Fraud risk management addresses the end to end implementation of a fraud risk mitigation program aimed at addressing actual, potential and/or perceived fraud risks throughout an organisation. These practices should ideally include all aspects of the business to be effective in dealing with fraud related activities.
The fraud risk management program should be aligned with the organisational risk strategy, related risk appetite, and the ethical culture displayed by all in the organisation, including business partners, senior and executive management, directors, and shareholders (tone-at-the top).
The implementation of an aligned Fraud Risk Management program should provide assurance to staff, managers, senior managers, executive, shareholders and other stakeholders alike that the management of Fraud Risk is uniformly applied throughout the organisation.
The fraud risk management program includes the implementation of fraud prevention, fraud detection and fraud response programs. These activities are pro-active and reactive in nature, and addresses fraud risk at different levels within the ethics-compliance environment.
As a starting point in the implementation of a fraud risk management program, it is advised that a fraud risk assessment be performed to determine the level of fraud risk maturity and/or exposure of an organisation to related risks.