Fraud Prevention Plan (FPP)
The purpose of this document is to provide guidance to enable the Institutions to develop fraud prevention plans that cover all the basic mechanisms of preventing fraud & corruption.
These are general guidelines meant to enhance the understanding of fraud prevention this guideline can be used in a document that introduces the key components of the FPP (i.e. Annual Fraud Prevention Plan). Templates are provided for fraud prevention policy and fraud prevention strategy.
The Accounting Officer / Authority is responsible for ensuring that the Institution has and maintains effective, efficient and transparent system of financial and risk management and internal control.
Furthermore, Institutions are required to conduct risk assessments on regular basis and prepare a risk management strategy, which includes a fraud prevention plan, to be used to direct internal audit effort. The strategy must be clearly communicated to all employees to ensure that risk management is incorporated into the language and culture of the department or entity.
3. Fraud and Corruption definition
In South Africa fraud is commonly defined as the unlawful and intentional making of a misrepresentation which causes actual prejudice or which is potentially prejudicial to another (CR Snyman).
General offence of corruption
Any person who, directly or indirectly-
· accepts or agrees or offers to accept any gratification from any other person. whether for the benefit of himself or herself or for the benefit of another person; or
· gives or agrees or offers to give to any other person any gratification, whether for the benefit of that other person or for the benefit of another person is guilty of the offence of corruption.
· money, whether in cash or otherwise;
· any donation, gift, loan, fee, reward, valuable security, property or interest in property of any description, whether movable or immovable, or any other similar advantage;
· the avoidance of a loss, liability, penalty, forfeiture. punishment or other disadvantage;
· any office, status, honour, employment, contract of employment or services, any agreement to give employment or render services in any capacity and residential or holiday accommodation;
· any payment, release, discharge or liquidation of any loan, obligation or other liability. whether in whole or in part;
· any forbearance to demand any money or money‘s worth or valuable thing;
· any other service or favour or advantage of any description. Including protection from any penalty or disability incurred or apprehended or from any action or proceedings of a disciplinary, civil or criminal nature. whether or not already instituted, and includes the exercise or the forbearance from the exercise of any right or any official power or duty;
· any right or privilege;
· any real or pretended aid, vote, consent. influence or abstention from voting; or
· any valuable consideration or benefit of any kind, including any discount, commission, rebate, bonus, deduction or percentage.
“Induce” includes to persuade, encourage, coerce, intimidate or threaten or cause a person, and “inducement” has a corresponding meaning.
Fraud and corruption remain a threat to public trust and confidence, it is therefore essential to recognise fraud prevention as an integral part of strategic management. It is important that the Accounting Officer / Authority set the right tone for the prevention and management of fraud in the Institution.
All staff may be aware of the need to prevent loss and to safeguard stakeholders' interests; however they may not be clear about the Institution's standpoint relating to fraud.
It is a requirement for the Accounting Officer / Authority to publish a fraud prevention policy. This includes a statement that declares the Institution's commitment to effective fraud risk management. It should explain that all key fraud risks identified are to be managed appropriately.
4. Actions constituting fraud and corruption
· Falsification & Forgery;
· Overstatement of assets & income to conceal unauthorised transactions;
· Understatement of liabilities & expenses to conceal illegal transactions; or
· False and / or omitted disclosure, etc.
5. The concept of fraud prevention
Fraud prevention / fraud risk management is a process that is adopted by the Institution, in putting mechanisms in place, to manage Institution’s vulnerability to fraud. Such mechanisms are designed to prevent, deter and detect fraud.
It is the responsibility of the Accounting Officer / Authority to design the following enablers to allow the effective implementation of fraud prevention plan in an Institution:
· Fraud Prevention Policy; and
· Fraud Prevention Strategy.
6.1 Fraud Prevention Policy
Fraud prevention policy is an Institution’s statement on its commitment / stance in managing the threat of fraud & corruption. Fraud prevention policy informs the fraud prevention strategy of the Institutions, therefore any major changes in the operations, structures and / or legislation that affects fraud risk management will require a review of the policy. The Institution can also include a provision on the review of the policy to ensure relevance at all times.
The statement can include the following:
· Anti-fraud programs adopted by the Institution;
· Policy / procedure for reporting of fraud;
· Mechanisms in place to prevent, detect and investigate fraud;
· Recovery of financial losses; and
· Anti-fraud culture & values of the organisation.
6.2 Fraud Prevention Strategy
The fraud prevention strategy is a detailed plan on how the Institution will implement the measures to address risk of fraud and corruption. The Institution should review the strategy annually to address the emerging fraud risks.
The strategy should include detailed information on the following:
· Identification & assessment of vulnerable areas;
· Ownership of fraud risk;
· Response plan;
· Anti-fraud culture; and
· Legal framework.
The following are the key-pillars of fraud prevention:
· Investigation; and
The structure illustrated in diagram 1 below in provides guidelines for Fraud Prevention Plan (FPP). Institutions can be flexible to develop a plan suitable for their circumstances. The guidelines are more about the understanding of principles, and are not blue prints.
Fraud and corruption prevention like any other risks, is the responsibility of everyone in the Institution. The Accounting Officer / Authority can delegate the ownership of fraud risk management to Business Unit Managers / Line Managers / Division Managers in specific areas of the Institution. However, the Accounting Officer / Authority still remains with the ultimate accountability.
Fraud Risk Management Committee
The size of the Institution and the magnitude of fraud & corruption can be used to decide whether to have a separate oversight committee for fraud risk management or to use the Risk Management Committee (RMC) as an oversight body.
As part of the Enterprise Risk Management (ERM), it is the responsibility of the Accounting Officer / Authority to establish structures to address the threat of fraud. Fraud prevention can be placed under the oversight of Risk Management Committee (RMC or Audit Committee (AC), along with other risk management matters. As much as it is recommended that Institutions design a separate policy and strategy for fraud, in an ideal situation it is also recommended that a separate committee is established to provide an oversight on fraud & corruption related matters, such as Fraud Prevention Committee.
In instances where the scale, complexity and geographical dispersion of the Institution’s activities dictate the need for the Risk Management Committee to work through sub-committees, the Risk Management Committee should ensure that:
· approval is obtained from the Accounting Officer / Authority for the establishment of the sub-committees;
· the terms of reference of the sub-committees are aligned to that of the Risk Management Committee; and
· the Risk Management Committee exercises control over the functioning of the sub-committees.
Diagram 1: Fraud Prevention Plan (FPP)
Diagram 2: Corrupt Actions