ALARM standard launched to help beat rising tide of fraud

[CARDIFF, Wales] The U.K. public sector risk management association has launched a standard to provide best practice guidance for managing fraud risk, an issue that should be high on the corporate governance agenda according to ALARM.

Reflecting the growing significance of fraud risk, the Audit Commission—the body responsible for auditing local government—has endorsed the standard and will use it when it audits public sector risk management procedures, according to Joe Laidler, consultant and former assistant director of finance at the London Borough of Camden. "The Audit Commission's public sector audits will look at, in quite a lot of detail, anti-fraud procedures."

"Risk advisors must be involved and risk managers must push this standard in their organizations," Mr. Laidler added.

Fraud related losses cost the public sector an estimated £7.1 billion (€10.49 billion) in 2005/06 according to "The Nature, Extent and Economic Impact of Fraud in the United Kingdom," issued by the Association of Chief Police Officers in February.

"Organizations must accept fraud is a key business risk in the public sector," said Mr. Laidler, who is also a member of ALARM's counter-fraud special interest group and the author of the standard. Adding that he believed the £7.1 billion loss estimate is a real understatement.

"It is a corporate risk and must be managed at a corporation level. Without a solid approach to corporate governance you will not be able to beat fraud," he told risk managers attending a workshop at the ALARM annual conference this month. "Risk managers need the support of the top table, which needs to accept that fraud is a corporate risk and should be on the risk register," he said.

The risk of fraud is an issue of national importance that can impact heavily on public sector organizations' strategic and operational planning, according to "Managing the Risk of Fraud: The ALARM Standard for Risk Advisors," which was launched at the association's annual conference in Cardiff, Wales.

The National Fraud Review and the Fraud Act 2006, which created a new fraud offence, have also focused attention on public sector fraud, according to the ALARM standard.

"There is no doubt that instances of fraud in the public sector show an ever increasing trend, particularly in key financial and operational areas such as procurement, insurance, housing benefits and partnership areas," ALARM said in the standard.

Mr. Laidler, who has dealt with multimillion pound fraud cases during his career, said that the publicity and reputation risk involved with a big fraud case was quite "frightening." "Fraud can kill your reputation and can really damage an organization," he said.

Risk prevention

The standard is aimed at helping risk advisors reduce the risk of fraud rather than deal with cases after they have happened, according to Tracy Barnett, part of the strategic risk management team at the London Borough of Camden, and chair of ALARM's counter-fraud special interest group. "There is a lot of documentation on the investigation of fraud but no clear guidance on how to manage the risk," she said.

ALARM's fraud standard advocates a strategic approach to fraud risk and the promotion of a culture of "zero tolerance."

In addition to managing fraud risk, public sector risk managers can also take steps to reduce the cost of claims, and ultimately minimize insurance costs. Mark Nicolson, head of risk and insurance at the London Borough of Lambeth, said that Lambeth had reduced the cost of fraudulent claims against the borough by employing investigators.

It saved £1 million (€1.48 million) in its first year alone, according to Mr. Nicolson. "The biggest savings were through stripping out exaggerations," he said, adding that the bulk of claims were for property damage but were also related to highways, housing and employees.

"There is a knock-on effect. We can show we are managing the risk and show the insurer that we are less of a risk and this could affect the premium," Mr. Nicolson said.

The insurance industry uses shared databases to tackle fraud, he noted. "I would like to see wider sharing of claims data—between public liability data and personal lines data," he said. Adding: "Good practice is not shared at present and it would be good to have a network—which could be Web based—to share good practice."