Industry news

A Fraud Awareness Culture Is Critical in Tackling Insider Threats

photo of niek dekker
Niek Dekker
5 Min

All too often trusted insiders, such as long-standing staff members, use their privileged positions to defraud their employer. Such risks can be notoriously difficult to prevent, let alone stop. To stand any chance of protecting your organisation from insider-initiated fraud, it’s critical that you develop a strong fraud awareness culture within your accounting department.

In this blog, we explore some of the steps you can take to foster a culture where staff understand the risks of fraud, and have the awareness needed to identify potential instances of insiders engaging in fraudulent activity against your organisation.

What is fraud awareness?

According to Standards Australia, all levels of your organisation, from the C-suite, through mid-management to rank and file employees, should have a high level of fraud awareness. They should understand what behaviours constitute fraud and how these represent a risk to your organisation.

The goal of fraud awareness is to ensure every person in your organisation knows what behaviours are expected of them. Fraud awareness should also help encourage individuals to report suspected or detected fraudulent behaviour by others.

Awareness levels can be heightened through the development and implementation of a fraud awareness program.

What is a fraud awareness program?

A fraud awareness program should be an organisation-wide, ongoing program that seeks to ensure all staff understand the activities that constitute fraud, the risks posed to the organisation by fraud and how staff can be empowered to help identify and stop fraud.

Whilst a fraud awareness program may be developed and implemented by the Human Resources department, Accounts Payable (AP) departments face some specific fraud risks given their access to the organisation’s finances. It may therefore be necessary to adapt a generic fraud awareness program to meet the specific needs of the AP department. An AP-specific fraud awareness program should be developed jointly by the HR team and the CFO or AP Manager.

All fraud awareness programs should focus on the different types of fraud risks the organisation is most likely to face, as well as clearly defined steps staff should take if they suspect colleagues are engaging in fraudulent activities.

Some of the elements that should be included in a fraud awareness program include:

  • A clear statement that the organisation does not tolerate fraudulent behaviour
  • A clear statement of the behaviours that constitute fraud and the red flags that can point to such behaviour
  • Overview of the specific types of fraud that are prevalent in the organisation’s industry or geographic location
  • An assessment of the specific types of fraud the organisation is most likely to face
  • Examples of types of fraud that have been identified in the past, and how the organisation dealt with those cases
  • Overview of the resources and internal controls the organisation has in place to stop fraud
  • Clear steps, including reporting procedures, for management and staff to follow in the event they suspect or detect fraudulent behaviour
  • A clear statement of how the organisation protects whistle-blowers

An AP-specific fraud awareness program may also include specific risks around misappropriation and outright theft of funds. It should also outline the internal controls within the AP function that mitigate fraud risks.

How to create a fraud awareness culture?

A fraud awareness culture exists when the people in your department or organisation evolve into assets that help in the fight against fraud.

Once you have a fraud awareness program in place, you can begin the process of creating and embedding a culture of fraud awareness with these three initiatives:

1. Build Bridges with Your IT Team

Preventing internal threats is a collaborative effort. As a CFO or AP Manager, you are responsible for ensuring malicious staff don’t have any opportunities to engage in fraud. That requires close cooperation with your IT team. Work closely with the IT team to determine the user roles that should exist for people in your department, as well as the privilege levels for each role. Access to sensitive folders and files should be restricted to specific roles based on a ‘Need to Know’ principle. Implement a system to ensure the IT team is always updated with any personnel changes within your department, so user roles can be adjusted accordingly.

2. Create a Safe Environment

When fostering a fraud aware culture within your organisation, you need to forge an atmosphere of trust between management and rank and file staff. After all, the goal is to encourage staff to become an extension of your eyes and ears across the organisation. Staff will be uniquely placed to identify the signs of any fraudulent practices. However, there needs to be a safe environment that allows them to escalate concerns around any suspicious activity, particularly if they suspect that more senior individuals are engaged in improper conduct. Measures need to be in place to protect whistle-blowers, so staff know that reporting concerns will not result in any negative consequences for them.

3. Develop a People-Centric Mission

It’s important that all the people within your organisation buy into the mission to prevent internal fraud. Staff training programs should be developed that help generate a sense among employees that they are empowered to identify and safely report suspected misdemeanours by others. Focus on the many ways fraud can negatively impact the organisation, such as undermining its financial viability and growth plans, which in turn could impact staff members’ career paths. Once staff embrace the mission to stop fraud, they’ll be far more engaged and cooperative.

How can Eftsure help?

When it comes to the fight against internal fraud, your people have the capacity to play an indispensable role. With the right culture in place, staff can become your eyes and ears across the entire organisation. However, they cannot do it alone!

Your organisation needs the right tools that make it harder for malicious insiders to engage in fraud. With Eftsure sitting on top of your accounting processes, you’ll be protected against one of the most common types of insider fraud – payment redirections.

Payment redirections occur when insiders manipulate supplier payment information in invoices or ABA files, resulting in outgoing funds being transferred to a bank account they control. Payment redirections can also occur when AP staff collude with suppliers to submit duplicate or inflated invoices.

Not only does Eftsure help mitigate such risks, it also maintains a detailed audit log of all transactions, making it easier to identify any malicious activity.

Speak with us today for a comprehensive demo of the many ways Eftsure keeps you secure!

procure-to-pay-checklist
Procure-to-Pay Checklist
Malicious insiders understand your internal processes. They possess unique knowledge that can enable them to circumvent your internal controls and defraud your organisation.

By implementing a rigorous Procure-to-Pay process, you reduce the opportunities malicious insiders have to steal your organisation's finances.

Related articles

The new security standard for business payments

End-to-end B2B payment protection software to mitigate the risk of payment error, fraud and cyber-crime.