KEY POINTS:
A company's own employees are the most likely culprits when it is hit by fraud, but they are also its front line of defence, says KPMG.
The accounting firm has released a risk management paper, which is intended to help firms develop strategies for the prevention, detection and response to fraud.
The report follows KPMG's international 2006 Fraud Survey released last month that suggested that New Zealand firms were more likely to be affected by the crime than those in most other countries.
More than 54 per cent of organisations here that responded to the survey had been victims of fraud against a global average of 46 per cent.
More than 90 per cent of those local victims were defrauded more than once and employee offending was the most common.
"Organisations need to appreciate that fraud is a serious business risk and a lot underestimate that risk, said KPMG forensic director Mark Leishman. "Serious fraud can bring an organisation to its knees."
Businesses needed to have a plan to deal with fraud like any other business risk much in the same way as they might outsource record holding as part of their continuity plan.
The report details several strategies, but Leishman said employee education should be a priority.
"Employees are a front line reporting system. The survey shows they are the prime detectors of fraud."
Staff needed to know what fraud was, what it looked like and Leishman emphasised that when they did detect it, they must be able to report it "without fear or retribution".
The report recommends an anonymous "hot line reporting system, preferably operated externally".
While employees were the frontline detectors of fraud, the overall strategy must come from the top. "Board and management play a critical role," said Leishman. "They set the tone ... They're responsible for ensuring ethical and responsible business practices are established at the highest level."
Leishman also recommended firms undertake "pro active data analysis".
Technology to analyse financial data for fraud indicators was now freely available and was a cost-effective risk management tool.
When fraud was uncovered, said Leishman, management should be upfront about it and the action taken.
"Although public disclosure may be embarrassing, it could combat or pre-empt negative publicity, it will demonstrate good faith, close the matter down and protect the organisation's ongoing reputation."
