Though 88 per cent of survey respondents felt a stringent regulatory environment could help reduce instances of fraud in the future, 56 per cent believed incidents of fraud would continue to rise over the next two years. This was reflected in India Inc’s lackadaisical attitude towards sensitising employees on fraud prevention. Only 38 per cent respondents indicated that they organised periodic training programmes for senior management on fraud risk management. Only one-third respondents took legal action against any fraudster.
Most respondents identified two provisions in the company law – the mandatory establishment of a vigil mechanism for listed companies, and greater accountability on board and directors to prevent and detect fraud – as key measures to fight fraud. Diversion or theft of funds or goods, bribery and corruption, and regulatory non-compliance are seen as the top three types of fraud experienced by corporate India over the past two years.
To detect fraud, respondents indicated relying on internal audit reviews (62 per cent), whistleblower hotlines (53 per cent) and IT controls (51 per cent).
The survey noted that actions taken by corporates upon detection of fraud continue to remain conservative – internal investigations (87 per cent respondents), disciplinary action taken against the fraudster (78 per cent) and updation of existing controls (77 per cent).
“Corporate India has traditionally taken a reactive approach to mitigating fraud and complying with regulatory requirements. This is what our survey responses also highlight,” notes Rohit Mahajan, senior director and head, Deloitte Forensic. As part of fraud prevention methods, respondents identified regular monitoring and assessment of fraud risks, conducting due diligence checks, and the use of proactive forensic data analytics as key processes that need to be implemented by organisations as part of their fraud risk management framework.
Interestingly, most survey respondents did not contemplate the danger from emerging fraud risks, such as social media fraud (69 per cent), e-commerce fraud (60 per cent), cloud computing fraud (96 per cent), and virtual-currency fraud (50 per cent). Company executives cited leakage and data loss of confidential company information, fraudulent transactions through usage of stolen or hacked credit/debit card information and liabilities therein, and re-direction of payments to fraudulent accounts for purchase of goods, as among the key risks of doing business online.