Managing the Fraud (2)



Fraud is a serious and costly issue for every company. In recent years, there has been an upward trend in fraud cases. Fraud management has become a hot topic, arousing people’s attention to fraud risk management. However, many companies still do not have formal systems and procedures in place to prevent, detect and respond to fraud.

In this newsletter, we will continue to discuss the key principles for establishing an environment to manage the company’s fraud risk effectively, including fraud prevention, fraud detection  and fraud investigation and corrective action.



Fraud Prevention and Detection

Fraud prevention encompasses policies, procedures, training, and communication, while fraud detection involves activities and programs designed to identify fraud or misconduct that is occurring or has occurred. To minimize fraud risk, fraud prevention and detection techniques should be established.

Fraud Prevention Techniques
Fraud prevention techniques to avoid potential key fraud risk events should be established, where feasible, to mitigate possible impacts on the company, which involve human resources procedures (e.g. anti-fraud training, background investigations on new staff), authority limits and transaction level procedures.

Fraud Detection Techniques
Fraud detection techniques should be established to uncover fraud events when preventive measures fail or unmitigated risks are realized, which include whistleblower hotlines, process controls and proactive fraud detection procedures.

The company should formally document the techniques developed and implemented to prevent and detect fraud. Besides, the company should periodically reassess their fraud prevention and detection techniques. Timely and sufficient corrective measures should be taken with respect to any noted control deficiencies or weaknesses.



Fraud Investigation and Corrective Action

A reporting process should be in place to solicit input on potential fraud, and a coordinated approach to investigation and corrective action should be used to help ensure potential fraud is addressed appropriately and timely.

  • Fraud investigation and response protocols – Develop a system on receiving and evaluating the allegation promptly. A consistent process for conducting investigation should also be established.

  • Conducting the Investigation – Develop a plan on conducting the investigation. Steps of the investigation should be tracked and properly documented.

  • Reporting the Results – Determine the appropriate reporting line and form of the report.

  • Corrective Action – Determine the necessary action to take in response to the findings.

  • Measurement – Set up customized indicators on measuring the investigation, for example, issue resolution time, repeat incidents and value of losses recovered and future losses prevented.



Although eliminating all fraud risks is most likely unachievable or uneconomical, company should take the initiative to mitigate possible fraud risks. The establishment of effective fraud risk governance, thorough fraud risk assessment, strong fraud prevention and detection as well as coordinated and timely investigations and corrective actions can effectively minimize losses incurred.


Source from:

Managing the Business Risk of Fraud



If there are any aspects which we may assist, please do not hesitate to contact our partner Mr. Roy Lo at 3583 8048 ( or our Risk Manager Ms. Gloria So at 3583 8517 (


SHINEWING Risk Services Limited