AS 8001:2021 pdf free download – Fraud and corruption control

AS 8001:2021 pdf free download – Fraud and corruption control.
(a) prevention of internal and external fraud and corruption including fraud and corruption against and by the organization;
(b) early detection of fraud and corruption in the event that preventative strategies fail; and
(c effective response to fraud and corruption events in ways that achieve optimal outcomes [or the organization including the recovery of the organization’s property or the award of compensation to an equivalent value,
The aim of such a system Is to control the risks of fraud and corruption against the organization (I.e. where the organizaton Is the target or Intended target) as well as fraud and corruption committed by or in the name of the organization (i.e. where fraud or corruption is committed by an organization or by a person or persons purporting to act on the organizations behalf or in the organization’s economic interest).
This Standard addresses both internal and external fraud and corruption.
This Standard does not address fraud against the individual, including consumer fraud.
NOTE This standard makes no distinction between technology.cnabled fraud and corruption and fraud and corruption that are less reliant on technology, as the majority of frauds and many forms o[ corruption will involve technology to a greater or lesser degree. However, the distinction between internal and external fraud and corruption renialns useful.
1.2 Application
This Standard is intended to apply to all organizations operating in Australia. This includes publicly listed corporations, proprietary corporations, incorporated associations, unincorporated organizations and all government departments and agencies. It is intended to apply to not-for•prolIt as well as forprofit organizations.
Conformance to this Standard requires an appropriate level of forward planning and application of a structured risk management approach. The application of contemporary risk management principles outlined in AS ISO 31000 is fundamental to the prevention of fraud and corruption against or by Australian organizatIons.
Corruption control Is within the intended scope of this Standard. Relevant to this is AS ISO 37001, which
provides requirements and guidance for organizations wishing to control bribery. 110th AS ISO 37001
and AS 8001 consider —
(a) bribery to be a subset of corruptIon; and
(b) that all instances of bribery will constitute corruption; but
(c) that not all instances of corruption will constitute bribery.
Due to this distinction between the definitions of corruption and bribery, corrupt behaviours that do not constitute bribery are within the scope of this Standard but are not within the scope of AS ISO 37001.
(f) resourclng rcquircments and. In particular, ensuring that thc anti.fraud and anLlcorruption human resources are appropriately senior (see Clause 2A.1) and skilled for the role and that they have a sufficient allocation of time to discharge their responsibilities;
(g) the changing nature of fraud and corruption in specific industry sectors globally e.g. the global shift of organized crime to fraud underpinned by more effective investigation of traditional organized crime activities, greater technology available to organized crime and higher educational standards of organized criminals;
(h) recent research and guidance on fraud and corruption control matters; and
(I) the need for consultation.
2.11 Leveraging the internal audit function In fraud and corruption control
2.11.1 General
The primary purpose of the internal audit function is defined In the International Professional Practices Standard 2017 (IPPF).
As fraud risk poses a serious threat to an organization’s value (both in financial and reputatlonal terms) it is essential that an organization’s internal audit function (where such function exists) is alert to and considers the organization’s fraud exposures with the objective of providing objective assurance as to the effectiveness of controls in mitigating, detecting and reporting fraud events.
While primary responsibility for the identification of fraud within an organization rests with management, the internal audit function can. In the context of addressing business risks, be an effective part of the overall system to identify, prevent and detect fraud.
Organizations with an internal audit function should understand the limitations of the internal audit function in terms of its capacity to prevent, detect and respond to fraud but, subject to those limitations. aim to work collaboratively with the internal audit function to optimize the internal audit function’s fraud and corruption management capability.