Fraud and corruption are unfortunate consequences of managing complex, geographically dispersed companies. Employees, customers, suppliers, and vendors have many reasons for engaging in fraudulent activities that can be grouped into the opportunistic, pre-meditated, and malicious (i.e., when an individual is disgruntled and believes they deserve more than they are getting) categories. Ultimately, it is an opportunity for a person to take money for themselves. Without the existence of continuous controls, these indiscretions can typically take an average of 32 months for an organisation to detect. By then, not only have the perpetrators disappeared, but the losses to the business are also significant with minimal chances of recovering them.
Corporate fraud is ultimately a cultural issue. Auditing departments and special groups reporting into the CFO or the board can deploy continuous controls to reduce fraudulent activity in the procure-to-pay, HR, contract and expense management processes proactively. Without a continuous control function, and management by auditors who operate independent from the rest of the organisation, fraud can be allowed to grow like a mould and be just as difficult to root out completely. This is why it is important to eradicate it as quickly as possible.
See also: Singapore police probe two firms in alleged metal trade fraud
During any economic downturn such as the current one, people are resorting to these desperate measures more than before to grab extra funds from wherever they can. The Association of Certified Fraud Examiners (ACFE) supports this, noting that 79% of respondents to their latest benchmarking survey in November 2020 observed an increase in fraud, and an overwhelming majority (90%) expected fraud to continue increasing over the next 12 months. Supply chain networks are especially vulnerable to fraud due to their current volatility and sudden shifts in demand for products from consumers. PwC found that 42% of Singaporean organisations experienced fraud in the previous two years. In fact, Transparency International's latest assessment of global corruption notes that many countries in Asia Pacific continue to struggle to combat corruption, registering an average score of 45 out of 100.
While many organisations rely on whistleblowing from employees to detect fraud, few are made aware of fraud incidents in this manner. In the same PwC survey, for example, less than 15% of Malaysian organisations were made aware of fraud incidents from whistle-blowers. Organisations need other ways to detect fraud, waste and abuse. Implementing continuous controls accomplishes this goal by allowing organisations to:
- Monitor for suspicious activity continuously, rather than calling in an investigator for a single case,
- Be more aware and transparent at the board level about the risks
- Strengthen approval processes that are slowed by manual steps.
This allows companies to catch more complex fraudulent activity before losses mount, reduce the long-term costs of audit, detection and investigation activities, and protect their brand reputation.
How do continuous controls prevent fraud?
Continuous control is a system that empowers organisations to monitor activities related to core business processes in the supply chain, procurement, and HR functions, for example, where fraud, waste and abuse may typically occur. These systems are now beginning to incorporate advanced analytics capabilities with artificial intelligence (AI) and machine learning (ML) solutions to learn good and bad behaviour and then automate some of the decision processes, particularly for detecting fraud, waste and abuse. This allows auditors to gain visibility and control over fraud issues so that they can deliver more value to the C-suite.
Sink your teeth into in-depth insights from our expert contributors, and dive into financial and economic trends, Click here for our Views Section
Some organisations automate the clearance process completely, which speeds up their approval process dramatically by clearing low risk cases and allowing fraud analysts to focus on high-risk cases. Decisions that would take days or weeks can be reduced to minutes because the system is providing internal auditors with information that would have taken them significant time to gather.
Gerard McDonell is the regional solution director, fraud & security intelligence at SAS
Photo: Stock photo