The purpose of a fraud risk assessment is to contribute to the identification, assessment and testing of fraud risk related controls, and is aimed at identifying actual, potential and/or perceived fraud risks within the organisation.
The aim is not only to assess those areas where frauds have been committed or perceived to have been committed and listed in the organisation’s fraud risk register, but should ideally also include areas that may be impacted, or may be vulnerable to fraud related activities perpetrated by, or resulting from unethical or inappropriate practices emanating from internal and/or external sources.
Fraud risk assessments should consider all areas of business and business continuity when assessing the risk of fraud within its environment. These assessment should also consider, the local, regional, and global impact that the economy, organisational and social culture and political influences may have on the likelihood of fraud occurring within the organisation.
In brief, the purpose of a fraud risk assessment is to create a platform through which an organisation will be able to identify, react to, and monitor the actual, potential and/or perceived vulnerabilities and related mitigation implemented thereafter, within the organisation, or its various departments, and business units.