Part 2: Detailed results for local authorities
Preventing fraud
Setting the right tone with clear and consistent messages
Policies, and management's communication of policies, can set the "tone at the top". It is important that messages from managers about fraud – including the policies – are clear and consistent.
Clear and consistent messages can prevent inappropriate behaviour, provide guidance to all staff, and ensure that everyone understands their role in, and responsibility for, preventing fraud.
Local authorities continue to provide good anti-fraud frameworks by having fraud policies and codes of conduct. However, only half of the respondents said that they received regular communication about the policies and code of conduct. This is lower than the result for the wider local government sector and for the public sector overall.
For small entities, a specific fraud policy may seem excessive – what is most important is that clear guidance is accessible and understood by all staff.
Clear roles and responsibilities
A culture receptive to fraud discussions is well developed within local authorities. Respondents – 80% of the operational staff – said that senior managers understood well their responsibility for preventing and detecting fraud.
Although the culture modelled by the leaders of an entity is critical, preventing fraud is not the responsibility of any one person. Staff were less certain that employees other than managers understood their responsibilities for preventing and detecting fraud. For the statement, "I am confident that other employees understand their responsibilities for preventing and detecting the risks of fraud and corruption," 64% answered "Yes" but 21% answered "No" and 15% did not know.
In our view, all employees need to understand their roles and responsibilities so that a culture receptive to discussing fraud can be supported and maintained.
Even the most diligent employees might not identify a fraud if they have not had training, because knowing where to look and what to look for can be difficult. Most local authority staff had not received any fraud awareness training from their employer.
Pre-employment checks
Most often, it is trusted employees who commit fraud. According to our survey results, local authorities are much less likely than other public entities to check the criminal history of potential employees. Trusting employees is important, but to trust without first ensuring it is appropriate to do so exposes departments to unnecessary risk.
Due diligence checks
Many frauds occur through the use of fake suppliers or suppliers with a close personal relationship with an employee. Carrying out due diligence checks can help to mitigate the risk that suppliers can pose. Some useful checks include:
- removing unused suppliers from the system;
- requesting references or credit checks; and
- regularly monitoring the changes to supplier details.
If local authorities are carrying out regular due diligence checks, then their staff do not know about them. Only 40% of the local authority respondents said that their local authority carried out due diligence checks of new suppliers. Nearly a quarter of respondents said that their local authority did not carry out these checks, and 37% did not know.
By combining due diligence checks with awareness training and internal controls, any entity can foster a strong anti-fraud culture. Raising awareness of fraud helps build a culture that is receptive to conversations about fraud and encourages employees to come forward if they suspect anything.
Greater risk during tougher economic times
We note that 69% of respondents did not feel that their entity had a change in risk because of the current economic climate. Experience internationally generally confirms that recessionary economic climates – when staff feel less secure in their employment and increasing under pressure – present a greater fraud risk. Fraud increases because of "need" rather than "greed".
At the time of our survey, local authority employees continued to feel secure in their jobs (95%), which reflects the relatively stability of their function. However, the current economic climate has increased the pressure to perform, with 68% of respondents saying that they needed to achieve higher targets with fewer resources.
Questions 1 to 15 in Appendix 1 set out the survey response data about fraud prevention.
Detecting fraud
Regularly reviewing fraud controls
Fraud most commonly occurs when controls are inadequate and when staff do not comply with policies and procedures. Although entities should be able to trust their employees to do the right thing, having trusted employees is not a fraud control. The likelihood of being discovered is often a strong deterrent for those contemplating wrongdoing, but internal controls and culture play a critical role in preventing and detecting fraud.
The pace of change in many work environments means that the process of ensuring that fraud controls align with the business should be an ongoing exercise. The only way to successfully achieve this is a proactive approach to reviewing controls, training staff, and reducing risks.
Only 50% of respondents said that their local authority regularly reviewed its fraud controls.
Making it easy for staff to raise concerns
Local authority respondents were just as likely as those working in the local government sector and those in the wider public sector to say that their organisation encourages staff to come forward if they see or suspect fraud or corruption (the affirmative response rate for all three groups was 88%).
Local authority respondents (91%) were slightly less likely than those working in the local government sector (93%) and those in the wider public sector (95%) to say that they could safely raise concerns and know that their concerns would be taken seriously.
All public entities are required to have a protected disclosures policy. A quarter of the respondents said that either their local authority did not have such a policy or they were unsure whether their local authority had such a policy. Staff might not know that their local authority has such a policy if they are not told (and, ideally, regularly reminded).
Monitoring staff expenses and credit card spending
Respondents confirmed that their local authority was monitoring staff expenses and credit card spending. The percentage of "Yes" responses to the question about monitoring staff expenses was slightly lower for local authorities (93%) than it was for the local government sector (94%) and those in the wider public sector (97%). The responses about credit card spending for these three groups were more closely matched (89%, 90%, and 90% respectively).
Questions 16 to 22 in Appendix 1 set out the survey response data about fraud detection.
Responding to fraud
Telling staff about incidents of fraud
The public sector has an obligation to not tolerate fraud. The survey responses provide some assurance that local authorities have good policies and procedures, and that staff have confidence that steps are taken to reduce risks before they occur. Despite this, local authorities could respond better to incidents of fraud.
Respondents told us that managers in their local authorities were not communicating incidents of fraud to all staff. When asked about this, nearly half the respondents said that this sort of communication did not happen. By not communicating their responses to fraud, management can discourage staff from raising concerns.
Senior managers should consider communicating incidents of fraud to their staff when they occur (subject to any legal constraints). This will help to promote the message that fraud and any associated misconduct are taken seriously. Informing staff about fraud is a vital part of building a culture that promotes fraud awareness. The actions that managers take set the tone in any entity, and poor decisions can erode staff confidence.
Referring suspected fraud to the appropriate authorities
Most respondents (81%) believed that their local authority would refer suspected fraud to the appropriate law enforcement agency. In reality, the percentage of suspect fraud incidents referred to authorities was low.
We know that many entities are reluctant to bring criminal charges against their employees because of materiality – but also because of the time and costs of preparing a case, resolving matters in the courts, and a perception that fraud is a low priority for the Police.
However, all public sector entities are expected to consider reporting fraud to the appropriate authorities. We encourage all local authorities to do this.
Credit card and expense claim fraud
Most local authority respondents (78%) were confident that inappropriate or personal credit card spending was taken seriously and resulted in disciplinary action. A fifth of respondents did not know whether this was true of their local authority.
Respondents were slightly more certain about inappropriate expense claims, with 81% confident that any inappropriate expense claims were taken seriously and resulted in disciplinary action.
Most respondents (90%) were confident that their local authority would take all reasonable action to recover any misappropriated funds. A clear process to recover funds shows the seriousness with which fraud is taken. In our view, chief executives and senior managers need to send clear messages that they will seek to recover any and all misappropriated funds.
In our view, local authorities also need to review their internal controls after any fraud investigation to ensure that those controls are still appropriate. When a control weakness is identified, local authorities should strengthen the controls to prevent any repeated fraud and communicate with their staff about it.
Questions 23 to 31 in Appendix 1 set out the survey response data about fraud responses.
page top