Introduction

As today’s business ecosystem becomes more digitised and interconnected, fraud risks are evolving just as quickly. Currently, these complex fraud schemes not only cause financial losses but can also lead to reputational risks, loss of stakeholder confidence and significant regulatory sanctions. Organisations will need to continuously reflect on emerging threats and reinforce a culture of integrity and accountability. 

At RSM, our work across industries shows that while fraud may be evolving in form and sophistication, the core foundations of effective fraud prevention still lie in a strong control environment, vigilant leadership, ethical organizational culture and empowered people.

Emerging fraud trends

Organisations are facing an increasingly complex fraud environment shaped by technology, economic pressures and expanding supply chains. Key patterns we continue to observe include:

  • Digital and mobile-money fraud – social engineering, data breaches, identity theft and unauthorised mobile-money withdrawals remain prevalent, especially where authentication controls are weak.
  • Procurement and supplier collusion. Inflated quotations, fictitious or non-existent suppliers, kickbacks and conflicts of interest continue to be one of the most common sources of financial loss for many organisations.
  • Intentional misstatements or misclassification of revenue, costs or inventory to conceal red flags.
  • Diversion of donor funds in NPOs, including fake beneficiary lists and inflated program expenses.
  • Cyber-enabled fraud schemes such as phishing, deep fakes, impersonation emails and ransomware, which are increasingly used to bypass internal controls.
  • Payroll and HR fraud, such as fraudulent overtime, ghost workers and falsified staff expenses.
     

Practical strategies to strengthen fraud risk management

While the fraud landscape is shifting, organisations can reduce exposure by embedding simple but effective practices. Some of the strategies we regularly recommend include:

  • Conducting periodic fraud risk assessments to identify vulnerabilities in high-risk processes such as procurement, cash handling, inventory, payroll, e.t.c.
  • Strengthening internal controls and segregation of duties especially around approvals and payments processing.
  • Regular evaluation of design adequacy and effectiveness of internal controls
  • Using data analytics and continuous monitoring to flag anomalies in transactions, duplicate payments and suspicious employee–vendor relationships.
  • Establishing or enhancing whistleblowing mechanisms to ensure confidentiality, non-retaliation and timely follow-up on reported concerns.
  • Targeted training and awareness sessions for staff so they can recognise red flags, understand policies and appreciate their role in preventing fraud.
  • Setting the right tone at the top and assigning clear accountability to business unit leaders responsible for both preventative and detective controls, fostering a culture of ownership
     

Across most fraud investigations and anti-fraud advisory engagements, several themes consistently emerge:

  • Most losses stem from basic control gaps -missing documentation, weak reviews or overrides by key management or trusted staff.
  • Collusion is a major challenge where fraud often succeeds when multiple employees collude or work together to bypass controls.
  • Organisations that invest in proactive measures such as clear policies, surveillance tools, internal audits and training recover faster and experience fewer repeat incidents.
  • Organisations with strong ethical leadership, transparent decision-making and open communication channels experience significantly lower fraud incidents.

With the right systems, people and culture, fraud can be deterred before it happens. For organisations seeking to strengthen their fraud risk management frameworks or investigate emerging concerns, our Risk Advisory team is ready to support with practical, experience-driven insights.

 

Caveat

This publication has been prepared by RSM (Eastern Africa) Consulting Ltd, and the views are those of the firm, independent of its directors, employees and associates. This publication is for general guidance, and does not constitute professional advice. Accordingly, RSM (Eastern Africa) Consulting Ltd, its directors, employees, associates and its agents accept no liability for the consequences of anyone acting, or refraining from acting, in reliance on the information contained herein or for any decision based on it. No part of the publication may be reproduced or published without prior written consent. RSM (Eastern Africa) Consulting Ltd is a member firm of RSM, a worldwide network of accounting and consulting firms. RSM does not offer professional services in its own name and each member firm of RSM is a legally separate and independent national firm.