Risky business - protecting your organisation from risk and fraud
Watts Gregory in association withWCVAPROTECTING YOURCHARITY FROM RISK ANDFRAUD
Watts Gregory in association withWCVACharity in insurance shockA charity that works with children at risk says it maybe forced to close because it cannot affordrocketing insurance costs. The Atlow Mill Centrenear Hognaston, Derbyshire, faces an increase ofalmost £15,000 in its insurance premium.
Watts Gregory in association withWCVAStaff shortagesHomeless centre needs volunteersA shortage of volunteers has left a Lincoln-basedcharity for the homeless in crisis. The NomadTrusts night shelter, day centre and fundraisingshop are all short of staff.
Watts Gregory in association withWCVARedirected giving?Tsunami aid threat to charitiesCancer Research Wales is urging peopleto remember that their money is still neededfor other causes.
Watts Gregory in association withWCVAWhat is risk? The uncertainty surrounding events and their outcomesthat may have a significant effect, either enhancing orinhibiting: Operational performance Achievement of aims and objectives Meeting expectations of stakeholdersThe possibility that something will happen to stop you doingwhat you plan to do
Watts Gregory in association withWCVADeveloping views of risk Traditionally fraud, fire, accidents etc – theanswer being insure and have a disaster plan. Now much wider – above + financial,reputational, legal and many other risks.Risk management is now an ongoing, pro activeprocess.
Watts Gregory in association withWCVAWhat sort of risks need to beconsidered? Big issue risks Reputational risk Failure to deliver on major strategic aims Losing major funder Going “bust”
Watts Gregory in association withWCVAHow can risk be managed? Accepting Transferring Managing or mitigating Avoiding 4 Ts - tolerate, transfer, treat or terminate
Watts Gregory in association withWCVATypes of risk Governance risks Operational risks Financial risks External risks Compliance with laws and regulations
Watts Gregory in association withWCVAThe role of the trustees Buck stops with trustees Delegate to managers / team But “delegation not desertion”
Watts Gregory in association withWCVAEstablish a risk policyRisk is an inherent feature of all activity but thereare degrees of risk and differing organisationswill have differing capacities to absorb risk.
Example – P4 of notesChristian charity planning to open a newcoffee / bookshopWatts Gregory in association withWCVA
Watts Gregory in association withWCVAIdentify risks and controls Ask key questions – BIG questions Understand key uncertainties Brain storm Consult internally Consult externally
Watts Gregory in association withWCVAAssess the risks Likelihood of occurrence Severity of impactScore and prioritise
Examples – P5 of notes Oxfam Holidays for deprived childrenWatts Gregory in association withWCVA
Watts Gregory in association withWCVAEvaluate what action needs tobe taken Consider the risk – “Gross risk” Review existing controls Establish the remaining risk – “Net risk” Accept, transfer, manage, avoid
Example risk checklistAppendix 1Watts Gregory in association withWCVA
Watts Gregory in association withWCVAManaging risk by embeddinggood controls Appropriate authorisations Accurate recording Timely recording and reporting Bank reconciliations and control accounts Management information
Watts Gregory in association withWCVAPeriodically monitor and assess New risks New projects Post mortem on past failures Communication to team and trustees Annual review
Watts Gregory in association withWCVAGovernance andmanagement riskAre you an effective trustee body?
Watts Gregory in association withWCVAFinancial risk Income flow Cost control Good records Reserves policy / actual reserves Taxes
Watts Gregory in association withWCVACONCLUDING COMMENTS Don’t major on minors – hit the big issues Risk is not just about financial matters – think ofthe wider issues Be a well run organisation – this automaticallyreduces risk
PROTECTING YOURCHARITY FROMFRAUDWatts Gregory in association withWCVA
“WE ARE ALL NICE PEOPLEAND WE TRUST EACHOTHER”Watts Gregory in association withWCVA
BUT WHAT ABOUT ... The FD of Family Care who stole £76K The FD of RFEA who faked invoices tosiphon off £43K to fund his gambling The accountant at ECML who stole £562Kover 5 years by forging signatures andcreating fictitious invoices The treasurer at an Arts Festival whopocketed £25K of entry feesWatts Gregory in association withWCVA
INCIDENCE OF FRAUD 314 cases of serious fraud with costs ofover £100K went before the UK courts in2010 with a total cost of £1.3bill. £1.1bill of fraud went before the courts inthe first 6 months of 2011. It is estimated that fraud costs the UKeconomy £73bill annually.Watts Gregory in association withWCVA
FRAUD IN CHARITIES Charities lose on average 2.4% of theirincome to fraud £1.3 billion loss to the sector as a wholeWatts Gregory in association withWCVA
IS CHARITY FRAUD RIFE???NOWatts Gregory in association withWCVA
IS CHARITY FRAUD ANISSUE??YESWatts Gregory in association withWCVA
RECENT EXAMPLE - AWEMA Too powerful a Chief Exec. Ability to override controls Fix own salary Fix daughter’s salary and appoint her toroles without due process Dubious expense payments Conflicts of interest not managedWatts Gregory in association withWCVA
EXAMPLE – LONDONPHILHARMONIC £2.3 mill fraud by FD Forging signatures on cheques and credit cards False expenses Took 3 years to find Position enabled override of procedures Paid self and falsified records to cover it up Treasurer of local church / ex wife a TorycouncillorWatts Gregory in association withWCVA
TYPES OF FRAUD Income related Expenditure fraud Property fraud Gift aid fraud Etc.Watts Gregory in association withWCVA
THE FRAUD TRIANGLE Motive / incentive / pressure Rationalisation OpportunityWatts Gregory in association withWCVA
BREAKING THE FRAUDTRIANGLE Focus on “opportunity” Implement controls to restrict opportunity Others are tough to break but Don’t contribute to the pressures Recruit good people Be observant / watch for indicatorsWatts Gregory in association withWCVA
HOW IS FRAUD DISCOVERED?Mercia 35% by accident, tip off or customer complaint 45% by formal internal procedures – review,staff whistle blowing, internal audit, suspicioussupervisor, other internal controls 20% other – regulatory bodies, external audit,external controlWatts Gregory in association withWCVA
HOW IS FRAUD DISCOVERED?Deloitte 48% by tip off, whistle blowing etc. 19% by accident 19% internal audit 15% internal controls 11% external audit 3% otherWatts Gregory in association withWCVA
LESSONS Auditors should not be relied on to findfraud Whistle blowing is vital Internal audit and controls are importantWatts Gregory in association withWCVA
FRAUD INDICATORSWatts Gregory in association withWCVA
FRAUD INDICATORS People risks Culture Behaviour Organisational structure OthersWatts Gregory in association withWCVA
TYPICAL FRAUDSTER Male – 85% Aged 36-45 Defraud own employer Work in a finance related role Part of senior management Been in company for more than 10 yearsWatts Gregory in association withWCVA
FRAUD PREVENTION Get the culture right / set the tone Communicate to all Establish robust controls, policies andprocessesWatts Gregory in association withWCVA
FRAUD DETECTION All to take responsibility Risk assessments Staff training, awareness and reporting Watch for warning signsWatts Gregory in association withWCVA
FRAUD RESPONSE Need to act immediately Have a good response plan Process Roles Reporting Disciplinary / other action LessonsWatts Gregory in association withWCVA
TO SUM UP Don’t ignore the dangers – “we are all nicepeople and we trust each other” Get culture right and support it with goodprocesses and systems Be alert to warning signsWatts Gregory in association withWCVA