Fraud can be perpetrated by persons outside as well as inside an Organisation and by collusion. The term "fraud" is commonly used to describe a wide variety of dishonest behaviour such as deception, forgery, false representation, and concealment of material facts. It is usually used to describe the act of depriving a person or entity of something by deceit, and may involve the misuse of funds or other resources, or the supply of false information. Computer fraud covers the use of information technology equipment to dishonestly manipulate programs or data (e.g. by altering, substituting or destroying records, or creating spurious records), or where the use of an IT system was a material factor in the perpetration of a fraud. The fraudulent use of computer time and resources is included in this definition. Organisations should make a clear commitment to ethical standards in public life and develop a fraud policy statement in order to communicate their approach to fraud.
All staff should be concerned with the prevention and detection of fraud but the prime responsibility for designing, operating and reviewing control systems rests with management. Managers should consult the organisation's finance function and internal audit teams where new control procedures are being set up or significant changes to existing procedures are being proposed.
Procedures set up to prevent and detect fraud must be carefully followed and monitored. Much fraud results from failure to comply with existing control systems.
Organisations should put in place processes for reporting suspicions of fraud. Staff should be encouraged to report such suspicions either to their line managers, to the organisation's internal audit (or specialist fraud unit), to the organisation's finance function, or possibly to a hotline set up for the purpose.
Organisations should draw up fraud response plans to ensure that timely and effective action is taken in the event of a potential fraud being detected.
More information on fraud can be accessed using this link.