Unmasking Organisational Fraud:
The Crucial Role and Responsibility of Directors and Officers
Corporate fraud is a complex, multifaceted menace that can damage an organisation in numerous ways. From cyberattacks and email scams to deceit from supposedly trustworthy employees, this threat can originate both externally and internally. Yet, a common misunderstanding is that fraud is beyond an organisation's control, absolving directors or officers of accountability for fraudulent incidents. This is a fallacy. Directors and officers can indeed be held liable for losses if they fail to effectively mitigate the risk of fraud.
Implications of Fraud for a Business
The implications of corporate fraud are multilayered and far-reaching. Monetary losses include the funds siphoned off by fraudulent activities, the cost of forensic investigation, remediation costs, and any resultant fallout expenses such as handling media fallout or implementing new systems.
However, fraud also extracts an unseen but significant toll, including tarnishing the company's reputation, dwindling employee morale, and the potential loss of future business opportunities. With such profound repercussions, who bears the burden of responsibility for organisational fraud, and what obligations do directors or officers have in this context?
Understanding Your Role and Duties
Directors' responsibilities are derived from several sources, such as common law and various legislations, notably the Corporations Act 2001 (Cth). If a fraudulent incident occurs within an organisation, questions invariably arise about the accountability of directors and officers.
Two main duties under the Act particularly apply when considering organisational fraud:
- The duty to act with the level of care and diligence expected of a reasonable person in the same position and under the same circumstances.
- The duty to act in good faith in the corporation's best interests and for a proper purpose.
These responsibilities extend to 'officers' of a corporation, including company secretaries and anyone involved in making decisions that significantly affect the business or its financial standing.
The Practical Implications
In practice, these duties entail ensuring that the organisation has adequate processes, systems, and policies in place to reduce the risk of fraud and foster a culture of compliance. As fraud risks evolve, such as the increasing prevalence of cyber fraud, directors and officers must understand these threats and have a robust risk management framework in place.
The responsibilities aren't a 'one-size-fits-all'. The standard of care and diligence is objective, evaluated based on what a reasonable director or officer would do considering their position, responsibilities, and the corporation's circumstances. Directors and officers should take an 'intelligent and diligent interest' in the information provided about the organisation's fraud risk and the systems and processes in place to manage it.
Mitigating the Risks
Making risk a recurring agenda item at meetings is an integral part of fulfilling the responsibilities of directors and officers. Understanding what the risks are, their impact, likelihood, consequences, and how effectively controls are in place is critical.
It's crucial for directors and officers to review the processes, policies, controls, and compliance systems regularly to see if they are equipped to mitigate the risks posed by organisational fraud. If an incident has occurred, the learning from the post-incident debrief should feed into enhancing processes and minimising the risk of recurrence. Also, reviewing the composition of the board and senior officers to ensure they are adequately informed and equipped to discharge their duties is vital.
In the face of a constant and evolving threat like fraud, the role of directors and officers in understanding, managing and mitigating these risks cannot be overstated. With a proactive approach and sound practices, they can play a pivotal role in safeguarding their organisations.
.jpg)
