How to Protect Your Business Against Fraud

For many businesses, fraud is an all-too-common experience. Fraud occurs when someone tricks others to gain something – usually money, property, or information. When that someone is an employee, manager, or executive tricking their organization, it’s called occupational fraud.

Fraud is a serious problem affecting organizations of various types and sizes across many industries. The Association of Certified Fraud Examiners (ACFE) considers occupational fraud “very likely the largest and most costly form of financial crime in the world, with estimated annual costs in the trillions of dollars.” According to ACFE’s latest study, Occupational Fraud 2024: A Report to The Nations, 42% of privately held companies incurred a median loss of 150,000 USD, as did 26% of publicly traded companies. The report also showed that the typical organization loses 5% of its annual revenue to fraud, with a median loss of 145,000 USD.

Why do people commit fraud?

Knowing why people commit fraud can help you better protect your business. The Fraud Triangle, the most widely accepted explanation, hypothesizes that when three components are present – financial pressure, opportunity, and rationalization – there is a high likelihood of someone committing fraud.

What are the different types of fraud?

Fraud can be categorized in many ways, but it basically comes down to fraud committed against an organization or individual. Internal organizational fraud is also known as occupational fraud. While an estimated 5% of a business’s annual revenues are lost to occupational fraud, the cost may be much higher because many cases go undetected. By understanding the different types of occupational fraud and risk, businesses can find ways to help protect their operations.

• Asset misappropriation, the most common type of workplace fraud, is when an employee steals or misuses the employer’s resources. This includes theft of company cash, false billing, and inflated expense reports. It occurs in 89% of cases reported, and, according to the ACFE, the median loss for a company is 120,000 USD. 
  • Important to know: Research has shown that this type of fraud often occurs because someone sees an opportunity. Therefore, good internal controls that actively detect fraud, such as thorough management review, account reconciliation, and surveillance/monitoring are critical.
• Corruption fraud is when perpetrators use their position to benefit from a business transaction personally. Bribery schemes and conflicts of interest are examples. Corruption accounted for 48% of fraud cases in the study and caused a median loss of 200,000 USD. 
  • Important to know: Most corruption fraud schemes occur outside of the accounting system, so there’s no paper trail. Fraud detection is more about the awareness of relationships between employees and outside parties.
• Financial or fraudulent statement fraud is when the inside fraudster falsifies financial statements to divert assets for personal gain. While this type of fraud occurred just 5% of the time, the median loss is totaled to be 766,000 USD, making it the least likely to happen but the most costly.
  • Important to know: Schemes to manipulate revenue are carefully crafted and covered up, so fraud reporting is critical for detection.

What are some fraud prevention strategies?

Successful fraud prevention involves creating a work environment that inhibits insider fraud while protecting against internet fraud and other external fraudsters.

Here are 11 strategies to keep in mind to deter fraud:

1. Culture of Security. A positive work environment with written information security policies, an information security committee, senior management leading by example, and fair employment practices, encourages commitment to information security and the company.
2. Make it Official. Create a comprehensive privacy and information security policy that is compliant with industry privacy laws and addresses the management and protection of all private information.
3. Good Communication. A supportive workplace with open lines of communication encourages loyalty and can help to deter dishonesty – the ACFE survey showed that most occupational fraudsters are first-time offenders. 
4. Document Management. Label confidential information with retention schedules, including a destruction date. For destruction services, partner with a reliable shredding service, like Shred-it^®, that provides locked containers, has a secure shredding process, and provides a Proof of Service Certificate after every material pickup. Implement a shred-it-all policy so that all documents are securely stored or destroyed when no longer needed.
5. Fraud Detection. Freely utilize internal audits, employee reviews, management reviews, and other fraud-detection methods. Be sure employees work in teams so that no one makes decisions or manages tasks completely on their own. Knowing the company is watching can often prevent fraud, according to Managing the Business Risk of Fraud: A Practical Guide.  
6. Anonymous Tip Line. ACFE’s 2024 report showed that more than 43% of fraud is detected because of tips, mostly from employees but also from customers, vendors, and competitors. 
7. Protect Customers. Inform customers how their private information is being protected – share the privacy policy and document management process, and explain the company’s security best practices. 
8. Anti-Fraud Training. Train employees to recognize telltale signs of occupational fraudsters – the most frequent signs are living beyond their means, having financial difficulties, and having unusually close associations with vendors. 
9. Online Fraud Training. Train employees to spot and avoid internet scams, such as phishing, fake antivirus offers, and untrustworthy links.  
10. Technical Defenses. Create layers of security on all electronic devices. The FCC Small Biz Cyber Planning Guide recommends safeguards such as strong passwords, firewalls, intrusion detection systems, content filtering, and encryption.
11. Physical Safeguards. Institute strict visitor sign-in protocol, the use of lockable consoles for document collection prior to destruction, and a clean desk policy to help protect data. The policy encourages regular shredding or containment of physical documents and requires that all technological devices are password protected each time an employee leaves a workspace.

Learn more about how Shred-it^®’s secure document destruction services can help protect your business from occupational fraud.

^{*This article is for general information purposes only and should not be construed as legal advice on any specific facts or circumstances.}