Monitoring fraud and misconduct in the era of digitisation

KUALA LUMPUR, 11 August 2020 - While having a digital workspace have benefited organisations in many different aspects, risks and roadblocks may also be present to those unfamiliar with the new business setting. This creates a looming gap that may be overlooked by management teams who are occupied with other more urgent matters.

In a live webcast on ‘Monitoring fraud and misconduct in the era of digitisation’, Oo Yang Ping, Deloitte Malaysia Forensic Leader and guest speaker Fransesco Argento, CEO and co-founder of Ezyspark explored how businesses manage the risk of fraud and misconduct to create a secured digital working space in safeguarding the interests of their key stakeholders.

Over 50% of the respondents agreed that COVID-19 has accelerated their organisation’s digitisation progress.

Prior to COVID-19 outbreak, digitisation may not have been treated as a top priority for many businesses as it was thought to be either a good-to-have or mission impossible, due to the perceived challenges.

However, in a social distancing environment, going digital is now a matter of life and death for many businesses. It was evident that organisations with digital workspace were able to reduce disruption at work during the MCO period whereas those without, had to quickly adopt digital tools to resume business activities to a certain level.

Over 1/3 of responses indicated that their organsation had experienced an incident of fraud over the last 12 months, or expected more incidents of fraud in the upcoming months. This is consistent with our experience from past financial crises.

Broadly speaking, there are two reasons why fraud is likely to be on the increase in the current scenario. First, the disruption caused by the pandemic and restrictions on ‘normal’ business procedures may result in previously undetected fraud coming to light. For example, a bad actor may have relied on forging certain paper trails that have gone digital, or may not have taken leave for some time (a common fraud red flag) but is now unable to cover their tracks when working from home.

Secondly, these challenging times have placed significant economic and financial pressure on companies and individuals, which may cause some to rationalise illegal or unethical behavior as a means to ‘safeguard the company’ or ‘protect jobs’. There is also greater opportunity for fraud as controls and monitoring processes may be adjusting to the ‘new normal’.

Organisations should thus be prepared for an increased risk of fraud. A recent publication by the Association of Certified Fraud Examiners (ACFE), “Fraud in the wake of COVID-19”, highlights cyber fraud, fraud by vendors or sellers, and payment fraud as the top three frauds that are expected to rise in the coming year.

With fraud and misconduct on the rise, not to mention the recent advent of corporate liability provisions in Malaysia for corruption, it is not surprising that the overwhelming majority of responses indicated that they had a whistleblowing mechanism in place.

Studies show that employee tips are the most effective method of identifying fraud, with the ACFE 2020 Report to the Nations stating that 43% of workplace fraud and misconduct was identified this way, more than management review, internal audit, and external audit combined!

What is surprising is that many organisations still rely on internal whistleblowing mechanisms. As whistleblowers may feel “at risk” for whistleblowing, they are often keen to protect their anonymity and may shy away from lodging a report through an internal whistleblowing channel for fear of being ‘found out’. Ironically, an internal whistleblowing process may give an organisation a false sense of security especially if there is a low number of reports received. The organisation may draw the potentially incorrect conclusion that there is nothing to report, rather than consider the possibility that reports are not being made due to concerns that there may be reprisals against whistleblowers.

An external independent whistleblowing process is more robust and more cost-effective. By outsourcing the whistleblowing process to an independent third party such as Deloitte, with dedicated specialists in this area, organisations benefit not just from a more robust reporting capability which should engender more trust from their employees, they also benefit from greater language capability and 24/7 coverage. Core to our whistleblowing service capability is the Deloitte Halo whistleblowing solution, which provides clients with a secure confidential portal, with advanced case management features and analytics to help identify patterns and trends.

To help our clients address these matters, Deloitte has published a series of articles around the theme of “Fraud in Volatile Times” which are available on our website. You can also find out more about Deloitte Halo and our whistleblowing services in the hyperlinks.

About Deloitte

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms, and their related entities (collectively, the “Deloitte organization”). DTTL (also referred to as “Deloitte Global”) and each of its member firms and related entities are legally separate and independent entities, which cannot obligate or bind each other in respect of third parties. DTTL and each DTTL member firm and related entity is liable only for its own acts and omissions, and not those of each other. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more.

Deloitte is a leading global provider of audit and assurance, consulting, financial advisory, risk advisory, tax and related services. Our global network of member firms and related entities in more than 150 countries and territories (collectively, the “Deloitte organization”) serves four out of five Fortune Global 500® companies. Learn how Deloitte’s approximately 312,000 people make an impact that matters at www.deloitte.com.

Deloitte Asia Pacific Limited is a company limited by guarantee and a member firm of DTTL. Members of Deloitte Asia Pacific Limited and their related entities, each of which are separate and independent legal entities, provide services from more than 100 cities across the region, including Auckland, Bangkok, Beijing, Hanoi, Ho Chi Minh City, Hong Kong, Jakarta, Kuala Lumpur, Manila, Melbourne, Osaka, Shanghai, Singapore, Sydney, Taipei, Tokyo and Yangon.

About Deloitte Malaysia
In Malaysia, services are provided by Deloitte PLT (LLP0010145-LCA) (AF0080), a limited liability partnership established under Malaysian law, and its affiliates.

© 2020 Deloitte PLT