Risky business - protecting your organisation from risk and fraud


Published on

From Watts Gregory at WCVA's Charity Law Conference 2013

Published in: Economy & Finance, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Risky business - protecting your organisation from risk and fraud

  1. 1. Watts Gregory in association withWCVAPROTECTING YOURCHARITY FROM RISK ANDFRAUD
  2. 2. Watts Gregory in association withWCVACharity in insurance shockA charity that works with children at risk says it maybe forced to close because it cannot affordrocketing insurance costs. The Atlow Mill Centrenear Hognaston, Derbyshire, faces an increase ofalmost £15,000 in its insurance premium.
  3. 3. Watts Gregory in association withWCVAStaff shortagesHomeless centre needs volunteersA shortage of volunteers has left a Lincoln-basedcharity for the homeless in crisis. The NomadTrusts night shelter, day centre and fundraisingshop are all short of staff.
  4. 4. Watts Gregory in association withWCVARedirected giving?Tsunami aid threat to charitiesCancer Research Wales is urging peopleto remember that their money is still neededfor other causes.
  5. 5. Watts Gregory in association withWCVAWhat is risk? The uncertainty surrounding events and their outcomesthat may have a significant effect, either enhancing orinhibiting: Operational performance Achievement of aims and objectives Meeting expectations of stakeholdersThe possibility that something will happen to stop you doingwhat you plan to do
  6. 6. Watts Gregory in association withWCVADeveloping views of risk Traditionally fraud, fire, accidents etc – theanswer being insure and have a disaster plan. Now much wider – above + financial,reputational, legal and many other risks.Risk management is now an ongoing, pro activeprocess.
  7. 7. Watts Gregory in association withWCVAWhat sort of risks need to beconsidered? Big issue risks Reputational risk Failure to deliver on major strategic aims Losing major funder Going “bust”
  8. 8. Watts Gregory in association withWCVAHow can risk be managed? Accepting Transferring Managing or mitigating Avoiding 4 Ts - tolerate, transfer, treat or terminate
  9. 9. Watts Gregory in association withWCVATypes of risk Governance risks Operational risks Financial risks External risks Compliance with laws and regulations
  10. 10. Watts Gregory in association withWCVAThe role of the trustees Buck stops with trustees Delegate to managers / team But “delegation not desertion”
  11. 11. Watts Gregory in association withWCVAEstablish a risk policyRisk is an inherent feature of all activity but thereare degrees of risk and differing organisationswill have differing capacities to absorb risk.
  12. 12. Example – P4 of notesChristian charity planning to open a newcoffee / bookshopWatts Gregory in association withWCVA
  13. 13. Watts Gregory in association withWCVAIdentify risks and controls Ask key questions – BIG questions Understand key uncertainties Brain storm Consult internally Consult externally
  14. 14. Watts Gregory in association withWCVAAssess the risks Likelihood of occurrence Severity of impactScore and prioritise
  15. 15. Examples – P5 of notes Oxfam Holidays for deprived childrenWatts Gregory in association withWCVA
  16. 16. Watts Gregory in association withWCVAEvaluate what action needs tobe taken Consider the risk – “Gross risk” Review existing controls Establish the remaining risk – “Net risk” Accept, transfer, manage, avoid
  17. 17. Example risk checklistAppendix 1Watts Gregory in association withWCVA
  18. 18. Watts Gregory in association withWCVAManaging risk by embeddinggood controls Appropriate authorisations Accurate recording Timely recording and reporting Bank reconciliations and control accounts Management information
  19. 19. Watts Gregory in association withWCVAPeriodically monitor and assess New risks New projects Post mortem on past failures Communication to team and trustees Annual review
  20. 20. Watts Gregory in association withWCVAGovernance andmanagement riskAre you an effective trustee body?
  21. 21. Watts Gregory in association withWCVAFinancial risk Income flow Cost control Good records Reserves policy / actual reserves Taxes
  22. 22. Watts Gregory in association withWCVACONCLUDING COMMENTS Don’t major on minors – hit the big issues Risk is not just about financial matters – think ofthe wider issues Be a well run organisation – this automaticallyreduces risk
  23. 23. PROTECTING YOURCHARITY FROMFRAUDWatts Gregory in association withWCVA
  24. 24. “WE ARE ALL NICE PEOPLEAND WE TRUST EACHOTHER”Watts Gregory in association withWCVA
  25. 25. BUT WHAT ABOUT ... The FD of Family Care who stole £76K The FD of RFEA who faked invoices tosiphon off £43K to fund his gambling The accountant at ECML who stole £562Kover 5 years by forging signatures andcreating fictitious invoices The treasurer at an Arts Festival whopocketed £25K of entry feesWatts Gregory in association withWCVA
  26. 26. INCIDENCE OF FRAUD 314 cases of serious fraud with costs ofover £100K went before the UK courts in2010 with a total cost of £1.3bill. £1.1bill of fraud went before the courts inthe first 6 months of 2011. It is estimated that fraud costs the UKeconomy £73bill annually.Watts Gregory in association withWCVA
  27. 27. FRAUD IN CHARITIES Charities lose on average 2.4% of theirincome to fraud £1.3 billion loss to the sector as a wholeWatts Gregory in association withWCVA
  28. 28. IS CHARITY FRAUD RIFE???NOWatts Gregory in association withWCVA
  29. 29. IS CHARITY FRAUD ANISSUE??YESWatts Gregory in association withWCVA
  30. 30. RECENT EXAMPLE - AWEMA Too powerful a Chief Exec. Ability to override controls Fix own salary Fix daughter’s salary and appoint her toroles without due process Dubious expense payments Conflicts of interest not managedWatts Gregory in association withWCVA
  31. 31. EXAMPLE – LONDONPHILHARMONIC £2.3 mill fraud by FD Forging signatures on cheques and credit cards False expenses Took 3 years to find Position enabled override of procedures Paid self and falsified records to cover it up Treasurer of local church / ex wife a TorycouncillorWatts Gregory in association withWCVA
  32. 32. TYPES OF FRAUD Income related Expenditure fraud Property fraud Gift aid fraud Etc.Watts Gregory in association withWCVA
  33. 33. THE FRAUD TRIANGLE Motive / incentive / pressure Rationalisation OpportunityWatts Gregory in association withWCVA
  34. 34. BREAKING THE FRAUDTRIANGLE Focus on “opportunity” Implement controls to restrict opportunity Others are tough to break but Don’t contribute to the pressures Recruit good people Be observant / watch for indicatorsWatts Gregory in association withWCVA
  35. 35. HOW IS FRAUD DISCOVERED?Mercia 35% by accident, tip off or customer complaint 45% by formal internal procedures – review,staff whistle blowing, internal audit, suspicioussupervisor, other internal controls 20% other – regulatory bodies, external audit,external controlWatts Gregory in association withWCVA
  36. 36. HOW IS FRAUD DISCOVERED?Deloitte 48% by tip off, whistle blowing etc. 19% by accident 19% internal audit 15% internal controls 11% external audit 3% otherWatts Gregory in association withWCVA
  37. 37. LESSONS Auditors should not be relied on to findfraud Whistle blowing is vital Internal audit and controls are importantWatts Gregory in association withWCVA
  38. 38. FRAUD INDICATORSWatts Gregory in association withWCVA
  39. 39. FRAUD INDICATORS People risks Culture Behaviour Organisational structure OthersWatts Gregory in association withWCVA
  40. 40. TYPICAL FRAUDSTER Male – 85% Aged 36-45 Defraud own employer Work in a finance related role Part of senior management Been in company for more than 10 yearsWatts Gregory in association withWCVA
  41. 41. FRAUD PREVENTION Get the culture right / set the tone Communicate to all Establish robust controls, policies andprocessesWatts Gregory in association withWCVA
  42. 42. FRAUD DETECTION All to take responsibility Risk assessments Staff training, awareness and reporting Watch for warning signsWatts Gregory in association withWCVA
  43. 43. FRAUD RESPONSE Need to act immediately Have a good response plan Process Roles Reporting Disciplinary / other action LessonsWatts Gregory in association withWCVA
  44. 44. TO SUM UP Don’t ignore the dangers – “we are all nicepeople and we trust each other” Get culture right and support it with goodprocesses and systems Be alert to warning signsWatts Gregory in association withWCVA