Fraud can spell disaster for your business and it’s in everyone’s interest to play their part in detecting the red flags. Any weaknesses in your business could be an entry point for fraudsters to access sensitive information, money and goods.
That’s where a thorough fraud prevention procedure proves invaluable. By outlining a plan of action of how to detect fraud and stop it before it’s done any damage, you can keep your business protected.
Here are five essential elements that should be in every fraud prevention plan to make sure it’s watertight.
Every company should take its due diligence checks seriously. Before you start working with a new client, do some digging to make sure they’re legitimate and honest about their company.
A few questions to check are:
Never skimp on these checks. If you’re short on time, hire a professional to do them for you. Large companies will often have a team taking care of just due diligence.
Your employees are the people lots of fraudsters will try to manipulate in order to exploit your business. But how you can expect them to detect fraud if you don’t train them on what to look out for?
Just a few years ago, Google and Facebook had to take a second look at their anti-fraud procedures when $123 million was transferred in a Business Email Compromise (BEC) scam. If their staff had been properly trained on the warning signs, the crime could have been stopped.
A risk-based approach is an effective way of tailoring your training so it is meaningful for people across all roles. By assessing the ways in which your company is most vulnerable, you can show each team member exactly what to look for in their day-to-day work.
Give them confidence by explaining exactly how to report any concerns. You might use a whistleblowing hotline, for example. Try not to deliberate over the obvious points and consider looking at online courses for inspiration or getting an expert on board to give the training some focus, structure and specialist insight.
This shouldn’t be a one-time training session. It should be structured periodically and involve refresher sessions to go over any new regulations and risks.
If you work in the regulation sector, you’re legally obliged to submit Suspicious Activity Reports (SARs) if something doesn’t seem right with a financial transaction. They’re used by law enforcement authorities as official intelligence to combat crime, particularly money laundering.
The UK Financial Intelligence Unit (UKFIU) receives over 460,000 SARs a year and has over two million on file to refer back to. Money laundering is a big problem and SARs are helping the authorities gather information to tackle it from above. [GB4]
SARs should be a key part of your anti-fraud procedure, both for legal reasons and because the information is passed to the people who are best placed to deal with issues.
It’s crucial that you company submits SARs properly. Although the process is relatively straightforward with a simple online submission, there are confidentiality rules in place you must follow and details you need to include. If you’re unsure, do a course online to get to grips with the process or ask for legal advice. Of course, it’s best to be vigilant but you don’t want to snub a client because you’ve reported them on unfair grounds.
Internal fraud accounts for 33% of all corporate scams. It’s not nice to think of your colleagues trying to trick your business out of its money and assets, but it’s important to be aware and take action before it happens.
To give an example, a few years ago, a junior employee at HSBC turned out to be part of a criminal syndicate and managed to transfer £72m using passwords stolen from colleagues. If internal processes to protect these passwords had been in place, this bank fraud wouldn’t have happened.
Technology can help you combat fraud from employees. You can put barriers in place to prevent access to confidential business information and monitor emails to check data isn’t being shared.
However, do be aware of the privacy laws while you implement any monitoring processes. EU guidance states that employee monitoring must be no more intrusive than necessary, so it might be worth getting legal advice first. If your employees feel respected and trusted at work, they will be less likely to commit fraud, so avoid over-monitoring and encourage openness and trust.
It’s clear that a lot of work goes into creating and maintaining a robust fraud prevention programme. That’s why lots of companies invest in hiring an expert and even a team to manage the process.
Over the past two years, over a quarter of fraud cases in the UK resulted in business losses over £700,000. Although this hire may seem like an expensive outlay for your business, you could be saving yourself hundreds of thousands in the long term.
A dedicated team can also focus its time and energy on this one major responsibility, continually monitoring risks to improve your business’ processes.
Here we’ve touched upon some of the key ways you can prevent fraudsters from infiltrating your business. This overview should give you an idea on how to start building your internal fraud prevention programme, and ways to make it stronger.
In the next article, we’ll discuss how fraudsters can get through the tightest internal processes and how you can use external services to build your toolkit for tackling fraud.