Is my small or medium sized organisation at risk of fraud? – Peter and John didn’t think so!
This week we are pleased to once again support International Fraud Awareness Week 2019 .
Our focus this week is to help organisations of all sizes and sectors understand the risks they face and provide some practical simple steps that can be taken to reduce those risks.
This post is relevant to all but focuses on small to medium sized organisations and in particular helping owner managed businesses protect their hard earned money.
Why is this important?
- All organisations including sole traders can be at risk from cybercrime and other external fraud risks.
- Smaller and medium size organisations can also be vulnerable to internal fraud, particularly as they grow.
- Smaller organisations can be impacted by fraud because typically they have fewer anti-fraud controls and rely more on trust.
- The impact on smaller organisations can be disproportionate as the real examples below demonstrate.
Don’t end up like Peter or John
Peter is running a small family business which he started with his two sons selling goods to the building trade. We are currently helping him try to recover £50,000 which was lost through three different frauds.
- The first related to a bank related scam where Peter thought he was on the phone to his bank having received a convincing text message where the fraudsters had ‘spoofed‘ the bank’s telephone number. With the fraudsters still on the phone Peter watched helplessly as £11,000 was drained from his bank account.
- Unfortunately Peter’s troubles didn’t end there. A few days later he ordered goods from a new supplier and needed to send a payment to top up his account with the supplier. Unfortunately the bank details received via email from the supplier had been intercepted and unknowingly changed. Peter ended up paying the fraudster £14,000 instead of the supplier. Peter then had to pay the supplier again using the correct details.
- As if that wasn’t bad enough things got even worse when Peter successfully won a new client. It was a great project and the client needed to pay Peter £25,000 as an advanced payment for the work. Unfortunately once again the bank details received via email by the client had been intercepted and unknowingly changed. The client ending up paying the fraudster £25,000 instead of Peter.
In another case we are helping John who has lost his entire business and is struggling to hold on to his home after placing too much trust in his new Finance Director:
- John’s family business was successful and growing but the financial management of the firm hadn’t kept pace with that growth and in truth was in a bit of a mess. After a chance conversation John was introduced to Bill who had very good experience having worked in a bank. Bill promised to sort out John’s business finances and became a trusted friend. John employed Bill and Bill set to work on sorting out the business finances.
- Unfortunately it was Bill’s own finances that he sorted out, plundering the business accounts to pay for his own debts and gambling habit. Suppliers and the tax man went unpaid but Bill managed to hide the problem from John until it was too late and the level of debt drove John out of business. All john’s hard work and legacy for his children gone in a flash and his 20+ employees were also now out of a job.
What can you do?
Clearly neither Peter or John thought their businesses were susceptible to fraud – until it was too late. Please do not put yourself in that position. A small investment of time now in understanding the risks faced by your business could pay huge dividends later and could save your business.
Particular risks for small and medium sized organisations include:
- Cybercrime and cyber enabled fraud
- Invoice related including diversion of payments
- Payroll fraud
- Expense reimbursement fraud
- Skimming (internal staff diverting income to their own account)
- Cash handling frauds
- Financial mis-statement fraud
It doesn’t have to be expensive to put simple measures (controls) in place to help reduce these risks. Simple controls include:
- Separation of duties
- Rotation of duties
- Effective supervision
- Surprise spot checks or audits
- Simple data analytics and monitoring
- Staff training
- Whistleblowing or speak up procedures for employees
For cybercrime the National Cyber Security Centre has a small business guide. You may also want to look at various cyber certification schemes including a new cyber-aware scheme aimed at smaller business which is promoted by the new Police Digital Security Centre. They also have a useful interactive guide to ‘test your businesses’ resilience to cybercrime’.
How we can support you
It can perhaps seem daunting to think of all of the things you need to cover in identifying how your organisation might be vulnerable to fraud and how you can protect it. We have various services to provide support in putting the appropriate controls in place.
As a special promotion this week we are offering small and medium sized organisations a fraud and cybercrime risk assessment at a special 33% discounted price of £199. The assessment can be undertaken at a future date but needs to be booked in during this week in order to qualify for the discount. Please use the form below to enquire further.
Our unique Fraud Management Resource Centre has a wealth or resources, guides and tools available free to those who want a DIY self-serve option.
We are also inviting you to ask us a question and we will provide our response and post these online all this week. Simply complete the form below to submit your question.
It’s important that we keep sharing / highlighting important information on this topic so we will continue to like and retweet other posts. We invite you to join us in looking out for and sharing posts using #fraudweek.
Ask us a Question
Ask us a question about managing financial crime risks including fraud, cybercrime, bribery, corruption, money laundering, terrorist financing, sanctions, modern slavery or facilitation of tax evasion. Complete the form below.