The growth in the Indian IT-ITeS sector in the last decade has given way to an increased threat of fraud. The volatile economic situation over the past two years has aggravated the scenario, resulting in a steep increase in the value and quantum of frauds in IT-ITeS sector.
Some recent instances of fraud in the IT-ITeS sector:
An employee of a large software services company in India was able to steal the password of the bank account of the company and embezzle an amount in excess of US$4 million.
An employee of a software development company in India sold off the source code of the new software developed by the company to its competitors.
An employee of a leading software company in India without proper authorization hedged the foreign exchange receivable by the company outside the normal course of the company’s hedging process, which resulted in a loss of US$20 million to the company.
An employee of a Gurgaon (India)-based BPO company is believed to have sold a CD, which is suspected to contain some confidential data pertaining to the customers of a British bank.
Two employees working in a Chennai (India)-based BPO misused their authority and created 30 dummy customer e-mail IDs and embezzled more than US$91,000, which was supposed to be paid as refund for dissatisfied customers.
Two employees of a Bangalore-based technology company were sacked for allegedly showing preference to certain vendors/service providers and demanding favors from certain other vendors in lieu of the timely processing of their invoices/bills and the renewal of contracts.
The entire recruitment team at the Indian subsidiary of a large IT company was sacked for allegedly accepting bribes from prospective employees and recruitment consultants.
An employee of a Hyderabad-based company drew salary even after six months of leaving the company.
Few employees from the Pune center of a large Indian BPO opened several dummy accounts to transfer the customer funds to these fictitious accounts.
The recent cases of fraud have raised questions over the preparedness of organizations in preventing, detecting and handling frauds.
The watch word is “Always prevention!”
The likelihood of fraud can be reduced by implementing anti-fraud programs and controls. Besides the development of comprehensive policies and procedures, implementation of antifraud programs requires effective communication, implementation and compliance monitoring.
This can be achieved in three steps as described below:
- Create an anti-fraud environment: Management should strive hard to create an environment where people believe that fraudulent acts will not be tolerated at all, i.e., a zero tolerance level should be established for fraud/other dishonest acts.
- Undertake comprehensive fraud risk assessment: Organizations should consider fraud risk as part of company-wide risk assessment programs to help them identify these risks and implement effective anti-fraud controls.
- Implement adequate oversight/monitoring: Adequate monitoring procedures should be established to review and improve the effectiveness of anti-fraud programs and controls.
For a detailed analysis of the suggested solutions for the Indian IT and ITeS sector, download our insightful brochure.