How vulnerable are you to commercial fraud?
The media behaves the same with fraud headlines as with any other news; it is selective. Major frauds make the cut, as do the more entertaining or exotic items, “Lonely woman gives £800,000 to dating app con-man.” Or, as may be more relevant to you, “Payments diverted to confidence trickster’s bank account.”
Business fraud comes under four main headings: Abuse of trust; Confidence trick; Forgery; and Theft. A trawl through recent UK headlines turned up items in each of the last three categories.
Abuse of trust is most commonly associated with short-firm fraud in which a client establishes trust (and credit) with a series of smallish transactions, then goes for the big one and disappears. ‘Big’ to you could be hundreds of thousands where the newspapers prefer to see numbers in the millions. Nevertheless, the stories they publish have value for you because they reflect what’s happening at all levels of business: every week in 2018, Graydon identified £500,000 worth of suspected frauds across the UK. This equates to a £7,000 loss for every incorporated business in the country.
Let’s take a look at what lies behind some of the year’s stories. They highlight what could happen to you and how you can stop fraudsters in their tracks. Prevention is by far your best option. It protects your reputation and keeps you away from expensive and time-consuming litigation.
False documentation is at the heart of many stories. Your staff could pay out on fake invoices for non-existent or inferior goods or services. Or they might respond to an email pretending to be from someone in authority – e.g. the CEO or the company solicitor – requesting an urgent money transfer. This is usually referred to as ‘CEO Fraud’, even if the authority isn’t the CEO. All staff responsible for authorising payments must check the authenticity and provenance of any payment instruction. Several stories related to fake investments which offered safe returns or the purchase of precious metals on the investor’s behalf. Most of this money went straight into the fraudsters’ pockets. They would produce authentic-looking statements to keep the pot boiling. When interest became due, they’d pay out of more recent investments. In the case of precious metals, none were purchased. Once again, it falls upon you or your staff to carefully check provenance.
At its simplest, a forger makes false claims regarding revenue, profits or assets in order to convince you of their credit-worthiness. In one of the stories, the primary asset was an influencer’s social media followers – many of them were fake. It meant that brands paid over the odds for their supposed exposure. More down to earth, a company will simply file false information at Companies House. One of the stories involved Scottish Limited Partnerships (SLPs) which were set up with opaque ownership in order to launder money and avoid tax. Are your customers what they seem? Do you even know who they are?
Theft is a very small word for something which can cost a company hundreds of thousands, maybe millions, of pounds. One of the big stories related to directors of companies setting up deals with suppliers then taking a commission and hiding it in a new company that they set up for the purpose. They were caught out because they were living well beyond their apparent means. Do you know where your customers are getting their money from? Is there a danger that you could become part of a fraud investigation, as a recipient of tainted funds?
A couple of others relate to the theft of intellectual property. While ostensibly insider fraud, in each case, an internal expert had already left their company, taking trade secrets with them to sell to the highest bidder. Such theft is usually invisible until the consequences show up in competitive products or processes.
It is also conceivable that an insider’s identity could be stolen in order to gain access to confidential information. All companies, as a basic step, should restrict and monitor all access to their valuable IP and trade secret data. Many companies have no data protection systems in place. Do you know where all your sensitive data is stored and who is allowed access to it?
These are just a few examples of what’s going on out there. It is the board’s responsibility to ensure that all affected staff are alert to the kinds of frauds that are taking place and to be aware of their responsibility to check any financial transaction or credit application before giving the go-ahead. They should certainly never accept documentary evidence at face value. They can conduct many checks themselves or through third party agencies.
While not strictly part of this article, it’s important to monitor what’s going on in the day-to-day running of the business – changing patterns of customer behaviour could be a useful warning sign or altered filings at Companies House, for example.
It’s unfortunate but, even if you are the innocent recipient of dodgy money, the authorities could still investigate your company as part of a money-laundering enquiry, for example.
If you don’t have a documented fraud policy, it would be worth preparing one. It would outline the steps to take in the event of a suspected fraud. When it comes to investigations, such a document would be invaluable evidence of your good intent.
Alan Norton, Head of Intelligence, Graydon UK Ltd