In the first article of this series I discussed certain traits that are common to many of those who commit fraud and certain warning signs that employers should be aware of. This article suggests what an organisation should do when employee fraud is first suspected.

For many, employee fraud is something that only happens in other organisations. Few expect fraud to occur in their workplace. They trust their colleagues and believe the controls and procedures in place will prevent anything untoward from happening. However, it is becoming an increasingly common fact of business life that organisations will, sooner or later, suffer from employee, or "insider", fraud.

As discussed in the first article of this series, the risk of employee fraud increases during a difficult economic situation. When a fraud is suspected or discovered, very few organisations have a fraud response plan in place to deal with any allegations. Most will have a business continuity plan, to address scenarios such as IT failure, but what should an organisation do in the event of fraud?

Indeed, when Ernst & Young recently conducted a survey of Channel Island organisations, we found that only one in four had a formal fraud response plan.

The first 24 hours after a fraud is initially suspected or discovered are a critical period in any investigation. Unfortunately, it is also the time when an unprepared organisation tends to make the most mistakes. A lack of clear thinking can result in some poor decision-making. This can, in turn, result in evidence being compromised, potentially damaging any prospective litigation against the suspect.

Initially the alleged fraud can appear small in quantum and reach, but this is often the tip of the iceberg. Therefore, it is best practice to handle all investigations as if they will ultimately end up in a court of law.

Identifying and securing evidence is a key step in any investigation. I have often seen cases where evidence, and, therefore, any future legal case against the suspect, can be irreparably damaged by the actions of well meaning, but inexperienced, staff.

For example, IT evidence is particularly fragile. It can be distorted and its evidential value compromised by a single keyboard stroke. A common mistake is for staff members (often members of the IT department) to 'have a look' at the suspect's computer records.

While IT staff may have the technical skills to be able to access data, what they may not realise is that just by switching on a laptop or opening a computer file they change its "metadata" or electronic history. Such a small change could ultimately devalue the evidence in the eyes of the court. Forensic technology specialists are vital if evidence is to be properly secured.

Just as an organisation may have a business continuity plan in the event of IT failure, so it should have a fraud response plan. This will help minimise the risk of indecision or errors of judgement in the event of fraud, providing management with a clear set of procedures to follow. A fraud response plan would also help minimise the risk of financial and reputational damage.

A strong fraud response plan will cover everything from the first steps taken to secure evidence through to pursuing asset recovery, notifying relevant stakeholders and reviewing controls to develop an organisation's 'forensic memory'.

In addition to bringing in external or internal legal advisers, a plan should include procedures for the mobilisation of on-call investigation and forensic technology teams. This could be a specialist internal resource or an independent, external third party advisor.

When a fraud is first suspected or discovered, many organisations can take actions they later come to regret. It is important that you respond quickly and decisively. A thoroughly considered, and regularly tested, fraud response plan will put an organisation in the best possible position, helping to ensure mistakes are not made in those crucial first few days.

Finally one must not forget that, despite allegations of fraud, there may in fact be no wrongdoing. Equally, the finger of blame might be pointing at the wrong person. Should either scenario occur, protracted and expensive legal proceedings may ensue against an employer who has not taken measured action and expert advice.

This is the second of three articles related to employee fraud. The first article dealt with spotting the warning signs while the next article will deal with learning lessons from the past and forensic memory.

The author is a senior manager, Fraud Investigation and Dispute Services (FIDS), Ernst & Young Channel Islands. She was recently in Malta to deliver a talk on the changing landscape of fraud.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.