This Failure to Prevent Fraud Risk Assessment is a template methodology to identify and understand the inherent fraud risks faced by an organisation (where they maybe the beneficiary), in scope of the Economic Crime and Corporate Transparency Act, and whether the controls in place are sufficient to mitigate those risks. The outputs are the residual fraud risks, which (if outside of risk appetite) will feed into the Fraud Prevention and Detection Framework enhancement initiatives.
The Failure to Prevent Fraud Risk Assessment consists of two documents:
1. A Risk and Controls Scoring Tool (in Excel) utilising 38 inherent risk questions and 82 control questions to calculate the organisation's quantitative residual risk rating.
2. A Risk Assessment Template (in Word) to provide qualitative analysis of the risk rating.
The Risk Assessment covers the following Inherent Risks:
- Legislation
- Company/Territory
- Business Relationships
- Credit/Investment
- Organisation
The Risk Assessment covers the following Controls:
- Top-Level Commitment/Governance
- Reporting
- Risk Assessment
- Procedures
- Due Diligence
- Monitoring
- Employee Engagement
- Assurance