Client story: Fraud and corruption control

Background

RSM Australia’s Fraud & Forensic Services team was engaged to perform a Fraud Risk and Controls Review for an ASX-listed client, which involved:

1. Reviewing the organisation's fraud and corruption control arrangement against the better practice of Australian Standard AS 8001:2021 Fraud and Corruption Control;
2. Conducting a fraud and corruption risk assessment for the organisation;
3. Performing fraud data analytics by focusing data analytic testing on high fraud and corruption risk areas of accounts payable / procurement and assets; and
4. Providing a fraud and corruption control roadmap of any engagements / improvement opportunities for the organisation from the review.

Our tailored approach included:

• Briefings were held with key stakeholders.
• Identified and collated leading practice material relevant to the client and engagement.
• Obtained and analysed relevant client documentation, including:
  • Policies, procedures, organisational chart.
  • Present risk management methodology.
  • Any historical and current relevant internal audit practices and reports
  • De-identified historical reports of fraud and corruption.
• Conducted an online employee survey to over 5,600 employees to ascertain organisational fraud and corruption control awareness.
• Analysed existing fraud and corruption control arrangements in comparison to legislative requirements and better practice of Australian Standard AS 8001:2021 Fraud and Corruption Control and the Association of Certified Fraud Examiners (“ACFE”) Certified Fraud Examiner (“CFE”) manual, the Anti-Fraud Playbook 2020.
• Conducted an analysis of current fraud risks, mitigations, and treatments for consideration in design of a fraud and corruption risk assessment.
• Consulted with key stakeholders throughout the process.
• Performed key data analytic testing on high fraud and corruption risk areas.

Challenges, Issues and Risks

• Significant volume of data to analyse from across 16 business units
• Organisation was a large ASX listed company and, as such, the volume of stakeholders to consult and work with in co-development of a fraud and corruption control system plan was significant
• Organisation had no dedicated fraud and corruption risk register and as such RSM adapted our approach from reviewing the relevant risk register to co-developing a draft fraud and corruptionrisk register with the client for management’s subsequent finalisation and implementation

Outcomes

RSM delivered a tailored co-developed fraud and corruption risk register, a co-developed fraud and corruption control system plan, a copy of employee survey results of a fraud and corruption online survey, and data analytics work papers and findings identifying red flags of fraud or other unusual data in relation to accounts payable or inventory balances / transactions.

RSM further provided an overview of recommendations for management’s consideration to strengthen controls around prevention, treatment and mitigation of fraud and corruption risks in the organisation.

Received positive client feedback of “Thank you team, it’s been a pleasure working with you all, and I certainly appreciate all your efforts… you were a constant presence and consummate professionals”.