Fraud is a serious, underestimated and often unchecked problem. Fraud against Commonwealth entities is driven by many factors, including vulnerabilities in policies, processes and systems that enable opportunistic individuals to take advantage. Every Commonwealth entity is exposed to fraud of some form, but because it is usually hidden from sight, constantly changing, and not well understood by most people, the risks and impacts of fraud are often underestimated and overlooked. If left unchecked, fraud can seriously harm Commonwealth programs, officials, service providers and members of the public. 

If an entity knows where it is vulnerable, it is better placed to design suitable countermeasures (also commonly called controls) to prevent fraud occurring or reducing the impact when it does.

Fraud risk assessment is a specialist area of risk management. Accurately assessing fraud risk is therefore a professional exercise that requires knowledge of fraud methods and enablers, risk management processes and an entity’s business processes and systems. The process requires coordination and collaboration across multiple business areas.

Larger entities with more extensive fraud risk profiles due to the nature and size of their functions may consider establishing a dedicated fraud risk management committee. This committee should not replace senior officials’ commitment to the fraud risk assessment process, but act as a forum for senior officers to better understand fraud risks and fraud countermeasures. Such a committee should include senior officers from across the entity to provide a balanced approach and help engagement with staff and relevant stakeholders.

An important consideration when analyzing a fraud risk is the nature, extent, and effectiveness of fraud countermeasures. There are new risks for which no countermeasures have been developed or implemented, or an existing risk with countermeasures that may have known vulnerabilities. The effectiveness of any existing countermeasures can have a direct influence on the likelihood of fraud risks being realized.

This step in the fraud risk assessment process requires input from the business unit(s) being assessed, and any additional subject matters experts who may add value to the process. This step can be conducted in a workshop setting or structured discussion. However, for large, complex programs or functions it may be more suitable to have separate workshops or discussions for these steps in the risk assessment process.

At OPS we know the factors that must be considered to detect this practice. Our team of curatos are up to date and trained to achieve precise results in the shortest possible time.