Fraud Detection and Prevention
Close the stable door before the horse bolts
Are you doing enough to protect your organization from fraud?
News headlines and economic crime surveys remind us regularly that fraud is prevalent.
Frequently committed by a company’s own employees, it can go undetected for years and involve huge sums of money as well as damage to reputation and share price.
The need to prioritize strategic IT projects, combined with the cost and effort of implementing effective ERP security and controls, often means that security projects are postponed indefinitely.
Or at least until fraud occurs or auditors intervene.
Ineffective controls can jeopardize the success of your audit
To protect the interests of stakeholders, auditors look for evidence of appropriate access controls and Segregation of Duties – even for companies who are not subject to Sarbanes-Oxley or similar regulations. Failure to provide satisfactory evidence can lead to a qualified audit.
But without specialized tools it can take an inordinate amount of work and technical expertise to implement effective controls – or even to produce the information that auditors require.
Practical steps you can take to reduce the risk of fraud:
- Undertake an audit of your ERP system security to ascertain its effectiveness and identify vulnerabilities.
- Define a Segregation of Duties (SoD) policy that is geared to your company’s areas of risk.
- Automate SoD reporting so that you can regularly check for users with violations.
- To keep access clean, check for potential SoD conflicts before new access rights are assigned.
- Review access regularly to make sure that users' access is in line with their current responsibilities and redundant rights are removed.
- Monitor changes to critical data, such as Bank accounts, which could be a sign of fraudulent activity.
We have specialized tools and services which help you reduce your risk efficiently and cost-effectively.