Firstly
cultivate anti-fraud awareness and create an anti-fraud control environment, including establishing the tone of top management and promoting professional ethics , linking incentive and restraint mechanisms with ethical behavior. In addition to long-term promotion and cultivation of a corporate culture of integrity, companies should also consider strengthening the functions of the board of directors and improving the corporate governance structure to check and balance power.
Second
Conduct a fraud risk assessment and identify fraud risk factors. Methods for risk assessment and identification include questionnaires, interviews and workshops, as well as analysis of known fraud incidents. In China's operating environment, conduct due diligence on business partners (such as customers, dealers, suppliers, etc.) by searching public records and media information. ) and business model, and assess the possible fraud risks under the existing business model from the root. For example, in China, many industries need to expand sales channels through third-party distributors, and third-party distributors usually set up lower-level distribution networks in different regions and channels. Therefore, the assessment of fraud risk must have a comprehensive and complete process risk assessment, focusing on the entire distribution network, including the flow of goods and documents between distributors at all levels, IT system support, commercial terms in contractual and non-contractual business agreements, The contract model between distributors and end customers (rebates, commissions, various channel fees, etc.). ), and compliance.
Third
Identify internal controls targeting fraud hotspots and evaluate the effectiveness of internal control design and operation. The most common such control activities include: formal authorization and approval systems, separation of incompatible positions, asset security control systems (including the secure management of physical assets and confidential information), and rotation or mandatory leave arrangements for sensitive positions. However, even if the above controls exist, it still needs to be considered whether management has exceeded these controls through some improper means. For example, in China, methods such as abusing official seals, signing yin and yang contracts, tampering with accounting records, and directly modifying system documents are often used to exceed control.
Fourth
Establish a continuous monitoring mechanism to continuously monitor the effectiveness of internal controls through self-assessment, internal audits, and internal and external reports. An independent and effective internal audit function, as a bridgehead for fraud prevention, can help management continuously monitor the company's internal control system and prevent potential fraud. The role of internal audit in fraud prevention is closely related to its reporting relationship and scope of responsibilities in the corporate organizational structure. Generally speaking, the more independent internal audit is and the broader its responsibilities, the greater its role.
Fifth
Establish a fraud incident register to record in detail the process, impact and solutions of known fraud incidents and reported incidents. These events are analyzed and rated, and reported to management and the board of directors in a timely manner to further assess the effectiveness and applicability of relevant controls.
Sixth
Conduct regular anti-fraud training, including regular training for the board of directors, headquarters and branch management, and strengthen corporate culture, professional ethics, and Training on conflicts of interest and reporting channels, and anti-fraud training for external business partners (such as customers, dealers, and suppliers) to ensure that internal and external personnel understand the company's anti-fraud regulations and internal control measures.
Seventh
Review the anti-fraud management framework every year to assess whether the current framework adapts to changes in the internal and external environment of corporate operations, and identify the anti-fraud management framework based on the fraud loopholes discovered in the past. Opportunities for improvement.
Eighth
Based on the evaluation results of the previous step, make appropriate modifications and improvements to the anti-fraud management framework, and obtain approval of this change from the board of directors and management. Changes to the framework should be documented in version control and promptly trained and communicated to employees and external stakeholders.
Search International Registered Fraudsters to learn more.