Activity reporting

This control targets internal fraud risks.

Examples

Examples of this control include:

reporting on programme or administrative budgets and expenses
reporting on programme claims, payments and other key performance indicators
reporting on employees’ attendance and allowances, e.g. overtime payments
reporting on project or contract performance
reporting on procurement and vendor payments
reporting to clients and employees on:
- changes to their accounts
- programme or organisational performance
- programme or organisational change
- trends and issues.

Not reporting on activities can lead to:

decreased transparency of actions and outcomes
poor management of performance, decision making and risk
less action and accountability to prevent, detect and respond to fraud and corruption
diminished capability to detect fraudulent activity and respond to it
clients, employees or contractors taking advantage of obscurity to commit fraud, act corruptly and avoid exposure
clients, employees or contractors being confused about requirements and accidently or recklessly engaging in non-compliant conduct that could lead to fraud.

Methods to evaluate the effectiveness of this control include:

confirming that reports are produced and used
reviewing a sample of reports to determine if they are clear, relevant and would help someone to detect fraud
reviewing data related to reports to see how often they are reviewed
confirming that reports and data cannot be manipulated
confirming that reports are sent or readily available to the appropriate people, e.g.:
- customers who can view reports via their online account
- line managers who receive the report via email
- executives who review reports during committee meetings.

Other capability, prevention, detection and response controls that can enhance this control’s effectiveness:

Types of behaviour this control is designed to mitigate:

Explore a range of controls that can be put in place to reduce the risk of fraud happening in your organisation.