Learn about red flags for internal fraud
On this page
Entities face an increasing threat of internal fraud. Over 1,300 internal fraud investigations were finalised during the 2018-19 financial year. Entities can better prevent and detect internal fraud by looking out for red flags - common traits of employees who have committed internal fraud.
Look out for the following red flags
An employee may be a higher internal fraud risk when a combination of the following red flags are present:
- Unwilling to share duties or take leave.
- Replacing existing suppliers with suppliers that they have a close connection with.
- Refusal to implement internal countermeasures.
- Skipping approval steps.
- Living a lifestyle above their means or lavishing gifts on colleagues.
- Failing to keep appropriate or accurate records/receipts.
- Bullying colleagues.
- Seeking access to areas which they should not be able to access.
- Long term shortage of cash/financial hardship.
- Consistently seeking loans or advances.
- Past legal/compliance problems.
- Addiction problems.
- Gambling problems.
- Significant personal stress.
- Strong sense of entitlement.
- Unhappy with employer.
Closely monitor the following high internal fraud risk activities
Internal fraud most commonly occurs in the following activities:
- Vendor management and accounts payable.
- Cash handling.
- Crisis payments or pre-payments.
- Travel and subsistence payments.
- Contract management.
- Privileged system accesses, example:. Administrator access.
- Activities requiring access to sensitive data.
- Grant programs.
Key tips to prevent internal fraud
Apply the following methods to prevent internal fraud:
- Promote an ethical culture in your entity.
- Have mandatory fraud awareness training and refresher training.
- Have appropriate management oversight.
- Separate duties and delegations.
- Have hard coded IT system countermeasures.
- Have restricted access or dollar value limits for transaction processing.
- Have physical security measures including the use of safes and physical access restrictions.
- Conduct regular supplier reviews and maintain a register of non-compliance/breaches of contractual conditions and reporting requirements.
- Rotate staff in high-risk positions.
- Require staff to take regular annual leave.
- Create a gift policy and register and publish the gift register online.
- Make sure staff complete Conflict of Interest and Secondary Employment registers.
- Actively test existing countermeasures and make changes where needed.
- Intervene before non-compliance becomes fraud.
This guide gives insights into managing fraud in the public sector. It combines the perspectives of members of the International Public Sector Fraud Forum.
This report presents information gathered during the 2016–17 financial year from all non-corporate Commonwealth entities about their experience of fraud and their fraud control measures.
This report by KPMG profiles fraudsters from around the world. KPMG’s analysed 750 fraudsters across 81 countries.