business advice to dynamic organisations – listed companies, large privately held businesses and private equity backed organisations.
We employ 673 people in South Africa with 76 partners and directors. Grant Thornton has a national presence with offices in Bloemfontein, Cape Town, Durban, Johannesburg, Nelspruit, Port Elizabeth, Pretoria and Rustenburg. South Africa is a major force in Africa, alongside 18 member firms on the continent. We operate in Algeria, Botswana, Egypt, Gabon, Guinea, Ivory Coast, Kenya, Mauritius, Morocco, Mozambique, Namibia, Nigeria, Senegal, Togo, Tunisia, Uganda, Zambia and Zimbabwe and are ideally positioned to facilitate clients’ expansion plans in these countries.
About Grant Thornton International Ltd
Grant Thornton is one of the world's leading organisations of independent assurance, tax and advisory firms. These firms help dynamic organisations unlock their potential for growth by providing meaningful, actionable advice through a broad range of services. Proactive teams, led by approachable partners in these firms, use insights, experience and instinct to solve complex issues for privately owned, publicly listed and public sector clients.
Over 35,000 Grant Thornton people, across more than 100 countries, are focused on making a difference to clients, colleagues and the communities in which we live and work.
Grant Thornton International and the member firms are not a worldwide partnership. Services are delivered independently by member firms, which are not responsible for the services or activities of one another. Grant Thornton International does not provide services to clients.
Grant Thornton International is the fastest growing global accountancy network and has recently been awarded 2013 'Network of the year’ by The International Accounting Bulletin (IAB). The International Accounting Bulletin awards are designed to celebrate accounting achievements over the past year by emphasising the individuals and businesses that have moved the industry forward. To win the ‘Network of the Year’ award, firms had to demonstrate strength across a number of key areas which included evidence of top-level network-wide audit quality, a strengthened position in strategically important markets and a strong industry leadership.