What to look for—and how to prevent it.
From personal identity theft to corporate scams, fraud is one of the biggest money-making industries in the world, raking in an estimated $3.5 trillion annually. And for businesses that think it can’t happen to them, the numbers tell a different story.
In 2012, more than 60 percent of businesses experienced attempted or actual payments fraud with an average loss to the company of more than $20,000, according to the latest survey by the Association of Financial Professionals. The survey also found that 87 percent of those businesses attacked had their corporate checks targeted—the highest form of fraud—and 29 percent had their corporate credit cards targeted.
Internal Fraud: The Danger Within
Employee fraud can be the most harmful to a business and the most heartbreaking to an owner. The majority of business owners, particularly those running small businesses, have immense trust in their employees and fewer fraud controls than large organizations, putting them at the most financial risk.
So how do businesses protect themselves? The best protection against internal fraud is dual control and separation of duties. Understand who is in charge of what responsibilities on the financial side and make sure there are no gaps. Implement dual control over the business’s banking transactions, meaning the same person who is running payables should not be the same person who is reconciling accounts. Also, business owners should review financial statements on a weekly or monthly basis.
Companies also should implement Positive Pay, an automated fraud detection tool offered by most banks. Here is how it works: Companies cut checks every month and send the bank a list of all those checks, including check numbers, amounts and payees. As checks clear against the account, the bank makes sure the checks match up, eliminating any fraudulent or altered checks. Positive Pay is a great solution for companies as long as they already have dual controls in place.
Businesses also should set up an anonymous tip line as employee fraud is most likely to be detected by a tip from another employee.
External Fraud, Emails and Online Payments
While check fraud was the most prevalent payment fraud in 2012, the incidence of fraud with corporate credit cards and electronic forms is on the rise. And while it is recommended that businesses move from a paper-heavy environment to an electronic world, there are still risks for which owners need to be prepared.
The most common types of external fraud include the stealing of information through hacking into a company’s network, online banking fraud, online attacks via computer viruses or fake websites and fraudulent ACH payments.
To mitigate compromise in these areas, businesses should review the following tips and incorporate them into their everyday practices:
- Educate and train employees on fraud prevention and detection.
- Be wary of unsolicited emails and attachments.
- Install, maintain and update spam filters, antivirus software and firewalls.
- Utilize banking products such as ACH Filter or ACH Positive Pay.
- Require dual approval for all funds transfers (ACH, wires) from different computers.
- Dedicate one computer as the online banking computer.
- Review insurance policies to ensure fraud schemes are covered.
- Reduce check writing.
- Be the originator of ACH transactions.
- Separate accounts such as operating and payroll.
- Outsource payroll to a third party.
The unfortunate truth is that fraud is a multitrillion-dollar industry and will continue to present financial problems for both individuals and businesses. However, the more business owners arm, educate and protect themselves and their employees, the less likely they are to become victims of corporate fraud.