I want to learn about red flags for internal fraud
Entities face an increasing threat of internal fraud. Over 1,300 internal fraud investigations were finalised during the 2018-19 financial year. Entities can better prevent and detect internal fraud by looking out for red flags - common traits of employees who have committed internal fraud.
Look out for the following red flags
An employee may be a higher internal fraud risk when a combination of the following red flags are present:
- Unwilling to share duties or take leave.
- Replacing existing suppliers with suppliers that they have a close connection with.
- Refusal to implement internal countermeasures.
- Skipping approval steps.
- Living a lifestyle above their means or lavishing gifts on colleagues.
- Failing to keep appropriate or accurate records/receipts.
- Bullying colleagues.
- Seeking access to areas which they should not be able to access.
- Long term shortage of cash/financial hardship.
- Consistently seeking loans or advances.
- Past legal/compliance problems.
- Addiction problems.
- Gambling problems.
- Significant personal stress.
- Strong sense of entitlement.
- Unhappy with employer.
Closely monitor the following high internal fraud risk activities
Internal fraud most commonly occurs in the following activities:
- Vendor management and accounts payable.
- Cash handling.
- Crisis payments or pre-payments.
- Travel and subsistence payments.
- Contract management.
- Privileged system accesses, example:. Administrator access.
- Activities requiring access to sensitive data.
- Grant programs.
Key tips to prevent internal fraud
Apply the following methods to prevent internal fraud:
- Promote an ethical culture in your entity.
- Have mandatory fraud awareness training and refresher training.
- Have appropriate management oversight.
- Separate duties and delegations.
- Have hard coded IT system countermeasures.
- Have restricted access or dollar value limits for transaction processing.
- Have physical security measures including the use of safes and physical access restrictions.
- Conduct regular supplier reviews and maintain a register of non-compliance/breaches of contractual conditions and reporting requirements.
- Rotate staff in high-risk positions.
- Require staff to take regular annual leave.
- Create a gift policy and register and publish the gift register online.
- Make sure staff complete Conflict of Interest and Secondary Employment registers.
- Actively test existing countermeasures and make changes where needed.
- Intervene before non-compliance becomes fraud.