Knowledge Center
 White Papers
 Data Sheets
 Advisors Research

Thursday, June 16, 2005

Facing up to fraud - The need for a risk-based approach

Fraud Risk Management

Times are changing fast. In October 2004 the Financial Services Authority (‘FSA’) unveiled its new regulatory approach to dealing with financial fraud. The FSA has now put financial fraud risk management on its agenda of ‘risk-based’ regulation through its existing supervisory regime it will seek to measure and evaluate the degree of compliance with expected best practice. Notwithstanding this announcement, the FSA also published a report in November 2004 highlighting concerns over poor IT security which may be exploited to commit financial fraud through internal or external attacks on firms’ IT infrastructure.

Equally publications such as ISA 240 and the Basel Committee on Banking Supervision’s paper number 96 on Operational Risk have underlined the critical nature of internal and external fraud risks and the need for institutions to have appropriate fraud risk management systems in place with appropriate management responsibility and oversight to manage these vulnerabilities.

It will therefore be increasingly important for management teams to operate in the knowledge that they have reviewed their fraud risk management strategies and methodologies to ensure that they are appropriate and will withstand regulatory scrutiny. Management will need to demonstrate a serious commitment to dealing with financial fraud risk and be able to talk in an informed fashion about their relevant systems and controls within the context of a ‘risk-based’ approach.

Any institution subject to the requirements of Sarbanes-Oxley will already need to be addressing such issues whether as a US listed company or as a ‘foreign-based issuer’.

Reducing the risk of fraud is an achievable corporate objective

Effective fraud risk management and the design and implementation of effective preventative and detective strategies requires a joined-up understanding of the risks associated with a firm’s operational cornerstones – people, process, and technology and a willingness on the part of all stakeholders to face up to the difficult questions of "could it, and might it happen to us – and how?" It also requires adopting measures that transform corporate culture, establish an effective control environment, and secure data assets.

posted by Brian Moran @ 11:22 AM   2 comments

At 1:40 PM, Blogger Rolo said...

I really enjoyed the content on your blog about Risk Management will be back very frequently! I actually have my own Risk Management Exposed blog with all kinds of stuff in it. You�re welcome to com by

At 1:53 PM, Blogger mia said...

Found a lot of useful info on your site about Risk Management - thank you. Haven't finished reading it yet but have bookmarked it so I don't lose it. I've just started a Risk Management blog myself if you'd like to stop by


Post a Comment

<< Home


Powered by Blogger