An extract from the book 'Kicking Fraud to Death' by Michael Moore. Gold Century Press ISBN 0-9750499-1-7
******** Chapter 2 - Risk Management '... Criminals, it would seem, have been with us since time began. Where there is an opportunity to get something for nothing or to acquire something without a proper exchange the morally short sighted will always be with us. And if we have a poor protection system and ventilated armour an army could drive a truck through, we will become the targets of such morally deficient people. As a business our target is not to rehabilitate these individuals. Our aim is to shore up our armour to the degree that such individuals knock, find that the expense and time to gain entry is prohibitive - and then go looking for easier pickings elsewhere. Therefore as fraud is never going to go away our goal is to put into place a system that: · Clearly outlines possible fraudulent activities that may impact on the company business. · Has in place initiatives to reduce possible fraudulent activity at the order placing stage. · Incorporates a filtering process which can isolate those orders which are found to be or are liable to be fraudulent and partnering this with a verification process to establish the veracity of incoming genuine orders. · Recovers money lost in the event that fraudulent activity successfully eludes the first two criteria. · Puts in place policies and procedures designed to record and analyse past fraudulent activities with a view to enhancing the initiatives in place to prevent further fraudulent impact. Parts 2 and 3 of this book are devoted to outlining the points I have outlined above in greater detail. How we achieve this, however, is through the use of Risk Management. What is Risk Management? A good definition of risk is: 'The possibility of loss, injury, disadvantage or destruction.' Manage, according to the New World Dictionary, is defined: 'v.t. to guide or handle with skill or authority; control; direct.' Management is the noun. So Risk Management could be defined as: The practice with processes, procedures, methods and tools of handling, of controlling risks in a project or activity, function or business with a view to the reduction of those risks to an economically acceptable level. Risk Management provides a disciplined environment for proactive decision making to: · Assess continuously what could go wrong (risks). · Determine which risks are important to deal with. · Formulating strategies for reducing those risks. · Implementing the strategies to deal with those risks. · Recording and maintaining information for management analysis. This includes identifying a concern that could translate into a potential risk. What activities could constitute a risk in your business? Could it be the fact that you accept credit cards on line? Could it be the level of service you are offering your clients? Is there a potential problem with the products you are offering? What level of Quality Management do you employ? How responsible are your staff in dealing with clients and/or products? · Determine which risks are important to deal with. Identifying concerns are an important factor and precede identifying risks as to potential and consequences. The options for assessing the risks need to be employed and priorities should be set. Some risks may be relatively low priority. Such as the risk of a client complaining about waiting 5 minutes on the phone to speak to someone. But the risk of a fraudulent credit card being used to purchase a 500-dollar item may be quite high. This is something you will need to make a serious assessment on. · Formulating strategies for reducing those risks. From this risk management plans and procedures may be developed and, if needs be, presented to senior management for authorisation. What policies and procedures do you need to put into place to reduce the risk of say … the 500-dollar credit card fraud? · Implementing the strategies to deal with those risks Having a process or procedure in place which the company and it's employees follows. This might be a verification process for credit cards for example. Or it could be an investigative procedure for a complaint about the company products or service. · Recording and maintaining information for management analysis A record of activities and results of the risk management undertaken for effective analysis and control and future accuracy of risk management is vitally important. Is there some policy you need to formulate as a result of a particular complaint or fraud that took place and which illustrates a deficiency in the quality of product or service or the security arrangements? Risk Management therefore is the route by which you discipline yourself when it comes to dealing with complaints and fraudulent activity. The guidelines outlined here give you a framework you may use to formulate effective strategies...' For more information visit www.goldcenturypress.com kind regards, Michael @fastmail.fm http://gold-today.com http://goldcenturypress.com http://www.ksw-club.com http://mikemoore1.plugusin4cash.com/ --- You are currently subscribed to e-gold-list as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.