All organizations are vulnerable to occupational fraud, and that fraud costs an enormous amount of money ($652 billion a year in the US according to ACFE research as summarized in this occupational fraud infographic). As a result, a comprehensive fraud risk management policy is an essential component of an overarching enterprise risk management plan.
Your fraud risk management policy stems from the risk analysis that must underlie the policy. That is, identifying the concrete organization-specific fraud risks that must be mitigated.
Systematic planning and implementation across these five basic areas will put your fraud risk management program on the path to success.
1. Identify a “risk owner” in your organization.
Upper management must be engaged in policies aimed to mitigate risk. Part of this is that responsibility has to be clear – wishful groupthink won’t cut it. With respect to fraud risks in particular, a member of upper management should be charged to organize and carry out the risk analysis, including how identified risks should be managed. As with every important management function, this function will include process definition, goal setting, measurement, and reporting on a timely basis. … Continue reading