Managing Fraud Risk: a Practical Guide for Directors and Managers by Steve Giles
Publisher: John Wiley & Sons
There are two important things you would not guess from the title of this book. First, it is a very good read: not quite The Girl With The Dragon Tattoo, but it flows well and keeps the reader involved. Second, while its core subject is fraud risk, it could easily be used as a more general introduction to risk management. Perhaps because fraud itself can produce some fascinating stories, and certainly because the author is able to draw on examples from a career built on consultancy and teaching, this book provides a very practical perspective on its subject matter.
The book comprises 10 chapters, each covering a discrete aspect of fraud - from softer elements, such as behaviour and responsibility, to elements of a risk management framework: controls, prevention and detection. The 10 chapters are linked without too much contrivance to 10 questions in a fraud awareness quiz that the author uses when teaching. Actively stopping to consider each question before reading the content of the associated chapter prepares the reader to challenge their own views. It also helps to embed the five key messages at the end of the chapter.
The book does deliver some very useful textbook content. There is factual content - largely built around introductions to relevant frameworks that have developed over the years: legislation such as Sarbanes-Oxley and anti-bribery laws, risk management frameworks such as the Committee of Sponsoring Organizations (COSO) ERM model, control frameworks and corporate governance approaches. The treatment of these frameworks in the book is superficial - enough to bring out the essence of their purpose, but leaving the reader to investigate further by following references. This content is complemented by the author's personal insights as a practitioner, so the whole book suggests a theoretical framework that underpins the practical advice it contains.
The author uses two further teaching aids. The first involves case studies drawn either from personal experience (the author was a key player in the team investigating the Polly Peck collapse) or from the study of other highly public cases. The second quotes insights drawn from a select group of other practitioners whose approach to fraud risk management has quite clearly impressed the author. Rather than using these illustrations to reinforce his own position, the author appears to want to give the reader a broader palette of viewpoints.
Considering this book's usefulness to actuaries, I would point to three things.
First, this is as good a risk management primer as any other text. As more actuaries like to consider themselves risk management professionals and as the demand for these skills increases, students and experienced actuaries alike would benefit from reading it.
Second, for actuaries who are directors or senior managers of organisations, the book is a useful reminder of the threat of fraud risk, directors' and officers' accountability for protecting stakeholders from fraud and the resources available to them to discharge that accountability.
Lastly - although it is only a small section - the discussion of statistical techniques used in the detection of fraud will be familiar territory for actuaries whose core role involves the analysis of large volumes of data.
A final thought, inspired by the subject matter, relates to the role that actuaries should continue to play in comparing long-term benefits with short-term costs. Fraud prevention is only one example of the conflict between businesses' increasing exposure to risk and the pressure to reduce the cost of controls, taking resilience out of individual businesses and therefore the economy and society.
While practitioners such as Steve Giles continue to improve the effectiveness and efficiency of controls, actuaries do have a role to play in highlighting the financial benefits of maintaining those controls.
Tony Brooke-Taylor is an audit director, general insurance, at Aviva