All businesses are vulnerable to fraud, but fraud risk varies according to the nature, size and complexity of the business and the sector in which it operates.
A risk based approach is the most cost effective way of managing the risk of fraud and corruption and enables you to focus resources on the areas most vulnerable to fraud. Understanding the risk profile of your organisation is therefore one of the first steps in successfully managing fraud.
At its most basic level you should regularly review your business activities, identify the areas most at risk to fraud and introduce controls to prevent it.
Organisations with established Risk Management procedures should utilise the same principles for managing fraud risk as they adopt in managing other key business risks.
The aim is to build up a risk register (or database) which specifically identifies fraud risks and which is regularly reviewed and updated. This will allow your business to identify, assess and manage the risks it faces across all its operations. The register can be developed at an organisational level; department level or individual process/activity level.
See our Fraud Risk Register Template
In order to develop your fraud risk register and determine appropriate actions to mitigate those risks you will need to:
- Identify the key risks and who is responsible for managing it;
- Consider the impact of potential frauds;
- Assess the scale/likelihood of the risk of fraud occurring;
- Identify/evaluate the adequacy of existing controls to mitigate the risk;
- Implement revised controls/action plan for the future, and
- Monitor and Review the impact of actions.
Each of these elements are considered in detail below.
This is a sample of our guidance to request access to the guidance and associated resources please complete your details below or respond to any email you may have received from us using the subject heading ‘Request Access to Free Charity Resources’