With the COVID-19 epidemic, companies have adopted remote work as a preventive measure. However, not all of them are prepared for this model, which also requires security measures and care, in order to prevent fraud. Some basic recommendations can be followed to minimize fraud and avoid costly errors.
Knowing the basic structure of the company is a first step, since it may have a very well designed but poorly executed internal control. This can be a bad scenario, as there is a false sense of security when in fact, fraud can exist. An adequate analysis of the processes at this time is feasible, as well as following safe guidelines to detect fraud quickly and minimize risks.
A fraud triangle has three factors: rationalization, pressure, and opportunity. The first two are difficult to detect, but the opportunity can be controlled.
Segregating responsibilities is also recommended to reduce fraud. The key to a solid internal control system is the proper segregation of tasks, in addition to the review of transactions and management empowerment. As more employees work remotely, management must maintain a segregated to-do list and check for inappropriate overlays to prevent fraud at their management level.
The next recommendation is to automate whenever possible. An automated payment system, for example, basically works with segregated tasks. An employee enters the bills to be paid and another person approves the payment to be released, thus increasing fraud detection capacity.
Attention to the use of corporate credit cards in the purchasing process is also highlighted to minimize fraud. Many smaller expenses go unnoticed when the statements are not analyzed and are the gateway to attempted greater embezzlement. The ideal is to analyze all credit card expenses and always review the list of people you have and that you really need to use in the company. A good option are credit cards that limit their use to types of expenses, reducing the chance of purchases that are not part of the company's routine.
We also added a simple recommendation, but one that may affect the security of remote work. It is basic care with the equipment used by the employees. It is very likely that in some cases professionals migrate to the home office using their personal equipment, such as a notebook or family computer. These are worrying cases, as are new employees who have not yet received all the guidance on how to protect equipment outside the company's safety net. In these cases, the ideal is for companies to provide the tool or make sure that they use equipment suitable for accessing corporate information. If the equipment is personal, it must have up-to-date software, as well as a browser and antivirus. For connections, routers with encryption or VPN are recommended if the work is carried out in external locations, such as coffee shops or hotels.
Companies that did not routinely work remotely during this time of pandemic are the most susceptible to security incidents and fraud detection, as they need to quickly provide a secure communication structure for all parties involved in the work. Thus, it is essential that these basic recommendations are part of the actions implemented for the development of secure remote work policies.
Contact TATICCA — ALLINIAL GLOBAL, which provides integrated auditing, accounting, tax services, corporate finance, Financial Advisory, Risk Advisory, technology, business consulting and training. For more information, visit www.taticca.com.br or email taticca@taticca.com.br. Our company has professionals with extensive experience in the market and has certified methodologies for carrying out activities.
