Companies are taking a very slack approach to managing fraud risk, according to the latest research by risk consultants Protiviti.

The research, published here, shows that only 49 per cent of executives at Fortune 100 companies and large not-for-profit organizations said their strategies for addressing fraud risk were very well defined, where anti-fraud programs and controls agreed upon, monitored and measured regularly by a board and senior management. Most companies had no formal strategy in place.

The study also found that one in five were not actively monitoring or identifying anti-fraud controls at the process level or didn't know what was being done. It's also worth noting that a lot of fraud red flags would be going undetected. Only 40 per cent of Fortune 1000 companies surveyed weren't routinely using computer-assisted audit techniques to uncover potential fraud indicators.

Even if you take the view that Protiviti has a vested interest in drumming up business by talking up these findings, the figures themselves are still alarming. And if they encourage some companies to examine their own processes and strategies, that's not a bad thing.