Taking a Risk-Based Approach to Financial Crime
The importance of taking a proportionate, risk-based approach to fraud is one of the recurring themes of this book. However, I am advocating this as a matter of best practice. I am unable to point to any law or set of regulations which compels an organisation to adopt a risk-based approach in the area of fraud. This may change in the near future but at the point of writing, in early 2012, it is not the case.
I say that there may be developments in the near future advisedly, because there are recent examples in other areas of financial crime management of the principle of risk assessment being enshrined in the law and/or in official guidance. Two such examples are set out below.
Approach to Bribery and Corruption
One such example of this is seen in the official guidance accompanying the Bribery Act 2010 in the UK. This Act requires a commercial organisation to have “adequate procedures” in place if it is to be able to defend itself against a charge under the new corporate offence of failing to prevent bribery. The UK's Ministry of Justice has published Guidance12 on what it considers adequate procedures to be. This Guidance actually comprises a classic piece of risk management theory. The guidance notes are built around six guiding principles. The first of these is that a commercial organisation should adopt proportionate procedures, the key determinant of which is the degree of bribery risk that it faces. The third of ...