Cyber Brief for CFOs: November / December 2024
All the news, tactics and scams for finance leaders to know for November / December 2024.
From 1 July 2024, all non-corporate Commonwealth entities (NCEs) are bound by the Commonwealth Fraud and Corruption Policy, a series of procedural requirements aimed at reducing fraud and corruption risks. But, even for organisations that aren’t considered NCEs, the policy is meant to outline best practices.
Whether the policy is binding for your organisation or not, it’s important to understand these requirements. After all, even corporate entities should be aware of what the Government considers best-practice standards for controlling fraud risks.
In this article, we’ll unpack the full Fraud and Corruption Control Framework, requirements, and how to ensure your organisation is compliant.
As part of the Public Governance, Performance and Accountability Act 2013 (PGPA Act), the federal government designed the Commonwealth Fraud and Corruption Control Framework to ensure that Government entities adequately manage their fraud risks. It has three parts, one of which is the Fraud and Corruption Control Policy.
The other two components are:
We’ll be focusing on the Fraud and Corruption Control Policy, since these are the standards that organisations need to understand – either as binding requirements or best practices.
The policy outlines the mechanisms that Government considers necessary for detecting and preventing fraud. These mechanisms aim to protect public resources and improve Government entities’ accountability for their anti-fraud control strategies.
Eight elements make up the policy:
With eight different elements to consider, organisations need multi-faceted, cross-functional management strategies and reporting mechanisms. These tend to demand centralised, automated solutions to keep up with the necessary scale and detail. In other words, look for technology solutions that can help satisfy a variety of the policy’s elements, all while improving efficiency and productivity.
As an example of how the right technology solution can make compliance easier, let’s break down the ways that Eftsure’s payment protection software can help.
Eftsure’s solution helps organisations improve the security and accuracy of supplier verification through various factors, including cross-matching 6 million verified business records in Eftsure’s supplier database. Payment account verification tools and independent verification – performed by trained anti-fraud experts – also help leaders meet policy requirements like governance, prevention, detection, investigation and reporting.
Eftsure provides real-time vendor and payment alerts throughout the payment lifecycle, ensuring continuous protection of EFT payments and early detection of anomalies. Additional checks at the payment checkpoint prevent fraud and errors during ABA payment file reviews, ERP/Payable System report extracts, or online banking.
Simple ‘traffic light’ style thumb alerts indicate potential fraud in real-time on your online payments screen or payments file in the web portal. Continuous monitoring and alert systems support ongoing vigilance and timely intervention, aligning with policy requirements like risk assessment, prevention, review, detection and reporting.
By identifying and mitigating the risk of payment error, fraud and cybercrime through digital verification and payment controls, Eftsure supports the policy’s objective to help organisations manage and reduce their risk of fraud and corruption.
Eftsure automatically verifies the authenticity of ABNs and checks the status of GST registrations on every payment, reducing the risk of engaging with a non-compliant supplier and ensuring your organisation adheres to regulatory compliance requirements.
Eftsure’s comprehensive duty-segregating capabilities ensure that protocols and processes are followed, supporting the Fraud and Corruption Policy – especially components like assessment, review, documentation, prevention and detection. Eftsure’s solution offers a digital interface for managing visibility and tasks, customisable roles and permissions, automated notifications, and approval workflows.
With the flexibility of unlimited users, multi-level approvals, and hierarchical structures, Eftsure makes it easy to build visibility and delegate tasks in line with your existing access policies and user permissions. Setting up access points is easy, reduces the risk of internal fraud and keeps auditors happy.
Eftsure ensures compliance with the Fraud and Corruption Policy by automating manual controls and procedures and streamlining your compliance, offering centralised management and monitoring of payment and supplier data. Eftsure also offers features like centralised reporting to reduce audit stress, secure and independent vendor validation, and notifications about inactive or invalid ABN reports.
Additionally, Eftsure provides comprehensive supplier and payment reports along with detailed internal audit trail reports, ensuring thorough documentation and accountability.
Eftsure’s compatibility with all ERPs and accounting systems enables integration with existing financial systems, ensuring that compliance measures are embedded within everyday processes. This minimises disruptions and delays to everyday workloads and makes it easier to maintain compliance with the policy.
Eftsure often provides training and awareness programs, including webinars, guides, up-to-date content on the latest scam tactics and warning signs of fraud. It gives leaders even more resources for keeping staff informed and for cultivating an overall culture of safety, which is important for meeting requirements in areas like prevention and detection.
All the news, tactics and scams for finance leaders to know for November / December 2024.
Each month, the team at Eftsure monitors the headlines for the latest accounts payable (AP) and security news. We bring you all …
Discover key insights from the OAIC report on data breaches, including the impact of human error and strategies for CFOs to protect their organisations.
Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.