Your business likely has a disaster plan for emergencies like fires, natural disasters, or terrorist attacks that could disrupt operations and endanger lives. While a fraud contingency plan 
might not seem as critical, it’s still essential for most companies. Here’s how to create and implement one.
Identify Your Vulnerabilities
Begin by gathering your senior management team and financial advisors to brainstorm potential fraud scenarios. Consider how your internal controls could be compromised, whether by a new hire, an experienced manager, a high-ranking executive, or an external party.
Next, determine which scenarios are most likely based on factors like your industry and company size. For instance, retailers are particularly susceptible to skimming, while construction companies may face employee/vendor collusion in bid rigging. Small businesses with inadequate segregation of duties might be at higher risk for theft in accounts payable.
Also, identify the schemes that would be most damaging to your business, considering financial impact, employee morale, and public relations.
Assign Responsibilities
As you draft your plan, assign specific responsibilities to individuals. When fraud is suspected, one person should lead the investigation and coordinate with staff and any third-party investigators.
Other employees should be assigned tasks where they can be most effective. For example, your IT manager might focus on preventing the loss of electronic records, while your HR head could maintain employee morale.
Define the objectives of any fraud investigation. Some companies may only want to fire the responsible person, mitigate the damage, and keep the incident quiet. Others might seek prosecution to set an example or recover stolen funds. Your plan should include details on who will work with law enforcement and how.
Communicate Effectively
Communication with employees is crucial during a fraud investigation. Staff members who are left in the dark will speculate. While you should consult legal and financial advisors before releasing any information, aim to be as transparent as possible with your employees. It’s also important to make your response visible to show that you take fraud seriously.
Designate someone to handle external communications. This person should be ready to manage criticism, defend your company’s stability, and control the flow of information to the public.
Implement Strong Internal Controls
A fraud contingency plan is just one part of your strategy to combat theft and other crimes within your organization. Since this plan is meant to help after fraud has occurred, ensure you have strong internal controls in place to reduce fraud risk. Contact us for assistance.
