The basics

Despite New Zealand's generally "clean" image, fraud is a fact of business life here. Anyone who has been defrauded knows that the financial loss is only part of the cost – there's also the loss of trust in workmates and colleagues, the loss in productivity when assessing and repairing internal systems, and the sense of betrayal.

Some definitions

Fraud is an intentional act by one or more individuals involving the use of deception to obtain an unjust or illegal advantage.

Corruption is the abuse of entrusted power for private gain (such as soliciting or receiving gifts or other gratuities to perform an official duty or omit to perform an official duty). Corruption is a type of fraud, and it includes bribery.

Public organisations need to make sure that they have the right controls and the right culture for detecting and preventing fraud and corruption.

Does an auditor look for fraud?

In short, no. This is a very common misunderstanding about what an audit involves, but auditors are not looking for fraud. The aim of the audit is to give an independent opinion on the financial and service performance reports and control systems. The auditor might uncover fraud during the audit, but it isn't the focus of the audit.

Getting the controls right

The main way that fraud is detected is through an organisation's internal controls. This means that the controls are working.

Organisations can't prevent all fraud from happening, but the people in charge can put time and effort into making sure that the controls designed to keep an organisation safe are up to date and remain fit for purpose. This is an essential part of managing risk, and one of the most important responsibilities of those in charge.

Good systems can include:

  • having a staff Code of Conduct and communicating about it regularly;
  • having a fraud prevention policy and both communicating and reviewing it regularly;
  • reviewing fraud controls regularly – annually or every two years;
  • managers who understand their responsibilities for preventing and detecting fraud;
  • employees who understand their responsibilities for preventing and detecting fraud;
  • a clear policy on accepting gifts or services;
  • screening new employees, including criminal history checks;
  • due diligence checks on new suppliers, including credit checks and checks for conflicts of interest; and
  • offering fraud awareness training for staff.

Getting the culture right

Minimising the opportunity and removing the temptation to commit fraud are the best ways that organisations can protect the public's resources. This can be done by building a culture where governing bodies, managers, and staff are receptive to talking about fraud. Fraud is less likely when people know that the likelihood of being caught is high.

Managers need to talk to their employees to promote fraud awareness and existing policies and procedures – and do so regularly.

Managers also need to actively consider reporting each case of suspected fraud to enforcement agencies. Not every case will result in prosecution but reporting allows the system to work as intended and sends a strong message about an organisation’s zero tolerance for fraud. This also helps protect the public sector as a whole.