In Part 1 of this article we looked at some general issues with how to deal with fraud. In this article we look at specific steps for managing fraud.

Develop a fraud policy that includes:

  • Corporate ethics
  • Conflict of interest
  • Gift acceptance policy
  • Fraud and whistle blower standards
  • Guidance to identify what is fraud
  • Guidance on how to report fraud
    • External reporting services (e.g. EthicsPoint)
    • Hotline
    • Email to Internal Auditor, management, board
  • Provisions for maintaining confidentiality

Establish procedures for how to look for fraud

  • Internal audits
  • External audits of HQ and field offices and records
  • “Desk Audit” of monthly reports against supporting documents
  • Monitoring process
  • Compliance visits
  • Donor audits
  • Whistleblower program
  • Happenstance: fraud comes to light by accident

Ensure protections for possible whistleblowers

  • Employees
  • Former Employees
  • Partner organization staff
  • Clients

Determine process for responding to reports of alleged fraud/whistleblower reports

  • Reports referred to an established group delegated with fraud management authority: President/Director, compliance staff, Internal Audit, Chief Financial Officer, HR, Board members
  • Determine and implement standards for decision-making on follow-up or taking no further action on allegations
  • Establish policy on who will be advised of investigation
  • Establish process for selecting investigative team
    • Subject specialist
    • Compliance experts
    • Auditors
  • Establish process for unannounced investigative visit by team
    • Secure files
    • Staff interviews
    • Whistleblower identity protections
    • Whistleblower protections from retribution
    • Process for obtaining more specific, verifiable information
    • Opportunity for accused to respond to allegations
  • Prepare written report
  • Report presented to the appropriate staff:
    • Management
    • Board
    • Donors
    • Law enforcement
  • Findings shared with accused and actions taken
    • Accusation without merit; no further action
    • Accusation proven
      • Written warning with penalties
      • Termination
      • Legal action; civil or criminal
  • Occasionally, accusation alleges broad wrong doing and only a portion can be proven:
    • Accusation: Director violated procurement procedures because he is getting a kickback from Vendor X.
      • Violation of procedures is proven
      • Kickback scheme is not proven

Risks with Fraud Investigation

  • CSI DVDs? How does the investigator get his/her skills?
  • Determine beforehand the approach to use (be prepared) and adjust when on the ground (flexibility)
  • Should intuition be part of the approach?
  • Go in with an open mind; be fair, objective, be nice! Probe, get the confidence and trust of the staff.
  • Work outside the office as much as possible.
  • Use the approach that works best for you.

In the final part 3, we look at some fraud scenarios, possible approaches to address them and the impact on the organizations.