Well-defined Fraud Risk Management

A new Protiviti survey finds that many FORTUNE 1000 companies and large not-for-profits continue to “strive” to define their fraud prevention, deterrence, and detection strategies.

Less than half of the organizations surveyed described their fraud risk management (FRM) strategies as “very well defined.” The report contains a useful list of the 10 things that enterprises with “very well defined” FRM strategies do differently; some of these activities include:

Shared Executive Ownership: FRM leaders tend to assign responsibility for coordinating FRM efforts to more than one executive.

Board of Directors Oversight: FRM leaders tend to have boards that actively oversee fraud prevention, detection, and response processes.

Internal Audit Ownership: FRM leaders tend to assign the internal audit function responsibility for conducting fraud risk assessments.

Required Ethics and Fraud Awareness: FRM leaders tend to mandate employee participation in ethics and fraud-awareness training programs.

The report also examines how fraud risk management is organized within organization and identifies eight challenges hindering FRM efforts.