1 minute read
What is fraud?
Fraud can be defined as any illegal act characterised by deceit, concealment, or violation of trust. These acts are not dependent upon the threat of violence or physical force. Fraud is perpetrated by parties and organisations to obtain money, property, or services; to avoid payment or loss of services; or to secure personal or business advantage.6
The types of fraud are varied – they can be financial (e.g., inflating sales figures to achieve a bonus) or non-financial (e.g., identity fraud); internal (e.g., payroll fraud) or external (e.g., false insurance claims); cyber enabled (e.g., phishing scam) or not cyber enabled (e.g., cheque fraud). Fraud can be perpetrated by one or more individuals and, according to the ACFE, the median duration of fraud is 12 months before it is detected.7 The variety of fraud types has been reflected in our roundtable discussions. For participants from the financial services sector, external fraud such as authorised push payments or consumer fraud are top of their agenda. In the private sector, it could be as varied as fraudulent data breaches, misappropriation of assets, or payment fraud. Internal fraud, such as payroll fraud, has also become more prominent because of people working from home. The third sector faces similar issues, with the added difficulty that some charities and international organisations operate in highly unstable and corrupt environments. In the public sector, the fraudulent misuse of Covid-19 support schemes has made headlines and is something the government is now grappling with. It was positive to hear that all participants of our roundtable discussions said their organisation had an anti-fraud policy that explicitly mentioned types of fraud. For some, this is part of a wider code of conduct and integrated into other policies, such as terms and conditions or procurement policies. The multi-dimensional aspect of fraud is important and should be reflected on by organisations and internal audit when considering fraud risks in their business. As a minimum, internal auditors should ensure they understand the different types of fraud and assess whether their organisation has put the relevant controls in place to prevent and mitigate the risk.
Advertisement
