Safeguarding against fraud
While the value of reported fraud in the UK more than halved in 2018 compared with 2017, the number of reported cases has barely changed.
The reported figure for fraud in 2018 is nearly £750 million, but the true figure could be much higher – over £37 billion by some estimates. Many businesses prefer to deal with fraud internally to avoid reputational damage, with possibly only one in 50 cases being reported. How well is your business protected?
The most common type of fraud is ‘third party fraud’ committed against an individual or group of individuals by an unrelated or unknown third party. Research indicates that straightforward greed is the main motive, followed by gambling, depression, addiction or other health problems.
Third party fraud may come from suppliers, customers or potential customers, employees, or people pretending to be any of these. Online fraudsters can tap the wealth of information available on social media to create fake emails and business profiles that appear genuine. ‘Phishing’ emails that pretend to be from some reputable organisation, like a bank or HMRC, can lead to the loss of confidential data and passwords to criminals.
Protection measures for businesses
- Ensure everyone in the business uses strong passwords and updates them often.
- Only authorised people should be able to place orders and make payments.
- Make sure that more than one person is involved in making payments above a set amount.
- Consider installing electronic monitoring systems to detect unusual financial activity or movements of data
Look out for employees making sales to non-existent customers. Keep your business assets register up-to-date and make regular physical checks of assets, ensuring valuable assets are held securely. Test financial statements for unexpected changes in margins, turnover and costs. Only give trusted and senior employees access to critical information within a business.
Fraud is more difficult to perpetrate where there is a formal policy of separating out duties. It is essential to set a clear division between the person requesting a transaction and the person authorising payment.