Saket Bhatia, EY Singapore, reports that corporate scandals in Singapore over the last two years put the spotlight on integrity. Incidences of fraud and corruption have serious financial and reputational consequences. Not surprisingly, boards now see anti-fraud and corruption as corporate priorities. More importantly, beyond compliance, companies must demonstrate that they are putting integrity firmly on the boardroom agenda.
The board has statutory and general regulatory obligations to exercise their fiduciary and other responsibilities with care, skill and reasonable diligence. Breaches of these duties can result in criminal and civil prosecutions.
While independent directors (IDs) have the same legal responsibilities as other directors, by virtue of their non-executive capacity, IDs are arguably under greater expectations to provide the checks-and-balances and take on a more active role in challenging management and auditors to ensure that appropriate anti-fraud programs and controls are in place, and that independent investigations are undertaken promptly.
However, IDs face several challenges, including obtaining access to comprehensive information and having limited awareness of emerging fraud, bribery and corruption trends and the prevention and detection tools.
According to the Association of Certified Fraud Examiners’ (ACFE) 2018 Report To The Nation, Asia-Pacific Edition, having an established and documented code of conduct, proactive data monitoring and analysis, surprise audits, routine management reviews and an effective whistleblower hotline were useful measures in reducing the financial losses and time spent resolving fraud-related issues.
This means that boards and IDs must seek to proactively establish and embed principles of effective anti-fraud management into the organization. As the business environment becomes more global and complex, many compliance programs have not kept pace and compliance responsibilities may be “siloed” within different corporate functions. These silos create gaps and inconsistencies in key processes, which significantly undermine the company’s effectiveness in preventing and detecting non-compliance.
While prevention and detection of fraud risks are important, response is just as vital. An effective response plan should include guidance on the internal reporting structure, which outlines the appropriate escalation avenues to senior management and the compliance, legal, human resources and other departments. The plan should also clarify the external reporting obligations to law enforcement agencies, regulators, insurance companies, and include guidance on engaging external parties such as forensic specialists, where necessary.
Organizations must also have appropriate measures for the preservation of evidence so that any information collected as part of an investigation or other legal matters remain admissible in a court of law.