For as long as there has been business, there has been fraud. However, the level of sophistication and magnitude of fraud perpetration has evolved considerably over the last decade even as petty corruption continues to occur in less conspicuous manners. Of the many forms that fraud can take, insider and third-party threats such as management override and conflicts of interests are arguably the most challenging for boards.
The highly competitive landscape and uncertain economic conditions in recent years have put immense pressure on executives to deliver on growth and profitability. At the same time, governments and regulatory bodies are also applying greater pressure on organizations through a toughened stance on anti-corruption via measures such as raising the bar on regulation standards and meting harsher penalties to having dedicated teams to look into anti-money laundering risks.
Consistent tone and action
Over the years, companies have progressed in investing in anti-fraud programs. However, according to the EY Asia-Pacific Fraud Survey 2017, despite having more companies establishing codes of conducts, anti-bribery and anti-corruption (ABAC) policies, trainings and whistleblower hotlines, ethical standards are showing few signs of improvement.
One of the reasons is that employees are receiving mixed messages from senior management, who are seen to be ignoring unethical behaviors and condoning misconduct so as to meet business targets.
According to the above survey, 85% of respondents want their ABAC policies to be simplified and localized, and consistently applied. Leaders must also proactively educate employees on compliant behavior beyond well-defined policies. Unless there is concerted and continual effort from the top to reinstate the importance of an ethical environment and clarify the ambiguities in the policies that govern how business is conducted, employees may remain misguided and reluctant to act appropriately.
By and large, the board is expected to oversee fraud risk as part of overall risk management. To that end, it is imperative that Boards, with management, drive an ethical corporate culture. Boards must also drive management accountability in modeling ethical conduct and achieving a stronger nexus between policies and improved behaviours.
Cyber and insider threats
Compounding the challenge in fighting fraud is the fast-changing technological environment. The financial, reputational and regulatory impact of having an organization’s critical assets stolen or damaged as a result of fraud can be very damaging. Incidences of cyber breaches continue to prove that boards and management must treat data risk management as a holistic program and be aggressive in developing defense and response plans to address persistent cyber threats.
A key component for strengthening an organization’s preparedness and response will be an increased awareness of the variety of threat actors. An often overlooked risk is the possibility of insider or third-party threats. Employees, former employees, contractors and business partners do not need to “break into” systems as they already have authorized access and knowledge on the organization’s network systems, data and premises.
Mitigate knowledge gaps
Even with the awareness of organizational fraud risks, boards can sometimes be ill-equipped for the task as they may not have a team with the necessary expertise. This is especially so in the areas of information technology and cybersecurity, where technological advancement is a double-edged sword for organizations.
While it is common knowledge and good practice to inject new ideas and varied perspectives in the boardroom via a good mix of directors from different backgrounds, reality is often otherwise. It is thus strategic for companies to take into account the knowledge gaps of the board in information technology and cybersecurity as it considers board composition and renewal.
Further, the fact that boards are not involved in the daily operations of the company can lead to directors lacking a comprehensive understanding of the information and numbers presented to them by management. Directors can overcome this challenge by developing and using a governance checklist to enable them to better discharge their responsibilities.
Fraud and corruption does not only expose organizations to financial and reputational losses; it impacts other levers of sustainable growth such as the attraction and retention of talent.
While financial performance and profitability matters in the year’s report card to shareholders, the sustainability of the organization is certainly far more important. An unwavering emphasis on an ethical corporate culture lays a strong foundation and can make a fundamental difference.