This fraud and whistleblower policy is established to outline the controls in place to educate, prevent, detect, and report any form of fraudulent behavior.
By definition, “Fraud is any intentional act or omission designed to deceive others, resulting in the victim suffering a loss and/or the perpetrator achieving a gain.” We (hereinafter – “We” or the “Company”) have a strong commitment to fraud risk management. Examples of fraud can include but are not limited to these three categories.
- Forgery or alteration of any financial document;
- Improper revenue recognition;
- Misappropriation of funds, securities, supplies, or other assets;
- Understatement of liabilities;
- Management override;
- Deviation from full and fair reporting of the financial condition.
- Misappropriation of funds, supplies or other assets;
- Impropriety in the handling or reporting of money or financial transactions;
- Use Сompany-owned assets for personal use;
- Loss or misuse of Company’s resources by not following system controls.
- Theft of a payment or other financial asset;
- Profiting as a result of insider knowledge;
- Impropriety in the handling or reporting of money or financial;
- Confidential information used in the conduct of outside business;
- Disclosing information that should be secure;
- Non-compliance with internal controls.
Each employee shall have a basic understanding of fraud and be aware of the red flags and know their role within the internal control framework. Fraud involves not just monetary issues, but also is significant to an organization’s financial reporting, operations, reputation, legal, and regulatory compliance. Staff have an awareness of how their job procedures are designed to help mitigate fraud risks and when noncompliance may open up the opportunity for fraud to occur. Each member of the management team will be familiar with the types of improprieties that might occur within their area of responsibility and will be alert for any indication of possible irregularity.
- Poorly written or poorly enforced internal controls, procedures, policies or security;
- Irregular or unexplained variances in financial reporting;
- Failure to take action on audit findings;
- Unusually high expenses or purchases;
- Frequent complaints from customers;
- Missing or incomplete files, records, and documentation;
- Employee comments concerning possible fraud;
- Complex business arrangements not widely understood and appear to serve little or no purpose;
- Financial results that seem “too good to be true”;
- A consistently close match between reported results and planned results;
- Changes to employee’s behavior.
Prior to employment, background checks are used in employment screening with the specific objective of assuring that persons with inappropriate records or inconsistency are identified and eliminated from the hiring process. Every employee is required to read and understand policies and procedures upon employment with the Company.
Ongoing monitoring procedures are built into normal recurring operating activities. Certifications and self-assessments create strong controls that help prevent occurrences of fraud. Segregation of duties exists and is tested routinely. The annual fraud risk assessment, which is a part of the annual Company’s risk assessment process, helps to identify potential schemes and events.Other internal controls help prevent fraud as follows:
- Adherence to documentation and authorization limits;
- Physical security and restricted access;
- Independent review;
- Clear lines of authority;
- Enforcement of conflict of interest;
- Internal control walkthroughs;
- Regular vacation breaks;
- Board oversight;
- Anonymous reporting “Whistleblower” procedures.
These controls help to create an environment where employees, vendors, and other parties believe that dishonest acts will be detected, reported, and dealt with appropriately.
Employees, vendors or other parties with concerns of fraud or suspected fraud may report the responsible employee. Any fraud that is detected or suspected must be reported immediately.
Upon receipt of a complaint, the responsible employee will take appropriate action for investigation, tracking and confidentiality.
Any investigative activity required will be conducted without regard to the suspected wrongdoer’s length of service, position/title, or relationship to the Company. It is important to provide as much information regarding the facts and circumstances surrounding the complaint as possible in order to facilitate a full and complete investigation.
Upon receipt of a complaint, the responsible employee will determine whether the complaint actually pertains to accounting or auditing matters and, as possible, acknowledge receipt of the complaint to the sender. Complaints relating to accounting or auditing matters will be forwarded for investigation to such person or persons as responsible employee determines to be appropriate. Confidentiality will be maintained to the fullest extent possible, consistent with the need to conduct an adequate review.
The Company is committed to achieving compliance with all applicable securities laws, regulations, accounting standards, accounting controls, and audit practices.
Any employee, vendor, or other party may file a good faith complaint without the fear of dismissal or retaliation of any kind. The Company will not discharge, demote, suspend, threaten, harass or in any manner discriminate against anyone because of any lawful actions in providing information or other assistance in investigation of fraud or the commission. This will be true even in the event that it is concluded from the investigation that no violation occurred.
Here is the list of prevention mechanisms which the Company is using to mitigate fraud:
- Establish clear and easy to understand standards from the top-down. Maintain employee manual that clearly outlines these standards and keeps the rules from becoming arbitrary;
- Always check references and perform background checks that include employment, credit, licensing and criminal history for all new hires;
- Secure physical assets, access to data, and money at all levels including monitoring and using pre-numbered checks. Keep checks locked up, have a “voided check” procedure and never sign blank checks. Review all disbursements regularly;
- Segregation of duties for employees. Divide activities so one employee doesn’t have too much control over an area or duty. Separate important accounting and account payable functions. Small business owners and managers should review every payroll check personally. The person who has custody of the checks should never have check signing authority. The person opening the mail should not record the receivables and reconcile the accounts;
- Proper authorisation of transactions, ensuring that employees aren’t exceeding their authority;
- Independent checks on performance by using audits, surprise check-ups, inventory counts or other procedures to verify compliance with policies and procedures, as well as accuracy;
- Instilled anonymous reporting mechanism such as an employee fraud hotline;
- Small-business owners should control who first receives the bank statements and other sensitive documents. Consider a separate post office box for the purpose of receiving bank statements, customer receipts or any other sensitive documents;
- All account reconciliations and general ledger balances should have an independent review by a person outside the responsibility area such as an outside accountant. This allows for reviews, better ensuring nothing is amiss and providing a deterrent for fraudulent activities;
- Conduct annual audits to motivate all bookkeeping-related staff to keep things honest because they can never be sure what questions an auditor is going to ask or what documents an auditor may request to review.
The Company will be using third party card issuing vendor. This means it will not be able to implement custom solutions. The vendor who will be working with us should have at least:
- 3D secure transactions;
- Fraud prevention system;
- Fraud prevention checks:
- Collection and use of personal information
- Disclosing and transferring personal information
- External websites
- Your rights regarding your personal information
- Security of personal information
- Retention of personal information
- Data protection officer