Why small and medium size businesses should think about fraud risks

It is important to remember that the vast majority of people who work for you or you do business with are trustworthy and honest. Unfortunately however there are examples of a minority of people as well as organised criminal gangs exploiting weaknesses in basic controls to commit fraud. In desperate times, desperate people can do desperate things. This could be anything from falsifying sickness or expense claims through to more sophisticated payment or income diversion, false accounting or misreporting of performance data.

Many of these frauds are what are known as cyber enabled frauds where the fraudster uses technology to commit the fraud. These include what is known as Business Email Compromise fraud or CEO Fraud. This is where a fraudster sends an official looking email that appears to come from a trusted source (such as the CEO or business owner), requesting an urgent transfer of money. This type of fraud not only requires weaknesses in email security but also weaknesses in business controls around payment processes including the setting up of new suppliers. The introduction of simple controls around payments such as requiring two different people to set up and pay a new supplier (known as segregation of duties) can help prevent this type of fraud.

We have seen businesses literally brought to their knees or business owners who have lost all they have worked hard to build as a result of fraud. In most of these cases simple preventative controls (checks and balances in your processes) could have stopped these frauds in their tracks, however in each case the business thought – it will never happen to me! It is much more expensive to deal with the aftermath of a fraud than it is to take some time initially to risk assess your business and put in place proportionate controls to reduce the likelihood of fraud occurring.

It should also be remembered that fraud has wider impacts on an organisation than just its finances.

If your organisation answers yes to one or more of the following then it could be at increased risk.

  • Some of our people may be feeling unfairly treated at this time.
  • Some of our people may be worried about their own or family finances at this time.
  • Some of our people may feel increased pressure to achieve sales or performance targets at this time.
  • A manager may have issued a ‘just do it’ instruction at this time without worrying how things would be done.
  • The organisation has introduced new ways of working recently including remote working or online delivery channels.
  • Staff in key control functions such as HR, Finance, Risk, Procurement, Audit or Compliance have been furloughed or moved to frontline operational roles.
  • My organisation has introduced new products, services or is targeting new markets.
  • My organisation’s supply chain has been impacted by the recent Covid crisis including new suppliers, couriers, shippers, agents.
  • My organisation’s procurement processes have been impacted including thresholds for competitive tendering.

This is not an exhaustive list and it does not mean that fraud is inevitable as a result but it does increase the risk. As many people will know from Donald Cressey’s widely used Fraud Triangle any actions that increase the motivation, rationalisation or opportunity increases the risk of fraud. This theory also provides the opportunity to reduce the risks by removing or reducing any one of those factors.

How we can support you

It can perhaps seem daunting to think of all of the things you need to cover in identifying how you or your organisation might be vulnerable to fraud and cybercrime and how you can protect it.

To help your organisation reduce the risks we have come up with a 10 point plan.

For those who would like to learn more about current fraud risks we have produced a series of short videos ‘Managing Fraud Risks in times of crisis’. This will provide an overview of the types of risk (internal and external) that organisations need to consider at this time, together with some top tips on how to prevent or detect those risks.

We have also produced a list of key fraud risks applicable to all organisations as well as a ‘why people commit fraud’ video.

All of these resources are contained in our free ‘Fraud Risk Management Starter Pack SME Edition’

Our unique Fraud Management Resource Centre also has a wealth or resources, guides and tools available.

Access more great resources

Ask us a Question

Ask us a question about managing financial crime risks including fraud, cybercrime, bribery, corruption, money laundering, terrorist financing, sanctions, modern slavery or facilitation of tax evasion. Complete the form below.

Contact us
Comments are closed.