270 likes | 562 Views
THE GOVERNANCE OF FRAUD RISKS IN MEDICAL AID SCHEMES. Pontso Nyathi Senior Manager: Forensic Services. CONTENTS. CONTENTS. Introduction. The Council for Medical Schemes (CMS) conducted a survey of governance process amongst Trustees
E N D
THE GOVERNANCE OF FRAUD RISKS IN MEDICAL AID SCHEMES Pontso Nyathi Senior Manager: Forensic Services
The Council for Medical Schemes (CMS) conducted a survey of governance process amongst Trustees • The study reinforced the view that sound governance of medical schemes was critical to: • Successful operations • Best interests of members • There however continues to be unacceptable high level of governance failures?
Governance failures often results in the total collapse of the medical scheme or the medical schemes facing severe difficulties / intervention by Curator • Governance failures undermine the objectives of the CMS being to protect the interest of the beneficiaries of medical schemes. • CMS has issued recommendations to improve governance and reduce the risk of failure
Corporate Governance –Principles • Strategic direction, Executive action and Supervision thereof depend on: • Board composition • Behaviour of individual directors • Functioning of the Board • Use of Board Committees • Proper assessment of risk • Sound internal controls, • Wixley and Everingham-Corporate Governance 2005
GOVERNACE-CHALLENGES • Why strengthen governance processes??? • Collapse of medical schemes due to governance failures • Lack of ethical leadership • Weaknesses in the leadership of Trustees • Insufficient knowledge and experience of BoT • Dominance of related party transactions • Spread of conflict of interest • Poor Financial oversight ( resulting in misuse of member funds, poor assessment of claims, this resulting in excessive contribution increases)
Fraud risk governance • interventions • Medical scheme Act • Scheme rule
Fraud Risk Governance questions to answer
FRAUD RISK GOVERNANCE QUESTIONS- BOT • Are appropriate processes followed to appoint the BoT ( particularly probity and background checks? ( structure and composition of the board) • Is the BoT independent of management?( executive management of scheme)? • Is fraud risk considered adequately with the governance of risk? • Are BoT members aware of position of the scheme on actual or potential conflict of interest and acceptance and offering of business courtesies? • Does the scheme have framework to address ethics and other business conduct standards of BoT • Does the integrated report include a statement form the BoT on the effectiveness of the systems of internal control
FRAUD RISK GOVERNANCE QUESTIONS- AUDIT COMMITTEES • Does the BOT and other governance structures have the appropriate blend of skills to discharge its responsibilities? • Is the audit committee appropriately alerted to fraud reports and other whistle blower reports? • Is the audit committee appropriately apprised of how fraud reports are being addressed and the outcome of investigations conducted? • Has the audit committee approved the fraud risk management plan, corresponding internal controls in place and is regular feedback being provided on implementation thereof?
FRAUD RISK GOVERNANCE QUESTIONS- RISK • Do we understand how fraud risk identification, assessment and response is • managed in our organisation? • How do we know that the biggest fraud risk exposures for our organisation • are being adequately managed? • When last did we participate in a fraud risk assessment activity? • How often have we considered the same fraud risk-related issue in the various • management and governance meetings? • Is ICT fraud risk actively considered in our risk management process? • Do we have a fraud risk management plan?
COMPLIANCE WITH LAWS, RULES AND STANDARDS • Compliance should form an integral part of the risk management process • Implement an effective compliance framework and processes
FRAUD RISK GOVERNANCE QUESTIONSCOMPLIANCE • What are the key anti-fraud statutory and regulatory obligations to which our scheme need to comply? • Are we in compliance with these requirements? How have we received this assurance and are we satisfied that the assurance is credible? • When last did we consider compliance at the BoT? • How are we apprised with changes in the legal and regulatory landscape? • Do we have sufficient evidence to defend our organisation in court or prove to CMS that we have complied with a specific provision • Does our disclosure on the effectiveness of compliance reflect the actual position n the scheme
INTERNAL AUDIT • There is an effective risk based internal audit • Evaluating the company’s governance processes • Objective assessment of the effectiveness of risk management and the internal control framework • Analysing and evaluating business process and associated controls • Adhere to the IIA Standards and Code of ethics • Should follow a risk based approach to its plan • Informed by the strategy and risks of the company • Assess the company’s risks and opportunities
QUESTIONS FOR MANAGEMENT – INTERNAL AUDIT • When last was an objective assessment as to whether internal audit has the appropriate level of technical and analytical skills required to address the fraud risk management requirements of our business? • Is there sufficient assurance of our ethics and fraud risk management programmes? • What were our most recent fraud loss events and what comfort did internal audit provide us on these?
Closing remarks • Fraud Risk Governance considers more than simply Fraud Prevention or Fraud Risk Management in isolation. It, more holistically, incorporates and compliments the organisations Corporate Governance framework
When governance fails Fraud occurs Peter Goss