Frequently asked questions about audit and internal controls
Why do councils need a fraud control plan?
An effective fraud control plan is a key element in achieving good governance within any organisation. A fraud control plan includes internal controls developed through risk management processes that examine the risk of fraud both internally and externally across the entire organisation.
What should a fraud control plan contain?
In addition to effective internal controls, a fraud control plan should include:
- A strong commitment and support from senior executives and managers
- Clear policies and procedures
- Process for identifying key fraud risks
- Effective fraud and corruption reporting framework
- Regular awareness training program
- A commitment to developing a strong culture of ethics and honesty
- Regular review and updating of the plan (eg annually)
There is no higher level of financial responsibility than to properly protect and account for public (ratepayers) money. The performance of an organisation can be improved through an organisational-wide application of a fraud and corruption strategy that incorporates the above elements.
How should I report suspected fraud?
Fraud is a criminal offence. It can occur within a council (internal fraud), or can involve persons or organisations outside of the council (external fraud). Regardless of the form it takes, in the first instance, suspected fraud should be raised within your organisation through a recognised internal reporting mechanism. If a person is uncomfortable with this approach or if Council does not have an internal reporting mechanism, the ICAC, NSW Ombudsman are able to accept and investigate fraud related allegations. Consideration could be given to reporting the matter to the Police. The preferred reporting practice for reporting allegations of external fraud is to the Police.