Your business likely has a disaster plan to address fires, natural disasters, or other incidents that could disrupt operations. While a fraud contingency plan might not seem as critical, most companies need one. Here's how to develop and implement a fraud contingency plan.
Where Are Your Weaknesses?
Meet with your senior management team and financial advisors to brainstorm potential fraud scenarios. Consider how your internal controls might be breached — whether by a new hire, a seasoned department manager, a high-ranking executive, or even an external party.
Next, identify which scenarios are most likely based on your industry and business size. For instance, retailers are often vulnerable to skimming, while construction companies may face employee/vendor collusion in bid rigging. Small businesses lacking segregation of duties are at higher risk for accounts payable theft. Also, assess which fraud schemes would be the most damaging financially and their potential impact on employee morale and public relations.
Who Will Be Responsible?
As you draft your plan, assign clear responsibilities to specific individuals. When fraud is suspected, designate one person to lead the investigation and coordinate with internal teams and third-party investigators. Other employees should be deployed based on their strengths — for example, your IT manager can safeguard electronic records, while your HR leader may focus on maintaining employee morale.
Define your fraud investigation objectives. Some companies may discreetly address the issue by firing the offender and mitigating damage, while others may seek legal prosecution or aim to recover stolen funds. Your plan should outline who will communicate with law enforcement and how this will be handled.
How Should You Communicate Incidents?
Communication with employees is crucial during a fraud investigation. Without information, employees will speculate. While you should consult legal and financial advisors before sharing details, being as transparent as possible can help maintain trust and morale. Make it clear that your company takes fraud seriously.
Additionally, assign someone to manage external communications. This person should be prepared to address public criticism, reassure stakeholders of your company's stability, and control the flow of information to the public.
Strengthen Internal Controls
A fraud contingency plan is just one part of your fraud prevention strategy. Since this plan addresses what to do after fraud has occurred, you should also focus on implementing strong internal controls to reduce the risk of fraud in the first place.
At Brinker Simpson, we specialize in helping businesses establish robust internal controls to safeguard their operations. Contact us to learn how we can assist in reducing your fraud risk and improving your financial security.