Fraud risk management addresses the end-to-end implementation of a fraud risk mitigation program aimed at addressing actual, potential, and/or perceived fraud risks throughout an organization. These practices should ideally include all aspects of the business to be effective in dealing with fraud-related activities.
The fraud risk management program should be aligned with the organizational risk strategy, related risk appetite, and the ethical culture displayed by all in the organization, including business partners, senior and executive management, directors, and shareholders (tone-at-the top).
The implementation of an aligned Fraud Risk Management program should provide assurance to staff, managers, senior managers, executives, shareholders, and other stakeholders alike that the management of Fraud Risk is uniformly applied throughout the organization.
The fraud risk management program includes the implementation of fraud prevention, fraud detection and fraud response programs. These activities are pro-active and reactive in nature and address fraud risk at different levels within the ethics-compliance environment.
As a starting point in the implementation of a fraud risk management program, it is advised that a fraud risk assessment be performed to determine the level of fraud risk maturity and/or exposure of an organization to related risks.