Professional Documents
Culture Documents
Fraud Policy V1 Mar21
Fraud Policy V1 Mar21
Fraud Policy V1 Mar21
POLICY
1
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Contents
Contents_______________________________________________________________________________________________2
Fraud Policy Statement____________________________________________________________________________3
Scope___________________________________________________________________________________________________3
Responsibilities______________________________________________________________________________________4
Preventing Fraud___________________________________________________________________________________5
Detecting Fraud_____________________________________________________________________________________6
Responding to Fraud_______________________________________________________________________________6
Remediating instances of Fraud_________________________________________________________________7
2
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Fraud Policy Statement
Our company is committed to reducing opportunities for fraud to occur by
implementing processes to identify potential for, detecting and reporting fraudulent
activities, and working with other organisations for the same purpose.
reporting all suspected fraud to the authorities and other relevant parties, and
co- operating with the police in the investigation and prosecution of suspected
fraudsters,
Scope
This policy applies to any potential, suspected or active fraud committed by and
involving:
3
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Employees,
shareholders,
consultants,
vendors,
contractors,
outside agencies doing business with employees of such agencies,
and/or any other parties with or without a business relationship with our group
companies.
For practical purposes fraud may be defined as the use of deception with the
intention of obtaining an advantage, avoiding an obligation or causing loss to another
party. This includes, but is not limited to:
Responsibilities
The Board of Directors is responsible for:
4
© Distributed by Resilify.io under a Creative Commons Share Alike License.
identifying the risks to which systems and procedures are exposed,
• developing and maintaining effective controls to prevent and detect fraud, and
ensuring that processes, controls and legal obligations are being complied with.
• acting with propriety in the use of official resources and in the handling and use of
corporate funds, whether they are involved with cash or payments systems, receipts
or dealing with contractors or suppliers, and
Preventing Fraud
The following controls are in place and must be followed by employees to reduce the
likelihood of fraud:
• access control and authentication policies are implemented to minimise the risk of
unauthorised access. Interactions involving the payment of funds require a higher
level of authentication.
• employees and relevant parties are made aware of this fraud policy and other anti-
bribery and corruption materials annually.
• all systems are protected from malware using endpoint protection and external
emails are passed through multiple anti-malware platforms and are filtered for spam.
• new suppliers require approval through a formal new supplier process and requests
to amend payment details are independently verified.
5
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Detecting Fraud
The following controls are in place and must be complied with by employees to help
detect incidents of fraud:
• financial transactions are closely monitored by more than one employee (‘four eyes’
principle) and an independent accounting service provider.
• all systems are protected from malware using endpoint protection and external
emails are passed through multiple anti-malware platforms and are filtered for spam.
Notifications are sent to the IT team.
Responding to Fraud
The following policy and controls are in place and must be followed by employees to
respond to potential incidents of fraud:
• the Executive Management Team are responsible for carrying out an initial
investigation if fraud is suspected to have occurred and for notifying the Board.
• the Board are responsible for carrying out vigorous and prompt investigations if
fraud occurs.
• all suspected fraud incidents must be reported to the police or other relevant
authorities and any interested parties (e.g. banks, customers, suppliers), as soon as
practical.
6
© Distributed by Resilify.io under a Creative Commons Share Alike License.
The company maintains business insurance against losses due to fraudulent
activities (as appropriate).
It is the policy of the Company to report all suspected criminal activity to the police
for investigation by them. The timing of police involvement will be at the discretion of
the Board in conjunction with the Executive Management Team.
• where members of staff are involved in a fraud against the Company, whether
actual or attempted, they will be subject to the group's disciplinary procedures, which
may result in dismissal from the group.
• lessons learnt from root cause analysis and incidents will be shared across the
company as soon as possible after an investigation is concluded.
• we will seek to prosecute anyone who commits fraud and will seek to recover its
assets through legal means.
• where suppliers or customers are involved in a fraud against the company, whether
actual or attempted, they will be subject to the company’s terms and conditions,
which may result in termination of contract, and purchase or supply of goods or
services.
License
7
© Distributed by Resilify.io under a Creative Commons Share Alike License.