- Definition of Fraud
- Project Objective and Goal
- Project Information
- Classification of Frauds
- Prevention and Detection of Fraud
- How to fight frauds
- Implementation of
- Manpower, Time Frames and Budgets
- Fraud Risk Assessment Check List
- Proactive Fraud Audit
Prevention of Fraud is a primary responsibility of management. Even Institute of Chartered Accountants of India (ICAI) has put this responsibility squarely on the management of the company and detection of fraud is not the prime responsibility of the auditors. As per the Companies Act 2013 (CA2013), a fraud can be reported by auditors or any third party i.e. stakeholders.
Board of Directors (BOD) –collectively all the directors– is the top management of the company assisted by Key Managerial Personnel. Hence, this is the core group of people within the company who should take all the responsibility for frauds in the company and they are liable to the stakeholders at large. Needless to say, BOD is responsible to make all the policies for prevention and detection of fraud as well as how to deal with the fraudsters and whistleblowers. That means if the management fails to take appropriate measures to prevent frauds, the fraudsters -within and outside the company- will go scot free.
It is worth noting that no fraud is possible without human intervention either from within the company or from outside. BOD is responsible for all the actions taken by the staff whether employed in the Corporate Office or thousands of miles away from the Corporate Office. Every employee in the company must know the company’s stand on fraud, and hence it is important to have proper written policies and employees must be made aware of those polices by displaying at proper places or on website or any other appropriate manner. It is also important that staff acknowledges the same by of signing the or in any other way where staff can’t deny the existence and application of these policies.
Definition of Fraud
In the Indian context, earlier Fraud was defined as per Sec 17 of Indian Contracts Act 1872. It also has reference as per Sec 420 of Indian Penal Code. Though Indian Contract Act stipulates four components of the word “fraud” and those are
- A willful misrepresentation
- Material in nature
- The person receiving the representation reasonably and justifiably relied on it
- Financial damages resulting from all the above
The CA2013 makes things little difficult. Sec 447 of CA2013 defines fraud in relation to affairs of a company or anybody corporate and includes
- Any act/omission/concealment of any fact or
- Abuse of position
- Committed by any person or other person (third party) with connivance in any manner with intent to deceive/gain undue advantage or to injure interest of
- Any other third party
- Whether or not there is wrongful gain or wrongful loss
This is definition is so broad that it can conceivable include any act committed by anyone provided there is a wrong intent.
In comparison with the definition as per Contract Act, CA 2013 has removed the “materiality” concept.
There are few references to fraud in other Indian legislation such as IT Act, Prevention of Corruption Act, Lokpal Bill, Money Laundering Act, etc.
Sir Donald Cressey one of the well-known criminologists in USA, has rightly pointed out that fraud is function of three elements- Pressures, Perceived Opportunity and Rationalization
Types of Frauds, Project Objective and Goal
Refer Annexure I which is the activities of company ESTL Ltd and Annexure II which gives the classification of frauds. The objectives are to identify the various types of frauds those can take place in ESTL, what measures ESTL can take to prevent the same and what kind of environment ESTL can create to prevent, detect and post detection of frauds.
Hence, look let’s look at: Types of Frauds
- Frauds committed in ESTL in the past across various business divisions and countries
- How the frauds were discovered
|Type of fraud, Division and Country||What was the fraud and how was it discovered||Action taken by the company|
|Asset – Cash; Courier; India||ESTL used to the do intercity courier services. ESTL had a policy of not rejected business and hence if the customer hasn’t been approved as credit customer, the delivery boys were allowed to collect cash while picking up the consignment. In some case, the deliveries boys picked up the consignments and delivered the same as per ESTL rules but didn’t report sales and pocketed cash.
In one particular case, the delivery boy failed to deliver the consignment and called the toll-free number to check about the delivery and that is how fraud was discovered.
|When customer wanted the delivery service, the customer is supposed to call toll free number and the call center would call the delivery boy about the prospective customer. The mistake company did was that the call center never called back the prospective customer to check whether the consignment was picked up.
The company sacked the delivery boy.
|Asset – Debtors; Courier; India||When customers paid cash against pending invoices, the delivery boys used the money for good amount of time before was deposited in the company bank account. Since, the company had a policy of checking unpaid dues only at the month end, this practice went unnoticed for quite some time.
It was detected only when internal audit division called the customers in the middle of the month and customer told that the money has already been paid.
|The company didn’t give receipt book to the delivery boys to give a proper receipt and even the customer didn’t insist on immediate receipt. A classic example where the intention of the customer is not to make a fraud, but his inaction led to a substantial fraud.
The company sacked the delivery boy.
|Asset – Debtors; AV; India||This Salesman had a unique way of protecting his own customers. He used to prepare a delivery challan in the name of Customer A and then deliver the goods to customer B. He used to do this as the credit limit of B would be over and system wouldn’t allow deliveries to B. Later, he would change the invoice and delivery note in the name of B. This way, he used to give more goods to customer B over his credit limit.
The company discovered this methodology due to frequent changes in the delivery challans as well as similar delivery addresses.
|The company could not prove that the salesman was getting any monetary benefits and hence couldn’t take any action against the salesman. In fact, it took a long time to establish that there was a fraud.
The company banned the changes in the invoice and delivery challans without the approval of territory sales manager, but no action was taken against the salesman.
|Asset –Debtors; Real Estate; India||The salesman used to pre book sales and show commission on the sales as debtors. The said commission would be collected on the completion of transfer of property or registration of rental agreement. This completion may take even up to six months depending on the complexities of the transactions.
Out the total commission, part of the amount (even sales) were written off (often collected in cash and never reported to the company) saying that the commission is reduced due to change in the terms and conditions of the sales.
This was a continuous trend and ESTL accepted this as a business practice.
|The company changed the practice of pre booking sales and started booking sales only on cash basis.
This saved the commission on the targets achieved but ESTL was never comfortable if all commissions were brought in the books.
This is business hazard and prevention of fraud totally depended on the honesty of the sales staff.
|Asset –Stock; Trading; UAE||Trading Division in UAE had one of the biggest ship chandlers as their prime customers. Being ship chandler, the orders were never fixed, and goods were always on sale or return basis. ESTL used to procure goods from all over UAE and supply to them. Once the unsold goods are returned, ESTL used to return the goods directly to their vendors.
The goods were never returned in full to ultimate vendors and reported to the company as sold to the ship chandlers. There always used to be discrepancies and always took a lot of time to resolve those issues as ships stay used to be brief in UAE.
Ship chandler got fed up with these discrepancies and stopped doing business with ESTL. They blamed ESTL’s inability to resolve these issued within reasonable period.
|ESTL never took these issues seriously saying that there is no stock holding and are earning good commission by procuring and delivering goods. These goods were never in warded in ESTL’s books and hence receipts and sales were on cash basis. In other words, there was no internal control of any sorts.
ESTL started following proper system for recording all transactions.
It also showed lack of interest on the part of senior management as they were happy earning howsoever little commission by just delivering the goods and staff took proper advantage of the situation.
The staff was dismissed and ESTL after reconciling accounts recovered whatever amount they could by way of selling his assets and end of service benefits.
|Asset –Intangible Assets; AV; Kenya||ESTL received television sets and a music system for servicing in their Nairobi service center. The customer did not have the guarantee card and requested service at a cost. The company agreed. When the service department opened up the piece, they could neither match the batch number nor the serial number of the piece. Hence they asked the customer for the purchase detail which he did not have and could identify on the store from where he bought the piece.
Upon further investigation, it was found out that it was a duplicate piece, and someone was using ESTL brand and selling cheaper articles.
|It was clearly a brand abuse and infringement of trademark and patents. The company took the legal action against the store that was selling price. The company also increased brand awareness by advertising in local newspapers about the ownership of brand and possible legal actions.|
|Others –Document falsification Checks; Trading; UAE||The company had a practice of issued printed checks. Unfortunately, one day the machine did not work, and company issued handwritten checks on that particular day. One of the staff members used the opportunity to add few words on the check and encased the cash check with higher amount.
It was discovered at the end of the month during bank reconciliation, by that time, staff had resigned and left the company.
|The treasury started checking bank statements on a daily basis. ESTL also started the affix see through stickers on the checks making alterations impossible.
ESTL also took legal action against the staff though didn’t go through the criminal proceedings due to higher costs involved compared to the existing damage which sent wrong signals to the staff as well as to public at large.
|Others –HR & Payroll; Trading; Kenya||The company had an obligation to employ minimum number of locals in the company. The fraudulent prevailing practice was to get the documents of few locals and show them as employees. They were paid only 40% of payment in cash against what is shown in the books and to the Govt. The balance money was brought in the books by way of other receipts in two or more installments in order to fend off the taxman.
The company was supposed to bring back 60% of the amount by way of other receipts though the amount started reducing month by month. The explanation given by the local management was that tax man have become more inquisitive and need to pay them more on a monthly basis in order to keep this entire transaction under the wraps. In fact, the amount was siphoned by the local management.
The issue was discovered as company had no real advantage in continuing this practice.
|In this case, corporate management made a grave mistake by letting the local management about the malpractice in which they shouldn’t have participated.
The local management took the undue advantage of the situation.
The company didn’t take any action against the criminal staff as ESTL felt that removal of local management may lead to closure of African business.
|Others –External Party; Trading; Sri Lanka||ESTL used to procure tea and cashew from Sri Lanka. There were a lot of malpractices happening in the trade from the suppliers mainly to avoid Government Taxes. As a result, Government had banned many suppliers from entering into trade with the foreign company.
ESTL entered into trade agreement with one such party without making any background check on the supplier. Neither supplier give any papers showing his eligibility to enter into trade nor ESTL made any enquiries with Government if the supplier is eligible to trade with foreign companies.
ESTL was in rude shock when the export consignment was rejected and fined for trading with banned traders/exporters.
|ESTL failed, to make any background check on the supplier. By the time, they realized, their license was suspended six months.
ESTL made background checks mandatory with third party documentary proofs for all the parties before entering into contract with them including employment contracts.
|Others –Commercial Bribery; AV; Russia||ESTL imports goods from all over the world into Russia though branded goods come from EU- Finland. These goods must be transported by road from Kotka to Moscow. Getting import licenses from the Russian Govt. was really difficult and using someone else’s license was a common practice with a caveat that you use transportation, marine insurance and custom clearance service from the same party.
ESTL had to pay exorbitant charges for all these services with no guarantee that goods will arrive in time.
|ESTL established operations in Russia without procuring all the required licenses and hired even staff who had no knowledge of Russian laws and customs. ESTL had no option but fall prey to all mafia agents in order to survive and had not guarantee that they will be profitable.
ESTL did not do proper sovereign risk assessment.
ESTL had to wind up Russia operations.
|For the Company- Accounting frauds||One of the accountants in ESTL acted in collaboration with the customers and created fraud. The sales division was collecting checks from the customers on the due date. This particular accountant would pass appropriate entries and hence customers’ accounts were properly maintained. He then used to call the customers (agree for commission) and used to give them additional credit period by not depositing the checks. As far as collection was concerned, it was on time, but money wasn’t in the bank.
This was found out during the monthly Bank Reconciliation Statements. All checks were deposited but none was credited in the banks in time.
This also led to late recognition of real dishonored checks which resulted in real losses to the companies.
| There is clear lack of internal control over important operations like collections and accounting.
ESTL separated the duties and started checking bank credits on the net next day.
ESTL changed the duties of the staff and transferred in dispatch division.
|For the Company- Financial Statement Frauds||ESTL had taken trade finance from the financial institutions. One of terms and conditions was to maintain stocks below particular amount. In reality ESTL had exceeded that stock value. ESTL valued the stock at current market value which was below cost price taking advantage of accounting principles. While doing this, they understated profits and paid less tax to the Government.
The fraud was never discovered by financial institutions and ESTL continued to take advantage of accounting rules. ESTL continued selling undervalued stock at higher prices at a later date (presumably when market was favorable) thereby even deferred tax payment to the Government.
|Another clear example where ESTL were part and parcel of big fraud and did not set right example for the accounting staff which led to many accounting frauds.|
|For the Company- Defrauding vendors and customers||ESTL used to pay and collect advances for commodities in the international markets. Depending on the price variation ESTL and its suppliers would decide whether to deliver the goods or not. If the contract is entered into a price X and then price has gone X ++, the supplier would enter into contract with another buyer and forfeit the contract with ESTL. ESTL would similar would follow similar practice, if prices fall after entering into contract.
Nobody ever considered it as fraud and practice prevails.
|ESTL started using this practice as options and futures contract by squaring of advances and started treating this as a profit center. Prima facie, nothing wrong in it, except that at the time of entering into contract other party would not know that they are entering into paper contract.|
|For the Company- Web of companies||ESTL had operations in India, Russia and Kenya and besides India, other two countries have very weak banking system. ESTL had very high proportion of cash transactions in these countries and this cash was utilized by way of financing for purchases in those countries and usually used to find its way into India. In India, ESTL would receive either part or full amount in cash and would be shown as cash sales.
Since there was a huge difference in tax rates of different countries, ESTL would use this route to reduce its tax liabilities.
|Everybody in the company believed that it’s an effective way of resource utilization and no one ever considered it as a fraud against exchequer.
The practice continued and sometimes ESTL paid heavy one-time taxes though this again was considered as cost of doing international business.
How to fight frauds?
Frauds are common phenomenon across various countries and businesses but fighting the frauds need to be improved. Creating anti-fraud environment is a key to eliminate frauds. You also need to develop comprehensive policies and procedures, implementation of anti-fraud programs, effective communication, compliance monitoring. An effective fraud prevention program has three major components:
- Creating anti-fraud environment
- Setting tone at the top
The broad-based fraud education that focuses on the fraud awareness should be presented to all employees, with specific anti-fraud training for employees in position those have more risks. Organizations need to learn from their own fraud experiences as well as others. It will help employees to read and understand anti-fraud policies in the context of their own roles and responsibilities.
Creating anti-fraud environment:
Creating anti-fraud environment is more about documentation and displaying work. Various policies and documents should be created by the top management and they should reach all employees. They should be well publicized through induction programs and periodic awareness drives.
The tone has to be set at the top
They argue that employees learn the fraud techniques from their bosses. The inaction or the wrong action of the top management leads to two things:
- It gives the indication that the management tolerates the frauds.
- The information about the modus operandi is spread in other employees.
The top management has to give signals to all its employees that fraud at any level and of any measure is not tolerable.
As a part of this total exercise, the company needs to adopt four major policies. Those are:
- Fraud Prevention Policy- Annexure III
- Ethics Policy- Annexure IV
- Whistle blowing Policy- Annexure V
- Fraud Response Plan- Annexure VI
Manpower, Time Frames and Budgets
As you have seen from the types of frauds committed at ESTL, in many frauds the top management was involved. You have also seen that many frauds have been committed by employees working in various countries. That means when it comes to committing frauds, nobody is sacrosanct and everybody in the organization can fall prey to all sorts of temptations.
As a result of this phenomenon, all stakeholders in the company should be part of the fraud prevention and detection policy. At the same time, there is only one policy across all the stakeholders spread all the geographies.
Announcement of Policies:
Top management should make efforts to ensure the awareness of these polices. Some of the common ways of doing it are:
- Publish on the website of the company
- Introductory seminars for all stakeholders
- Part of induction booklets at the time of appointment of staff
- All staff should sign the copy at least once in a year, typically at the time of annual review
- Should be part of all tenders’ documents, contracts, etc.
Top management should also review these policies on a quarterly/half yearly basis and make appropriate amendments bringing in the live experience. Once the policies are revised, once again, efforts should be made to increase awareness of the revision.
Most of the organizations would look at all the policy matters as cost centers. I feel, time has come where one should look at Fraud Prevention and Detection Policy as a profit center. If you look at various frauds being committed at ESTL at any given point of time, one can understand the money lost due to frauds.
Washington State Fraud Bureau carried out a survey in US and concluded that every US $ 1 invested in fraud audit can save US $ 12 a whopping 1200% return.
In the ordinary course of business, fraud prevention policies won’t require additional budgets. It should be part of
HR (training) budget.
IT Budget for additional software for specific actions
Only in case of investigation stage, it would require additional manpower allocation and if need investigative tools. It is very difficult to estimate cost effect on a generalized basis.
The Company: ESTL Ltd.
ESTL Ltd (the company) is a public listed company registered in India having its Corporate Office in Banglore. The Company is engaged in trading activities and its business is divided in 4 business segments. They are as follows:
- Trading of Audio Visual (AV Division) equipment such as Television Sets, DVD players, etc.
- Trading of branded and unbranded food stuff including commodities like tea, cocoa, rice, oil, etc.
- Commercial and Residential Real Estate engaged in letting apartments, bungalows, offices, warehouses, etc.
- Domestic and International Courier and logistics business
The Company operates in four different geographies in addition to India and those are Sri Lanka, UAE, Russia and Kenya. In these countries, the Company has got its offices run by the General Manager. The main activity of the Company in these countries is of sales and distribution, though occasionally sourcing is also done.
For AV Division, Sourcing is done from China. For trading division, sourcing is done from all over the world and it is more of an opportunistic sourcing than a planned one. The other two divisions are service oriented and major business is local.
The Company employs predominantly Indian staff in all geographies. The company has a policy to employ fresh graduates and train them on the job by relatively senior staff. The company also employs local staff in foreign countries to comply with the local Government and rests of the employees are deputed from Indian companies.
Classification of Frauds
Fraud Prevention Policy- Ideal contents
|1.||Background||Company requires all staff at all times to act honestly and with integrity to safeguard for the company resources for which they are responsible. Company views fraud as an extremely serious matter and is committed to the promotion of an anti-fraud culture|
|2.||Scope||This policy applies to any irregularity, or suspected irregularity, involving employees as well as shareholders, consultants, vendors, contractors, outside agencies doing business with employees of such agencies, and/or any other parties with a business relationship.
Any investigative activity required will be conducted without regard to the suspected wrongdoer’s length of service, position/title, or relationship to the Company
|4.||Actions constituting Frauds||The terms frauds, falsification, misappropriation, and other fiscal irregularities refer to, but are not limited to:
|5.||Investigation Responsibilities||The Chairman of the Audit Committee is responsible for establishing and maintaining a sound internal control that supports the achievement of company policies, aims and objectives.
Finance Managers are responsible for:
Internal Audit is responsible for:
Every Staff is responsible for
Director Finance/CFO/VP Finance will exercise disciplinary powers.
|6.||Reporting Procedures||Great care must be taken in the investigation of suspected improprieties or irregularities so as to avoid mistaken accusations or alerting suspected individuals that an investigation is under way.
The suspected member of the stakeholders should be given a chance to explain the situation in the presence of HR, Legal and other involved divisions. If need be, he should be external legal assistance.
The reporting individual should be protected and be informed of the following:
Please keep written and electronic records with the investigating authorities.
|7.||Disciplinary/Legal Action||After proper investigation and establishing facts of the misdeed, Company should take proper action consistent with the gravity of the situation. The company may terminate the services of staff involved or hand over the case to the police or may take civil action. The company will fully cooperate with the concerned external authorities and will be bound by the final outcome. If there is requirement of reinvestigation, the company and the involved stakeholders should cooperate.|
|8.||Postmortem Analysis||Where a fraud has occurred management must make necessary changes in systems, procedures, processes, internal controls, etc. to ensure similar frauds will not recur. Management should also inform all offices, branches, etc. about the incident and educate all the staff about the precaution to be taken in future.|
Ethics Policy- Ideal contents
|1.||Background||The company is committed to ensure that its business is conducted, in all respects and all the times, according to rigorous ethical, professional and legal standards, which prevail from time to time. The Company is also committed to create a workplace, at all of its working locations, that, all the times, is free from harassment and discrimination, where co-workers are respected, and provided an appropriate environment so as to encourage good performance and conduct. To achieve this goal all Employees are expected to:
|2.||Purpose||The purpose of this Policy is to provide guidance to all stakeholders of the Company on how and in which manner one should conduct while undertaking business on behalf of the Company. The list is not exhaustive and in case of doubt, you must contact HR for the guidance.
A breach of the Policy may result in disciplinary action.
The personal and professional behavior of stakeholders shall confirm to the standards expected of persons in their positions, which includes:
|Conflict of Interest:
Each stakeholder is expected to avoid situations in which his or her financial or other personal interests or dealings are, or may be, in conflict with the interests of the Company. Accordingly, the Company expects its
If, under any circumstance, Stakeholders personal interests’ conflict with those of the Company’s’, in all such cases the Employee must seek advice from his or her reporting/ reviewing manager or from senior management.
|Confidentiality of Information
All stakeholders should enter into “Confidentiality Agreement” that explains which information is obtained through normal course of business or available at public domain and information that should be strictly kept confidential which you are acquiring due to your engagement with the company and be considered as intellectual property.
|Integrity of Financial Information
All stakeholders generally have complete and accurate financial information in order to make informed decisions. Everybody has a responsibility to ensure that all such information should never be shared with outsiders under any circumstances.
|Protection and Use of Company Property
All stakeholders are responsible for protecting and taking reasonable steps to prevent the theft or misuse of, or damage to Company’s assets, including all kinds of physical assets, movable, immovable and tangible property, corporate information and intellectual property such as inventions, copyrights, patents, trademarks and technology and intellectual property used in carrying out their responsibilities; and all such assets shall be applied only for Company’s legitimate business interests.
|Acceptance of Gifts and Other Benefits:
Stakeholders should not give or accept gifts, entertainment, hospitability, loans, or any other personal benefit or privilege or any other benefit or preferential treatment from any existing or potential customer, supplier or business associate of the Company
It is unacceptable to directly or indirectly offer, pay, solicit or accept any kind of inducements or bribes. Any attempted transaction of this nature should be immediately reported your immediate superior.
The Company is committed to provide a work environment that is free of inappropriate behavior of all kinds and harassment on account of age, physical disability, marital status, race, religion, caste, sex, sexual orientation or gender identity. All stakeholders should support the Company in its endeavors to protect
others from any form of such harassments.
|Alcohol & Substance Abuse:
The use or possession of alcohol, illegal drugs, and other controlled substances in the workplace and being under the influence of these substances on the job and during working hours is strictly prohibited.
|4.||Accountability||All stakeholders must understand and adhere to the Ethics Policy. They must:
Whistle blower Policy- Ideal contents
|1.||Background||When we have concerns about the frauds, it is always difficult to deal with the situation. One may be worried about talking to someone or if that is the right person to talk to. Whistle blowing policy is primarily for these concerns where interests of others or the organization are at risk.|
|2.||Scope of work||The policy applies to all stakeholders of the company. It is impossible to exhaustive list of activities that could cause concern but should include:
|3.||Protection||If you raise a genuine concern without any malicious intent, you will not be at risk of losing your job or suffering from any form of retribution as, provided you are acting in good faith.|
|4.||Confidentiality||Your will not be disclosed without your consent. If it is required to be disclosed in the court, you will be given full legal assistance to protect your interest.|
|5.||Anonymity||In order to protect all stakeholders from abuse, the company will not accept anonymous reports. If you are not confident of talking to your superiors, you can write directly to BOD.|
|6.||How to handle the matter||Once the concern is raised, an internal enquiry or formal investigation will be initiated. You will be kept informed at all stages and you will be asked to cooperate or give suggestions if need be. If you are dissatisfied with the outcome, you can launch another formal request for further investigations.|
|7.||Conclusion||It is important that all suspected fraud/frauds are promptly, and vigorously investigated and appropriated action is taken. Proven frauds can ultimately result in termination.|
Fraud Response Plan- Ideal contents
|1.||Purpose||The purpose is to ensure timely and effective action is taken in the event of fraud. The plan aims to help minimize losses and increase the chances of successful investigation. The plan is designed to enable company
|2.||Initial Inquiry||When someone says that there is a suspected fraud, one can do initial verbal enquiry with parties involved and find out if there is a merit is pressing further investigations.|
|3.||Actions||As soon as you find or suspect fraud, act swiftly and file first written report on the same day. It should cover
|4.||Communications within the company||Inform Chairman of the Audit Committee, VP finance/CFO, HR and the line managers involved. Depending on the gravity of the fraud/suspected fraud, Chairman of the Audit Committee can decide whether to involve Police and if yes at what stage.|
|5.||Protection of the evidences||In order to proceed legally, the evidence protection is importance. Hence
|6.||Appointing investigation manager||If by this time, a prima facie evidence has been established, it is time to appoint investigation to manage with defined powers and responsibilities. The terms of appointment should also give instruction in regard to other support he can seek within the company or from outside. It should also define its reporting time lines and authorities.|
|7.||Police Involvement||Police can be involved in two case – first only in advisory role as to how to go about investigation and secondly when you want to take criminal/civil action against the fraudsters. Chairman of the audit Committee should decide on the role, he wants Police to play by keeping all other authorities in the company fully informed.
If it is decided to involve police, you need to cooperate police at stages and appear in the court of law. Company may take help of lawyers.
|8.||Noting down the frauds||Internal Auditors should maintain Fraud Register to be held by HR and should update the same with all minute details including value, people, dates, periods, etc.|
|9.||Postmortem||Internal auditor should prepare a summary report and circulate the same to all offices with appropriate details. He should also revisit internal control systems to strengthen the system.|