Part 2: Detailed results for licensing and community trusts
Preventing fraud
Having the right framework to prevent fraud means having a code of conduct and policies about fraud, protected disclosures, receiving gifts, and using credit cards. It means making it safe and easy for staff to talk about fraud and raise any concerns or suspicions. It also means having fraud controls that are reviewed regularly, carrying out due diligence checks of suppliers, doing pre-employment screening, and providing staff with fraud awareness training.
Code of conduct and policies
Five of the nine respondents said that their licensing or community trust had a fraud policy. Only two respondents said that the fraud policy was regularly communicated.
Eight of the nine said that they had a code of conduct, and six of those said that they were regularly reminded about it.
Only two of the nine respondents said that their licensing or community trust had a protected disclosures policy, even though every public entity is legally required to have such a policy.
Two respondents said that their licensing or community trust had a clear policy on accepting gifts or services. Overall, this question in the survey generated significantly more "free text" responses than any other question. It was clear to us that many respondents have unanswered questions, regardless of the clarity of their policy.
In our view, the most important matter is the conflict of interest risk – licensing and community trust staff should always decline a gift if accepting it could influence, or be seen as influencing, their decision-making. And gifts need to be recorded in a gifts register.
Clear and consistent policies, and messages about those policies, can prevent inappropriate behaviour, provide guidance to all staff, and ensure that everyone understands their role in, and responsibility for, preventing fraud.
Clear roles and responsibilities
Although the culture modelled by the leaders of an entity is critical, preventing fraud is not the responsibility of any one person. Five of the licensing and community trust respondents said that other employees understood their responsibilities for preventing and detecting fraud.
In our view, all employees need to understand their roles and responsibilities so that a culture receptive to discussing fraud can be supported and maintained.
Respondents from all levels in licensing and community trusts (from the chief executive through to operational and administration staff) felt confident that managers understood their roles and responsibilities for preventing and detecting fraud. Five of the nine respondents said that managers told staff about incidents of fraud.
Environment receptive to conversations about fraud
All nine respondents worked in an environment where staff were encouraged to come forward if they suspected fraud. They all said that they could come forward knowing that their concerns would be taken seriously and without fear of retaliation.
Fraud controls
Fraud most commonly occurs when controls are inadequate and when staff do not comply with policies and procedures. Although entities should be able to trust their employees to do the right thing, having trusted employees is not a fraud control. The likelihood of being discovered is often a strong deterrent for those contemplating wrongdoing, so internal controls and culture play a critical role in preventing and detecting fraud.
The pace of change in many work environments means that the process of ensuring that fraud controls align with the business should be an ongoing exercise.
Six of the nine respondents said that their licensing and community trust regularly reviews its fraud controls. If an entity does not regularly review its fraud controls, it could mean that some of the fraud controls are no longer effective, because systems and processes change over time. To work effectively, fraud controls need to be reviewed annually or every two years.
Due diligence checks and pre-employment screening
Many frauds occur through the use of fake suppliers and suppliers with a close personal relationship with an employee. Carrying out due diligence checks can help to mitigate the risk that suppliers can pose. Some examples of due diligence checks are:
- removing unused suppliers from the system;
- requesting references or credit checks; and
- regularly monitoring the changes to supplier details.
Five of the nine licensing and community trust respondents said that due diligence checks were carried out. In our view, all public entities should be carrying out due diligence checks on new suppliers.
Most often, it is trusted employees who commit fraud. Trusting employees is important, but to trust without first ensuring that it is appropriate to do so exposes licensing and community trusts to unnecessary risk.
Only four of the nine respondents said that new employees undergo pre-employment screening that includes a criminal history check.
Fraud awareness training
Even the most diligent employees might not identify a fraud if they have not had training. Knowing where to look and what to look for can be difficult. Only one of the licensing and community trust respondents had received fraud awareness training at their current workplace.
By combining due diligence checks with awareness training and internal controls, any entity can foster a strong anti-fraud culture. Raising awareness of fraud helps build a culture that is receptive to fraud conversations and encourages employees to come forward if they suspect anything.
Greater risk during tougher economic times
Of all 1472 respondents to our survey, 69% did not feel that their entity had a change in risk because of the current economic climate. Experience internationally generally confirms that recessionary economic climates – when staff feel less secure in their employment and increasingly under pressure – present a greater fraud risk. Fraud increases because of "need" rather than "greed".
At the time of our survey, all nine respondents in licensing and community trusts felt secure in their employment. Only three of the nine felt under pressure to "do more with less".
Questions 1 to 15 in Appendix 1 set out the survey response data about fraud prevention.
Detecting fraud
Responding to risks
Survey participants were asked whether their entity takes proactive steps to reduce any risks when fraud or corruption risks are raised. Eight of the nine respondents from licensing and community trusts answered "Yes" to this question.
Monitoring credit card spending and staff expenses
Seven of the nine licensing and community trust respondents said that their organisation was closely monitoring credit card spending. Eight said that their organisation closely monitored staff expenses.
Questions 16 to 22 in Appendix 1 set out the survey response data about fraud detection.
Responding to fraud
Telling staff about incidents of fraud
Five of the nine licensing and community trust respondents said that their senior managers told all staff about incidents of fraud.
Communicating with staff is vital in raising awareness about fraud. Greater awareness makes it easier for staff to be vigilant, can confirm the organisation's "zero tolerance" approach to fraud, and helps to maintain an environment where it is easy for staff to speak up about risks and raise any concerns.
Referring suspected fraud to the appropriate authorities
Seven respondents expected that suspected fraud would be reported to the appropriate authorities. However, when asked about how their trusts had responded to actual incidents of fraud, three of the six who answered this question said that the fraud was not reported to the appropriate authorities.
We know that many entities are reluctant to bring criminal charges against their employees, because of materiality – but also because of the time and costs of preparing a case, resolving matters in the courts, and a perception that fraud is a low priority for the Police.
However, all public entities are expected to consider reporting fraud to the appropriate authorities. We encourage all licensing and community trusts to do this.
Any decision made not to respond to fraud can erode staff confidence in the senior management team. It can create a perception that managers are not committed enough to preventing fraud and discourage staff from reporting their concerns. Taking no action when fraudulent behaviour occurs also increases the risk that an employee suspected of committing fraud could move to another public entity and continue their dishonest behaviour.
Credit card and expense claim fraud
Seven respondents were confident that their licensing and community trust would take inappropriate credit card spending seriously and discipline the person involved. Two respondents did not know whether their licensing and community trust would take inappropriate credit card spending seriously and discipline the person involved. This suggests a need for senior managers to communicate more about the fact that inappropriate credit card spending is not only discovered through monitoring but also taken seriously.
There was the same response when respondents were asked whether inappropriate expense claims were taken seriously and resulted in disciplinary action. Seven licensing and community trust respondents were confident that action would be taken to recover any misappropriated funds.
A clear process to recover funds shows the seriousness with which fraud is taken. In our view, chief executives and senior managers need to send clear messages that they will seek to recover any and all misappropriated funds.
Questions 23 to 31 in Appendix 1 set out the survey response data about fraud responses.
page top