Part 2: Good Practice, Guidelines and Tips
Guidelines and Tips for the Development of Key Elements of a Prevention of Financial Wrongdoing Policy
Each section below has a brief description of the contents of the section and a number of example clauses to inform your own policy development. The clauses are not always interchangeable; in some sections it may make sense to have a number of similar clauses to the examples provided, depending on your organisation’s situation.
Section A: Title
The title describes the contents of the policy. Including all elements of financial wrongdoing in a single policy is quite broad. It may be more appropriate for your organisation to have a couple of separate policies; for example, some agencies have an Anti-Fraud and Anti-Corruption and Bribery Policy, as well as a Counter-Terrorism Financing and Anti-Money Laundering and Breach of Sanctions Policy. Whichever option is chosen, all elements of financial wrongdoing need to be addressed in order to be compliant with ACFID requirements.
- Prevention of Financial Wrongdoing Policy
- Anti-Fraud, Corruption and Bribery Policy AND Counter-terrorism Financing and Anti-Money Laundering and Breach of Sanctions Policy
Section B: Introduction
The introduction describes the organisation’s vision, mission and values. It can include the nature of programmatic work and can describe why the organisation developed a Prevention of Financial Wrongdoing policy. The Introduction can link your policy to financial wrongdoing risks in your risk register.
At [organisation name], we recognise that financial wrongdoing may occur in our operations or programs. This wrongdoing may be perpetrated by people inside or outside the organisation. We must therefore implement effective prevention strategies to minimise the risk of wrongdoing occurring.
Our vision is [vision]. As part of executing this vision we seek funds from the public, steward those funds responsibly and spend them in an effective manner [with our overseas partners]. Unfortunately, some people will seek to divert those funds from their intended uses. This policy is one element in a suite of tools to prevent those diversions as far as possible.
[Organisation name] is a not-for-profit (NFP) entity that [description of programming activities]. Inherent in undertaking these activities is a level of risk in relation to financial wrongdoing. We seek to prevent this wrongdoing from occurring wherever possible, and this policy is a proactive means of mitigating those risks of wrongdoing.
Section C: Statement of commitment to prevention of financial wrongdoing and guiding principles
This section describes the stance of the organisation to financial wrongdoing and any underlying philosophical principles to apply. This statement should clearly communicate that the organisation has zero tolerance of financial wrongdoing and takes its prevention seriously. The statements in this section will send a message to staff, stakeholders and the broader community that your organisation takes prevention of financial wrongdoing seriously and considers it a high priority.
At [organisation name] we have a zero-tolerance approach to financial wrongdoing. Any detected cases of financial wrongdoing will be reported to appropriate authorities and may result in disciplinary action including dismissal, or cessation of funding agreements.
[Organisation name] is committed to the responsible stewardship of the resources entrusted to us. We have zero tolerance for any financial wrongdoing attempted or committed in relation to those resources. We will promote this commitment on our website and in other public materials.
This policy demonstrates [organisation name]’s commitment to prevent all forms of fraud, bribery, corruption, terrorism-financing, money-laundering and breach of sanctions from occurring in our operations and programs. This policy is based on the principles of: building trust with communities; being accountable to our stakeholders; and being honest and transparent in all our dealings.
We will not tolerate financial wrongdoing in any aspect of our activities. The prevention of financial wrongdoing is the responsibility of all staff, governing body members, volunteers and partners.
Section D: Purpose
The purpose will explain the aims and objectives of the policy. It is in this section that the importance of the policy document to organisational accountability and compliance can be articulated.
This policy aims to minimise the risk of financial wrongdoing from [organisation name]’s stakeholders and using [organisation name]’s funds. The policy: outlines our internal mechanisms for the prevention and detection of financial wrongdoing; summarises the responsibilities of our team members in the prevention and detection of financial wrongdoing; guides team members on actions to be taken in the reporting and investigation of financial wrongdoing; and provides assurance that we are fulfilling our moral and legal obligations in relation to funds that are entrusted to us.
The purpose of this policy is to: communicate clear expectations regarding the prevention of financial wrongdoing to our stakeholders; ensure that relevant stakeholders are aware of their responsibilities in the prevention and reporting of financial wrongdoing; and provide guidance for the investigation of any allegations of financial wrongdoing.
[Organisation name] is obliged to adhere to national and international laws for the prevention of financial wrongdoing. In addition, we have a moral obligation to responsibly steward the funds entrusted to us by others. This policy is part of a framework of responses to ensure that we discharge these obligations responsibly
For details regarding financial wrongdoing legal obligations, refer to these links below:
- ACNC Summary of legal duties and responsibilities for preventing fraud of those governing or managing a charity
- Summary of Australian and applicable international obligations regarding foreign bribery
- Summary of Australian and applicable international laws to combat terrorism
- Summary of Australia’s Anti-Money Laundering Regime, Terrorism Financing Offences, United Nations Security Council and Australian Autonomous Sanctions
Section E: Context
The Context section refers to the issue of financial wrongdoing. It can include statistics about prevalence and impact and also outline the context in which the organisation works, with emphasis on exposure to financial wrongdoing risks. (This can also be combined with the Introduction section).
It is useful to include some information about the problem of financial wrongdoing (both globally and nationally if relevant to your work), as well as the potential risk of exposure to this wrongdoing in your organisation’s activities. This will assist stakeholders to understand the reality of financial wrongdoing and how it relates to your operations and programs, and why you have prioritised preventing its occurrence.
Using statistics can be a powerful way to draw attention to the scale of the issue, however make sure that they are current and from a reputable source. It is good practice to review and update the statistics when you undertake a review of the policy.
Fraud and financial crime are the most common concerns about charities reported to the ACNC. 10% of respondent organisations to the BDO Not-for-Profit Fraud Survey 2014 had suffered fraud within the past two years, with 70% of this group having suffered fraud previously. Charities can be particularly vulnerable to fraud, as the high degrees of public trust that they receive can provide a cover of respectability for those committing fraud; sometimes a lack of segregation of duties and dependence on a small number of key individuals can result in ineffective oversight; and high-volume funds flows can make suspicious activities harder to identify.
Charities like [organisation name] can potentially be used to raise and distribute funds to finance terrorism. We need to take reasonable precautions to ensure that this is never the case. There may be serious consequences, including criminal penalties, if we deliberately or inadvertently finance terrorism. The nature of our operations can make us more vulnerable to terrorism financing, for example due to our international presence, complex financial arrangements, organisational structure, access to relatively large sources of funds, areas in which we work and high level of public trust.
“Corruption hurts the poor disproportionately by diverting funds intended for development, undermining Government’s ability to provide basic services, feeding inequality and injustice and discouraging foreign aid and investment.”
In the last five years, we have had [number] proven fraud cases across our international network, amounting to financial losses of $[amount] prior to recoveries, as well as countless hours involved in the management of these incidents. We have also had [number] attempted cases of bribery of our staff and [number] instances where our staff were asked for bribes in order to implement our contracted programs. Our terrorism screening program unearthed [number] matches with potential suppliers, employees or partners. Our controls and preventive measures are working; however, we need to be continuously diligent and we can always do more.
 Annan, Kofi, UN Convention Against Corruption page iii https://www.unodc.org/documents/treaties/UNCAC/Publications/Convention/08-50026_E.pdf
Section F: Definitions
It is important to include definitions in your Prevention of Financial Wrongdoing policy so that stakeholders understand what each of the different types of wrongdoing comprises. It is recommended that you define the following terms as a minimum in your policy:
Bribery – the offering, promising, giving, accepting or soliciting of an advantage as an inducement for an action which is illegal, unethical or a breach of trust. Inducements can take the form of gifts, loans, fees, rewards or other advantages (Further explanation to be provided on bribery and how actions can be construed as bribes or not in particular contexts).
Corruption – the abuse of entrusted power for private gain.
Counter-terrorism – the practice, techniques and strategy used to combat or prevent terrorism.
Financial Wrongdoing – behaviour that is illegal or immoral with regards to financial transactions. Includes bribery, corruption, fraud, money-laundering, terrorism financing and violation of sanctions imposed by the Australian government.
Fraud – Dishonestly obtaining a benefit, or causing a loss, by deception or other means.
Money Laundering – the process of concealing the origin, ownership or destination of illegally or dishonestly obtained money and hiding it within legitimate economic activities to make them appear legal
Terrorism Financing – intentionally providing or collecting funds and being reckless as to whether those funds would be used to facilitate or engage in a terrorist act.
Whistleblower – A member of staff, volunteer, contractor or partner who reports suspect wrongdoing, including suspicion of fraud, misuse of resources, neglect of duties or a risk to health and safety.
 Transparency International Anti-Corruption Glossary https://www.transparency.org/glossary/term/bribery
 Transparency International Anti-Corruption Glossary https://www.transparency.org/glossary/term/corruption
 ACFID Code of Conduct https://acfid.asn.au/content/general-definitions
 ACFID Code of Conduct https://acfid.asn.au/content/general-definitions / Commonwealth Attorney-General’s Department Fraud Control Framework p.32 https://www.ag.gov.au/CrimeAndCorruption/FraudControl/Documents/CommonwealthFraudControlFramework2017.PDF
 Transparency International Anti-Corruption Glossary https://www.transparency.org/glossary/term/money_laundering
 Living Safe Together https://www.livingsafetogether.gov.au/informationadvice/Pages/counter-terrorism-laws.aspx#q3a
 ACFID Code of Conduct https://acfid.asn.au/content/general-definitions
Other terms that are commonly defined in Prevention of Financial Wrongdoing policies used by organisations in the sector include:
- Code of Conduct
- Conflict of Interest
- False Accounting
Some organisations choose to list examples of fraudulent behaviour, such as:
- Theft of funds or property
- Misappropriation of funds
- False accounting
- Forgery or unauthorised alterations of documents
- Not declaring a conflict of interest
- Removal, misuse or destruction of organisational assets
- Avoiding / creating an unauthorised liability
- Wrongfully using information or intellectual property
Transparency International provides a useful glossary for many financial wrongdoing terms.
Section G: Scope
The Scope defines the relevant stakeholders that the policy applies to, such as staff, volunteers, governing body members, partners, etc. Some organisations also choose to also list here the types of financial wrongdoing to which the policy applies (alternatively this can be covered in the Introduction or Definitions sections).
When developing or reviewing your Prevention of Financial Wrongdoing policy, it is very important to map out all your organisational stakeholders as they are the people that should be included in the Scope section of your policy. You need to be clear about who is responsible for adhering to and implementing this policy. You may also need to explicitly reference different legal entities in your group, if that is applicable with your organisational structure.
This policy applies to all staff, volunteers and governing body members. Key elements of the policy are also expected to be extended to relevant implementing partner staff, volunteers and governing body members.
This policy applies to all personnel of [organisation name] and its subsidiaries. Personnel include staff, contractors, consultants, volunteers and Board members.
Prevention of financial wrongdoing is applicable in our operations and programs in Australia as well as in all that we do overseas. All staff, volunteers, contractors and governance members are expected to comply with this policy. Additionally, this policy applies to governance members, senior management and program staff for our funded programs at our partners.
The policy applies to potential financial wrongdoing at [organisation name]. In this context, financial wrongdoing is taken to mean fraud, corruption, bribery, money-laundering, terrorism financing and violation of sanctions imposed by the Australian government.
The ACFID Code of Conduct requires that the financial wrongdoing requirements of Compliance Indicator 8.2.1 ‘Members can control and manage their financial resources and risks’ are extended to partners. ACFID therefore expects to see a policy, procedure or guidance document that addresses:
- Financial wrongdoing, especially fraud, corruption, counter-terrorism and money-laundering and violation of sanctions imposed by the Australian government.
- Checks of individuals and organisations receiving funds against the Criminal Code list of terrorist organisation and the DFAT consolidated list of individuals and entities subject to targeted financial sanctions.
Compliance with the policy requirement of this verifier can be achieved by including appropriate references to partners in the application of your Prevention of Financial Wrongdoing policy, for example in the scope section. Be mindful to make these references meaningful and practical to implement. For example, it may make sense to include ‘partners’ in the scope section, but it may be impractical to collect police checks and perform training for all partner staff if you have a partner with 500 staff and only 5 of them are working on your projects. In this example it could still be appropriate to perform screening of the governing body members and senior management at the partner, based on your analysis of applicable risk.
Your policy should include a consideration of how others in your delivery chain are addressing the risk of financial wrongdoing.
Section H: Policy
This section includes the policy statements that will address the risks identified by the organisation in its operations and programs. It would be expected to address, as relevant: controls for each type of financial wrongdoing, risk management, response and reporting, reference to implementing partners and awareness raising.
The key policy statements section can be divided into separate subheadings or presented in a single section.
You could also think about these in terms of the stages of managing the risk of financial wrongdoing and ensure that your key policy statements cover off each of the stages.
[Organisation name] promotes a culture of honesty, integrity and trust. We are committed to the prevention of financial wrongdoing through the promotion of an ethical and transparent environment where all personnel actively participate in responsible stewardship of the organisation’s resources and reputation.
[Organisation name] will ensure that prevention of financial wrongdoing is considered at all steps of its operational cycle. We will investigate all suspected acts of financial wrongdoing or similar irregularity.
Any attempted or actual financial wrongdoing will be grounds for dismissal or termination of contract.
An assessment of financial wrongdoing risks should be undertaken in order to provide an environment that is as free as possible from these risks. This section of the policy outlines how the organisation assesses and works to mitigate the risk of financial wrongdoing. It is an important demonstration of accountability for the management of these risks.
[Organisation name] recognises that there are several potential risks of financial wrongdoing in our operations and program delivery. In recognising this, [organisation name] proactively assesses and manages identified risks in order to prevent harm. This is achieved by examining each activity and program and its potential for exposure to financial wrongdoing. Higher risk activities are subject to more stringent risk management procedures.
[Organisation name] regularly performs assessments of the risk of financial wrongdoing in its operations and programs. Mitigation strategies are designed with this risk assessment in mind, and these strategies are proportionate to the extent of the identified risk.
The risk of financial wrongdoing will be assessed on a [quarterly] basis as part of [organisation name]’s regular risk management process. The various different risks (fraud, corruption, bribery, money-laundering, terrorism financing and breach of sanctions) will have separate entries in the risk register and individual risk strategies for implementation and monitoring. In addition, the risk register should be updated whenever an incident of financial wrongdoing is suspected to have occurred. The risk register is reviewed by the Management Team, Finance & Audit Committee and Board each [quarter].
Each country of operation for [organisation name] will have a separate risk management plan that considers financial wrongdoing risks and their mitigation. This plan will be updated at least annually. Different regions of our countries of operation may have different levels of financial wrongdoing risk and therefore mitigation plans (for example if there has been a recent humanitarian emergency).
Each new partner relationship will be assessed in relation to financial wrongdoing risks. Our responses to identified risks may include: deciding not to work with that partner; providing capacity strengthening support to that partner; working with the partner with additional controls (such as more frequent, smaller tranches of money sent, more frequent monitoring visits), or require further assurances from the partner Board via the partnership agreement. Comprehensive partner risk assessments that include financial wrongdoing components will be completed every [two] years.
All staff, Board members, volunteers, contractors, consultants, suppliers and partners will be screened prior to their engagement with [organisation name] to ensure that they do not appear on any proscribed entities lists.
Prevention of financial wrongdoing clauses will be included in all agreements with our stakeholders, including employment contracts, Board agreements, volunteer agreements, supplier contracts and partnership agreements (Examples to be sourced and included).
Prior to signing any agreements for employment, volunteer or Board appointment, new suppliers or partners, the name of the individual or organisation will be checked against the DFAT ‘Consolidated List’ of persons and entities subject to targeted financial sanctions imposed by resolution of the UN Security Council, and the Attorney-General’s Department ‘List of Terrorist Organisations’ as per Division 102 of the Criminal Code 1995. [Organisation name] will not engage with any individuals or entities that appear on those lists.
From time to time, [organisation name] engages in activities where there is a higher risk of financial wrongdoing, for example humanitarian responses. In these instances, a separate set of detailed procedures is to be followed to mitigate this higher risk, whilst still providing for the level of flexibility required to respond to such a situation.
Staff, volunteers and Board members of [organisation name] are trained in prevention of financial wrongdoing and risk assessment. They are expected to be continually aware of the risks of financial wrongdoing as well as to actively minimise the opportunities and situations where such wrongdoing can occur.
Awareness Raising and Training
It is important to highlight and provide an overview of your commitment to educating the stakeholders of your organisation about different types of financial wrongdoing and how to prevent it.
Awareness raising of financial wrongdoing is the foundation for effective prevention and detection at [organisation name].
[Organisation name] will ensure that all staff, volunteers and governing body members receive training regarding financial wrongdoing risks, prevention and reporting as part of their induction, and thereafter will receive [annual] updates.
[Organisation name] will ensure that relevant staff and volunteers at partner organisations understand their responsibilities in relation to prevention of financial wrongdoing and reporting any suspected incidents. Where practicable, we will support them in strengthening their capacity to meet our requirements.
All staff and volunteers will be advised to use their best efforts to prevent financial wrongdoing. They will be provided with a copy of this policy upon initial engagement with [organisation name] and will be required to acknowledge that they have read and understood it.
Reporting, Investigation and Consequences
Clear reporting statements regarding suspected financial wrongdoing are required to ensure that your stakeholders are aware of their responsibilities to report. A fair, confidential and transparent reporting process will inspire confidence in these stakeholders to report their suspicions promptly.
Your policy should include some high-level guidance about reporting of and responding to incidents, and be supported by a detailed procedural document. Make sure any reporting instructions are accompanied by details of what to do if that role is themselves implicated in the financial wrongdoing. You should include consideration of different reporting pathways of incidents that occur in Australia or overseas, and for the different types of financial wrongdoing. This policy should reference your Whistleblowing and Complaints Handling policies, and how these interface with this process.
Any person who suspects a financial wrongdoing incident related to the operations of [organisation name] should report it to their manager as soon as possible. If they suspect that their manager is involved in the financial wrongdoing, they should report this to the Chief Financial Officer or Chief Executive Officer. Any person who reports suspected financial wrongdoing in good faith will not be penalised for raising a concern of this nature.
All cases of suspected fraud at [organisation name] should be initially reported directly to the Chief Financial Officer who will advise the CEO. The CEO will appoint an investigation team and decide whether to report the matter to the relevant local police authority and/or the ACNC.
For other cases of suspected financial wrongdoing, including possible corruption, bribery, money-laundering, terrorism financing or breach of sanctions, the matter must be reported immediately to the CEO who will perform a rapid assessment and, if necessary, notify DFAT.
All personnel are expected to report any suspected financial wrongdoing to their supervisor as soon as reasonably practicable. The supervisor must then immediately pass on this report to the Finance Manager who will inform the CEO. If the supervisor is suspected of being involved in the financial wrongdoing, the report can be made to the supervisor’s supervisor, or directly to the Finance Manager or CEO.
Reports of financial wrongdoing that are received via [organisation name]’s whistleblowing hotline should be forwarded to the CEO for immediate action. Our Whistleblowing policy and procedure should be referred to for more information on this process.
Any stakeholder complaints in relation to the management of financial wrongdoing at [organisation name] should be referred to the CEO in the first instance. Our Complaints Handling policy and procedure should be followed in this instance.
Suspected financial wrongdoing incidents will be reported to donors in compliance with the requirements in their funding agreements.
[Organisation name] will report suspected fraud or corruption involving DFAT funds to DFAT within five working days of detection, using DFAT’s prescribed form.
Persons suspecting financial wrongdoing should gather sufficient detail about the suspected incident to provide a report, but they should not perform any investigations themselves. They should keep their suspicions confidential, except for the person that they are reporting to. They should have consideration of their own safety and that of other team members. Persons reporting incidents will have access to counselling support if required. Where possible and safe to do so, evidence of the suspected financial wrongdoing should be copied or saved so that it cannot be destroyed.
An objective and impartial investigation will be conducted for all cases of suspected financial wrongdoing.
Once a prima facie case of financial wrongdoing is established, the CEO, Board Chair and external legal counsel will decide on next steps, including reporting to the relevant authorities.
Investigations of suspected financial wrongdoing at [organisation name] will follow the principles articulated in the Australian Government Investigations Standards, ie we will include investigation principles in our policies; we will measure performance of our investigations; we will ensure that investigators are appropriately qualified; we will ensure confidentiality in our investigations (where appropriate), we will consider foreign evidence if applicable; we will conduct ourselves ethically; and we will proactively manage media if required.
[Organisation name] will pursue every reasonable effort to recover losses sustained from financial wrongdoing.
No actions will be taken against staff that report suspected incidents of financial wrongdoing in good faith no matter whether the incident is proven or not.
If an allegation of fraud is substantiated by the investigation, disciplinary action, up to and including dismissal (or termination of an individual’s right to work as a contractor or volunteer), shall be taken by the appropriate level of management.
(Organisation’s name) will also pursue every reasonable effort, including court ordered restitution, to obtain recovery of any losses from the offender.
Where a prima facie case of fraud has been established, the matter shall be referred to the relevant authorities.
(Organisation name) will report to the Australian Federal Police or the National Security Hotline any suspicious activity or if any link is discovered between funds provided by (organisation Name) and a terrorist organisation or terrorist individual.
(Organisation name) will immediately withdraw all support, including any funding, if (organisation name) discovers that any partner organisation or any beneficiary of (organisation name)’s funds is on, or is subsequently added to, the Consolidated List or List of Terrorist Organisations.
It is very useful to include step by step procedures for reporting of different types of financial wrongdoing in procedural documents. Reporting flowcharts can be helpful in these instances. For example, ACFID have set out their complaints handling process in a flow chart.
When developing your incident reporting procedures, try to address: what to report; who to report to; when to report; how to report; and what happens next. It is also useful to include contact details for reporting financial wrongdoing suspicions to the authorities in your incident reporting procedures. ACNC list contact points for federal, State and Territory Police.
DFAT List where to report suspected incidents of sanctions breaches or terrorism financing.
Providing staff with an incident reporting template is a helpful way for them to gather sufficient evidence but not too much in order to report. It also helps in tracking statistics around the incident such as the time that it was discovered. DFAT requires that instances of fraud are reported to them using a standard form.
Remember and include the reporting obligations that you have in contracts with donors in your reporting procedures. For example, DFAT requires notification of a suspected fraud or corruption incident within five working days of detection. If the suspected fraud or corruption is detected at a partner, this requires rapid assessment and escalation to your organisation in order to be clearly reported to DFAT within their timeframes.
A comprehensive guide to complaints handling in a not-for-profit is provided in the Community Directors’ Policy Bank.
Investigating fraud reports can be very challenging and require specialist expertise. You may wish to refer the investigation to your auditors or another accounting firm. For frauds that occur overseas, your auditors may be able to provide recommendations of local reputable audit firms in their networks to assist in the investigation. Once a criminal offence is suspected, it should be referred to appropriate authorities for investigation. This may include the ACNC, State or Territory police or local police in the country of suspected fraud.
Organisations should not attempt to investigate potential terrorist acts themselves, as this can place them and their stakeholders in danger. Any concerns or suspicions in this area should be reported immediately to the contacts listed on the DFAT website.
When working with partners, make sure to spend some time with them to understand how the Prevention of Financial Wrongdoing policy translates in their cultural context and language. Be mindful that they may have different understandings of what constitutes standard business practice. Together, you may need to reword some elements of the policy to ensure that it is relevant to them and their staff. This does not mean losing the principles and intent that underpin your policy, rather it can assist in getting partners to have a better understanding of your expectations for implementation of the policy. This in turn can help to prevent them from agreeing to comply with your policy for fear of losing funding, even though they know that they won’t be able to fully comply.
Section I: Roles and responsibilities
This section explains who does what when in relation to financial wrongdoing prevention, monitoring and incident management.
Some organisations find it useful to have a separate roles and responsibilities section, whereas others prefer to include it in the body of the policy section. Including information about roles and responsibilities is a useful way to convey that prevention of financial wrongdoing is everyone’s responsibility. It also helps to clarify what happens in case of an incident. Make sure to be explicit re what would happen if the designated role was implicated in the financial wrongdoing themselves.
The governing body of [organisation name] has ultimate responsibility for the prevention and detection of financial wrongdoing and for ensuring that appropriate internal control systems are in place.
All personnel are responsible for: ensuring that they are familiar with and comply with financial wrongdoing policies and procedures; conducting themselves with integrity and avoiding financial wrongdoing of any kind; demonstrating awareness of prevention of financial wrongdoing practices; and reporting all suspected cases of financial wrongdoing as soon as possible in line with the policy.
The Chief Financial Officer is responsible for the design of the internal control environment to ensure that financial wrongdoing is prevented.
The Chief Executive Officer is responsible for ensuring that the internal control environment is effective.
All staff are responsible for operating in accordance with the internal control environment.
The Board (via the Finance & Audit Committee) are responsible for oversight of the internal control environment.
Managers have a responsibility to: be aware of areas in their sections that have high risk of financial wrongdoing; role model a zero tolerance for financial wrongdoing culture within their teams and throughout the organisation; ensure that prevention of financial wrongdoing policies and procedures are communicated and understood amongst their teams; and understand the applicable legal environment for their areas.
The CEO is responsible for managing the investigation process, including appointment of the investigation team, consideration of reporting the financial wrongdoing to external bodies (in consultation with the governing body), and deciding on disciplinary action. If the CEO is implicated in the financial wrongdoing, this responsibility reverts to the Chair of the governing body.
All managers should ensure that they assess the risk of financial wrongdoing in their areas of responsibility, are alert to any indicators of such conduct, ensure that their teams are trained in financial wrongdoing awareness and facilitate reporting of any suspected financial wrongdoing.
All staff and volunteers have responsibility for preventing and detecting financial wrongdoing.
All Management Committee members are responsible for ensuring they conduct themselves ethically and that they are aware of potential risks of financial wrongdoing at [organisation name].
The Treasurer is responsible for designing systems that prevent and detect financial wrongdoing. The Treasurer will investigate any reports of suspected financial wrongdoing with the support of the external auditors and will report findings to the Management Committee for decision-making.
Every employee of [organisation name] has an obligation to assist in upholding this policy. The [organisation name] Board has responsibility for the monitoring and review of this policy.
Section J: Review
This section defines how often the policy will get reviewed and demonstrates commitment to keeping it current and reflective of good practice standards, external changes, and to incorporate lessons learned from any financial wrongdoing incidents that have been suspected or occurred in the review period.
Noting the anticipated review time in the policy can demonstrate this commitment. Most agencies do this by including a review table at the start or end of their policy document. This can also demonstrate who has approved the policy, approval date and the internal owner of the policy.
Approved by: Board
Approval Date: June 2018
Review Date: June 2020
Policy Owner: Chief Financial Officer
[Organisation name]’s Prevention of Financial Wrongdoing policy will be reviewed for effectiveness and updated as required every [two] years. This policy will be approved by management and the Board.
The existence and effectiveness of this policy will be of interest to your external auditors. If you undertake internal audits, compliance with this policy is also a useful area for review.
Section K: References
This section provides links to more detailed references (including related procedures) as well as other linked policies and external resources such as ACNC requirements and relevant regulations
Depending on how your organisation arranges and publishes its policies (for example, printed copies, shared drive, staff intranet, single manual or separate but interlinked documents), it may be useful to provide references with easy links to other internal policies and codes that interact with the Prevention of Financial Wrongdoing policy.
A selection of possible related policies is provided below:
- Prevention of Financial Wrongdoing procedures
- [Organisation name] Code of Conduct
- Complaints handling policy
- Conflict of interest policy
- Delegations policy
- Ethical receipt of donations policy
- Foreign exchange risk management policy
- Internal Controls policy
- Legal Compliance policy
- Partnerships policy
- Procurement policy
- Recruitment and Selection policy
- Risk management policy
- Travel and expense reimbursement policy
- Treasury policy
- Whistleblowing policy
It may also be useful for staff to be able to quickly and easily refer to any external resources to understand legal and compliance obligations for financial wrongdoing.
- ACFID Code of Conduct
- ACFID Code of Conduct Commitment 8.2
- ACFID Code of Conduct Good Practice Toolkit
- ACNC Protect Your Charity From Fraud Guide
- ACNC Protecting Your Charity Against Terrorism Financing
- ACNC Conflict of Interest templates
- ACNC External Conduct standards **link once published**
- ACNC or State and Territory police fraud reporting contacts
- Attorney-General’s counter-terrorism best practice principles
- Australian Government Investigation Standards
- Commonwealth Government Procurement Principles
- Community Directors – sample policies and procedures on fraud and other topics that interface with financial wrongdoing, such as code of ethics, complaints handling, conflict of interest, delegations, legal compliance, recruitment screening, risk management and whistleblowing.
- CPA Australia internal controls for NFP organisations
- Criminal Code List of prohibited entities
- DFAT Consolidated List of prohibited entities
- DFAT Fraud Control Toolkit
- DFAT LinkMatchLite software (free screening software)
- DFAT Smart Traveller website for checking terrorism risks in countries of operation
- DFAT terrorism financing reporting contacts
- DFAT Value for Money Principles
- Fundraising Institute of Australia (FIA) practice note on acceptance and refusal of donations
- MANGO (Management Accounting for NGOs) ethical receipt of donations considerations
- MANGO internal controls discussion
- MANGO partner assessment criteria
- MANGO partner internal audit template
- MANGO Risk Register with fraud and bribery risks
- Our Community risk management resources
- Tools4dev delivery audit template and receipt audit template
- Transparency International corruption risk assessment for different countries
- UK Charities Commission partner agreement with some reference to financial wrongdoing