Story image

Three ways organisations can prevent fraud and enforce policy compliance

07 May 2018

Business insiders are the most common perpetrators of business fraud, making up 36% of all fraud attributed to business management, a 2017 survey from KPMG says.

But how can Australian organisations safeguard against the threat of inside jobs? SAP Concur says it requires proper controls to catch fraud before it happens.

As employees spend more money across different categories and use more payment methods, this leaves organisations vulnerable to fraud and compliance risks – unless they look at solutions that keep pace with employee spending.

SAP Concur’s managing director for Australia and New Zealand, Matt Goss, explains:

“Many organisations think their policies and processes are good enough because they either haven’t had a major issue to rectify, or trust their employees to be honest about their spending. However, there are many things to consider including visibility, security, and compliance. Businesses need the right tools, policies, and procedures in place to bring risks under control.”

The company says there are three ways organisations can prevent fraud and enforce policy compliance.

1. Update policies 
When spending is less structured and centralised, businesses experience gaps in spend data and lose oversight. This is why policies need to be current, have realistic boundaries, and be clearly understood by all employees.

It’s also important to adjust policies to meet spending patterns or needs that may have changed. For example, an increased reliance on mobile devices may result in higher phone bills. Employees should be informed about appropriate expenditures, and procedures if a policy is violated. 

2. Plug any leaks 
Organisations should take some time to review receipts to see if expense reports are matching up. The best way to get a tighter control on expense management is to introduce a corporate card.

This lets businesses monitor employee spending behaviours, eliminate costly mistakes, audit expenses efficiently, and improve compliance. 

3. Automate routine tasks 
Comprehensive, easy-to-understand policy is as important as technology. Manual data entry can account for many issues, including typos, counting receipts twice, or calculation mistakes, which can be mistaken for fraud.

An automated solution that integrates travel, expense, and invoice data creates a centralised information source that brings risks under control. It also gives finance leaders greater visibility into spend. 

 “Adopting a zero-tolerance policy and shining a light on fraudulent behaviour are the most effective ways organisations can deter further fraud,” Goss says.

“Organisations should ensure their processes follow industry best-practices, resulting in time and money savings, and an overall improved experience for employees.” 

Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”
CylancePROTECT now available on AWS Marketplace
Customers now have access to CylancePROTECT for AI-driven protection across all Windows, Mac, and Linux (including Amazon Linux) instances.