Fraud Policy

Policy Statement

Kartoza is committed to conducting all business activities with the highest standards of integrity, transparency, and accountability. We have a zero tolerance for fraud, corruption, theft, or any form of financial misconduct. This policy sets out our approach to detecting, preventing, and responding to fraud and outlines the procedures for reporting, investigating, and resolving fraud-related matters.

We commit to:

  • Deterring fraud through strong controls and awareness;
  • Preventing fraud where deterrence is not possible;
  • Detecting fraud promptly where it occurs;
  • Investigating fraud professionally;
  • Sanctioning offenders through appropriate legal and disciplinary measures;
  • Recovering losses to the maximum extent possible.

Note: This policy is developed in accordance with South African and international standards:

Purpose of This Policy

The purpose of this policy is to provide:

  • A framework for reporting, investigating, and resolving suspected or confirmed fraud;
  • A clear definition of responsibilities and authority;
  • Guidance on securing evidence and working with authorities;
  • An outline of disciplinary, civil, or criminal actions to be taken;
  • A basis for preventing recurrence through internal control improvements.

Definitions

  • Fraud: The use of deception to obtain an unauthorised benefit, including theft, embezzlement, forgery, falsification of records, or misrepresentation.
  • Corruption: Abuse of entrusted power for private gain.
  • Misconduct: Any wrongful, improper, or unlawful behaviour related to official duties.
  • Whistleblower: Any individual who reports suspected wrongdoing in good faith.

Scope

This policy applies to:

  • All employees, contractors, interns, consultants, and volunteers of Kartoza;
  • All operations, projects, and activities under Kartoza’s control;
  • Third-party partners, including subcontractors, suppliers, and grant recipients.

Fraud Risk Management

  • Segregation of duties in financial and operational processes;
  • Whistleblowing channels for confidential reporting;

Fraud Detection and Reporting

Fraud may be detected through:

  • Internal controls and audits;
  • Spot checks by management;
  • Financial discrepancies;
  • Anonymous tips or whistleblower reports;
  • Supervisory reviews and reconciliations.

All employees are required to report any suspicion of fraud immediately to the

  • Managing Director
  • Human Resources or Legal Department

Fraud Response Plan

A.Initial Assessment

Upon receiving a report of suspected fraud:

  • Assess the credibility and potential impact.
  • Escalated to the relevant teams.
  • The source of funds will be determined (public or private).

B.Public Funding (e.g. DSD Grants)

If the case involves funding from the Department of Social Development (DSD):

  • The matter will be referred to DSD’s Corporate Investigations Unit (CIU).
  • Kartoza will cooperate fully with external investigators.

C.Private/Internal Funds

If the matter involves internal/private resources:

  • The case will be reported to the South African Police Service (SAPS).
  • Kartoza’s Legal Team will manage internal investigations.

Preventing Further Loss

Where fraud is suspected and confirmed:

  • Immediate action will be taken to suspend the suspected employee(s);
  • Access to buildings, systems, and data will be revoked;
  • Personal belongings may be collected under supervision.
  • Keys, access cards, and company property will be surrendered;
  • Systems access will be locked to prevent data alteration or destruction.

Securing Evidence

Evidence will be:

  • Collected discreetly to avoid tipping off suspects;
  • Secured immediately to prevent tampering;
  • Stored in a controlled and confidential manner;
  • Managed according to legal chain-of-custody protocols to ensure admissibility.

Investigation Procedures

Investigations will be:

  • Led internally by the FLO or a designated investigation team;
  • Supported externally when required (e.g. SAPS, DSD CIU, legal counsel);
  • Conducted objectively, confidentially, and fairly.

The rights of all parties will be respected throughout the process.


Disciplinary and Legal Action

Where fraud is proven:

  • Kartoza will initiate disciplinary procedures, up to and including dismissal;
  • Legal proceedings may be initiated for criminal prosecution and/or civil recovery;
  • Any disciplinary action will align with the Labour Relations Act and relevant policies.
  • Offenders may be reported to professional bodies, funders, or regulators.

Recovery of Losses

Kartoza will:

  • Pursue recovery of defrauded funds through civil litigation where applicable;
  • Involve insurers to recover losses where covered by fraud insurance;
  • Seek recovery from the perpetrators or their assets via legal action.

Communication Protocol

  • All communication regarding fraud incidents must be authorised by Management.
  • External communications (including with media) must be handled professionally and lawfully.

Whistleblower Protection

Kartoza ensures that:

  • All whistleblowers are protected from victimisation, dismissal, or disciplinary action;
  • Anonymous reporting is permitted.
  • Any retaliation will result in disciplinary action.

Communication and Awareness

  • Communication of this policy to all staff and third parties.

Policy Review

  • This policy and response plan will be reviewed annually or after any significant fraud incident.
  • Changes will be made by the Managers with approval from executive leadership.

Roles and Responsibilities

  • All Employees: Report fraud, protect assets, follow this policy.
  • Managers: Ensure compliance, detect and report fraud.

Manage fraud risks, lead investigations, and report to the executive.

  • Legal and HR Teams: Advise on disciplinary actions, ensure legal compliance.
  • Executive Leadership: Enforce policy, authorise disciplinary/legal responses.