Fraud Risk management in SACCO’s in Kenya

Savings and Credit Cooperative Cooperatives Societies (SACCOs) play a very important role in Kenya economic development. According to the Sacco Societies Regulatory Authority ( SASRA) SACCO supervision annual report 2022, there were 359 regulated SACCOS as at 31 December 2022, with an asset portfolio of Ksh 890 billion and 6.42 million members.

The above cements the position that SACCOs play in country economic development and activities. It is worthy to note that there are also many informal and unregulated SACCOs.

Fraud in SACCOS

With the rise of the SACCOS, there has also been numerous cases of fraud perpetrated at various levels of  The digital space has also opened up SACCOS operations and this is one area that has been exploited to commit fraud.
In this article, we focus at fraud perpetrated by staff and we look into what are the main causes and what SACCOS can do to minimize and enhance ability to detect and prevent fraudulent incidences.

Key factors contributing to Fraud in SACCOS

In 1970, criminologist Donald R. Cressey published a model called the fraud triangle which outlines the three key factors that lead to higher instances of fraud in an organization as shown below;                            

  1. Pressure– This relates to the circumstances or issues that the employee is facing in their personal life motivating them to commit fraud such for example financial indebtedness, living beyond their means, unhealthy competition with peers, increase in cost of living, promotion denial, and current job frustrations.
  2. Opportunity- Existence of vulnerabilities or weaknesses in business operations which gives the employee a chance to commit fraud without being caught such as unrestricted access to records, systems poor oversight, manual processes, cash handling.
  • Rationalization- This is whereby the employee justifies their fraud behavior or convinces themselves why they should commit the fraud example of rationalization is “our organization is too big, what am taking is too little” or “I deserve it as well”. Other rationalization in SACCOs have been where the employees believe that the board members are also involved in fraud for example in procurement and hence they feel justified to also take part at their level.

Additional contributing factors include;

  1. Lack adequate controls or weak internal controls in some SACCOs
  2. Lack of adequate information technology controls
  • Unethical culture that tolerates or overlooks fraudulent behavior
  1. Failure to conduct background checks on employees
  2. Inadequate training and awareness of staff on how to detect and report fraud-like activities
  3. Complex transactions which create opportunities for manipulation
  • Failure to automate processes making it difficult to trace transaction entries
  • Inadequate audit and monitoring process hence fraud may go undetected or delay in detecting fraud.

What are the measures that can be implemented to reduce the risk of fraud?

  1. Develop and implement policies and procedures- This will set the road map on how to carry out the day-to-day operations hence it is easy to identify gaps in operations. It’s also important that staff are trained on the policies and disciplinary actions to be taken for any violations. Ensure that these documents are up to date and are aligned to the operations.
  2. Develop and implement a code of ethics and conduct- Having an ethical culture will enhance integrity and openness in the whole team. It compels the team to work in a transparent manner and they tend to place integrity above personal interests. Research conducted by the University of Georgia showed that organizations that implemented a code of ethics for employees reported 56% fraud losses compared to those organizations without a code of ethics and conduct. Hence, this needs to be combined with other compensating risk mitigation factors to reduce it to a considerably low level.
  • Regular staff training and awareness- It’s important that the employees are trained and made aware of the vulnerabilities and behaviors or transactions that might be questionable. Practical scenarios will be key during this training and making the employees aware of how they can also be affected.
  1. Implementation of strong internal controls- This includes segregation of duties, maker-checker controls, regular reconciliations of actual cash received to the supporting records, proper authorization processes, daily review of transactions and many more.
  2. Automation of processes and use of reliable systems and ensure system controls are working- Use of systems to carry out operations helps keep proper audit trails. Such systems need to be reliable so that risk of loss data is very minimal. Access and operations controls should be embedded and enforced within the system.
  3. Regular audits and monitoring- Internal audit function is the third line of defense in control testing in an organization. They work to identify vulnerabilities and give assurance to the key stakeholders on the effectiveness of the internal controls and give recommendations for improvements on areas of weaknesses noted.
  • Employee rotation and vacation- This will eliminate the risk of employees becoming too comfortable in one position and provide an opportunity for other staff to temporarily step into their roles where these temporary replacements may detect irregularities or suspicious activities that the original employee was involved in.
  • Management oversight and sound governance structures- The tone at the top is key. Senior management and the Board should be actively involved in SACCOs risk management, which encompasses fraud risk. The responsibility of implementing sound internal controls, creating and reinforcing a culture of ethics, reviewing key reports, and regular monitoring and engaging internal and external audits rests with the Board and management.
  1. Whistleblowing platforms and protection- Establishing accessible and confidential channels for employees and stakeholders to report suspicious fraud activities and ensuring legal safeguards and protections.

The list is not exhaustive

The Role of Internal Audit in fraud risk management

Internal audit plays a vital role in fraud detection and monitoring within an organization. The independence, expertise, and systematic approach to assessing controls, processes, and evaluating an organization’s operations makes the internal audit team  a valuable resource in safeguarding an organization against fraudulent activities.

MGK has a dedicated internal audit team with a pool of skilled forensic accountants and internal auditors who have been supporting organizations to uncover financial irregularities, fraud, and embezzlement as well as identify weaknesses in internal controls that may be exploited for fraudulent activities. Our recommendations on possible improvements comes in handy

We welcome an opportunity to discuss with you this important topic and the support that we could offer you.

For more information, visit our website www.mgkconsult.co.ke, or email enquiries@mgkconsult.co.ke

Article by- Gillian Waruingi

Mayfair Business Centre, 2nd Floor Off Parklands Road.
Monday - Friday : 8:30AM - 5:00PM
+254 715 248882
+254 733 533449

Company

Newsletter