Risk Assessment vs Risk Management: How can fraud and corruption be avoided

Updated: Aug 16

In trying to understand your financial crime, fraud and corruption risk, building a risk profile for your organisation including its insider threat is an important starting point to fighting fraud and corruption locally and throughout your organisation and its global supply chain.


Information rules the world


Proactive versus the reactive response to fraud and corruption allegations


If you are about to build a profile of risk around your organisation, you should not only look at organisation sources of information but also international assessment of risk the outline the current risks and themes that may impact your organisation. One such source is the Report to the Nations published by the Association of Certified Fraud Examiners.


The ACFE study covered 2505 cases from 125 countries with a total loss of more than $3.6 billion. The average loss per case is $1,509,000. A number of the key findings in this year’s report include:


  • Corruption was the most common scheme in every global region and is the most common scheme across all sectors

  • 43% of schemes were detected by tip

  • 56% of tips were received from individuals that had received formal fraud training compared to 37% without fraud training

  • The 3 primary categories of occupational fraud include asset misappropriation, corruption and financial statement fraud

  • The median duration of fraud, from when it begins to when it is detected is 14 months. 7% lasted over 5 years with the largest median loss

  • Occupational fraud is concealed through creating fraudulent physical documents, altered physical documents, altered electronic documents or files and created fraudulent electronic documents or files

The awareness of common fraud methodologies and the controls necessary to detect and mitigate these risks is essential in protecting organisation revenues. The key findings of control risks included;

  • A lack of internal controls contributed to a third of the fraud

  • More than 40% of cases in the study were uncovered by tips, which is almost three times as many cases as the next-most common detection method

  • Four anti-fraud controls in particular were associated with a 50% or greater reduction in both fraud losses and duration; a code of conduct; an internal audit department; management’s certification of financial statements; and regular management review of internal controls, processes, accounts, or transactions

  • 64% of victim organisations had hotlines

  • All sectors are impacted by occupational fraud however sectors with significant values of loss included construction, energy, healthcare, manufacturing and telecommunications. However the biggest loss was within this analysis is the mining sector

  • The presence of fraud controls not only reduced the median loss but also the duration of the fraud

  • The primary internal control weaknesses that contribute to occupational fraud, include; the lack of internal controls, override of existing internal controls, lack of management review and poor tone from the top

The significant value in control measures can't be underestimated, the ACFE research clearly highlights the importance of being able to collect your own data to detect and respond to fraud risk. Although receiving tips is only one information source in building a risk profile, it is clearly a powerful tool and when linked with staff that receive formal fraud training, the insider threat is clearly identified quicker and financial losses reduced, where your organisation is a target of fraud.