Don't gamble with your company's investigation process.

Learn about i-Sight software today

How to Write a Fraud Policy

A strong workplace fraud policy establishes a culture of ethics and can save your organization millions of dollars from losses and reputation damage each year.

Posted by Ann Snook on September 11th, 2019

A thorough, clear fraud policy helps employees at all levels make the right decisions. When you clarify your organization’s expectations and describe what types of behavior are unacceptable, employees are more likely to follow the rules.

Whether your fraud policy is due for an update or you haven’t written one yet, use this guide to raise awareness and prevent fraud in your workplace.


Get started on drafting your fraud policy right now by downloading our free template.


Define Fraudulent Behavior


A clear definition of fraud, as well as examples of fraudulent behavior, show employees what is and is not acceptable. Cover all your bases by mentioning:

  • Asset misappropriation (e.g. check forging, theft of cash, expense reimbursement fraud, benefits fraud)
  • Vendor fraud (e.g. kickbacks, overbilling)
  • Accounting fraud (e.g. embezzlement, accounts payable fraud)
  • Payroll fraud (e.g. paycheck theft, timesheet fraud)
  • Data theft (e.g. trade secret theft, theft of personally identifiable data)
  • Bribery and corruption (e.g. bribes, inflating revenues or assets, shell company schemes)


Depending on the type of work your organization does, your definition and examples of fraud may differ slightly. For instance, a retail store would include inventory theft in its list of unacceptable behavior, whereas this wouldn’t apply to an insurance company.

Include a statement that forbids any illegal activity, even if it would benefit the organization. This eliminates any confusion or grey areas for employees.


RELATED: 41 Types of Employee Fraud and How to Detect and Prevent Them


Outline Responsibilities


This section outlines roles and responsibilities for employees of all levels when a potential fraud emerges. Describe what employees, managers and the investigative team should do during a fraud investigation. This may include tasks such as:

  • reporting suspected fraud
  • immediate risk management and fund recovery
  • handling media communications
  • preserving evidence
  • reporting to the appropriate authorities
  • disciplining the fraudster
  • documenting facts and other relevant information


Also in this section, explain the formal procedures that employees will follow if fraud is suspected. Knowing exactly what steps to take ensures a smoother, faster response in this stressful situation.


Learn how case management software can help you document facts and other relevant case information to manage risk and prevent workplace fraud in our free eBook, “Conducting Fraud Investigations with Case Management Software.”


Explain How to Report Fraud


According to a 2018 report by the Association of Certified Fraud Examiners, tips are the most common method for detecting workplace fraud.

That’s why it’s essential to include instructions on how to report suspicious behavior in your fraud policy. Describe the different reporting channels your organization offers and how to use them. If you have a hotline or reporting email, note the phone number and email address.

In this section of your fraud policy, include a statement requiring any employee who suspects wrongdoing to report it immediately to their manager, through one of the reporting mechanisms or the organization’s investigative team.



Statements to Include


List as many specific expectations as possible in your fraud policy to reduce confusion. In relevant sections of your policy, include the following statements:

  • all appropriate measures will be taken to deter fraud
  • suspected wrongdoing (including fraud) will be investigated and reported to the appropriate authorities
  • your organization will make all efforts to recover lost assets from fraudsters
  • the fraud policy will be applied consistently to fraud suspects regardless of position or length of tenure
  • managers are responsible for knowing fraud risks in their areas and detecting wrongdoing
  • cover-ups and retaliation against witnesses or reporters is strictly forbidden


Make sure that the entire policy is focused and easy to understand. After you’ve finished writing your fraud policy, share it across your organization. Require employees to read and sign your organization’s code of conduct (which will include your fraud policy) every year.


Nearly every organization experiences fraud at some point. Implement a strong fraud policy and emphasize your commitment to handling fraudulent behavior quickly, openly, firmly and consistently. In addition, review your policy annually (as well as when your organization experiences fraud) to keep it up-to-date and relevant.

Ann Snook
Ann Snook

Marketing Writer

Ann is a marketing writer at i-Sight Software. She writes about issues related to investigations of fraud, employee misconduct, corporate security, Title IX, ethics & compliance and more.

Book A Demo

To our customers: We’ll never sell, distribute or reveal your email address to anyone. Privacy Policy

Want to conduct better investigations?

Sign up for i-Sight’s newsletter and get new articles, templates, CE eligible webinars and more delivered to your inbox every week.