Accidental furlough fraud: 5 ways your internal audit team can mitigate this risk
In the past several months, HMRC has been inundated with over 21,000 reports of suspected furlough fraud. Either due to fraudulent claims or, in some cases, money being paid out to employees in error, it’s clear that many businesses have discovered and exploited loopholes within the Coronavirus Job Retention Scheme (CJRS) – be it knowingly or by administrative mistake.
The CJRS, launched in March 2020, is the UK government’s flagship support measure to help protect jobs across the nation. With much economic uncertainty still ahead, the scheme has now been extended until 30 April 2021.
Since the UK furlough scheme was first established, internal audit departments have worked tirelessly to not only assist in the initial preparations but also continue to provide advisory support with regards to control design, risk management and governance arrangements throughout the furlough process.
However, with accidental furlough fraud having emerged as an additional threat to well-meaning businesses, internal auditors must be doubly vigilant to protect their organisation from reputational damage, or worse, criminal prosecution.
How can you mitigate your risk of accidentally defrauding the UK furlough scheme?
We share 5 recommendations to help your organisation avoid being in breach of the updated CJRS rules, and effectively manage activities in relation to furloughed staff until the scheme’s closure:
Ensure the appropriate communications and documentation are being maintained
The controls you have in situ should support senior managers in having appropriate discussions with their team with regards to their furlough status. Furlough agreements should have been made with each individual, where any changes to employment contracts reflect fairness and also consent by the employee, avoiding any unilateral decision making.
All electronic communications should be well-documented to ensure that there is a clear audit trail of any previous or future furlough decisions and that this upholds compliance with the CJRS.
Review existing controls to ensure furloughed employees aren’t engaging in work-related activities
To be eligible for payment, furloughed staff must continue to not undertake any work-related activities for your organisation, including providing services or generating revenue.
Evaluate your controls to ensure preventative measures are still working effectively, such as restricting system access and monitoring any access attempts by employees currently on the UK furlough scheme.
Run a health check on the accuracy of your payroll data
With the scheme being available for employees on the PAYE payroll on any type of contract, including zero-hours, it’s imperative to ensure that the key controls for payroll are showing your payroll data as up to date and correct.
A health check should also include verification of source payroll data to check for ghost employees, unusual data patterns or spikes in the manipulation of the source data.
Validate calculations and documents to ensure scheme rules are being complied with
The CJRS rules stipulate that salaried and non-salaried employees’ payments are calculated as up to 80% of their normal pay for unworked hours, including any applicable fees, commission and bonuses.
Revisit any calculations, formulae and spreadsheets pertaining to your furlough processes to ensure that the UK furlough scheme rules are being complied with and your organisation is not at risk of making fraudulent claims which could cause financial or reputational damage in the future.
Regularly examine all current payment claims to highlight any inadvertent errors
Although administrative mistakes in the furlough process can happen to any well-intentioned business, it’s imperative to put controls in place to ensure all claims information provided to HMRC is accurate, relevant and current to avoid any accusation of fraud.
Claims should be checked carefully, and your business should not assume that the details concerning furloughed employees will be the same from one week to the next in this ever-changing climate.
How internal auditing software can support your furlough processes
As the HMRC continues to crack down hard on fraudulent furlough claims, it’s vital to ensure your audit processes are robust enough to cover all bases and protect your business from adverse risk. And with so many intricacies to consider, being able to automate this is crucial.
Internal auditing software can help you to:
- Automate your compliance procedures to focus on existing and emerging risk
- Organise your internal audits on a risk-based priority scale
- Enforce an unfaltering risk assessment methodology
- Streamline audit work and execution
- Gain essential insights through real-time reporting
Protect your business now from inadvertent furlough fraud, whilst automating all other compliance with our powerful, risk-based auditing software, Pentana Audit. Request your free demo with our knowledgeable team today.