A weakening of anti-fraud and data security systems can happen naturally, over time and is normal – especially when things get busy. This occurs where the sage precautions and risk-avoidance measures get bypassed or ignored in practice as time goes by. This could just be the natural adjustment of systems to the practicalities of working life and busy peaks or it could be deliberate and sinister. However, with the seemingly right processes in place, top-level management are often lulled into a false sense of security that they are actually being used, whilst the fraudster is busy at work getting around them.
ACTION: Make sure you implement the suggestions of your internal compliance managers and organize appropriate training to reinforce attitudes and practice. Ensure that the control processes, especially in tendering, purchasing, invoicing and customer controls and identifications are ALWAYS kept strong, managed and regularly reviewed. Where systems/processes are under pressure when used in practice, introduce a review process – and then adapt them promptly.