Internal Fraud

How to prevent internal fraud

• Background checks: Instigate thorough background checks when hiring prospective employees, including referencing the Cifas’ Enhanced Internal Fraud Database for previous offences¹
• Restrict access: Ensure employees only have access to the data and programmes they need to perform their role and implement systems that alert you to any suspicious activity
• Whistleblowing: Implement a robust whistleblowing policy so your staff are informed and empowered to detect and report suspicious behaviour
• Zero-tolerance policy: Inform your staff that you have a zero-tolerance approach to fraud and how to identify suspicious behaviour so they can be your first line of defence
• Employee wellbeing: Ensure you are promoting employee wellbeing as life and work pressures can motivate otherwise law-abiding staff to commit internal fraud²
• Employee monitoring: Put robust employee monitoring in place throughout the employee lifecycle, from onboarding to other monitoring measures like CCTV
• Fraud response plan: Create a fraud response plan that sets out the steps your organisation should take in the event of internal fraud
• Hiring and promotion: Ensure you have equitable and transparent hiring and promotion processes so all staff feel supported and will be less likely to rationalise fraud.

What to do if you're a victim

• Investigate: If you suspect internal fraud is taking place it’s important to investigate it in a confidential and legal manner.³  Only report your suspicions to people you trust
• Employment lawyer: Consult with an employment lawyer to ensure you protect the rights of your workforce when investigating
• Act fast: Act upon any suspected fraud in a timely manner and have appropriate processes in place. Be aware that there is a risk of perpetrators deleting data if they become aware that they are under suspicion
• Preservation: Take steps to retain and preserve any data, documentation, or equipment that has been used to carry out the fraud
• Restrict access: Restrict access to sensitive data and systems that could be used to perpetuate internal fraud, such as bank accounts, company cards or payment authorisations
• Keep records: Document each phase of your investigation in a systematic way so you have robust records and can justify your conclusions
• Report: Report the fraud to the appropriate authority. Consider consulting corporate lawyers or hiring a forensic accountant to investigate the extent of any fraud and link it to the perpetrators.