Everything is connected, is it?

If one wants to have a robust controls framework one can not chose to leave any area out of the scope. It starts from controls around hiring (background checks, sourcing of profiles, vendor payments, staff referrals etc), how the processes are designed (you don't want to provide opportunities by having deficient processes)- number of controls doesn't matter, it's the effectiveness which matters most -prevention/detection related controls should be part of process design, procurement function (vendor selection, transparent bidding etc), IT controls & most importantly when a new system is being bought/old system being replaced, a comprehensive UAT covering all the aspects, you don't want to leave anything to chance. Above all a well designed process which allows staff/vendors to report wrong doing,  & action to be taken in case a event happens.

I think designing controls is just half the work & unless these are periodically tested, one can not provide assurance to stakeholders about their effectiveness. One control failure could have a domino effect, as they say a chain is as strong as it's weakest link. 

Comments

Post a Comment

Popular posts from this blog

Journey from counterfeit cigarettes to missile launchers

Great work done by law enforcement agencies in USA, one thing I liked most about this investigation was that when they started the investigation it was about smuggling of counterfeit cigarettes but concerned officers didn't brush it off by thinking it as innocent smuggling and later on same set of criminals also got involved in smuggling of weapons. Same has happened in India in 1990s but i think people involved in it didn't realize that routes for smuggling of goods can also be used for smuggling of weapons. I am tempted to compare this with frauds in corporate sector wherein at times people think that if somebody has inflated conveyance claim it's not a big deal and it's just a small amount. They don't realize that same guy would over a period graduate to other bigger frauds as he has tasted blood once and just like Vampries ( I loved the Edward and Bella series) once some one has tasted fruits of fraud it's very difficult to control it.
Read more

Fraud Prevention-Line or support function

Fraud prevention is often treated as a cost centre rather than a strategic business unit.what can anti fraud professionals do to change the perception.i truly believe that if collections can be treated as a line function then Fraud prevention cell too should be treated as a line function rather then a support function.I feel that this unit is always treated as a supprt unit due to which it doesn't get it's dues.I feel that if goal sheet for the unit is revised to show more of tangible results then it may help in changing the perception.At the same time repositioning is required to move potential savings to actual savings.one step could be to conduct fraud checks at the end of all process so that true savings can be shown.for eg post credit sampling would highlight cases with ctaual savings as all these are approved cases.would like to hear other thoughs about this
Read more