menu
Facebook-f Twitter Youtube Linkedin Instagram Tiktok

Who Owns Transactions and Controls Monitoring? Lessons for Compliance Professionals

In his recent article, Who Owns Transaction and Controls Monitoring? published in Fraud Magazine author Vince Walden explored the challenges of assigning responsibility for transaction and controls monitoring within organizations. He emphasized the risks of assuming “someone else” owns the responsibility for fraud detection and prevention, particularly within high-risk areas like accounts payable, accounts receivable, and employee expenses. For corporate compliance professionals, this issue is both a wake-up call and a call to action. Here are the key lessons from the article and how compliance professionals can implement them in their programs.

Establish Ownership of Fraud Risk Management

One of the central themes is the importance of clearly assigning responsibility for fraud risk management across the organization. Walden cited the Fraud Risk Management Guide’s recommendation that one executive-level member of management be assigned ultimate responsibility for the fraud risk program. This clarity is essential to ensure accountability and effectiveness.

You can establish this critical element by appointing a dedicated executive to lead your effort. Begin by identifying a senior executive sponsor, such as the Chief Compliance Officer (CCO) or Chief Risk Officer (CRO), to oversee the fraud risk management program. This individual should have a comprehensive understanding of fraud risks and process-level controls. Next move to formalize a governance framework through the creation of a fraud risk management committee that includes leaders from compliance, finance, HR, IT, internal audit, and other key departments. Ensure this committee meets regularly to review risks and oversee fraud prevention initiatives.

Embrace a Multidisciplinary Approach

 Walden highlighted the value of a committee-based, multidisciplinary approach to fraud risk. This structure fosters collaboration and ensures that diverse perspectives are brought to bear on identifying and mitigating fraud risks. Engage multiple stakeholders across multiple corporate functions. Bring together representatives such from such functions as internal audit, compliance, legal, finance, and IT to collaborate on fraud detection and prevention strategies. Next develop cross-functional training to provide fraud awareness training tailored to the unique responsibilities of each department, ensuring that everyone understands their role in mitigating fraud risks.

Align with the Three Lines Model

The “Three Lines Model,” as updated by The Institute of Internal Auditors (IIA), provides a framework for distributing fraud risk management responsibilities. Walden underscores the importance of leveraging this model to enhance accountability and effectiveness. The three lines are:

  • First Line. Operational managers and staff should focus on implementing fraud prevention controls in daily processes.
  • Second Line. Compliance and risk management professionals should provide oversight, monitor emerging risks, and design advanced fraud detection tools.
  • Third Line. Internal audit should independently assess the effectiveness of fraud prevention and detection efforts.

The key is that there must be effective collaboration. You must ensure seamless communication and coordination among the three lines to prevent gaps in oversight.

 Leverage Data and Technology

 Walden emphasized the critical role of data-driven monitoring in effective fraud prevention. He noted that relying solely on internally generated data, such as surveys, is insufficient. Instead, organizations must analyze transactional data from enterprise systems and external sources. There will be a need for some type of investment, as you will need to deploy advanced compliance analytics platforms that can process data from enterprise resource planning (ERP) systems, accounting software, and third-party due diligence systems. Implement tools that provide real-time insights into transactional data, identifying unusual patterns or red flags indicative of fraud. Develop in-house expertise by training compliance teams to analyze and interpret complex datasets, enabling them to identify fraud risks proactively.

 Cultivate a Culture of Accountability

 Fraud prevention is most effective when it is embedded within the organizational culture. Walden noted that visible and engaged leadership is critical to fostering such a culture. Once again, the fundamental ‘Tone at the Top’ must be set. Senior leaders should regularly communicate their commitment to ethical behavior and fraud prevention. This could include messages from the CEO or board-level discussions on fraud risk. Public recognition should be given to your organization’s Fraud Champions. The Department of Justice’s recommendations on monetary awards under anti-corruption compliance are equally valid in the anti-fraud realm, as you should reward employees who identify and report fraud risks, reinforcing the importance of vigilance and accountability. In the area of training, integrate fraud awareness into onboarding by making fraud prevention a core part of employee onboarding and ongoing professional development.

Ensure Proactive Monitoring and Response

 Walden stressed that fraud risk management cannot be reactive. Compliance professionals must take a proactive approach, using data and technology to monitor risks continuously. It not only begins, but also continues with regular fraud risk assessments to identify high-risk areas and prioritize monitoring efforts. Using these timely fraud risk assessments, develop a robust fraud risk management response plan to ensure that your organization has clear protocols for investigating and addressing suspected fraud, including escalation procedures and communication plans.

Final Thoughts

 Walden’s insights serve as a powerful reminder that fraud risk management is a shared responsibility. By adopting a multidisciplinary approach, leveraging data-driven tools, and fostering a culture of accountability, compliance professionals can play a pivotal role in protecting their organizations from fraud and other risks.

To be effective, these strategies must be implemented thoughtfully and consistently. Start by assessing your current fraud risk management framework and identifying gaps. Then, build on these lessons to create a program that not only meets regulatory expectations but also strengthens your organization’s resilience against fraud. As Walden succinctly puts it: “If it isn’t you, an anti-fraud professional, who monitors and oversees high-risk transactions, then who should it be?” This is a question every compliance professional must ponder and address proactively.

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2024 The Compliance Evangelist. All Rights Reserved
You subscribed to a blog or podcast or downloaded content from
Tom Fox or www.compliancepodcastnetwork.net

What are you looking for?