The National Food Crime Unit (NFCU) have developed a ‘food fraud resilience’ self-assessment tool to support businesses in developing and implementing their counter-fraud strategy.
The tool is made up of 7 sections and provides advice for countering food fraud. It is designed to give certain prompts in relation to the management of the risk of food fraud both internally and externally.
Whilst there are certainly some useful tips within this toolkit, it should also be recommended that food businesses obtain their own legal advice and protection if they are concerned of any potential fraudulent activity. It is recommended that any food business’ ‘counter-fraud policy’ ensure that there is the proviso that the food business receive its own legal advice in relation to any investigation and particularly so if there may be the potential for any escalation to enforcement authorities such as local authorities, National Crime Unit of the Food Standards Agency.
It should also be emphasised that if a food business operator’s policy sets out certain requirements, or, after a review of that policy, certain recommendations are made, and these are not carried out, the FBO will be failing to meet its own standards; therefore care should be taken before any policy is committed to, to ensure the policy standards can be met and adhered to.
Legal advice will be confidential and legally privileged therefore this can always be used to inform and discuss what standards, recommendations and actions should be listed prior to their implementation.
Some of the useful elements of the advice provided by the NCU are quoted below, for ease of reference:
The NCU strongly advise that a counter-fraud strategy is set out and agreed at the highest level within the organisation and headed by one person. They should own responsibility for the strategy.
The strategy will provide the blueprint for how the organisation looks to assess the risk of fraud and food fraud. It should include what is done to mitigate those risks. It should be a proactive document that outlines the actions undertaken by the businesses to prevent fraud.
For more information the NCU provide more detailed guidance here
Don’t rely solely on your own counter-fraud processes. The risk of fraud is also present in your suppliers. You can be affected by an incident that happens further up or down your supply chain.
Be sure to ask questions of your customers and suppliers:
- check that they have a counter-fraud strategy
- ask if they can share it with you
- clarify what processes they have in place
- make sure you are as confident in their measures as you are your own.
Investigating food fraud
Make sure that those within your business responsible for investigating incidents of food fraud are competent to do so. Consider their experience and look to provide additional training, if required.
Ensure those responsible for investigating incidents of food fraud have:
- a thorough understanding of your business
- experience of evidence gathering
- a practical knowledge of leading an investigation
- interviewing skills
- knowledge of relevant laws.
Consider looking to external training providers to help build a specific staff training package that covers basic investigative skills. This could include, for example, the golden hour principles.
Also ensure that there are those within the team who have prevention skills. Being able to investigate and identify crime are crucial, as is the skillset required to identify how to prevent fraud from happening in the first place.
Establishing an anti-fraud culture within a business is vital. A negative or ambivalent culture can become problematic as bad practice may go unchallenged, or taking short cuts may be normalised. This can have serious consequences for your business.
A positive culture promotes an environment where challenge is welcomed and everyone is pulling in the same direction. This provides all staff with a purpose to deliver a safe and exceptional product.
Creating this culture is crucial for tackling fraud, as fraud can often begin with small things being overlooked. A positive culture encourages everyone to do the right thing and not to overlook any details, no matter how small.
Ways to support an anti-fraud culture include:
- committing to building an anti-fraud culture and leading by example from the top of your organisation
- publishing your counter-fraud strategy
- implementing effective whistle-blowing procedures
- encouraging all staff to report any incidents of fraud using this procedure.
Clearly communicating your business's approach to fraud, and any potential penalties, can help to create a positive culture within the organisation and with those you do business with.
You should be overt in your zero-tolerance approach to fraud. You should make this clear from the very beginning to those who work for you or work with you. This will establish where the line is, and what happens if they go beyond this.
Ensuring these requirements are written into contracts with customers and suppliers is a good practice to establish. This will make it clear what is expected on both sides and provide a reference to return to for any incidents.
System in Place
Systems and processes designed to detect fraudulent activity need to be reviewed to make sure they are working effectively. If they are not, this needs to be fixed immediately.
The best way to check your processes are working is by testing the system. Do not rely solely rely on the technology to do this. At times a physical test can be just as or more effective.
You should establish a clear, simple and concise decision tree to detail the decision-making process that would prompt an investigation into fraud. This should be regularly reviewed to remain relevant to any changes you make to your business.
This will provide you with a checklist of questions and actions to support your approach. It should also identify when you need to involve external partners.
Your process for investigating an incident of fraud should include clear defined boundaries at which points the Local Authority, NFCU, or Food Standards Agency (FSA) Incidents may need to be involved.
Learn by experience
When you have been a victim of fraud, or uncovered an incident before it has fully developed, you should look at this positively as it will enable you to strengthen your resilience to fraud. Incidents that occur, either involving you or something that happens elsewhere in the industry, offers a chance to learn and improve.
You should be constantly asking your business why something happened until you find the exact element that went wrong and identify how to fix it. You can use these events to strengthen the affected area of your business to ensure that it does not happen again.
Don’t limit the learning from your experience of fraud to one specific area of your business. Make sure to check all systems with a critical mind-set, as you may be able to strengthen your resilience and processes in more than one area.
You should make sure that your organisation's policy on food fraud is matched by your actions. You should be overt when highlighting a zero-tolerance approach and outlining what happens if there is a breach by employees, suppliers or customers. This should include the steps you will take to implement sanctions if fraud is found.
Be sure that the sanctions you lay out are clear and that they are followed. Not following through with sanctions will help to establish a culture where individuals believe that they can get away with fraud. This can have serious implications for your business.
A review of your business's counter-fraud effectiveness should be done regularly. This review should look at your counter-fraud strategy.
Make sure you are satisfied that your strategy covers everything you need to, is relevant to any changes you have made to the business, and is effective.
This review should cover wider supply chains, so that you are aware of incidents elsewhere in the industry. Wider consideration of food fraud risks and incidents can allow you to ask, 'could that happen to us?’. During these reviews you need to look at your own information, how many incidents you have caught, and when they were caught.
Don't be complacent if you have recorded no incidents. In such cases, consider whether that is a genuine assessment or whether it could be connected to faults in your system and incidents being missed.
For legal advice on any of the above matters please contact Jessica Burt at email email@example.com