Fraud Awareness and Mitigation

Awareness is fundamental to fraud mitigation. Without being aware that fraud is occurring – or that it could occur – an organization is unlikely to be successful in mitigating or moderating it. Mitigating fraud can be challenging because fraud morphs and changes over time, and the pace of change is accelerating with new technology.

In fighting fraud, it can be difficult to know what should be known:

"As we know, there are known knowns. There are things we know we know. We also know there are known unknowns. That is to say we know there are some things we do not know. But there are also unknown unknowns, the ones we don't know we don't know."
— Donald Rumsfeld, February 12, 2002, Department of Defense news briefing

In keeping with Secretary Rumsfeld’s comments, this page contains information on what IS known about fraud awareness and mitigation. It will help users understand why fraud occurs. It contains information on the various classifications of fraud and provides information on policies, process and procedures that can mitigate fraud. This page features the following subject subtitles:

  • Fraud Categories for classifications of fraud in areas that most significantly affect governmental operations.
  • Fraud Triangle to learn about how and why fraud occurs.
  • Social Engineering to learn more about schemes to acquire sensitive information.
  • Risk to gain access to Risk Tables offering risk indicators and controls by category.
  • Red Flags to learn about some common possible fraud indicators.
  • Mitigation and Controls to learn about the structure of policies, procedures and processes to deter, detect and reduce fraud
  • Training Materials to explain fraud and risk management. This subtitle includes formal courses, videos, presentations, posters, handouts and other resources that can help train government employees to understand and fight fraud.

A good place to begin the battle against fraud is to conduct a fraud risk assessment. This is a tool that helps identify and prioritize the possibility of fraud in an organization. There are various ways to perform this assessment. The example lists the owner, the relevant risks, the likelihood of occurrence and the financial impact of the occurrence, as well as other pertinent information. Columns can be added to evaluate the effectiveness of controls and other information that is pertinent to the entity.

Owner Fraud Risks Controls Monitoring
Responsibilities
Likelihood Impact
Construction Department Inferior materials Periodic site visits by engineers, architects, inspectors Construction, Legal, Internal Audit M H