Analysis means that after every fraudulent loss, the victim should examine the entire situation of the fraud, carefully taking into account which internal controls failed to either prevent the fraud, or failed to identify the fraud earlier.
The purpose of this stage is to learn from prior mistakes, and to ensure that the same mistakes aren’t made in the future, to protect the organization from further losses. If this step isn’t taken into consideration, the aftermath would be that the organization exposes itself to similar, re-occurring fraud. It is recommended to maximize the analysis stage, that after every fraud, all the parties involved should brainstorm new fraud prevention methods, ensuring a greater success rate.
It can be beneficial to publicize details of fraud, if the delicate details and names of offenders are left out, except if the entire disciplinary process has been completed up to the final appeal or CCMA resolution, to ensure that no person’s reputation is slandered.
The advantages of publication are:
• Managing the negative rumors that always arise.
• Visible signs that decisive action is taken.
• Sending a clear message about zero tolerance towards fraudulent activity.
• And lastly, the deterrent effect it has if a person has been “named and blamed”.
As stated in the analysis stage, fraud occurs if internal controls aren’t effective enough, and the ideas that were brainstormed should now be implemented to ensure that internal controls are effective enough to identify and prevent fraud.
Implementing controls consists of better segregation of duties, greater supervisory controls, and better custodial controls.
Testing and training:
After implementing controls, the new internal controls have to be tested, and staff members need to be trained on their new and improved responsibilities regarding the new internal controls.
This stage is used to maximize the efficiency and effectiveness of the implemented controls, and to ensure that the whole process is a success.
Proactive fraud auditing:
The best way to protect an organization against fraud is by identifying it as soon as possible, making sure that the losses are minimal, and the perpetrator is caught, and in effect, not suffering devastating long term fraud. Actively seeking out fraud is better than accidental discovery, and should be performed by suitably qualified people who should carefully identify and consider all red flags. After every fraud in a department, all other departments should be tested for similar frauds, based on red flags identified during the analysis stage. Basically the proactive fraud auditing stage is to get all the bad apples out of the tree.