How to protect your business from fraud
The prevalence of companies being defrauded seems to be on the rise, and my experience as an advisor has shown the risk is usually greater in small and medium sized businesses.
The obvious reason for this is that small businesses have less sophisticated systems and processes to guard against criminal behavior and tend to have a more intimate relationship with staff and work under the assumption ‘they’re always going to do the right thing’.
The threat of deception is very real and unfortunately often, it can come from within your business.
Internal fraud is defined by the Association of Certified Fraud Examiners (“ACFE”), a global leader in investigating fraud, as ‘the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the organisation’s resources or assets’.
Quite often this can take the form of theft of cash, stock or other assets and attempts may then be made to cover this up through deliberate misstatement of transactions in the accounting system of the business. Employees, managers and owners may also claim fake expenditure or misuse company property or assets.
Externally, cyber and online security breaches are increasingly common and all of us are becoming well aware of the threats to our business and even personal information from hacking and online phishing schemes. Sophisticated scammers are working round the clock to break weak systems and coming up with inventive ways to try and dupe us.
While it is a digital age, fraudsters still resort to more `old school’ deception and tactics to rip off businesses, including;
- Invoicing for goods or services not actually provided;
- Bribing employees;
- Providing incorrect bank account information for payment; and
- Returning stolen products for refunds.
Put simply, and without overstating it, every business is at risk of being a fraud target.
So, what can we do about it?
At the start I mentioned systems and processes are critical, so here are my five tips to help keep your fraud risk low:
- Review internal roles and processes and ensure that not all accounting and cash related tasks for the business are controlled by one trusted person. The best way to do this is to break up the duties of the people who are responsible for any cash coming into, or going out of your business, separate to the person who records the transactions in your accounting system. Another example may be to introduce two person sign off for transactions for online banking. Some businesses are now ensuring that any change to bank details of accounts payable should be processed in your online accounting system only after a phone call confirmation, rather than just an update via email, due to the increase of email fraud.
- Monitor your bank accounts for any suspicious activity regularly. If you see any unusual activity or items you do not recognise contact the organization or your bank as soon as possible.
- Update and upgrade your insurance and IT software systems to ensure that you have the best online protection of your data and your client’s data that you can afford. Most business insurers now have a ‘cyber insurance’ policy add on. IT systems can be expensive and whilst this of course relevant, you should ask yourself what the cost of not protecting your data and information could be, to work out if the cost is worthwhile or not.
- Keep your business information safe – don’t publish sensitive data on your website or social media, and ensure only the right level of employees have access to the right information. For example, if an employee leaves, remove their online access to your MYOB datafile. Also, be careful about who has access to your business credit cards.
- Get help if you are suspicious or something doesn’t make sense no matter how minor something may seem, if the information you have doesn’t seem right or your gut instinct tells you so, seek help.
Remember if you believe you have been a victim of any kind of fraud it is worthwhile contacting the police and your insurers as soon as possible.
The Australian Cybercrime Online Reporting Network (“ACORN”) is an online reporting system where you can securely report cybercrime, and is a good resource for advice regarding cyber and online crime
The threat from fraudsters is very real – we just need to make it very hard for them to succeed.
Kirstin Stewart is a Partner with HLB Mann Judd in Perth. Kirstin provides advice on a variety of accounting, management, taxation, succession and estate planning issues. She is an Accredited Adviser Member of Family Business Australia.
The article above was submitted by LSAWA Corporate Member HLB Mann Judd
Please support those who support us.