Corporate fraud and corruption are a reality of the times, and unfortunately it’s an organisation’s employees that are the major risk factor for fraud. It is the naïve employer who believes that all his employees are honest and that internal fraud cannot happen within his business.
So says Paul Marketos, MD of Bluekey Software Solutions, a local technology company that specialises in the implementation of SAP Business One.
“In South Africa, and indeed like in most countries, a great percentage of corporate fraud is internal. Prevention is most certainly the best way of managing fraud. The tighter the fraud prevention controls and procedures, the harder it is for unscrupulous employees to take advantage. Companies, including smaller businesses, are increasingly realising that controls and procedures must be stepped up to prevent fraud and corruption from within their ranks,” says Marketos.
He says that enterprise resource planning (ERP) systems have significant fraud-prevention and busting potential.
“ERP can assist companies in ensuring compliance with legal requirements and accounting rules. And, if you consider that many cases of internal fraud result from the abuse of the accounting system, it is plain to see how ERP can assist a business in mitigating fraud.
“Manual systems are wide open to abuse because documentation can ‘get lost’ or changed, and there’s no audit trail. With an ERP system in place, companies get tighter control of processes and the benefit of comprehensive audit tracking. Alerts on certain fields can be built into the system so that, if for instance, banking details on an account are changed, an email can be sent to someone in authority to check if the change was legitimate. So, ERP is also a good way of catching people out as well.
“ERP can also be used to enforce segregation of duties and strict authorisation and approval mechanisms, which prohibit fraudsters from performing functions they are not authorised to do. A good example is to have different people capture goods receipt notes and supplier invoices. Modern tools like electronic funds transfers can also be automated to remove the need for, and risks around, cheques,” explains Marketos.
SAP Business One is particularly helpful as a fraud-prevention control for mid-sized enterprises. It offers all the fraud-stopping benefits of the big, bells-and-whistles ERP solutions. For instance, it allows for multi-layers of authorisation to be imposed, segregation of duties and audit tracking.
The solution is also highly customisable which means that an organisation can tailor user permissions, red flag alerts, as well as control and authorisation mechanisms to suit its individual requirements.
“SAP Business One enables companies to gain tighter, stricter control of processes and the people who use the system. With tighter controls, there’s less likelihood of fraud occurring unless there is some sort of collusion between employees. Fraud is also more easily detected,” comments Marketos.
He warns, however, that companies – even those with an intelligently-applied ERP solution in place – should never become complacent.
“ERP is a helpful preventative measure for reducing the chances of fraud and other irregularities. But, it is crucial to bear in mind that even the best-designed systems have vulnerabilities that can be manipulated by cunning fraudsters. Furthermore, the higher the level the fraudster is in the organisation, the easier it becomes for them to circumvent the anti-fraud controls that are in place.
“It is also important to remember that procedures outside of the accounting system are also open to abuse. ERP can by no means protect a business against theft occurring because of lack of control over who is allowed access to the stock room and whether or not it is securely locked.
“Unfortunately, the more sophisticated companies are in the measures they implement to combat fraud, the more conniving fraudsters become. Companies need to be proactive and vigilant at all times.”