Professional Documents
Culture Documents
Mitigating the risk of being a victim of fraud requires a system of activities and controls that,
as a whole, reduce the probability of fraud and misconduct, but that, at the same time,
maximize the possibility of detecting them, before they mean a significant economic loss.
All companies are susceptible to some type of fraud, since when there is collusion and
intention, it is difficult to detect and stop it. Despite this, it has been seen that this risk is
substantially mitigated when companies have a comprehensive program that allows
combining mechanisms of cultural change with internal controls in business processes.
An adequate risk management system must be based on a solid corporate governance
structure. Everyone in the organization plays an important role in the oversight and
monitoring process, both the Board of Directors and the Audit Committee, management and
internal auditors.
A comprehensive fraud risk management program should begin with assessing what these
risks are in the organization, and rating them by the likelihood of occurrence and magnitude
of impact. The process has to be suitable and designed for each organization, since there is
no common inventory or menu of fraud risks, from which you can choose what applies to
you. Therefore, it is recommended to consider, both the external factors that create fraud
risks: product substitutes, changes in the industry and in the economy, change in legislation,
needs and expectations of customers, etc.; such as internal factors: incentives and pressures
on employees, low morale, new systems, new products, staff turnover
A common example in fraud investigations is the receipt of materials. For example, a
signature on the invoice is sufficient, and it is common to hear the argument that: it is the
signature of the operations manager. But, no one checks whether the operations manager
authorizes the purchase of an African elephant for an operation that manufactures nuts, so
the specific control of the authorization firm has already lost value.
Controls, as an effective anonymous reporting mechanism, reduce the risk of fraud by up to
50%, according to statistics from the Association of Certified Fraud Examiners (ACFE), whose
function is twofold, since on the one hand it helps to detect problems perceived by
employees and, on the other, It deters the potential perpetrator as he can be reported.
Consideration of segregation of duties in the design and implementation of all controls and
mechanisms to prevent, deter and detect fraud will help mitigate risk to a minimum.
The emphasis of effective and responsible management of companies must be placed on the
deterrence of crimes or improper conduct. The investigation of fraud, abuse and error should
not be the primary interest of the top management of companies, as it is a reactive rather than
proactive position. Its main interest should be aimed at strengthening effective corporate
governance, based on a risk control system, which prevents the abuse of trust and decreases
the likelihood of error and deception.
Organizations need to stop seeing internal control as a long list of unrelated "locks" that create
the perception of overregulation or bureaucracy, but as a complement to a cultural change,
that is, a combination of the necessary controls or locks, according to the risks, participation
and tone of management on ethical and value issues.
The permanence of societies and their successful management increasingly depend on the
creative capacity to anticipate threats, face them and adapt as best as possible to a reality that
demands the use of improved decision-making and execution capabilities.
The risk assessment and management process thus becomes a priority point to be addressed
within the agendas of most companies, in order to achieve adequate alignment between the
fulfillment of institutional objectives and the dangers, contingencies and insecurities
prevailing in the environment.
References
Auditionorl.03 January,2020. Internal Control, importance in fraud prevention.
https://www.auditool.org/blog/fraude/control-interno-impor-tancia-en-la-prevencion-de-fraudes
Auditionorl.05 April,2016. Internal control and risk assessment" Risk assessment is a dynamic and
interactive process aimed at identifying and managing risks to ensure the achievement of objectives"
https://www.auditool.org/blog/control-interno/el-control-interno-y-la-evaluacion-de-riesgos
Thesis .universidad de chile.2005. Seminar on Management Methods and Risk Assessment
https://repositorio.uchile.cl/tesis/uchile/2005/garcia_j2/sources/garcia_j2.pdf