The Empire Group is committed to preventing, detecting and reporting fraud, and in co-operating with other organisations to reduce opportunities for fraud.
Policy Statement
The Group is committed to preventing, detecting and reporting fraud, and in co-operating with other organisations to reduce opportunities for fraud.
The Company will manage the fraud risk by:
- Defining, setting and maintaining cost effective control procedures to identify and deter fraud;
- Investigating all incidences of actual, attempted or suspected fraud, and all instances of major control breakdown;
- Encouraging staff to be vigilant and raising fraud-awareness at all levels; • ensuring key controls are complied with
- Providing staff with effective confidential reporting mechanisms and encouraging their use;
- Taking action against individuals and organisations perpetrating fraud against the group and seeking restitution of any asset fraudulently obtained and the recovery of costs
- Co-operating with the police and other appropriate authorities in the investigation and prosecution of those suspected of fraud.
Purpose To document clearly the Company’s attitude to and stance on fraud and to demonstrate to internal and external stakeholders that the group deals with fraud in an appropriate manner
Scope This policy applies to the Company group, and will be applied globally. It should be read in conjunction with any other relevant group policies and practices fraud is not covered
Underlying Philosophy
Fraud risk can best be managed through preventative and detective control measures. The group is committed to the continuous improvement of fraud prevention and detection techniques. Management has a responsibility to ensure adequate anti-fraud measures and controls are present in systems. However, all staff are equally expected to be vigilant and play an active part in anti-fraud activity. The overt investigation of all actual or suspected instances of fraud and the prosecution of offenders provides an effective deterrent. Therefore, all known or suspected incidences of fraud will be thoroughly and impartially investigated. The investigation of fraud involving employees is best conducted independently – ie, outside the control of the line management of the area in which the investigation will take place. by this policy and the management of fraud is the responsibility of individual business units
Definition The following actions are among those considered to fall within the definition of fraud:
- Theft of company property, including information;
- Forgery or alteration of company documents;
- Wilful destruction or removal of company records
- Falsification of expense claims
- Unauthorised disclosure of confidential information to outside parties;
- Misappropriation or use of company assets for personal gain;
- Undertaking or assisting in illegal activity (including money laundering, which is covered by the Group Anti-Money Laundering Policy);
- Acceptance of bribes or gifts to favour third parties;
- Unauthorised premium discounting;
- Knowingly generating or paying false claims or invoices.
Corporate Objectives
- To develop an anti-fraud culture and define management and employee responsibilities in this area.
- To reduce the opportunity for fraud by introducing preventative and detective measures into systems and processes.
- To ensure that anti-fraud controls are considered and built into new systems and processes at the design stage.
- To promote an open and ethical culture within the organisation this deems unethical behaviour unacceptable.
- To increase the vigilance of management and staff through raising fraud risk awareness.
- To ensure that the directors of the group meet their statutory responsibilities towards fraud, as per the Companies Act and the Turnbull requirements for corporate governance.
- To learn from previous incidents and recycle lessons and experiences in fraud prevention and detection globally.
- To encourage management and staff to report their suspicions while guaranteeing anonymity where requested.
- To investigate impartially and thoroughly all cases or suspected cases of fraud, to prosecute offenders and, where appropriate, to seek to recover monies and costs through legal means.
- To co-operate with other organisations, such as other companies and the police, in the industry-wide detection and prevention of fraud.
Corporate Principles & Practice
Fraud Prevention and Detection
- The group’s Standards of Business Conduct will define the boundaries for acceptable conduct.
- HR policies include reference to recruitment and screening of new staff, an effective appraisal system and exit interviews.
- Fraud risk will be assessed regularly as part of the business’s risk management process, and at the design stage of new systems and processes. Cost-effective controls will be introduced where appropriate.
- Fraud risk awareness training will be undertaken with staff in high-risk functions on a regular basis.
- Regular assurance will be completed on key controls to ensure their effective mitigation of the fraud risk.
- Data mining and data analysis will be used to proactively manage the fraud risk and identify actual and potential problems.
- Fraud contingency plans will be developed to ensure appropriate and timely action is taken if fraud is suspected or uncovered.
Fraud Investigation
Where reasonable suspicion that fraud against the Company has taken place, the Company is entitled to investigate the matter thoroughly using recognised and legitimate investigative techniques.
- All investigations will be carried out objectively and confidentially, and independently of the line management for the area in which the fraud has occurred or is suspected.
- In the normal course of events we would look to hand over the investigation to the police, or other authorities, as soon as practical.
- In certain cases, third-party investigators may be employed by the director of fraud & investigations and director of group security in order to gather sufficient evidence to hand the case over to the proper authorities. Responsibility for the management of third parties rests with the director of fraud & investigations and director of group security. For non-UK business units, the head of the business unit may appoint a third-party investigator. Responsibility for the management of third parties in these cases rests with the BU head, who must take steps to ensure the investigation is conducted in an appropriate manner.
- Will be subject to the investigations guidelines attached as Appendix 1 to this policy.
- The director of fraud & investigations and director of security are authorised to enter any group premises, be given access to any information requested, and have access to all staff (with reasonable notice).
- The rights of individuals will be respected at all times.
- Where members of staff are involved in a fraud against the group, whether actual or attempted, they will be subject to the group’s disciplinary procedures, which may result in dismissal from the group.
- The Company will seek to prosecute anyone who commits fraud and will seek to recover its assets through legal means.
- The code of conduct adhered to by all investigators will include considerations of all relating legislation (eg Police and Criminal Evidence Act, Data Protection Act, Public Interest Disclosure Act, European Convention on Human Rights etc in the UK and relevant local legislation overseas) and group HR policies.
- Lessons learnt will be shared across the group as soon as possible after an investigation is concluded.
External Reporting
It is the policy of the Company to report all known criminal activity to the police for investigation by them. The timing of police involvement will be at the discretion of the director of fraud & investigations, in conjunction with the appropriate line and group directors. Similarly, the Company will report other breaches discovered in the course of investigations to the relevant authorities, including HM Customs & Excise, Inland Revenue, FSA, and the appropriate authorities overseas. The timing of such involvement will be at the discretion of the director of fraud and investigations, in conjunction with the appropriate line and group directors.
Responsibilities Empire Group Business Board is responsible for
- Maintenance of this policy and the Policy for Malpractice Reporting. • Development of a group fraud centre of excellence and group-wide fraud contingency plans.
- Provision of fraud and investigation services to UK business units, including policy development, contingency planning, and staff awareness training.
- Liaison with business unit fraud and security units, and other group functions, as appropriate.
- Investigation into all known or suspected instances of fraud by an employee in the UK. • Assisting business units with the implementation of this policy, and regular reporting on the effectiveness of the policy globally.
- Global sharing of best practice and provision of fraud and investigation services to them on request. • Regular reporting on the fraud risk globally.
- Management of any third parties employed and ensuring their adherence to this policy.
Group company units within Empire Group U are responsible for:
- Ensuring compliance with this policy throughout their operations. To this end a senior manager should be appointed with specific responsibility for its implementation and monitoring. In particular, business units must ensure that any third parties employed by them to investigate actual or suspected frauds comply with this policy and local laws and regulations.
- Considering their exposure to fraud risk and introducing preventative controls into new and existing systems and processes.
- Encouraging an open and ethical culture amongst staff and management.
- Developing pro-active methods of fraud detection, such as data mining and analysis.
- Reporting all suspected cases of fraud or theft by an employee to the director of fraud & investigations. For non-UK business units, this applies to cases where the employee is a senior manager or where the sums or assets involved may exceed £25,000. In all cases, where the sums or assets may exceed £500,000, the director of group security should also be advised.
- Allocating sufficient and appropriate resources to implement this policy effectively.
- Implementing initiatives that enhance fraud risk management effectiveness, including procedures that enable employees to inform management of suspected fraud, theft and wrongdoing.
Staff are responsible for reporting known or suspected fraud, or instances of unethical or illegal behaviour within the company.