Companies in India don't realize the number of ways fraud can be committed, are less than serious about combating it, and have not implemented the provisions of the Companies Act 2013, a new survey has found.
The Deloitte Annual India Fraud Survey's first edition also found that senior management is most likely to commit fraud, which can include insider trading, manipulation of financial statements and conflict of interest resulting in non-compliance. The survey covered 400 CXOs across various industry sectors who are working in the area of fraud risk management.
These are startling findings, and mean that fraud cases might be going undetected, and companies are not in compliance with a federal law. So it is no surprise that 56 percent of respondents believe that fraud cases will go up from existing levels.
The majority of survey respondents indicated that emerging fraud risks such as social media fraud (69 percent), e-commerce fraud (60 percent), cloud computing fraud (96 percent), and virtual/ crypto-currency fraud (50 percent) did not pose a challenge to their organizations, and adequate steps were not being taken to mitigate these frauds. That basically means that fraudsters are a step ahead in using technology than the people who are trying to catch them.
Close to 88 percent of survey respondents felt that a stringent regulatory environment could help reduce instances of fraud in the future. The Companies Act 2013 was identified as a key legislation that could accomplish this. But responses indicated that limited efforts were being taken to comply with these provisions. For instance, only 38 percent of respondents said they organized periodic training programs for senior management on fraud risk management. Given that most of the respondents said that the top category of managers was most likely to commit fraud, such negligence means fraud might be going undetected.
Among the respondents who said they have installed mechanisms to counter fraud, majority said they relied on internal audit, followed by whistleblower hotlines and technology controls. This is welcome - it indicates some companies are modernizing their fraud detectors. However, the response to uncovering fraud was again disappointing with majority saying they relied on internal investigations and disciplinary action against fraudsters. A better response would be to report them to relevant authorities, particularly in cases of insider trading.
Overall, a lot needs to be done by corporate India to live up to the clean image it cherishes. "We have observed that companies make limited investments in the area of fraud risk management and tend to rely on a generic set of controls to mitigate all frauds. Over the years these mechanisms can lose their effectiveness, thereby exposing companies to the risk of fraud. This is also a likely reason why companies are unable to gauge the extent of fraud risks from new areas such as social media and e-commerce,” said Rohit Mahajan, Senior Director & Head, Deloitte Forensic.