The Housing Internal Audit Forum has recently reported that: "Fraud is on the increase as the recession bites."

It's a sad fact that registered providers are not immune to employee fraud, especially in light of the current financial pressures. This is not only because the incidence of fraud is increasing but also when it does occur, boards, bankers and other stakeholders want to know what precautions the directors had taken to prevent or limit the damage. Ignorance of fraud is no defence; it is now recognised as a business risk to be managed in the same way as any other business or financial risk.

So what practical steps can we take to reduce the threat of employee fraud? When fraud happens, how can we mitigate the loss and bolster the confidence of the board of trustees that the CEO is still in control?

The guiding principles for an effective fraud risk strategy are prevention, detection and investigation. In an ideal business world, prevention controls would be strong enough to stop all fraud, but this might also grind the company into the ground due to the sheer bureaucratic burden. Also, past experience has taught us that if a fraudster is sufficiently motivated and can justify his or her action, fraud may happen despite the tightest controls. We therefore need the other two principles: to be able to detect fraud as it is happening; and then investigate it once we have detected it, or as is more likely someone blows the whistle.

These three principles should be linked in a virtual circle where lessons learnt from investigation are used to improve controls, where weaknesses in controls identified during prevention activities lead on to selected detection procedures, which in turn prompt investigations.

Don't think it won't happen to you; rather than waiting for the inevitable, review your anti-fraud procedures now. Here are a few elements every association can easily incorporate into their control environment.

  • Fraud risk assessment – understand the fraud risks that you face
  • Pre-employment screening – ensure that all staff are appropriately screened before you employ them or before you promote them into a more sensitive role
  • Whistleblowing procedure – how do employees report suspicions of fraud?
  • Senior management accountability – are responsibilities for fraud prevention understood?
  • Audit of employee compliance with policies and procedures – test controls, don't assume they are effective
  • Tone at the top – what is senior management's attitude to employee fraud, how do they communicate this attitude to employees?
  • Corporate culture – how does the corporate culture support the business' attitude to fraud?
  • Fraud awareness training – do staff understand what fraud looks like and the damage it can do to the association?
  • Code of conduct – are codes of conduct clearly communicated with employees?
  • Disciplinary procedures – are staff clear about the consequences of committing fraud?
  • Reporting fraud to the authorities – what is your organisation's attitude to reporting fraud?
  • Career counselling – how do you manage your staff's careers?
  • Do you have an effective communication system for employee complaints? – by far the most likely avenue of discovering fraud
  • Employee participation in own performance goals – do staff feel that have some control over how they are appraised?

Finally, avoid placing excessive rewards and punishments on performance as these can be strong drivers for fraudulent behaviour.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.