With a high percentage of fraud originating from within company ranks, businesses have to tighten the reins on employees and fine-tune their processes to combat the scourge. Typically, technology holds the key to curtailing employee freedom without putting a spanner in the works.
“Although companies recognise the havoc fraud can cause for them - both from a financial and reputational perspective - a lot of organisations have failed to gain control over the most sensitive areas of their business. This means that even with heightened awareness of fraud, they are still ill-equipped to prevent it from happening.
“Businesses have to walk a fine line between allowing enough slack so that employees are able to do their jobs, and maintaining the level of control needed to stop internal fraud. It's hard to achieve without the help of technology,” says Leo Dreyer, Operations Manager at Bluekey Software Solutions, which specialises in the implementation and support of SAP Business One.
Manual systems are wide open to manipulation and therefore more open to fraud. This is why companies are increasingly turning to technology to help them tackle fraud. However, Dreyer says a lot of technologies also allow employees too much freedom and are vulnerable to abuse as well.
To put up any real resistance against internally-perpetuated fraud, he says companies need to have a system that not only allows them to set the boundaries on employee freedom, but also offers full audit trail functionality.
“This addresses the need for better control over employee functions as a way of preventing fraud from happening in the first place, and also addresses the need to be able to re-trace transactions after a fraud has taken place.
“Of course, prevention is always better than cure, but companies have to be realistic. Few systems are foolproof and fraudsters make it their business to work around them. So, it is important to have a business management tool in place that enforces the segregation of duties and strict authorisation mechanisms to help stop employees from performing functions that they are not authorised to.
“At the same time, the system should offer full traceability and comprehensive audit trails, which allows companies undertaking forensic audits after the fact to analyse transactions and activities taken by employees to pin point who did what and at which point,” he says.
According to Dreyer, SAP Business One can be used as a tool for mitigating fraud. Through automation of processes, authentication controls and segregation of duties, it prevents the backdating of transactions; payments being made to people without services or products being delivered; the creation of false entries in the general ledger; and the manipulation of user settings and authorisations on any business documents by unauthorised people.
“The solution has approval procedures built into the application as standard. These can also be set up for any business rule on any document according to the company's needs. When any action or function is undertaken outside of normal procedure or by an unauthorised user, a red flag is immediately raised and sent to management. “This enables management to be proactive about stopping fraudulent actions before they go any further,” he says.
“Most notably, the solution allows for full traceability (history audit) on almost any document or posting. If there is a discrepancy and money is moved around, it is easy to see who made the changes and follow up on them. The audit trail allows management to see who created the original posting, on what date, and who made subsequent changes to the posting. The system can display the original and doctored document changes.
Dreyer concludes: “Technology certainly makes it much easier for businesses to gain greater control of particularly sensitive areas of the business and information. However, they cannot become complacent even with the very best business tools and IT security software in place.
“Just like a house alarm system is pretty useless if there is no response team ready to spring to action in the event of the alarm being activated, so a company should have plans and procedures in place to respond when alerts are raised on their systems.”
Share
Bluekey Software Solutions
Bluekey Software Solutions specialises in the implementation of SAP Business One, the market-leading business management software solution for small to medium-sized companies. It offers a total solution, from networking through data take-on and system setup to management reporting.
The company is the most successful and fastest growing SAP Business One reseller in Africa. It has been awarded SAP PartnerEdge Gold status; SAP EMEA Pinnacle Award Winner in 2008; and SAP Business One Partner of the Year South Africa in 2005, 2006, 2007 and 2008.
Bluekey is also the most technically proficient reseller with the largest number of SAP-certified professionals. It has regional representation in Johannesburg, Cape Town, Durban and Nairobi and boasts a diverse client base incorporating names such as CJ Petrow Chemicals, Bidvest, Garmin, Kathea Communications, Miro, Stingray, Stodels and Winesense.
For more information about Bluekey Software Solutions, visit www.bluekey.co.za.
For more information, please contact:
Kerry Webb
(011) 849 8712
(082) 496 0713