The title describes the contents of the policy. Including all elements of financial wrongdoing in a single policy is quite broad. It may be more appropriate for your organisation to have a couple of separate policies; for example, some agencies have an Anti-Fraud and Anti-Corruption and Bribery Policy, as well as a Counter-Terrorism Financing and Anti-Money Laundering and Breach of Sanctions Policy. Whichever option is chosen, all elements of financial wrongdoing need to be addressed in order to be compliant with ACFID requirements.

Examples

• Prevention of Financial Wrongdoing Policy
• Anti-Fraud, Corruption and Bribery Policy AND Counter-terrorism Financing and Anti-Money Laundering and Breach of Sanctions Policy

The introduction describes the organisation’s vision, mission and values.  It can include the nature of programmatic work and can describe why the organisation developed a Prevention of Financial Wrongdoing policy.  The Introduction can link your policy to financial wrongdoing risks in your risk register.

Examples

At [organisation name], we recognise that financial wrongdoing may occur in our operations or programs.  This wrongdoing may be perpetrated by people inside or outside the organisation.  We must therefore implement effective prevention strategies to minimise the risk of wrongdoing occurring.

Our vision is [vision]. As part of executing this vision we seek funds from the public, steward those funds responsibly and spend them in an effective manner [with our overseas partners].  Unfortunately, some people will seek to divert those funds from their intended uses.  This policy is one element in a suite of tools to prevent those diversions as far as possible.

[Organisation name] is a not-for-profit (NFP) entity that [description of programming activities].  Inherent in undertaking these activities is a level of risk in relation to financial wrongdoing.  We seek to prevent this wrongdoing from occurring wherever possible, and this policy is a proactive means of mitigating those risks of wrongdoing.

This section describes the stance of the organisation to financial wrongdoing and any underlying philosophical principles to apply.  This statement should clearly communicate that the organisation has zero tolerance of financial wrongdoing and takes its prevention seriously.  The statements in this section will send a message to staff, stakeholders and the broader community that your organisation takes prevention of financial wrongdoing seriously and considers it a high priority.

Examples

At [organisation name] we have a zero-tolerance approach to financial wrongdoing.  Any detected cases of financial wrongdoing will be reported to appropriate authorities and may result in disciplinary action including dismissal, or cessation of funding agreements.

[Organisation name] is committed to the responsible stewardship of the resources entrusted to us.  We have zero tolerance for any financial wrongdoing attempted or committed in relation to those resources.  We will promote this commitment on our website and in other public materials.

This policy demonstrates [organisation name]’s commitment to prevent all forms of fraud, bribery, corruption, terrorism-financing, money-laundering and breach of sanctions from occurring in our operations and programs.  This policy is based on the principles of: building trust with communities; being accountable to our stakeholders; and being honest and transparent in all our dealings.

We will not tolerate financial wrongdoing in any aspect of our activities.  The prevention of financial wrongdoing is the responsibility of all staff, governing body members, volunteers and partners.

The purpose will explain the aims and objectives of the policy.  It is in this section that the importance of the policy document to organisational accountability and compliance can be articulated.

Examples

This policy aims to minimise the risk of financial wrongdoing from [organisation name]’s stakeholders and using [organisation name]’s funds.  The policy: outlines our internal mechanisms for the prevention and detection of financial wrongdoing; summarises the responsibilities of our team members in the prevention and detection of financial wrongdoing; guides team members on actions to be taken in the reporting and investigation of financial wrongdoing; and provides assurance that we are fulfilling our moral and legal obligations in relation to funds that are entrusted to us.

The purpose of this policy is to: communicate clear expectations regarding the prevention of financial wrongdoing to our stakeholders; ensure that relevant stakeholders are aware of their responsibilities in the prevention and reporting of financial wrongdoing; and provide guidance for the investigation of any allegations of financial wrongdoing.

[Organisation name] is obliged to adhere to national and international laws for the prevention of financial wrongdoing.  In addition, we have a moral obligation to responsibly steward the funds entrusted to us by others.  This policy is part of a framework of responses to ensure that we discharge these obligations responsibly

Tips

For details regarding financial wrongdoing legal obligations, refer to these links below:

• ACNC Summary of legal duties and responsibilities for preventing fraud of those governing or managing a charity
• Summary of Australian and applicable international obligations regarding foreign bribery
• Summary of Australian and applicable international laws to combat terrorism
• Summary of Australia’s Anti-Money Laundering Regime, Terrorism Financing Offences, United Nations Security Council and Australian Autonomous Sanctions

The Context section refers to the issue of financial wrongdoing.  It can include statistics about prevalence and impact and also outline the context in which the organisation works, with emphasis on exposure to financial wrongdoing risks. (This can also be combined with the Introduction section).

It is useful to include some information about the problem of financial wrongdoing (both globally and nationally if relevant to your work), as well as the potential risk of exposure to this wrongdoing in your organisation’s activities.  This will assist stakeholders to understand the reality of financial wrongdoing and how it relates to your operations and programs, and why you have prioritised preventing its occurrence.

Using statistics can be a powerful way to draw attention to the scale of the issue, however make sure that they are current and from a reputable source.  It is good practice to review and update the statistics when you undertake a review of the policy.

Examples

Fraud and financial crime are the most common concerns about charities reported to the ACNC[1].  10% of respondent organisations to the BDO Not-for-Profit Fraud Survey 2014 had suffered fraud within the past two years, with 70% of this group having suffered fraud previously[2].  Charities can be particularly vulnerable to fraud, as the high degrees of public trust that they receive can provide a cover of respectability for those committing fraud; sometimes a lack of segregation of duties and dependence on a small number of key individuals can result in ineffective oversight; and high-volume funds flows can make suspicious activities harder to identify[3].

Charities like [organisation name] can potentially be used to raise and distribute funds to finance terrorism.  We need to take reasonable precautions to ensure that this is never the case.  There may be serious consequences, including criminal penalties, if we deliberately or inadvertently finance terrorism.  The nature of our operations can make us more vulnerable to terrorism financing, for example due to our international presence, complex financial arrangements, organisational structure, access to relatively large sources of funds, areas in which we work and high level of public trust[4].

“Corruption hurts the poor disproportionately by diverting funds intended for development, undermining Government’s ability to provide basic services, feeding inequality and injustice and discouraging foreign aid and investment.”[5]

In the last five years, we have had [number] proven fraud cases across our international network, amounting to financial losses of $[amount] prior to recoveries, as well as countless hours involved in the management of these incidents.  We have also had [number] attempted cases of bribery of our staff and [number] instances where our staff were asked for bribes in order to implement our contracted programs.  Our terrorism screening program unearthed [number] matches with potential suppliers, employees or partners.  Our controls and preventive measures are working; however, we need to be continuously diligent and we can always do more.

[1] https://www.acnc.gov.au/ACNC/Pblctns/Guides/ACNC/Publications/FraudGuide/FraudGuide_Ch2.aspx

[2] https://www.bdo.com.au/getattachment/Insights/Surveys/Not-For-Profit/BDO-Not-For-Profit-Fraud-Survey-2014/BDO-Not-For-Profit-Fraud-Survey2014.pdf.aspx

[3] https://www.acnc.gov.au/ACNC/Pblctns/Guides/ACNC/Publications/FraudGuide/FraudGuide_Ch5.aspx

[4] http://www.acnc.gov.au/ACNC/Manage/Protect/ProtectingTF/ACNC/Edu/ProtectTF.aspx

[5] Annan, Kofi, UN Convention Against Corruption page iii https://www.unodc.org/documents/treaties/UNCAC/Publications/Convention/08-50026_E.pdf

It is important to include definitions in your Prevention of Financial Wrongdoing policy so that stakeholders understand what each of the different types of wrongdoing comprises.  It is recommended that you define the following terms as a minimum in your policy:

Bribery – the offering, promising, giving, accepting or soliciting of an advantage as an inducement for an action which is illegal, unethical or a breach of trust.  Inducements can take the form of gifts, loans, fees, rewards or other advantages[1]  (Further explanation to be provided on bribery and how actions can be construed as bribes or not in particular contexts).

Corruption – the abuse of entrusted power for private gain[2].

Counter-terrorism – the practice, techniques and strategy used to combat or prevent terrorism[3].

Financial Wrongdoing – behaviour that is illegal or immoral with regards to financial transactions.  Includes bribery, corruption, fraud, money-laundering, terrorism financing and violation of sanctions imposed by the Australian government.

Fraud – Dishonestly obtaining a benefit, or causing a loss, by deception or other means[4].

Money Laundering – the process of concealing the origin, ownership or destination of illegally or dishonestly obtained money and hiding it within legitimate economic activities to make them appear legal[5]

Terrorism Financing – Providing or collecting funds and being reckless as to whether those funds will be used to facilitate or engage in a terrorist act. (Criminal Code Act 1995)[6].

Whistleblower – A member of staff, volunteer, contractor or partner who reports suspect wrongdoing, including suspicion of fraud, misuse of resources, neglect of duties or a risk to health and safety[7].

[1] Transparency International Anti-Corruption Glossary https://www.transparency.org/glossary/term/bribery

[2] Transparency International Anti-Corruption Glossary https://www.transparency.org/glossary/term/corruption

[3] ACFID Code of Conduct https://acfid.asn.au/content/general-definitions

[4] ACFID Code of Conduct https://acfid.asn.au/content/general-definitions 

[5] Transparency International Anti-Corruption Glossary https://www.transparency.org/glossary/term/money_laundering

[6] ACFID Code of Conduct https://acfid.asn.au/content/general-definitions

[7] ACFID Code of Conduct https://acfid.asn.au/content/general-definitions

TIP #1

Other terms that are commonly defined in Prevention of Financial Wrongdoing policies used by organisations in the sector include:

• Code of Conduct
• Collusion
• Conflict of Interest
• Deception
• False Accounting
• Partners
• Sanctions
• Stewardship
• Theft

TIP #2

Some organisations choose to list examples of fraudulent behaviour, such as:

• Theft of funds or property
• Misappropriation of funds
• False accounting
• Forgery or unauthorised alterations of documents
• Not declaring a conflict of interest
• Removal, misuse or destruction of organisational assets
• Avoiding / creating an unauthorised liability
• Wrongfully using information or intellectual property

TIP #3

Transparency International provides a useful glossary for many financial wrongdoing terms.

The Scope defines the relevant stakeholders that the policy applies to, such as staff, volunteers, governing body members, partners, etc.   Some organisations also choose to also list here the types of financial wrongdoing to which the policy applies (alternatively this can be covered in the Introduction or Definitions sections).

When developing or reviewing your Prevention of Financial Wrongdoing policy, it is very important to map out all your organisational stakeholders as they are the people that should be included in the Scope section of your policy.  You need to be clear about who is responsible for adhering to and implementing this policy.  You may also need to explicitly reference different legal entities in your group, if that is applicable with your organisational structure.

Examples

This policy applies to all staff, volunteers and governing body members.  Key elements of the policy are also expected to be extended to relevant implementing partner staff, volunteers and governing body members.

This policy applies to all personnel of [organisation name] and its subsidiaries.  Personnel include staff, contractors, consultants, volunteers and Board members.

Prevention of financial wrongdoing is applicable in our operations and programs in Australia as well as in all that we do overseas.  All staff, volunteers, contractors and governance members are expected to comply with this policy.  Additionally, this policy applies to governance members, senior management and program staff for our funded programs at our partners.

The policy applies to potential financial wrongdoing at [organisation name].  In this context, financial wrongdoing is taken to mean fraud, corruption, bribery, money-laundering, terrorism financing and violation of sanctions imposed by the Australian government.

Tip

The ACFID Code of Conduct requires that the financial wrongdoing requirements of Compliance Indicator 8.2.1 ‘Members can control and manage their financial resources and risks’ are extended to partners.  ACFID therefore expects to see a policy, procedure or guidance document that addresses:

• Financial wrongdoing, especially fraud, corruption, counter-terrorism and money-laundering and violation of sanctions imposed by the Australian government.
• Checks of individuals and organisations receiving funds against the Criminal Code list of terrorist organisation and the DFAT consolidated list of individuals and entities subject to targeted financial sanctions.

Compliance with the policy requirement of this verifier can be achieved by including appropriate references to partners in the application of your Prevention of Financial Wrongdoing policy, for example in the scope section.  Be mindful to make these references meaningful and practical to implement.  For example, it may make sense to include ‘partners’ in the scope section, but it may be impractical to collect police checks and perform training for all partner staff if you have a partner with 500 staff and only 5 of them are working on your projects.  In this example it could still be appropriate to perform screening of the governing body members and senior management at the partner, based on your analysis of applicable risk.

Your policy should include a consideration of how others in your delivery chain are addressing the risk of financial wrongdoing.

This section includes the policy statements that will address the risks identified by the organisation in its operations and programs.  It would be expected to address, as relevant: controls for each type of financial wrongdoing, risk management, response and reporting, reference to implementing partners and awareness raising.

The key policy statements section can be divided into separate subheadings or presented in a single section.

You could also think about these in terms of the stages of managing the risk of financial wrongdoing and ensure that your key policy statements cover off each of the stages.

Overall Statements

Examples

[Organisation name] promotes a culture of honesty, integrity and trust.  We are committed to the prevention of financial wrongdoing through the promotion of an ethical and transparent environment where all personnel actively participate in responsible stewardship of the organisation’s resources and reputation.

[Organisation name] will ensure that prevention of financial wrongdoing is considered at all steps of its operational cycle.  We will investigate all suspected acts of financial wrongdoing or similar irregularity.

Any attempted or actual financial wrongdoing will be grounds for dismissal or termination of contract.

Risk Management

This section explains who does what when in relation to financial wrongdoing prevention, monitoring and incident management.

Some organisations find it useful to have a separate roles and responsibilities section, whereas others prefer to include it in the body of the policy section.  Including information about roles and responsibilities is a useful way to convey that prevention of financial wrongdoing is everyone’s responsibility.  It also helps to clarify what happens in case of an incident.  Make sure to be explicit re what would happen if the designated role was implicated in the financial wrongdoing themselves.

Examples

The governing body of [organisation name] has ultimate responsibility for the prevention and detection of financial wrongdoing and for ensuring that appropriate internal control systems are in place.

All personnel are responsible for: ensuring that they are familiar with and comply with financial wrongdoing policies and procedures; conducting themselves with integrity and avoiding financial wrongdoing of any kind; demonstrating awareness of prevention of financial wrongdoing practices; and reporting all suspected cases of financial wrongdoing as soon as possible in line with the policy.

The Chief Financial Officer is responsible for the design of the internal control environment to ensure that financial wrongdoing is prevented.

The Chief Executive Officer is responsible for ensuring that the internal control environment is effective.

All staff are responsible for operating in accordance with the internal control environment.

The Board (via the Finance & Audit Committee) are responsible for oversight of the internal control environment.

Managers have a responsibility to: be aware of areas in their sections that have high risk of financial wrongdoing; role model a zero tolerance for financial wrongdoing culture within their teams and throughout the organisation; ensure that prevention of financial wrongdoing policies and procedures are communicated and understood amongst their teams; and understand the applicable legal environment for their areas.

The CEO is responsible for managing the investigation process, including appointment of the investigation team, consideration of reporting the financial wrongdoing to external bodies (in consultation with the governing body), and deciding on disciplinary action.  If the CEO is implicated in the financial wrongdoing, this responsibility reverts to the Chair of the governing body.

All managers should ensure that they assess the risk of financial wrongdoing in their areas of responsibility, are alert to any indicators of such conduct, ensure that their teams are trained in financial wrongdoing awareness and facilitate reporting of any suspected financial wrongdoing.

All staff and volunteers have responsibility for preventing and detecting financial wrongdoing.

All Management Committee members are responsible for ensuring they conduct themselves ethically and that they are aware of potential risks of financial wrongdoing at [organisation name].

The Treasurer is responsible for designing systems that prevent and detect financial wrongdoing.  The Treasurer will investigate any reports of suspected financial wrongdoing with the support of the external auditors and will report findings to the Management Committee for decision-making. 

Every employee of [organisation name] has an obligation to assist in upholding this policy.  The [organisation name] Board has responsibility for the monitoring and review of this policy.

This section defines how often the policy will get reviewed and demonstrates commitment to keeping it current and reflective of good practice standards, external changes, and to incorporate lessons learned from any financial wrongdoing incidents that have been suspected or occurred in the review period.

Noting the anticipated review time in the policy can demonstrate this commitment.  Most agencies do this by including a review table at the start or end of their policy document.  This can also demonstrate who has approved the policy, approval date and the internal owner of the policy.

Examples

Approved by: Board
Approval Date: June 2018
Review Date: June 2020
Policy Owner: Chief Financial Officer

[Organisation name]’s Prevention of Financial Wrongdoing policy will be reviewed for effectiveness and updated as required every [two] years.  This policy will be approved by management and the Board.

Tip

The existence and effectiveness of this policy will be of interest to your external auditors.  If you undertake internal audits, compliance with this policy is also a useful area for review.

This section provides links to more detailed references (including related procedures) as well as other linked policies and external resources such as ACNC requirements and relevant regulations

Depending on how your organisation arranges and publishes its policies (for example, printed copies, shared drive, staff intranet, single manual or separate but interlinked documents), it may be useful to provide references with easy links to other internal policies and codes that interact with the Prevention of Financial Wrongdoing policy.

A selection of possible related policies is provided below:

• Prevention of Financial Wrongdoing procedures
• [Organisation name] Code of Conduct
• Complaints handling policy
• Conflict of interest policy
• Delegations policy
• Ethical receipt of donations policy
• Foreign exchange risk management policy
• Internal Controls policy
• Legal Compliance policy
• Partnerships policy
• Procurement policy
• Recruitment and Selection policy
• Risk management policy
• Travel and expense reimbursement policy
• Treasury policy
• Whistleblowing policy

It may also be useful for staff to be able to quickly and easily refer to any external resources to understand legal and compliance obligations for financial wrongdoing.

Examples

• ACFID Code of Conduct
• ACNC Protect Your Charity From Fraud Guide
• ACNC Protecting Your Charity Against Terrorism Financing
• Criminal Code List of prohibited entities
• DFAT Consolidated List of prohibited entities

• ACFID Code of Conduct
• ACFID Code of Conduct Commitment 8.2
• ACFID Code of Conduct Good Practice Toolkit
• ACNC Protect Your Charity From Fraud Guide
• ACNC Protecting Your Charity Against Terrorism Financing
• ACNC Conflict of Interest templates
• ACNC External Conduct standards 
• ACNC or State and Territory police fraud reporting contacts
• Australian Government Investigation Standards
• Commonwealth Government Procurement Principles
• Community Directors – sample policies and procedures on fraud and other topics that interface with financial wrongdoing, such as code of ethics, complaints handling, conflict of interest, delegations, legal compliance, recruitment screening, risk management and whistleblowing.
• CPA Australia internal controls for NFP organisations
• Criminal Code List of prohibited entities
• DFAT Consolidated List of prohibited entities
• DFAT Fraud Control Toolkit
• DFAT LinkMatchLite software (free screening software)
• DFAT Smart Traveller website for checking terrorism risks in countries of operation
• DFAT terrorism financing reporting contacts
• DFAT Value for Money Principles
• Fundraising Institute of Australia (FIA) practice note on acceptance and refusal of donations
• MANGO (Management Accounting for NGOs) ethical receipt of donations considerations
• MANGO internal controls discussion
• MANGO partner assessment criteria
• MANGO partner internal audit template
• MANGO Risk Register with fraud and bribery risks
• Our Community risk management resources
• Tools4dev delivery audit template and receipt audit template
• Transparency International corruption risk assessment for different countries
• UK Charities Commission partner agreement with some reference to financial wrongdoing