Monica Cope highlights the importance of being safeguarded against fraud

One of the most serious threats to pension schemes continues to be internal fraud.

The recent police investigation into suspected scheme-related theft at Capita highlights that fraud prevention must be a priority area of focus for trustees and their administrators.

While no company can ever be completely immune from dishonestly and deception, implementing robust internal controls lessens opportunities to commit fraud and theft.

Poor internal controls and misplaced trust can put pension scheme assets at risk, so it is crucial that key threats like theft and fraud are identified, along with the vulnerabilities that might be exploited.

Recognising potential risk scenarios facilitates effective risk evaluation and management.

Every organisation should have a plan in place to help prevent fraud, as quite simply, prevention is better than cure.

Firstly it's important to ensure that the people with access to your pension scheme assets are suitable for the roles they are carrying out, and that they understand their responsibilities.

Background screening checks should be completed, proportional to the role, and contractual agreements should state responsibilities.

A fraud awareness, education and training programme should be established, and a disciplinary process put in place to take action against employees who have committed fraud.

Access to scheme assets should be strictly controlled. The concepts of Least Privilege, Separation of Duties and Rotation of Duties minimise the risks related to power and privilege.

Individuals should only have the necessary privileges to do their jobs, and where possible, responsibilities should be rotated to minimise the risk of fraudulent activity.

No individual should be responsible for both recording and processing a financial transaction.

Effective and efficient asset management processes should ensure that assets are appropriately protected.

Procedures for authorising and processing transactions should be established, followed and monitored, while adequate IT systems should be in place for maintaining financial records.

Because fraud inherently involves efforts of concealment, there is a risk that many cases will never be detected.

To minimise the risk of undetected fraud, every company should have regular (and irregular) internal audits.

An internal audit is an independent, objective assurance exercise that is designed to test and strengthen internal controls, and internal auditors are a critical part of the governance structure.

Operational risk management is becoming more complex for pension schemes and trustees will need the confidence that their scheme's assets are adequately safeguarded.

Fortunately pension scheme fraud is rare, but responsibilities and procedures should be established to ensure a quick, effective and orderly response to a fraud event.

Monica Cope, Chief Operating Officer, Veratta, www.veratta.co.uk