Business fraud is becoming more common and more complicated. Here’s how you keep yourself as safe as possible.
Has COVID-19 made your business more vulnerable to fraud. According to a recent study over a third of businesses said they had seen an increase in fraud over the previous year and three quarters said they felt more exposed to fraud than had been the case in the past. Interruptions to business operations imposed by lockdown have hampered business’ capacity to fight back against fraud while the move to remote working has multiplied the avenues of attack. It all makes for a heady cocktail which looks delicious for fraudsters but is pretty toxic for businesses. So how can you stay safe?
Know your risk
It’s important to know where the danger might come from. The bad news, in this instance, is that it could come from anywhere: your staff, customers, suppliers, cybercriminals or any other third party you’re coming into contact with.
At the same time, regulatory oversight is growing. Businesses are coming under increasing pressure from watchdogs to safeguard against crimes such as money laundering and to implement know your customer provisions and other security measures. If you don’t meet what regulators feel should be reasonably expected you could be in line for a fine.
Your defences, therefore, will have to be multi-pronged incorporating:
- Regulations: Awareness of the regulations and what’s expected of you. Knowledge of past breaches can be helpful at identifying where others have gone wrong.
- Internal: Ensuring you understand the risks posed by staff wrongdoing and have mitigation measures in place.
- External: Checking any relationships with third party companies or contractors. If they require access to your internal systems you should make sure these are closely monitored and revoked when the need has passed.
In short it pays to be a suspicious old so and so. There’s a reason that hypochondriacs live longer than everyone else. If you’re the kind of person who sees danger in things which aren’t actually there they will definitely spot them when they are. Verify any relationships you have, be it with your staff or with any businesses you work with.
Know your business
As a first step it pays to understand your business inside out. Some of the most famous cases of fraud – such as in high profile financial cases – have come about because business leaders didn’t have a firm understanding of how their business operated and left rogue traders to run amok. This happened most famously in the case of Nick Leeson and the collapse of Barings Bank.
The more you understand your business, how it works, the people it does business with and the products or services it offers, the easier it will be to spot when something isn’t quite right. It’s a bit like an experienced captain of a ship knowing when something is a little off with the engines.
You should run a full appraisal of your business, identify where you’re vulnerable and how fraudsters might attack you. It can be worth doing a bit of research and seeing other high profile examples of fraud. By understanding mistakes other businesses have made in the past, you can plug the gaps in your own understanding.
Financial firms, for example, have learned from the experiences of rogue traders to implement monitoring measures to check on what their staff are doing. For example some investment firms have implemented AI systems which check on each trader’s activity and issue alarms when they detect any abnormal patters – namely something which veers away from their usual behaviour. This is not necessarily an indication of guilt, but it might be a sign that it’s worth looking into.
Do your due diligence
When engaging with any other entity – be it a customer, supplier, business party or contractor, you should conduct extensive due diligence. Do your research and look into their backgrounds. Are they legitimate? Are the people running it trustworthy? Have there been any issues with this company in the past?
Once you agree to work with them, you should continue to monitor the situation. Understand how that customer works with you, and what purchases they make. This might help to flag any transactions which appear out of the ordinary considering that company’s track record.
Get to grips with cyber security
Cybersecurity is a massive topic – there’s enough information on this to fill an entire book never mind a few articles. Suffice to say this is probably your biggest threat. Cybercrime is booming, as criminals take advantage of a perfect environment in which technology is evolving, networks are more spread out and business’ capacity to defend themselves compromised.
As a bare minimum you need to ensure your systems are protected by a firewall, data is protected and that you have a good understanding of access permissions. If people are logging into your system from other devices it’s also important to make sure that these are secured.
The biggest vulnerability, though, will be human. For all the technological advances in this sector, the biggest risks still come from someone clicking a dodgy link. Attackers have become much more sophisticated in recent times, so you need to train your staff to be on the ball.
Set a strategy
That issue of staff training extends across your security landscape. Whether through malicious action or basic error, humans are a major vulnerability. You should set clear expectations, keep people informed, be transparent and establish open avenues of communication – all this will help to set expectations and ensure your people know what’s expected of them at every stage.
Fraud is a massive issue and in an economic environment which is looking more uncertain by the week, getting on top of it is not only vital for your finances, but also your reputation. Establishing clear practices will help reduce the chances of an attack. Keeping thorough records will help you demonstrate that you have taken all reasonable precautions if one happens. The threats are complex and multi-layered – so should be your defences.