Article

The next level of fraud risk management and compliance

It seems logical that the rate of fraud increases when the economy weakens. The Association of Certified Fraud Examiners’ (ACFE) 2020 Report to the Nations highlights their estimate that organizations lose 5% of revenue to fraud every year. We understand that it is nearly impossible to gauge the true amount of fraud occurring at any given time; however, we have received feedback from some organizations that incidents of fraud have increased by as much as 25%. Based upon these trends, it is easy to understand why mitigating risk with effective fraud risk management and compliance programs should be a priority for the board and senior management.

Whether you are a financial institution, manufacturer, distributor, service provider or not-for-profit organization, the April 2019 Evaluation of Corporate Compliance Programs, issued by the Department of Justice, recognizes that certain compliance functions might be outsourced in order assist with effectively detecting and preventing misconduct.

The COVID-19 crisis has and will continue to change how business is conducted. Thus, it is imperative for the organization’s fraud risk management and corporate compliance programs to adapt and respond in order to reach the next level. The ability to achieve the next level not only includes transitioning to a remote workforce, but also involves significant challenges to operating a business with a different mindset in this new environment. The compliance function will vary by organization and industry, but typically helps ensure conformity with both external laws, regulations and contractual commitments, and internal policies, procedures and controls. Compliance is uniquely positioned to help manage the risks that could threaten the organization’s achievement of its objectives, including profitably.

Potential items to outsource

Organizations, in their efforts to navigate these challenges, should consider outsourcing of certain fraud risk management and compliance functions, tasks and services to help mitigate fraud and misconduct, regulatory and compliance risks impacting their organizations. Outsourcing certain fraud risk management and compliance functions may serve as an effective approach to addressing everything from gaps in current programs, to assisting in creating an optimized program. Outsourced fraud and compliance risk management services may include the following:

  • Compliance check-up concerning money obtained from the Coronavirus Aid, Relief, and Economic Security (CARES) Act
  • Assisting with triaging and investigating alleged misconduct, including bribery and corruption, money laundering, accounting fraud and false claims violations
  • Developing a comprehensive enterprise-wide fraud and/or compliance risk management program
  • Reviewing or conducting fraud and compliance risk assessments
  • Evaluating the current risk-based approach to compliance
  • Enhancing the organization's business continuity and crisis management plans
  • Conducting a review of the “know your customer” (KYC) process
  • Assessing anti-money laundering and sanctions programs
  • Implementing, enhancing or harmonizing written policies, procedures and standards of conduct.
  • Conducting analysis of internal controls
  • Assisting with M&A compliance due diligence (anti-bribery, antitrust, fraud, third party, etc.)
  • Executing third-party audits and evaluating/implementing third-party risk management programs
  • Serving as a compliance officer and advising the compliance committee
  • Conducting practical compliance training and education
  • Helping develop effective lines of compliance communication
  • Conducting internal monitoring, testing and auditing
  • Advising on the enforcement of standards through well-publicized disciplinary guidelines
  • Managing the organization's ethics hotline, whistleblower and triage process
  • Determining root cause and undertaking remediation

Culture and environment

Compliance touches upon all business processes, including, but not limited to, the sales or quote/order to cash and procure-to-pay processes. However, not all organizations take into consideration how effective compliance programs and controls improve each of these processes. By properly analyzing the steps in each of these business processes, from the compliance perspective, organizations will not only elevate their compliance programs to the next level of effectiveness and optimization, but will make these processes more efficient, which ultimately leads to greater profitability.

The human factor

The pressures and risks placed upon organizations emerging from this initial phase of COVID-19 are, in many ways, unprecedented. Organizations will be forced to go to the next level, which may include reopening their businesses with reduced in-person meetings, reduced in-person events, reduced on-site employees, and reduced domestic and/or international travel. How will your compliance program meet these challenges? Moreover, what pressures will be imposed upon your employees going forward? Looking the other way, overriding or circumventing controls may be viewed by some as acceptable behavior in this new environment.

The services and solutions Baker Tilly provides encompass a full range of your fraud risk management and compliance needs, which include risk assessments, developing or reviewing controls, policies and procedures, third-party risk management, facilitating M&A due diligence ethics training, investigations, root cause analysis and continuous program monitoring, to overall program improvement. All of the aforementioned elements can be outsourced to the Baker Tilly team, which can lead to a more effective compliance program, more significant business efficiencies, proven ROI from your compliance function, more effective compliance risk management, and greater achievement of business objectives, including greater profitability.

Preparing for tomorrow, today

Many compliance and other functions in some organizations are now operating under the current crisis conditions and thinking about meeting today’s challenges without giving consideration to what lies ahead.  We know from history and experience that new risks can emerge quickly, and the velocity of existing risks can suddenly increase and materialize into real problems. Thus, organizations need to be more resilient and agile by not only mitigating today’s risks, but also focusing and preparing for tomorrow and the challenges ahead.

Proactively addressing your gaps today is wise, because someday soon, COVID-19 will pass, and the resumption of business will not be linear. Most likely, it will be faster in some parts of the world than others, and organizations need to be prepared by ensuring they have the right resources to help manage the current and newly created risks that could negatively affect their organizations’ strategic goals and objectives, or worse yet, place them in harm’s way with a regulatory agency.

Disruption is all around us and standing still is not an option. Baker Tilly's global forensic, compliance, and integrity services can assist you in this effort by providing subject-matter experts in the field of governance, risk management, forensic investigations, compliance and digital solutions. We have done this before. We possess the experience, skills, expertise and resources to help organizations transition their fraud risk management and compliance programs to a new, or as we now call it “next level,” which will help enable the achievement of the organization's strategic goals and objectives.

For more information on this topic or to learn how Baker Tilly specialists can help, contact our team.

Jonathan T. Marks
Partner, CPA/CFF, CITP, CGMA, CFE
man with calculator and computer
Next up

Treasury stimulus: what you need to know to remain in compliance