The Shared Services & Outsourcing Network recently ran an article on their Q&A with Patrick Taylor of Oversight Systems which covered some steps your organization can take to prevent fraud. Given that each incident of fraud costs you $441,000 on average, every bit of advice helps — especially since most fraud losses are internal in an average organization.
Clearly define your entry and reporting requirements.
Make sure each transaction is verified with supporting documentation. No expense report without matching receipts, no payment without a verified invoice and matching goods receipt, and no large wire transfers without a contract and a (e-)paper trail.
Implement good controls that cannot be easily, or autonomously, overridden.
Two or more approvals should be required for every payment that is off contract, that is for goods redirected to a non-standard location, or that is to a new vendor. The need for collusion reduces the risk of fraud.
Implement a continuous auditing system that examines every transaction.
A system that examines, and re-examines, every transaction looking for unusual entries or unusual patterns is much more likely to find fraud than a random audit of the books. Are you going to detect all duplicate payments? Are you going to notice the same expense report submitted six months in a row? Are you going to notice six installment payments to a contract that was only supposed to have three if you don’t have immediate access to the contract? Are you going to notice repeated payments to the company of your employee’s brother for “miscellaneous services” that are a couple of months apart? Probably not … but an appropriately implemented transaction monitoring system that supports a range of user defined rules and a best-practice artificial intelligence will.