acfe fraud prevention check-up - BKD
acfe fraud prevention check-up - BKD
acfe fraud prevention check-up - BKD
- No tags were found...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
PR4-Workforce ManagementPR4.1 Define Roles, Responsibilities & Duties in relation to <strong>fraud</strong> risk management responsibilities includingsegregation of duties and avoidance of conflicts of interest.PR4.2 Screen & Select Workforce using selection criteria that minimize the risk of future <strong>fraud</strong>ulent conduct based,in part, <strong>up</strong>on the results of background <strong>check</strong>s and how the history of any prior inappropriate or unlawful conductrelates to the responsibilities of the position for which the individual is being considered.PR4.3 Evaluate Performance & Promote Workforce based <strong>up</strong>on criteria that includes ethical and legal conduct anddoes not provide incentives or inducements to <strong>fraud</strong>ulent or corr<strong>up</strong>t conduct.PR4.4 Compensate & Reward Workforce according to policies and practices that do not provide an incentive orinducement to commit <strong>fraud</strong> or corr<strong>up</strong>tion.PR4.5 Retire & Terminate Workforce in a manner consistent with <strong>fraud</strong> policy and using exit interviews as a finalconfirmation that all organizational assets have been returned, that confidential records have been returned ordestroyed in accordance with policy and identifying <strong>fraud</strong>ulent, corr<strong>up</strong>t or otherwise inappropriate behavior.PR6-Risk Sharing & InsurancePR6.1 Design and Implement Risk Sharing & Insurance to protect the entity at an appropriate level based <strong>up</strong>on theentity’s risk tolerance after assessment of residual <strong>fraud</strong> risk not mitigated by controls, policies, and procedures.PR7-Preparedness & PracticePR7.1 Design Preparedness Exercises that afford an opportunity to practice response activities <strong>up</strong>on the detection of<strong>fraud</strong> or corr<strong>up</strong>tion, including public disclosure and regulatory reporting.PR7.2 Conduct Preparedness Exercises to determine if planned approaches need to be modified to better protectagainst <strong>fraud</strong> risk, particularly reputational risk.M-Ongoing MonitoringM1-Control Assurance & AuditM1.1 Monitor Controls, Policies & Procedures through individuals assigned with such responsibility as periodicallyreviewed by internal audit, escalating detected issues through appropriate procedures for investigation, responseand remediation.M1.2 Survey Employees and Other Stakeholders as an additional <strong>check</strong> on whether the anti-<strong>fraud</strong> program iscreating the appropriate culture and is operating effectively, including questions related to whether there has beenobserved <strong>fraud</strong>ulent or corr<strong>up</strong>t behavior, whether such was reported, and whether the discipline/response has beenconsistent, decisive and timely.M2-Hotline & HelplineM2.1 Define Hotline/Helpline Approach to consistently address concerns and issues through the validation,investigation, resolution, and remediation processes whether identified through audit or a report of suspected<strong>fraud</strong>ulent or corr<strong>up</strong>t conduct.M2.2 Provide Hotline that allows the entity to receive reports of suspected <strong>fraud</strong>ulent or corr<strong>up</strong>t conduct both on anidentified and anonymous basis.M2.3 Provide Helpline that allows both internal and external stakeholders to obtain guidance on whether observedor suspected conduct constitutes <strong>fraud</strong>ulent or corr<strong>up</strong>t conduct, and thus should be reported or otherwise addressedin accordance with applicable policies and procedures.75