Nations: Menace of fraud deserves serious attention, says JIU report
Published in SUNS #8284 dated 18 July 2016
Geneva, 15 July (Chakravarthi Raghavan*) -- "Fraud is a menace
that deserves serious attention and immediate action by both the United
Nations system organizations and the legislative and/or governing
bodies," according to the Joint Inspection Unit (JIU), the UN
In a comprehensive report, after a nine-month investigation of "fraud
detection, prevention and response" in the 28 organisations of
the United Nations system, the JIU says that there is a "state
of near denial" among some of the organizations about the theft
of their goods, money and services, and inertia and "a perceived
sense of impunity for fraud perpetrators" in many of the organizations.
The Joint Inspection Unit (JIU) is a United Nations unit, established
in 1976 by the UN General Assembly (UNGA Resolution 31/192 of December
22, 1976), as the .independent external oversight body of the UN system
mandated "to conduct evaluations, inspections and investigations
system-wide." The Inspectors, are elected by the UNGA, serve
in their personal capacity and are appointed for a term of five years,
renewable once. The Chairperson and Vice-Chairperson are elected each
year by the Unit, and report to the UNGA. They are independent of
the UN Secretary-General, draw up their own programme, take up investigations
of UN system organisations and subjects, report to UNGA. The current
report has been prepared by two of the Inspectors, George A Bartsiotas
and Achamkulgare Gopinathan. Bartsios is a US national and has held
senior management positions in US public sector and in its missions,
and as management consultant for several UN systems organisation.
Gopinathan, an Indian national , is a former Indian diplomat and has
represented his country in various positions, including as ambassador.
The report has not dealt with any individual cases of fraud, but addressed
a systems-wide problem, and says that the impact of fraud in the United
Nations system can be significant. In addition to substantial monetary
losses, fraud has damaging effects on an organization's reputation,
placing at risk the ability to implement programmes effectively, establish
partnerships and receive contributions. Effective fraud prevention,
detection and response mechanisms, therefore, play a key role in safeguarding
organizations' interests against these negative impacts. Anti-fraud
measures play an equally important role in enhancing the accountability
and effectiveness of the United Nations system and in promoting appropriate
oversight and the responsible use of resources.
The report says that while it is difficult to establish with reasonable
certainty the global amounts lost due to fraud in the United Nations
system, external and internal oversight bodies have repeatedly highlighted
that the level of reported fraud is unusually low, considering the
scale and complexity of the United Nations system operations and the
high-risk environments in which these operations take place. Compared
with fraud statistics reported by professional associations, national
government entities, the private sector and academia, the level of
fraud reported by the United Nations system is indeed unusually low.
In broad terms, the public and private sector average is in the range
of 1 to 5 per cent of total revenue, whereas it is in the range of
0.03 per cent for the United Nations system.
"In other words," comments the report, "under-reporting
and/or non-detection in the United nations system could be significant
The report addresses concerns voiced by Member States and oversight
bodies alike regarding the status of anti-fraud efforts in the UN
system, examines fraud prevention, detection and response in the UN
system at the conceptual and operational levels, and advocates the
adoption of a fraud management framework that seeks to provide guidance
on ways of dealing with fraud. The report builds on the significant
work done by the oversight bodies of the United Nations system in
recent years, and past JIU reports.
The approach and intensity of managing the risk of fraud, says this
report, differ from one organization to another. Also, the nature
of fraudulent activities varies widely and the levels of fraud committed
by staff members and/or by external parties differ considerably among
organizations. As such, there can be no "one-size-fits-all"
approach to tackling fraud in the United Nations system; rather, there
is the need to adapt the proposed fraud management framework to the
requirements and specificities of each organization. While the report
does not examine in detail cases of actual fraud, it looks at the
subject of fraud holistically and provides information on the approaches
taken by organizations to address fraud. Special attention was paid
to most fraud-prone activities and high risk environments. This includes
fraud related to procurement, contract management, staff recruitment,
entitlements, project management, and the selection and management
of third parties such as implement ing partners. Thus, the report
identifies areas of common challenges and makes recommendations based
on leading practices in the public and private sector and the experiences
of the multilateral organizations reviewed.
The report however does not propose entirely new structures with serious
financial implications for combating fraud. Rather, it advocates using
the existing ones more effectively and applying proportionality to
address fraud based on risk. Additionally, it emphasizes that putting
in place robust fraud prevention measures would be far less costly
compared to the costs of having to detect and subsequently respond
to fraud that has already been perpetrated.
Fraud prevention, it says, does not require armies of people to do
it; rather it requires a different focus and mindset on the part of
all stakeholdrs and particularily senior management. However, as neither
can all fraud be prevented, nor can all of it be detected, a balanced
approach that includes both prevention and detection is required.
The report contains 16 formal recommendations, one of which is addressed
to the legislative and governing bodies and 15 to the executive heads.
In addition, it contains 31 informal or "soft" recommendations,
in the form of suggestions to improve policies and practices in dealing
Among others, it calls for clear rules and provisions for "whistle-blowers"
and their adequate protection both in terms of victimisation and disciplinary
actions, as well safeguards that their future career prospects are
not affected, and views this as of major importance, since most frauds
are brought to light by internal whistle-blowers, and is most cost-effective
It emphasises however that much more needs to be done to combat fraud
in the UN system, most of whose entities are under pressure to address
fraud not only for its direct negative impact on the internal workings
of the organization, but also on account of a number of external factors:
startling disclosures in the media alleging fraud; recommendations
by internal and external oversight bodies; and, above all, intense
pressure from the major contributors who, in turn, are subjected to
similar pressure from their own supreme national audit authorities,
parliaments, media, civil society and the public at large.
In such an environment, a number of UN system organizations have been
making concerted efforts in recent years to strengthen their anti-fraud
policies and strategies. Progress has been made but challenges remain.
The present review, the Inspectors say, revealed that organizations
need to do much better in understanding the threat of fraud and improving
ways to tackle fraudulent activities and malfeasance.
The challenges are manifested in several ways. The most important
among them are: the absence of a strong "tone at the top"
in dealing with fraud; no promotion of an encompassing anti-fraud
culture; no systematic assessments to determine the level of fraud
risk exposure; calling for "zero tolerance to fraud" without
ever attempting to give it an operational content; the absence of
a commonly understood definition of fraud; the absence of a clear
policy and/or strategy to fight fraud; the lack of business process
ownership and serious governance deficits in dealing with fraud; delays
in investigations of alleged fraud compounded by shortages of trained
and qualified forensic investigators; the lack of proportionate resources
dedicated to anti-fraud activities; weak implementation of multilateral
frameworks for common debarment of third parties and other sanctions
regimes; the lack of systematic follow-up to investigations, especially
with national enforcement authorities; and the abs ence of a robust
disciplinary regime to deal with employees engaging in fraudulent
"Some organizations continue to remain in a state of near denial
with regard to fraud. Their inability and/or unwillingness to acknowledge
and deal with the threat of fraud at the appropriate level is also
reflected in comments they provided in the context of the present
These organizations have chosen to characterize some of the main findings
of the report as not relevant or applicable to their operations. Yet,
while these organizations appear to be content with the systems they
have in place to combat fraud, the review found these systems to be
deficient in many respects. There is need for the management of these
organizations to have a serious look at their fraud risk profile,
acknowledge their level of exposure to fraud, and devise an effective
anti-fraud programme to protect the assets, integrity, and reputation
of their organizations.
Most of the recommendations of the present report reflect leading
practices in the anti-fraud arena and should be taken into account.
The report says, there is an essential need for clear understanding
of fraud and presumptive fraud to avoid ambiguity and support effective
anti-fraud activities. There is however no UN system-wide definition
of the term "fraud". How fraud is defined and interpreted
differs widely across organizations.
In this connection, it makes pointed reference to a committee of the
UN System organizations chiefs that set out in 2005 to work out common
fraud definition, but the work was discontinued, and the Inspectors
got no explanations or reasons why it was discontinued. The inspectors
make no reference, but that was the year when the UN's "oil-for-food"
programme and frauds burst into the open, implicating many senior
UN staff and several high officials in member governments. It even
reached up to the UN SG Kofi Annan's office, because of the involvement
of his son and his firm, Geneva-based Cotecna, resulting in the Paul
Volcker led inquiry, that however cleared UNSG himself.
In some cases, says the report, there is lack of a common understanding
of what fraud is even within the same organization. The lack of a
clear definition gives rise to ambiguity and can jeopardize the effective
implementation of anti-fraud activities. There is a risk that staff
and managers are not aware of the kind of conduct that constitutes
fraud. Especially, the entities and functions entrusted with anti-fraud
mandates, such as investigators, auditors, finance departments, program
managers, etc. cannot perform effectively without a clear definition
of the term itself. The definition of fraud also has legal implications
and affects the required level of proof and evidence for investigations,
as well as the disciplinary proceedings against staff members and
the sanction proceedings against third parties. Furthermore, a common
definition across the UN system is needed to ensure compatibility
and comparability of fraud data across organizations and improve transparency.
There is also no official definition of presumptive fraud in most
organizations covered by this review. The lack of clarity and a common
understanding of presumptive fraud impede accurate and proper reporting
in the financial statements of the organizations. In order to provide
a structured approach to realizing the objectives of the report, JIU
developed the Fraud Management Framework comprising eight pillars
that address prevention, detection and response to fraud in the UN
system. Under each pillar it has addressed the state of affairs, in
some under-stated language to bring out huge holes in the UN system,
including lack of what it calls "tone" at the top levels
Many respondents to a JIU fraud survey conducted across the system
did not perceive a clear commitment on the part of the senior management
to tackle fraud in their organizations. They were also not aware of
any communication or effort from management to reinforce the "tone
at the top" against fraud.
It is imperative that the executive heads of organizations set a clear,
unambiguous and sufficiently strong "tone" and utilize every
opportunity to reiterate the organization's determination in dealing
with fraud. This will have a demonstration-cum-deterrent effect. It
should be made clear, internally and externally to the organization,
that senior management is championing the anti-fraud policy and the
related anti-fraud activities.
The leadership and commitment of the executive head and the senior
management is essential to combatting fraud by setting the example
for ethical conduct and creating an anti-fraud culture throughout
the organization. Such commitment is demonstrated by putting in place
a robust anti-fraud programme that includes fraud awareness initiatives
and the necessary anti-fraud training, aligned with the organization's
accountability and compliance framework. Commitment of proportionate
resources to reflect and deal with the level of assessed fraud risk
should be present to facilitate and ensure success.
Currently the responsibility for dealing with fraud-related matters
is dispersed across different parts of the organization. The report
calls for the designation of a senior person or team as the "business
process owner" of all fraud-related activities within the organization
to coordinate all such activities and oversee the ownership and responsibility
structure cascading down throughout the organization.
Effective anti-fraud efforts are dependent on a comprehensive anti-fraud
policy and governance structure that allocates clear responsibility
and accountability for the prevention and detection of and response
to fraud and form part of the organization's accountability framework.
Only a number of United Nations system organizations have developed
specific anti-fraud policies that bring together all relevant documents
and procedures to guide the anti-fraud efforts. In several organizations,
anti-fraud related policies and procedures are fragmented over several
rules, guidelines, policies and administrative issuances, with different
policy owners and different entities responsible for their implementation.
This fragmentation often creates duplication of work, loopholes and
inconsistences, and jeopardizes the effective implementation of the
organization's anti-fraud efforts.
The review found that, even in organizations that have a corporate
stand-alone anti-fraud policy, a clear definition of roles, responsibilities
and accountabilities is missing and there is lack of clear guidance
on how to operationalize the policy.
Anti-fraud training is a major component in building an organization's
fraud awareness and anti-fraud culture. While most organizations have
in place mandatory ethics training, the review found that the majority
of United Nations system staff has not had any specific fraud-related
training in recent years. Very few organizations offer dedicated training
on anti-fraud aspects, in particular for risk-prone functional areas
such as procurement, and none has provided evidence of a specific
anti-fraud training strategy to systematically raise awareness and
address capacity and knowledge deficits on anti-fraud issues among
The present report recommends that organizations enhance awareness
and impart training on fraud, based on a comprehensive needs assessment
and an anti-fraud training strategy. At a minimum, dedicated anti-fraud
training should be incorporated into existing training plans/strategies,
and staff in risk-prone functional areas should be required to take
frequent refresher courses on the subject.
The report calls for measures for "Fraud Risk Assessments"
(Pillar 2), addressing the concepts of "risk appetite" and
"zero tolerance to fraud" and the imperative of investing
them with solid operational content so that they can be brought from
the level of rhetoric to that of reality, the report points to the
need for addressing residual fraud risks with bilateral and other
donors and partners to come up with a common understanding and work
out risk-sharing arrangements between organizations and contributors.
Also called for, and grouped under Pillar 3, are Anti-fraud Strategies
and Action Plans.
Under pillar 4, the report says, internal controls are a basic element
of an effective accountability framework. Oversight bodies of the
UN system have repeatedly underscored that the complex and risk-prone
environment in which some organizations operate demands robust internal
control frameworks with strong focus on fraud controls. The review
found that only a few organizations have developed a formal and comprehensive
internal control framework, and most organizations did not include
formally documented processes and controls to address fraud risks.
UN System organizations need to assess the effectiveness of their
existing controls to counter fraud, identify any gaps, and give high
priority to updating internal control frameworks as necessary to ensure
that organization-wide anti-fraud controls are an integral part of
A staff member or third party should be subject to systematic scrutiny
for indications of past or present fraudulent behaviour. Such due
diligence is based on the understanding that it is more cost-effective
to take the necessary precautions and conduct adequate screening prior
to engaging a potentially fraudulent candidate as staff, or to formalizing
a partnership with a third party, so as to avoid challenges afterwards,
including lengthy and costly legal processes. Good practice calls
for due diligence not to stop at the point of engagement, but to be
extended, on a risk-basis, to continuous scrutiny and screening, at
regular intervals. The report found that United Nations system organizations
need to put more emphasis on anti-fraud measures such as strengthening
the monitoring of high risk programmes and activities, conducting
spot checks, reviews and audits, and using data-mining and data-matching
techniques for preventing and detecting fraud.
Transferring the implementation of programmes and funds to implementing
partners, especially in unstable and conflict environments, generates
additional fraud risks. To safeguard the interests of the UN system,
concomitant control and mitigation measures are necessary, which include
robust legal instruments, i. e. implementing partner agreements and
memoranda of understanding.
Information technology-based measures that automate internal controls
are especially effective in improving fraud detection. Rules-based
filters help to identify potentially fraudulent transactions and behaviour,
data analysis supports the detection of anomalies and abnormal patterns,
predictive models identify potential fraud risks, and social network
analysis helps to detect cases by systematically analysing links between
people and transactions. A number of United Nations system organizations
have basic forms of automated controls integrated in their enterprise
resource planning (ERP) systems. The present report calls upon organizations
to ensure that fraud prevention and detection capabilities are an
integral part of automation systems functionalities, inclusive of
automated activity reporting and data-mining modules in their respective
The report underscores the need for comprehensive whistle-blower policies
as key to an effective anti-fraud programme. The review found that
whistle-blowers alone account for the uncovering of more fraud and
corruption than all other measures of fraud detection combined. However,
while most organizations have adopted at least basic provisions that
govern whistle-blowing, instructions on hotlines and other fraud reporting
mechanisms were fragmented and not easily accessible. In the majority
of cases, they were neither readily available on external websites
nor comprehensive and clear enough.
Most organizations have multiple channels through which a whistle-blower
could report a suspected fraud case. However, there is a lack of clarity
among these multiple reporting venues on how they relate to each other,
which types of complaints are to be received by which office, and
how cross-referencing allegations and/or informing on fraud actions
should be undertaken. Furthermore, in most cases, the rules for preliminary
assessment of allegations and pre-screenings are not clear or not
formalized at all.
The present report advocates the establishment of a central intake
mechanism managed by the investigation function. At a minimum, organizations
with a decentralized intake mechanism should establish an obligation
for management and staff to report to a designated central authority
any allegations received, ongoing cases under investigation, and action
taken on closed cases. Failure to report shall be considered a violation
of their staff rules and regulations.
Calling for adequate protection of whistle-blowers against retaliation,
the report says it is clear that most staff suspecting fraud would
not come forward if they did not feel protected from retaliation.
The review found that fear of retaliation ranks high among UN system
staff. Retaliation can take either an active form, such as demotion
and firing, or a passive form, such as the failure to renew an employment
contract, exclusion from training etc. Despite the value of whistle-blowing,
not all UN system organizations have in place comprehensive provisions
for protection against retaliation. Even when policies do exist, protection
provisions in many instances contain loopholes and exceptions in their
The report, under Pillar 6, calls for strengthening the investigation
processes, and for review of existing processes and changes to remove
the perceived sense of impunity for fraud perpetrators within the
UN system organizations, resulting in perpetrators not being deterred
from committing fraud and staff being uninclined to report fraud.
The present report calls for the establishment of key performance
indicators and other measures to address these issues.
The review also found that, in most organizations, information on
fraud allegations is fragmented and systems in place do not allow
for effective management of cases and proper documentation and reporting.
The report also calls for follow-up on the investigation reports,
including disciplinary measures, sanctions and referrals of cases
to national law enforcement authorities for criminal and civil procedures
and asset recovery. The present report calls upon organizations to
establish a case management system based on the volume, frequency
and complexity of cases to support their operations.
Under Pillar 7, it says, determination and will on the part of management
are necessary to follow up on investigation reports and take action
to punish fraud perpetrators, internally and externally. Without the
effective enforcement of a sanctions regime, there cannot be an effective
anti-fraud programme. A related issue involves the referral of cases
to national enforcement authorities for prosecution. Such referrals
have been mostly ineffective throughout the United Nations system.
They raise many legal and political questions and need careful consideration;
however, the review found that organizations do not have effective
procedures in place to guide them in this respect. It is imperative
to strengthen the protocols and procedures for referrals to national
enforcement authorities and courts for criminal and civil proceedings,
as well as for asset recovery.
The report underscores the importance of collecting, verifying and
collating information relating to fraud in a thorough and systematic
manner from the corporate levels, regional and country offices and
other field presences. It also recommends that the task of fraud disclosure
and reporting should not be left only to reports by the internal oversight
bodies or be unceremoniously hidden in the pages of financial statements
that are presented to external auditors. There is need to put in place
mechanisms and procedures for enhancing cooperation and coordination
among the UN system organizations to address fraud in a comprehensive
manner and on a system-wide basis. The report has listed some 14 recommendations,
including one to the UN legislative bodies.
The report lists 16 recommendations, one specifically addressed to
the legislative organs. The full report can be found at: <https://www.unjiu.org/en/reports-notes/JIU%20Products/JIU_REP_2016_4_English.pdf
Chakravarthi Raghavan, Editor-emeritus contributed this comment] +