The outbreak of COVID-19 continues to stir devastating impact and consequences all across the globe. The sheer number of infected individuals increases every hour, and in various countries, healthcare systems are under high-pressure. Amidst the chaos, the stock markets have undergone their worst weeks ever since the financial crisis of 2008.
It is not really challenging to comprehend as to how and why the coronavirus crisis may possibly present itself as a breeding ground for fraud. The combination of health and financial risks makes every individual more susceptible and creates possible prospects for active fraudsters. In several countries, it has already been reported that criminal gangs have begun targeting abandoned commercial properties to steal supplies, goods, and stockpile. How long before employees get tagged for being guilty of misconduct?
‘Businesses need to implement Governance Risk And Compliance strategies to assess how their employees may respond to the severe industrial pressure brought on by the distinctive economic situation amidst COVID-19.’
Considering different market studies, reports, and survey, we have observed the following key pressure points that increase the risk of frauds in the present business landscape:
Risk of onboarding third-parties that are not entirely inspected and vetted, resulting in doing business with untrustworthy, unreliable or even restricted groups.
Working with newly recruited representatives/agents, due to either a closure with existing associates or the lack of an entity’s ability to deliver the required volume of work.
Pressure of introducing and bringing in old or new products promptly and quickly into the market.
Issues with regulatory authorizations and approvals, Key IP issues, Supply chain functions, financial assistance has increased.
Dealings with government officials in higher-risk jurisdictions, including those with many who are not skilled for such interactions can lead to miscommunication and have severe implications.
Executives are more dedicated towards operational measures, rather than prioritizing governance risk and compliance procedures to thwart fraud.
Temporary allocation or transfer of staff into operational activities may result in understaffing for preventative functions.
Illness among the labour force and time off from work will give rise to issues of capacity management, and replacements retrieval procedures.
Ongoing investigations are ceased for the time being due to lack of resources and emphasis.
Business models are challenged, and budgets are lowered for any activity deemed as ‘non-essential.’
In the present state of affairs, every business is exploring how to save more, and one of the direct and immediate actions is to cut jobs or decrease costs to employees. As practice and experience have demonstrated, for a few employees, this may establish a reason to commit fraud.
The current phase is precisely not the right time to neglect your compliance risk management programme, especially as law administrations have warned about a general increase in fraudulent activities. Here, we explain some fraudulent schemes that have been circulating:
Employing third parties that are not fully vetted and inspected.
Involvement with dishonest third parties for personal gain.
Presenting duplicate invoices for completed work, which are not appropriately examined and authenticated by businesses.
Invoicing for incomplete or fake work may not be detected due to momentarily weakened controls.
Giving bribes or getting involved in illegal activities on behalf of the business/entity.
With the removal of control measures to prioritize focus on operational functions of a business, risk and compliance issues, including asset misappropriations and misuse, can take place in the following forms:
Stealing or theft of cash, for example, petty cash, operational cash.
Robbery or burglary, for example, warehouse theft.
Exploitation or stealing data, which also includes tempting employees to duplicate sensitive data such as client and customer lists, pricing estimates, and business valuations.
Disbursement and payments of invoices devoid of traditionally customary approvals.
Operating the new normal would require compliance risk management to tackle the onset of implications arising out of the COVID-19 disruption. The following divisional questions can help you realize the need to prioritize your business governance, risk and compliance functions.
Are your employees capable of performing daily duties and work remotely? Are digital signatures utilized? Can the employees authorize procedures without encountering physical restrictions?
Is there adequate supervision, surveillance and control over overseas, foreign or external operations?
Are there necessary compliance risk controls in place to avoid data breach by employees operating remotely?
Do you perform regular reprioritization of the presented risks? In our experience, risks related to extravagant donations, gifts and entertainment will be lower, but third-party related risks concerning supply chain management will be higher. Are essential controls in place to mitigate such risks?
Did you evaluate your businesses’ reliance on third-party entities? Is there any such association that does not have the capacity or bandwidth to deliver desired results? If yes, will you have enough time to execute the standard vetting process before onboarding any new third parties?
Has the shift, alteration or reduction in resources and reserves increased the risk of physical misappropriation and misuse of company assets?
Did you involve any governance, risk and compliance, or legal GRC SAP, or compliance risk management investigation teams as a control response taskforce?
Do you send out risk reminder messages to the workforce stating that even during such crisis, zero tolerance to fraud still applies which necessitates employees to report any dubious or suspicious behaviour or fraud?
Are the individuals dealing with government officials trained and groomed regarding their abilities about what they are allowed to do and not to do?
Is the business/entity eligible for any kind of government aid or relief? Is there a risk which has conditions for eligibility but is partly fabricated?
Is the business/ entity applying for and Swiss government-financed loans? Is there a probability that cash merging and intercompany loan setups are altered?
Is there enough control, regulation and supervision over transactions like bank transfers and specified authorization measures?
Each day board representatives face a progressively volatile, undefined, intricate and ambiguous business landscape. To successfully traverse the market environment, it is necessary sometimes to implement dramatic operational and functional shifts and crises. Businesses must continue to stay resilient and forward-looking by realizing the need for Governance, Risk and Compliance Management.
TRC Corporate Consulting’s Governance, Risk and Compliance management (GRC) services support clients to tackle the wide-ranging issues of corporate business governance, enterprise risk supervision, and effective corporate compliance regulations. Our team of experts also provide specialized aid in critical functions such as financial reporting, taxation, human resource management, and organizational consulting, and financial advisory services.
We help businesses recognize, remediate, supervise, develop and administer risks and compliance functions. Additionally, we also practice directing and managing the resource utilization, compliance risk management processes and overall operational transparency to improve the organization’s complete GRC efficacy and enable cost savings. For any queries, contact our team!