How to protect your business from fraud
What can your business do to keep safe from the most common scams and online threats?
Fraud is big business, and, according to the National Fraud Authority's 2013 Annual Fraud Indicator Report, the cost of this crime to the UK economy was £52 billion in 2013. As many as 27 per cent of businesses incurred a fraud in that period, and common threats include internal fraud, identity fraud and cybercrime. Despite these dangers, many companies have inadequate systems in place to protect themselves. However, those that do take proactive steps can prevent losses and lessen the impact of fraud where it does occur.
So what can your business do to protect itself and minimise the risks? What policies should you consider? And what are the competitive advantages that such diligence brings to a forward-thinking company?
Identifying Fraud
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
The first step is being able to identify that fraud is taking place - and this may be harder than it sounds.
Kaley Crossthwaite, Partner and Head of Forensic Accounting at BDO LLP, says: "from a company perspective, common features where fraud occurs are: poor systems and controls, a lack of due diligence, and where there is no whistleblowing programme." She says that businesses that provide regular fraud training and awareness for all staff can often profit from the investment of time and resources.
Crossthwaite also says it is critical to have procedures in place for the point when fraud is discovered. "Think about the effectiveness of your fraud response," she says. "For instance, immediately confronting the suspect might lead to evidence being destroyed. If and when you discover a fraud, you will be distressed, so you need to have a comprehensive plan in place." It is also important for large businesses to have a fraud department with a clearly defined prevention strategy detailing controls and procedures to prevent fraud before it happens.
Internal fraud
According to the Annual Fraud Indicator Report, internal fraud made up 49 per cent of all business fraud in 2013, compared with cybercrime, at 37 per cent. Fraudsters often require people within the company to make scams work, and dishonest employees can exploit their insider knowledge to siphon off money.
One of the most critical ways to prevent fraud, therefore, is to make sure fraudsters don't enter your business in the first place. A recent study, published in the Daily Telegraph found that up to a third of employers take CVs at face value, failing to ask to see proof of degrees, A-levels or GCSEs. Research by Higher Education Degree Datacheck – a government-backed service – found that many companies fail to pick up CV fraud simply because they do not run the appropriate checks.
To ensure that your business has the right people, it is imperative that each candidate is subjected to proper scrutiny before being hired. In their guide to fighting fraud, the Metropolitan Police recommend conducting background checks – which could include police checks – before taking on new members of staff.
Risks to UK Businesses
A big part of fraud prevention is knowing where the risks lie, as well as understanding the potential threats and knowing how to deal with them when they arise. The simple truth is that common sense and due diligence can go a long way towards protecting your business.
Fraud can occur in the most obvious of places. For example, unauthorised changes of supplier details and interception of cheques are widespread problems. A simple way to prevent this fraud is to call your supplier and check that they have requested a change in details, and to ensure that your post is kept as secure as possible; for example, by not leaving it unattended in post rooms or common areas of your building(s).
Preventing Fraud
The best way to avoid such threats is to communicate the risks to staff and know where to look for vulnerabilities, according to Simon Carnell, Vice President, Fraud Risk, Personal and Corporate Banking at Barclays.
"With internal fraud you need to know where the weaknesses are," he says. "Employees will know the weaknesses of your controls and how to get around them. Businesses need to know where those are and protect against them. Ask yourself where the biggest risk is and always ensure you are spending the right amount of time on the right fraud controls."
According to the Annual Fraud Indicator Report, most fraud - about 60 per cent - is detected by internal controls. There are some simple automated systems that can be used, depending on the business, such as running a report to detect unusual payments to a single bank account number. Identify where your Achilles heel may be and talk to your staff. "They undertake the operational activity on a daily basis and know where the weaknesses are," says Carnell.
"We've seen a number of frauds recently that have resulted from accounts teams making payments on the strength of a phone call - it's a social engineering scam. People need to be able to challenge things that they feel may not be right and be supported when they do. For example if the policy is not to make payments on the strength of a telephone call no matter who asks, then staff should be able to enforce this."
Cybercrime
The ever-growing dominance of the internet and digital technologies represent a huge opportunity for businesses. According to figures released by the consultancy Capgemini, UK consumers spent £91 billion online in 2013 and are on course to spend £107 billion this year. However, this growth of internet usage also creates opportunities for cybercrime that businesses need to consider.
Protecting yourself from fraud and keeping customers' data safe is therefore critical. Risks are present from malware and hacking, and increased connectivity from mobile devices to cloud computing has further opened the door for cybercriminals. Ensuring your employees are vigilant by providing training on the main dangers and by not assuming that employees are aware of the threats will help guard against these dangers.
Widespread fraud trends
Carnell says that in recent years cybercrime has become increasingly widespread. Online threats are growing both in number and sophistication. In the last decade, phishing – a scam in which criminals attempt to acquire private information such as usernames, passwords and credit card details – has been on the rise. Malware and ransomware – different types of malicious programs that infect a user's computer to gather information or help a hacker to extort money – have also increased in both prevalence and complexity.
"What we're seeing right now is that in a world where fraud is becoming more automated, the cyber influence - the use of electronic communications and malware to defraud customers - is everywhere," Carnell says. "The scale and geographic nature of the fraud is making it difficult for companies and police forces to get a grip on it. You can now have the victim and the beneficiary in different geographies which makes it harder for the authorities. The main message we would send to businesses is ensuring that everybody knows what's expected of them and what the risks are."
Benefits of good fraud control
"It's essential that you and your employees understand the risks of fraud. You will have a more secure business and everybody will know where they are in terms of what they can and cannot do," Carnell says.
As responsive businesses are aware, prevention is far better than cure when it comes to fraud.
Verify the degree qualification of UK graduates for free (degree certificate needed): hedd.ac.uk/index.htm
Try the free Fraud Resilience Self-Assessment Tool: safr.bdo.co.uk/fraud
Test network security against cyber-attacks at Get Safe Online: getsafeonline.org
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
-
5 hilariously spirited cartoons about the spirit of Christmas
Cartoons Artists take on excuses, pardons, and more
By The Week US Published
-
Inside the house of Assad
The Explainer Bashar al-Assad and his father, Hafez, ruled Syria for more than half a century but how did one family achieve and maintain power?
By The Week UK Published
-
Sudoku medium: December 22, 2024
The Week's daily medium sudoku puzzle
By The Week Staff Published
-
Why Assad fell so fast
The Explainer The newly liberated Syria is in an incredibly precarious position, but it's too soon to succumb to defeatist gloom
By The Week UK Published
-
Romania's election rerun
The Explainer Shock result of presidential election has been annulled following allegations of Russian interference
By Sorcha Bradley, The Week UK Published
-
Russia's shadow war in Europe
Talking Point Steering clear of open conflict, Moscow is slowly ratcheting up the pressure on Nato rivals to see what it can get away with.
By The Week UK Published
-
Cutting cables: the war being waged under the sea
In the Spotlight Two undersea cables were cut in the Baltic sea, sparking concern for the global network
By The Week UK Published
-
The nuclear threat: is Vladimir Putin bluffing?
Talking Point Kremlin's newest ballistic missile has some worried for Nato nations
By The Week UK Published
-
Russia vows retaliation for Ukrainian missile strikes
Speed Read Ukraine's forces have been using U.S.-supplied, long-range ATCMS missiles to hit Russia
By Arion McNicoll, The Week UK Published
-
Has the Taliban banned women from speaking?
Today's Big Question 'Rambling' message about 'bizarre' restriction joins series of recent decrees that amount to silencing of Afghanistan's women
By Harriet Marsden, The Week UK Published
-
Cuba's energy crisis
The Explainer Already beset by a host of issues, the island nation is struggling with nationwide blackouts
By Rebekah Evans, The Week UK Published