Top 10 focus areas to mitigate fraud in a disruptive time

Organizations worldwide are slowly trying to recover after a disruptive event caused by the pandemic. Along with this push to restart operations, drastic changes in ways of doing business are inevitable. The shift to work from home setup, transition to a digitally inclined process, reliance on electronic supporting documentation and communication, and circumvention in an ad-hoc manner to address emergencies are some few changes that a lot of organizations are adopting  these days to survive and continue.

What comes with these changes are opportunities for fraudsters to take advantage of. To make it even more disconcerting, fraudsters will leverage the uncertainty and anxiety that comes with the unexpected events and sudden changes.

In a recently released thought leadership by PwC India, they summarized top ten areas that need attention in a disruptive situation from a forensic perspective. These focus areas appear to be relevant within the Philippine context and environment as well. Since fraud incidents in 2020 have not diminished and may be on the rise based on our Global Economic Crime Survey (GECS) - Philippine report in 2016, 2018 and 2020, these focus areas appear to be even more significant in the midst of a disruptive time.

1. Build trust in financial information

Due to the slowdown in business, financials may be badly hit, and the pressure to misrepresent financial information may arise. While users of financial information will be inquisitive about the current and future state of the organization, businessmen are expected to act with integrity and be transparent in capturing the reality of their business in their financial statements.

2. Refresh fraud and misconduct risk and controls

Attached to workarounds and sudden changes in ways of doing business are the risks and control ineffectiveness. Therefore, when transitioning to new ways of working, organizations must reassess the risks and adjust the controls accordingly. Key fraud risks that require extra attention are financial crime (e.g. bribery and corruption, money laundering), supply chain related fraud, and internal fraud (e.g. asset misappropriation, payroll or reimbursement fraud).

3. Safeguard business interests

Organizations must also be mindful of potential external threats – fake news, privacy and confidentiality threats are just some of the potential attacks that can hit a business. These call for better safety and security of data. Though it may appear challenging due to the lack of oversight over off-site connections of employees, companies must consistently campaign for awareness and communicate easy-to-understand guidelines and protocols on data and cyber security.

4. Protect against accentuated insider threats

Your people inside the organization are more likely to be the first people to become aware of the vulnerabilities caused by the changes in your business. As observed in our 2020 GECS - Philippine report, the biggest frauds are committed by those working in the company for half of their lives. It is important, now more than ever, to promote awareness on fraud risks, code of ethics, relevant policies and procedures and whistleblowing programs to foster a culture of compliance.

5. Safeguard against amplified fund diversion

Constrained liquidity may create pressure to organizations to transfer funds in order to keep the business open. For example, unauthorized intercompany or business unit transfer may be committed to maintain financial stability or to show the illusion of business activities. These may be due to the requirements of bank loan facilities or other investors or due to performance metrics expected from business leaders. Unauthorized fund diversions can be mitigated if diligent monitoring of data and accounts will be implemented more frequently now compared to the pre-pandemic era.

6. Adapt to the paradigm of new whistles

Today and in the future, we can expect more virtual interaction that disables our oversight. Whistleblowing programs have been proven instrumental in the early detection of fraud and economic crime incidents. By having a well-functioning whistleblowing platform and hotlines, companies are empowering its people to be their extra eyes and ears to stay informed of any suspicious activity in the organization.

7. Manage third party risk significantly

Due to disruptions in the supply chain, organizations are compelled to resort to alternatives and observe fewer controls due to urgency. Companies must now reassess its dependencies and business relationships by answering the questions “To which third party do the stricter rules apply?” and “Which third party can be trusted?”

8. Prepare for deeper and intense regulatory probes

In a disruptive environment, regulators recognize the need to be stringent in enforcing regulations, especially those that affect the economy. Tax, data privacy, anti-money laundering, anti-bribery and corruption, and antitrust or competition laws are just some of the regulations that may have heightened enforcement. Regulators are likely to impose extensive compliance review upon companies. In this regard, companies must ensure compliance with complete documentation and must be ready to cooperate should investigation be required.

9. Accelerate digital transformation of forensics

In this year’s GECS, emerging and advanced technologies in fighting fraud appear to be the least considered solution in the Philippines. It is either because of its cost or the lack of knowledge about the likes of artificial intelligence and predictive analytics. In this time of pandemic, work from home, lockdowns and social distancing push us to move to digital platforms and this will create lots of digital data. Therefore, to fully benefit from digitalization, companies must know how to make sense of its data that can make organizations aware of what is happening and can potentially happen to the business.

10. Renew commitment to crisis management

The experience brought by this crisis made us realize that anticipation is prevention. Many organizations are closing due to the lack of preparedness for a worst case scenario. Companies may want to rethink its crisis management that will enable the business to emerge stronger from this challenging and unexpected event.

In this time of crisis, we do a lot of rethinking and innovation to keep the business afloat. To keep an eye on emerging fraud risk in this disruptive time, there are four practical action points to keep in mind: (1) raise awareness on new risks; (2) remind incident reporting protocols to relevant stakeholders; (3) adapt sufficient due diligence to address third party risks; and (4) keep as many audit trails as possible. Above all these, be vigilant at all times.