first
Cultivate anti-fraud awareness and create an anti-fraud control environment, including establishing the tone of senior management, publicizing professional ethics, and linking the incentive and restraint mechanism with moral behavior. In addition to long-term publicity and cultivation of honest corporate culture, enterprises should also consider strengthening the functions of the board of directors and improving the corporate governance structure to balance power.
second
Conduct fraud risk assessment and identify fraud risk factors. The methods of risk assessment and identification include questionnaires, interviews and seminars, as well as the analysis of known fraud incidents. In the operating environment of China, due diligence is conducted on business partners (such as customers, distributors, suppliers, etc.) by searching public records and media information. ) and business model, and evaluate the possible fraud risk under the existing business model from the root. For example, in China, many industries need to expand sales channels through third-party distributors, and third-party distributors usually set up lower-level distribution networks in different regions and channels. Therefore, the fraud risk assessment must have a comprehensive and complete process risk assessment, focusing on the entire distribution network, including the flow of goods and documents between distributors at all levels, IT system support, commercial terms in contract and non-contract business agreements, and the contract model between distributors and end customers (kickbacks, commissions and various channel fees, etc.). ) and compliance.
third
Identify internal controls for fraud hotspots and evaluate the effectiveness of internal control design and operation. The most common such control activities include: formal authorization and approval system, separation of incompatible positions, asset security control system (including the security management of physical assets and confidential information) and rotation of sensitive positions or compulsory leave arrangements. However, even if the above controls exist, it is still necessary to consider whether the management has surpassed these controls through some improper means. For example, in China, abuse of official seal, signing of yin-yang contracts, tampering with account books and records, and direct modification of system documents are often used to go beyond control.
fourth
Establish a continuous monitoring mechanism to continuously monitor the effectiveness of internal control through self-assessment, internal audit and internal and external reports. Independent and effective internal audit function, as a bridgehead to prevent fraud, can help management to continuously supervise the internal control system of enterprises and prevent potential fraud. The role of internal audit in fraud prevention is closely related to its reporting relationship and responsibility scope in enterprise organizational structure. Generally speaking, the more independent the internal audit is, the wider its responsibilities will be and the greater its role will be.
fifth
Establish a fraud event register to record in detail the process, impact and solutions of known fraud events and reported events. Analyze and rate these events and report them to the management and the board of directors in time to further evaluate the effectiveness and applicability of relevant controls.
sixth
Conduct regular anti-fraud training, including regular training for the management of the board of directors, headquarters and branches, strengthen the training of corporate culture, professional ethics, conflict of interests and reporting channels in the induction training for new employees, and conduct anti-fraud training for external business partners (such as customers, distributors and suppliers) to ensure that internal and external personnel understand the anti-fraud regulations and internal control measures of the enterprise.
seventh
Review the anti-fraud management framework every year, evaluate whether the current framework adapts to the changes in the internal and external environment of enterprise operation, and identify opportunities for improvement of the anti-fraud management framework in combination with the fraud loopholes found in the past.
eighth
According to the evaluation results of the previous step, the anti-fraud management framework is appropriately modified and improved, and the change is approved by the board of directors and management. Changes to the framework should be recorded in the form of version control, and employees and external related personnel should be trained and communicated in time.
Search for internationally registered fraudsters for more information.