Q and A: Vladimir Chugunov views on – fraud’s global impact during a post –pandemic scenario
Public Spectrum caught up with Vladimir Chugunov to talk about his insights on pressing issues related to fraud on a global scale especially during the COVID-19 pandemic.
What are the most common impacts of fraud to a business’ reputation?
Vladimir Chugunov: From my experience, the first discoveries of fraud typically lead to some sort of sobering shock to executives. Some organizations believe that they instill a “good culture” and “people come here to do the right thing”. They think that somehow their organizations are immune to fraud.
I would highlight the direct financial impact of fraud, at times the disillusionment and disappointment in management abilities of certain key staff, on whose watch the fraud has happened. Each fraud case should be the foundation for major organizational learnings.
The impact of fraud to a business reputation depends on the type of fraud, who was affected, who perpetrated, etc. If we are talking about fraud on behalf of organizations, such as bribery as a means of doing business or deceit towards business partners, the fraud impact should be self-explanatory. Fraud against organizations can be handled differently and with appropriate communication strategy can actually enhance business reputation both internally and externally.
What are the 3 attributes of an organization which makes them vulnerable to fraudulent crimes? How can businesses mitigate negative impacts?
Vladimir Chugunov: Number one on my list would be the belief that your organisation is immune to fraud. That wrong affirmation is one of the opening gates to a variety of issues. If you never had a proper internal audit or probity into critical business areas, you don’t know what you don’t know. Seek expert help, an appropriate external company or hire a fraud specialist.
Second is the lack of constant detection efforts. I’ve seen on multiple occasions that companies spend too much effort on awareness, general prevention and sometimes on investigations. Lack of detection efforts is the lack of proactivity. It means that organizations might be suffering from “undiagnosed” fraud for many years, absorbing it without noticing.
Third is the “narrow” definition and interpretation of fraud. Some specialists drop their efforts if the activities, symptoms, phenomena they uncover or unwittingly observe does not fit the legal definition of fraud (“We won’t be able to prove that”). The issue here is that we frequently have imperfect information. There are cases that companies can’t pursue in court but can stop internally because they have grounds to believe these transactions are effectively fraudulent or otherwise deceitful.
How did COVID-19 influence the perspective of fraud in the world?
Vladimir Chugunov: Some associations might do substantial research on this topic. My perception is that the same principles apply, it is just that there is some increase in cybercrime or various computer or technology-assisted fraud schemes and scams.
There are certain risks emerging from the fact that suddenly almost all employees in certain organization s have access to data and systems outside of their office buildings. Pre-COVID there has been some implied oversight from peers and supervisors, especially in most office spaces, and control over networks to protect digital and other assets.
The urgency of COVID have not left much time for companies to think through carefully the implications of that on information security, including an inability to closely monitor what is happening on those devices used from home.
How can internal audit help protect an organization against fraud?
Vladimir Chugunov: There are many ways internal audit can help protect an organization against fraud. Worth mentioning that international standards of internal auditing state that “internal auditors are not expected to have the expertise of a person whose primary responsibility is detecting and investigating fraud” (IPPF, 2017). Nonetheless, I’d highly recommend continuously expanding the understanding of fraud to all internal auditors. There is at times a very blurry line between an innocent error and fraud. Internal auditors sometimes stop at the point of identifying a weakness or irregularity without trying to associate those with intent and link with other data.
We need to keep in mind that each organization’s circumstances will be different, some larger businesses would have dedicated anti-fraud specialists potentially with a well-developed anti-fraud programme. But generally speaking, the contribution of internal audit to the fight against fraud can be made through identifying gaps, weaknesses in processes (“this can happen”), supported by actual discovery of fraud (“it happened”). The latter part is more convincing to stakeholders to foster change.
Internal auditors may also think about contribution in terms of fraud prevention, detection and investigation. In each of these areas there are plenty of initiatives to undertake. If you ask me to pick one out, that would be implementing, improving, monitoring and raising awareness of a whistleblowing hotline mechanism.
Internal auditors may assist with identifying patterns and recommending certain remediation steps to improve the internal control system. We must not forget that the latter has some significant limitations, such as the possibility of management override or collusion, therefore, continuous monitoring is an area internal auditor can explore additionally.
Internal auditors should exercise professional skepticism and consider that fraud can be present in any transaction or process. Internal audit can leverage tremendously its ability to access various data and apply critical thinking when performing reviews.