A spoke in the wheel

“Investigations are great but I’m here to talk about prevention,” Alan Day, Senior Audit and Investigations Manager, Fraud and Security, Transport for London (TfL) told the Fraud World 2010 audience. The first question to ask, said Day, is whether fraud risk management is embedded in the organisation - “Is it part of the business process?” Does it come high up the agenda in any business project? The answer is probably not, he reflected, which necessitates building both a strategic and tactical risk maps. Since fraud may emerge across the organisation, it has to be tackled area by area. Day, who has a military background, has adapted an army intelligence model – Direction, Collection, Evaluation and Dissemination – to the task. His fraud risk manager and fraud prevention manager will go to each area and ask for an “A to Z of their processes” and where they believe their risks lie. The counter fraud staff will dissect the responses, map out the exposures as they see them before reverting to the area to ask for their thoughts. “They might say, ‘This isn’t a risk because there are controls over there in that team.’ But then we go over to team B, who say, ‘We’ve not done that for two years.’” Day’s staff will also make use of information and intelligence – “information which has been analysed” – from previous case work as well as scanning the environment beyond TfL for potential new threats to the organisation.