The organisation's Fraud Policy should be a short, precise document that can be understood and acted on by the appropriate personnel within the organisation. In broad terms, and in addition to the points noted above, the plan may also cover the following 1. A general review of robustness of existing systems, procedures and controls in preventing fraud
2. A means for regular testing of such controls
3. The identification of assets (including corporate information and plans) most at risk
4. An appraisal of the threat of fraud on those assets and how it might manifest itself
5. The means of damage limitation and recovery of funds if fraud occurs
6. An unequivocal statement that all fraud offenders will be prosecuted
7. The steps to be taken in the event a fraud occurs and who is responsible for taking action including:
7.1. Assigning responsibility for an instant response to the occurrence
7.2. Recovering funds
7.3. Dealing with the media
7.4. Preserving evidence and reporting to the police
8. The communication plan for internal and external stakeholders in the event of a fraud
9. Training and awareness programs for employees on fraud prevention
10. Regular reviews and updates of the Fraud Policy to ensure it remains current and effective
11. A reporting mechanism for employees to report suspected fraudulent activity
12. Collaboration with law enforcement agencies and other relevant bodies to combat fraud
13. Regular audits and monitoring of financial transactions and controls
14. A process for conducting thorough investigations into suspected fraud cases
15. Protection of whistleblowers and a non-retaliation policy for those who report fraud.