Bloomberg BNA’s Corporate Law & Accountability Report is available on the Corporate Law Resource Center. This news service keeps corporate practitioners informed of legal developments of...
By Michael Greene
Nov. 18 — An effective compliance program should have policies and procedures for preventing fraud and responding to potential fraud, according to speakers at a Nov. 14 Practising Law Institute webinar.
Implementing these procedures requires companies to create a culture of compliance that is tailored to their business, said speakers at “Bolstering Your Company's FraudDefenses 2014: Proactive Prevention and Responses.” Accordingly, companies need to look at their weaknesses and risks in determining how to implement these procedures.
The first step in developing a fraud prevention program is to “understand your company's weakness,” according to Kristina S. Azlin, a partner at Holland & Knight, LLP.
There really is “no one size fits all” fraud prevention program, she said, because different companies have different risks. Accordingly, the most effective programs “will be based on how your company does business.”
After identifying your company's weaknesses, the next step is to “assess your company's fraud risks,” said Azlin. In doing so, companies should solicit input from a variety ofdifferent departments. She added that sometimes an outside consultant may be needed to provide a “fresh perspective.”
Nadia Brannon, an executive director of Ernst & Young LLP's fraud investigations and dispute services, said that part of risk assessment is “responding to likely and significant risks.” Companies cannot mitigate every single risk, she noted. Accordingly, residual risks—ones that are unlikely to recur or are insignificant—do not require a response.
Brannon mentioned that the most common type of fraudulent scheme can vary depending on the industry. Moreover, the “stakes and opportunities” are very different depending on the role of the perpetrator within the organization. She added, for example, that accountants are the common perpetrators of fraud because of their access and controls.
“It seem logical that people with control also have the ability to steal,” said Deborah Forhan Rimmler, Nexant, Inc.'s senior vice president and general counsel.
To implement an effective antifraud program, the company's leadership must make a commitment to preventing fraud, said Vince Farhat, a partner at Holland & Knight. “Thetone from the top is critical,” he said. “Unless the board and senior executives are 100 percent committed to a culture of compliance, the program, however robust it might be, is going to sit on the shelf and do nothing.”
Farhat added that when a company makes this commitment, there are five critical things it must do: adopt written policies and procedures; create a company-wide ethics code; train directors, managers and employees; communicate a “zero tolerance” policy; and regularly review, revise and update policies and procedures.
The training piece is often the hardest and most expensive part of this commitment, according to Farhat. He noted that having an effective, systematic training program is a vital part of demonstrating to outside investigators that the company has made a commitment to compliance.
Companies should not only train employees on their antifraud policies and procedures, but also make sure they are aware of the process for reporting, said Brannon.
According to an industry report, 42 percent of all fraud is discovered by tips. A hotline with procedures for reporting is “by far the cheapest, easiest, and most effective antifraud control” a company can have in place, said Brannon.
Providing awareness of these procedure requires actively engaging employees, said Rimmler.
Human resource procedures also can be an effective part of fraud prevention, said Farhat. HR is often your “first line of defense” because employees are used to hearing from this department, he added.
In developing company procedures, Farhat noted that it is easier to implement specific rules that circumscribe the discretion for employees performing specialized functions than for upper management. Creating specific rules for higher-level employees can be difficult because of the need to allow for discretion, he added.
Generally, companies should not forget to review, revise and update their corporate governance policies and procedures, said Azlin. An important part of this process is looking back periodically at the residual risks that the company has left, she added. These risks may have become significant since policies were last implemented.
Brannon observed that companies often change the way they conduct business, which has an effect on their potential risks. She also noted with the advancement of technology, forms of crime can change. “The criminal community is always a step ahead of us,” she said.
Ultimately, however, developing and maintaining a prevention program is only part of managing and minimizing antifraud risks, said Stacey Wang, an associate at Holland & Knight. Companies also need to have policies and procedures for responding to fraud, she explained.
Knowing when to take action in response to potential fraud requires having an effective screening process, said Farhat. He noted that companies “will get false positives,” and determining the credibility of a potential instance can be the hardest part of this process.
In setting up this process, companies should be aware that “internal triggers” often require more screening than “external” ones, he added.
Once a trigger has happened, companies need to define the scope of the investigation, said Wang, which should be based on the trigger of the investigation, the company and the company's resources, she added.
There are no federal rules of internal investigation, “so companies really need to follow reason and common sense” when they learn that something wrong has happened, said Farhat. Companies sometimes jump into an investigation without defining the scope, which can cause them to waste resources and time and create a bad record for the company when it is dealing with the government, he said.
Assessing the type and scope of the fraud will also drive who leads the investigation, said Farhat. Sometimes routine investigations can be handled by HR departments. He added that companies do not always have to bring in outside investigators.
The key part of any investigation is credibility, he said. Investigations that look one-sided can be difficult to defend, he added. “If your don't have credibility, you won't be taken seriously by outside investigators,” Farhat said.
Farhat also provided some general advice in dealing with government investigations. He noted that some litigation techniques that may work in the civil arena do not work for government investigations. Dealing with the government requires being collegial, advising companies under investigation to “leave Rambo at home.”
To contact the reporter on this story: Michael Greene in Washington at firstname.lastname@example.org
To contact the editor responsible for this story: Ryan Tuck at email@example.com
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)