FRAUD

POLICY

1
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Contents

Contents_______________________________________________________________________________________________2
Fraud Policy Statement____________________________________________________________________________3
Scope___________________________________________________________________________________________________3
Responsibilities______________________________________________________________________________________4
Preventing Fraud___________________________________________________________________________________5
Detecting Fraud_____________________________________________________________________________________6
Responding to Fraud_______________________________________________________________________________6
Remediating instances of Fraud_________________________________________________________________7

2
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Fraud Policy Statement
Our company is committed to reducing opportunities for fraud to occur by
implementing processes to identify potential for, detecting and reporting fraudulent
activities, and working with other organisations for the same purpose. 

We aim to manage fraud risk by:

 defining, setting and maintaining cost effective control procedures to identify

and deter fraud, 

 implementing standard operating procedures and approvals processes to

minimise the risk of fraud, 

 investigating all incidences of actual, attempted, or suspected fraud, and all

instances of major control breakdown, 

 reporting all suspected fraud to the authorities and other relevant parties, and
co- operating with the police in the investigation and prosecution of suspected
fraudsters, 

 encouraging staff to be vigilant and report any suspected incidents of fraud, 

 raising fraud-awareness at all levels, 

 ensuring key controls are complied with, 

 engaging with independent financial auditors to review accuracy of our

published financial data; and 

 taking action against individuals and organisations perpetrating fraud against

the company. 

Scope

This policy applies to any potential, suspected or active fraud committed by and
involving:
3
© Distributed by Resilify.io under a Creative Commons Share Alike License.
  Employees,
 shareholders, 
 consultants, 
 vendors, 
 contractors, 
 outside agencies doing business with employees of such agencies, 
 and/or any other parties with or without a business relationship with our group
companies.

All employees have a responsibility for fraud prevention and detection. 

For practical purposes fraud may be defined as the use of deception with the
intention of obtaining an advantage, avoiding an obligation or causing loss to another
party. This includes, but is not limited to: 

 any dishonest or fraudulent act

• forgery or alteration of any document or account belonging to the Company
 forgery or alteration of a cheque, bank draft, or any other financial document 
 misappropriation of funds, securities, supplies, or other assets
• impropriety in the handling or reporting of money or financial transactions
• profiteering as a result of insider knowledge of company activities
• disclosing confidential and proprietary information to outside parties 
 accepting or seeking anything of material value from contractors, vendors or
persons providing services/materials to the Company. Exception: Gifts less than
£50 in value 
 destruction, removal or inappropriate use of records, furniture, fixtures, and
equipment; and/or 
 any similar or related inappropriate conduct. 

Responsibilities
The Board of Directors is responsible for: 

• carrying out vigorous and prompt investigations if fraud occurs, 

• taking appropriate legal and/or disciplinary action against perpetrators of fraud,

and 

• taking disciplinary action against managers where management failures have

contributed to the commission of the fraud. 

The Executive Management Team are responsible for: 

 carrying out an initial investigation if fraud is suspected to have occurred, and

notifying the board, 

4
© Distributed by Resilify.io under a Creative Commons Share Alike License.
 identifying the risks to which systems and procedures are exposed,
• developing and maintaining effective controls to prevent and detect fraud, and 
 ensuring that processes, controls and legal obligations are being complied with. 

Individual members of staff are responsible for: 

• acting with propriety in the use of official resources and in the handling and use of
corporate funds, whether they are involved with cash or payments systems, receipts
or dealing with contractors or suppliers, and 

• reporting details immediately to the executive management team if they suspect

that a fraud has been committed or see any suspicious acts or events. 

Preventing Fraud

The following controls are in place and must be followed by employees to reduce the
likelihood of fraud: 

• HR policies include reference to recruitment and screening of new staff, an

effective appraisal system and exit interviews. 

• access control and authentication policies are implemented to minimise the risk of
unauthorised access. Interactions involving the payment of funds require a higher
level of authentication. 

• employees and relevant parties are made aware of this fraud policy and other anti-
bribery and corruption materials annually. 

• the principle of segregation of duties is adopted for interactions involving the

authorisation of payment or transfer of funds. 

• all systems are protected from malware using endpoint protection and external
emails are passed through multiple anti-malware platforms and are filtered for spam. 

• new suppliers require approval through a formal new supplier process and requests
to amend payment details are independently verified. 

• appropriate policies, processes and authorisation controls exist for financial

operations such as purchasing and invoicing.

5
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Detecting Fraud

The following controls are in place and must be complied with by employees to help
detect incidents of fraud: 

• financial transactions are closely monitored by more than one employee (‘four eyes’
principle) and an independent accounting service provider.

• all systems are protected from malware using endpoint protection and external
emails are passed through multiple anti-malware platforms and are filtered for spam.
Notifications are sent to the IT team. 

• independent financial auditing is carried out by an external auditing company to

provide assurance of publicised financial data. 

Responding to Fraud

The following policy and controls are in place and must be followed by employees to
respond to potential incidents of fraud: 

• individual members of staff must report details immediately to a member of the

Executive Management Team if they suspect that a fraud has been committed or
see any suspicious acts or events. 

• the Executive Management Team are responsible for carrying out an initial
investigation if fraud is suspected to have occurred and for notifying the Board. 

• the Board are responsible for carrying out vigorous and prompt investigations if
fraud occurs. 

• investigations of incidents of fraud are documented and root cause analysis is

carried out. 

• all suspected fraud incidents must be reported to the police or other relevant
authorities and any interested parties (e.g. banks, customers, suppliers), as soon as
practical. 

• all investigations will be carried out objectively and confidentially, and

independently of the line management for the area in which the fraud has occurred
or is suspected. 

6
© Distributed by Resilify.io under a Creative Commons Share Alike License.
The company maintains business insurance against losses due to fraudulent
activities (as appropriate). 

Remediating instances of Fraud

It is the policy of the Company to report all suspected criminal activity to the police
for investigation by them. The timing of police involvement will be at the discretion of
the Board in conjunction with the Executive Management Team. 

• where members of staff are involved in a fraud against the Company, whether
actual or attempted, they will be subject to the group's disciplinary procedures, which
may result in dismissal from the group. 

• lessons learnt from root cause analysis and incidents will be shared across the
company as soon as possible after an investigation is concluded. 

• we will seek to prosecute anyone who commits fraud and will seek to recover its
assets through legal means. 

• where suppliers or customers are involved in a fraud against the company, whether
actual or attempted, they will be subject to the company’s terms and conditions,
which may result in termination of contract, and purchase or supply of goods or
services. 

License

Licensed by Assent Risk Management via Resilify.io Under a Creative Commons Share Alike License.

7
© Distributed by Resilify.io under a Creative Commons Share Alike License.