In today's society, newspapers around the world are filled with stories of fraud and financial misconduct. Financial scandals such as the Libor Rate Rigging scandal, JP Morgan Chase, and the HSBC Laundering fiasco, have stunned the public and unsettled the very foundations of our economic system. This is why fraud risk assessment is such an important process in all organizations. It involves the pre-emptive actions of identifying, prioritizing, and addressing an organization's vulnerabilities to fraud both to internal and external. Every organization is different, and therefore, what gets evaluated and what is assessed depends on the organization. However, in the case of the Miano billing scheme, implementing some basic internal controls could have gone a long way in detecting and successfully preventing his fraud.
Separation of duties is the basis of any effective internal control system. By ensuring two or more employees handle separate parts of a transaction, the organization creates an automatic internal system of checks and balances (Lehman, 2005). A huge part of Miano's success was his access to most stages of invoice creation, submission, and approval. There should always be separation and rotation of duties between the person making the orders and submitting the invoices for authorization and the person submitting the approved invoices for payment. This would have prevented Miano from slipping his doctored invoices in with real ones. .
Another measure to guard against billing fraud, and could have deterred Miano, is the inclusion of pre-numbered sequential invoices that have safety bands, borders, and other items that do not allow for modification. The ease with which Miano could copy and amend the invoices for submission increased his confidence in continuing his scheme. The sequencing for these documents should be reviewed periodically and out of sequence numbers should be immediately investigated.