Why Your Organisation needs an Effective Fraud Control Strategy
- Jeff Williams

Fraud is rising at an alarming rate and it thrives in both recessions and when economies are going well.

When the economy is doing well businesses are so busy making money that they do not have time to worry about fraud and do not notice their resources being siphoned away. When the economy is in a recession, businesses cut back on staff and other controls that limit the opportunity of fraud. Fraud is a recession proof industry.

Armed robberies may get the headlines but fraud is what really costs the community and it costs every one of us because the costs are passed on to all of us through higher insurance premiums, higher prices and taxes.

A recent survey conducted by a leading accounting firm found that the average firm loses about five percent of its revenue because of fraud. Many businesses earn net profit of about ten percent of sales. If fraud is about five percent of sales then businesses could increase their profits by fifty percent if they fraud proof their operations.

Why is there so much fraud?

The fraud problem has grown for a number of reasons, including globalization, greater technological change, increased alienation and isolation, societal influences and low risk and low penalties.

	It is now possible to perpetrate a fraud in another country without crossing your doorstep.
	As technology changes new opportunities arise for perpetrating fraud.
	Many people claim that there has been a decline in respect for the law over the last few years. When people become more self-centered and less interested in society, there is likely to be an increase in fraud.
	If someone perpetrates fraud there is a reasonable chance that the fraud will not be discovered, if it is discovered there is a reasonable chance that the victim will not be able to identify who carried out the fraud. If the person is identified there is a reasonable chance that the victim will not want to prosecute the perpetrator. If prosecution is desired it may be too difficult to collect enough evidence. If enough evidence is collected the judge may still let the perpetrator off. Thus the risks of going to jail for committing fraud are VERY LOW.

So what can you do?

There are many things that you can do to protect your organization from fraud. If we do nothing we will inevitably be victims.

The most essential thing to avoid being a victim is to realize that fraud can happen to you. Most fraud occurs because businesses think that they won't be defrauded, and therefore are caught off guard.

An effective Fraud Control Strategy is about more than catching people who do defraud us. It is about:

	Preventing people wanting to defraud us in the first place.
	Having controls in place to prevent fraud.
	If all frauds cannot be prevented we want to ensure that if any frauds are perpetrated that they will be detected.
	Dealing effectively with frauds that are detected.

Contributor – This article is contributed by Jeff Williams, an anti-fraud expert in Asia Pacific. He is also the Course Director for a master class on Corporate Fraud Control Strategy held in Asia. For more information, call Ms Nori on tel: (65) 6473 3158 or click here to contact us (info@dzhampton.com).

Are You Ready to Cope with the UNEXPECTED?
- Don Brooks, CBCP, Canada

It is 3:30 am and you, have been awakened by the incessant ringing of the phone on the bedside table… half alert and still half asleep, you have impressed into your consciousness these chilling words… “Hello Bill? Bill, can you hear me? It's Frank! We've had an accident at Head Office earlier this morning. As far as I've been able to find out, a Diesel Engine exploded when our Technician tried to start it. There has been a Fatality! Bill, there is more! The explosion has destroyed the Commercial Power feed into our building, and we have no power… The Police are here, and Government Safety Officers are on their way. We need you here Bill – now!”

	Do you, or your company, have a Business Continuity Management Process in place so that action could begin immediately to contain and control events as they begin to unfold from this unexpected incident?
	Will this emergency escalate into catastrophe?
	Is there an Emergency Management Team identified, with operating processes defined, incumbents and their alternates identified and trained, to become activated and operational immediately?
	A defined and alternate place to meet to co-ordinate the necessary action(s) required, keeping the company functioning?
	Are pre-arranged and tested plans in place to cope with these ever-widening ripples of impact?
	Are these Plans based on solid Business Continuity Planning Principles and ‘Best Practices'?

Has Risk & Threat Analysis' been completed? Has there been an ensuing Business Impact Analysis [BIA] conducted? Have meaningful and effective Strategies been formulated from that BIA? Have Disaster Recovery and Business Resumption Plans been developed, Tested & Validated? Are you ready for the unexpected? Or are you thinking maybe we'll just get lucky this time?

For those of you who have ‘A Plan-in-place', when was it last Tested & Validated?

Business Continuity Planning [BCP] is an evolving discipline. Business changes, Technological advances, regulatory requirements, and new threats have all exerted evolutionary pressures. As a result, what were accepted BCP ‘best practices' only a few years ago are, in many cases, no longer adequate. To ensure the ability to survive potential disasters, organizations need to continually rework, or even re-invent, their Business Continuity strategies, plans and programs. Those that do not may lack the fitness to survive a major disaster.

If you are not familiar with terms such as:

	An acceptable Recovery Time Objective (RTO), the amount of time you have to bring a System back online, before it significantly and unacceptably impacts business.
	Acceptable Recovery Point Objectives (RPOs), the measurement of how much data the organization can conceivably lose during an emergency before it meaningfully [unacceptably] affects business.

These concepts are not new to Disaster Recovery Planning, but DRP is only part of the solution… Business Resumption Planning addresses the Operational aspects of business, and Crisis Management is an overall umbrella process necessary to contain & control… without these processes clearly defined, developed, implemented, tested & validated, you have no meaningful way to cope with the unexpected.

Due Diligence requires that Executives not only be aware of these requirements, but to have:

	developed Corporate Policy relative to these issues;
	have that Policy promulgated down through the organization;
	and have a process of Auditing to ensure that the Policy is in fact followed… Are you on board?

Or are you just hoping that nothing serious happens while you are in this responsible and accountable position? Preparedness Planning is an integral aspect of good governance… Being prepared is required… if not… just think of the consequences!

Contributor - Don Brooks is a Certified Business Continuity Professional, with a wealth of experience in training and consulting services involving extensively on Disaster Recovery (DR), Business Continuity Planning (BCP) and crisis management. He will be conducting an in-depth 2 day master class on Establishing a Robust BCP for Business Resilience in Asia. For more information call tel: (65) 6473 3158 or click here to contact us (info@dzhampton.com).

Why Knowledge Management?
– Dr. Rod Dilnutt

Knowledge Management as an academic and business discipline has been evolving over the past ten years. The first movers tended to be those large multinational companies such as Shell, BP, Hewlett-Packard. Ernst & Young and McKinsey. These companies realised the value of their knowledge asset and the productivity and innovation opportunities they could realise by collaborating and sharing. The practices of these firms now act as industry benchmarks.

The KM industry is now at a point where there are two waves of maturity in KM.

Firstly, there are those Organisations that have been doing KM for some time and have institutionalised knowledge management within core business operating systems.

Secondly, many organisations that have not yet commenced the journey are seriously considering and developing KM strategy. These organizations have the opportunity to leverage the learnings of the leaders.

In 2004 most organisations have commenced the Knowledge Management journey are considering how best to build and sustain capability.

Knowledge Management is multi-disciplinary. Consequently, consequently knowledge management must be approached from many dimensions in order to build our understanding of the issues, obstacles and opportunities that contribute to improved productivity and social capital.

Knowledge Management has also suffered from the technology hype that came with Y2K as companies invested in technology to solve a multitude of issues. Following Y2K executives are faced with the dilemma of how to leverage this investment and how to engage the people of the organisation to become more productive. Unfortunately many technology implementations have failed to live up to expectations and executives are realising it is the role of people and culture in creating an environment conducive to knowledge sharing that is the real need.

Because of the intangible nature of knowledge itself the issue of how to link the KM investment to be bottom line has proven difficult although not impossible. Some companies are prepared to accept the intrinsic value of their KM programme on faith whilst others need to see the realizable benefits. Some examples include:

Government Treasury Organisation that developed its KM strategy identifying initiatives focused around Technology, Process, People and culture that realized a return on investment of 385%.

International Banking organisation implemented standardised disciplines around managing its know ledge asset ensuring staff had access to what they needed, reported 25% improvement in customer satisfaction translating into improved revenue stream.

Oil & Energy Organisation having better access to expertise was able to reduce the exploration timeframe by 15% which realized $5million annually.

In time knowledge management will become standard business practice. The future business environment will become increasingly unforgiving towards those organisations that fail to manage their knowledge asset. Not only will these organisations be maintaining inefficient work practices and inheriting associated cost but they also hamper their capacity for growth and innovation.

Further, effective knowledge management practices are becoming an expectation among the knowledge workers upon which organisations rely will be attracted to competitors with better work practices. In the final analysis optimized business performance brought about by effectiveness knowledge management depends on leveraging the collective expertise of the people of the organisation. Without a culture of sharing and collaboration it will be difficult for many organisations to survive.

Knowledge Management requires a holistic approach to leveraging expertise, technology, and process under a strong governance structure. The knowledge management journey need not start with a big bang' but strong executive support is required. Most organisations are already practicing sound knowledge management practices and as a first step knowledge management must recognize and align these initiatives and build organisational capability for their engagement.

There are a wealth of case studies, best practice research, educational material and specialist advisors available to assist. And it is for each organisation to select those tools and techniques that suit its business context. From this point the organisation can build its capability in knowledge management. Of paramount importance are the people of the organisation and building their support and engagement in order to create the culture that values sharing and collaboration that is needed to foster continuous improvement and innovation.

Contributor – Dr. Rod Dilnutt, Senior Research Fellow at an Australian University. He runs his own consultancy firm, and has vast experience in helping many organisations implementing KM strategies. He will be conducting a 2-day KM Master class on “Developing and Implementing an Effective KM Strategy” in Asia. For more information call tel: (65) 6473 3158 or click here to contact us (info@dzhampton.com).