Intelligent use of ERP can help mitigate internal fraud

Paul Marketos, MD Bluekey Software Solutions
Paul Marketos, MD of Bluekey Software Solutions, a local technology company that specializes in the implementation of SAP Business One, believes that ERP can assist companies in ensuring compliance with legal requirements, accounting rules, strict authorization and approval mechanisms, and prohibiting fraudsters from performing functions they are not authorized to do.

Corporate fraud and corruption are a reality of the times and unfortunately it’s an organization’s employees that are the major risk factor for fraud. It is the naive employer who believes that all his employees are honest and that internal fraud cannot happen within his business.

In South Africa, and indeed like in most countries, a great percentage of corporate fraud is internal.
Prevention is most certainly the best way of managing fraud. The tighter the fraud prevention controls and procedures, the harder it is for unscrupulous employees to take advantage. Companies, including smaller businesses, are increasingly realizing that controls and procedures must be stepped up to prevent fraud and corruption from within their ranks.

ERP can assist companies in ensuring compliance with legal requirements and accounting rules. And, if you consider that many cases of internal fraud result from the abuse of the accounting system, it is plain to see how ERP can assist a business in mitigating fraud.

Manual systems are wide open to abuse because documentation can ‘get lost’ or changed, and there’s no audit trail. With an ERP system in place, companies get tighter control of processes and the benefit of comprehensive audit tracking. Alerts on certain fields can be built into the system so that, if for instance, banking details on an account are changed, an email can be sent to someone in authority to check if the change was legitimate. So, ERP is also a good way of catching people out as well.

ERP can also be used to enforce segregation of duties and strict authorization and approval mechanisms, which prohibit fraudsters from performing functions they are not authorized to do. A good example is to have different people capture goods receipt notes and supplier invoices. Modern tools like electronic funds transfers can also be automated to remove the need for, and risks around cheques.

Nevertheless, companies – even those with an intelligently-applied ERP solution in place – should never become complacent.

ERP is a helpful preventative measure for reducing the chances of fraud and other irregularities. But, it is crucial to bear in mind that even the best-designed systems have vulnerabilities that can be manipulated by cunning fraudsters. Furthermore, the higher the level the fraudster is in the organization, the easier it becomes for them to circumvent the anti-fraud controls that are in place.

It is also important to remember that procedures outside of the accounting system are also open to abuse. ERP can by no means protect a business against theft occurring because of lack of control over who is allowed access to the stock room and whether or not it is securely locked.

Unfortunately, the more sophisticated companies are in the measures they implement to combat fraud, the more conniving fraudsters become. Companies need to be proactive and vigilant at all times.


  1. Hello, Can you tell me the reason why a Financial Firm managng portfolios in excess of !00 Billion dollars would still only operate under an automated auditing system and not have already adopted an ERP or SAP automated control system for Internal Fraud Protection? It seems it leaves far too much to chance and temptation.

    Thank you

Comments are closed.