National Cyber Security Awareness Month (NCSAM) is a good time to look at how to prevent fraud in your business.
It is serious business in organizations of all types, sizes and across all industries. The Kroll Global Fraud Report 2013/14 found that 70% of companies it studied were affected by business fraud in 2013, up from 61% in the previous year.
The 2014 Report to the Nation on Occupational Fraud and Abuse by the Association of Certified Fraud Examiners showed that the typical organization loses 5% of its annual revenue each year to fraud. In 2014, the median loss was $145,000 – but 22% of cases had at least $1 million in losses.
Successful fraud prevention involves creating a work environment that inhibits insider fraud and protects against internet fraud and other fraudsters too.
Here are 11 strategies to keep in mind:
- Culture of Security. A positive work environment with written information security policies, an information security committee, senior management leading by example, and fair employment practices, encourages commitment to information security and the company.
- Make it Official. Create a comprehensive privacy and information security policy that is compliant with industry privacy laws and addresses the management and protection of all private information.
- Good Communication. A supportive workplace with open lines of communication encourages loyalty and can help to deter dishonesty – the ACFE survey showed that most occupational fraudsters are first-time offenders.
- Document Management. Label confidential information with retention schedules including disposal date. For destruction services, partner with a reliable shredding company that provides a chain of custody including locked containers, secure shredding process, and a Certificate of Destruction after every shred. Introduce a shred-all policy too, so all documents are destroyed when they are no longer needed.
- Fraud Detection. Freely utilize internal audits, employee reviews, management reviews and other ‘fraud detection’ methods. Be sure employees work in ‘teams’ so no one makes decisions or manages tasks completely on their own. Knowing the company is watching can stop a plan to commit fraud, according to Managing the Business Risk of Fraud: A Practical Guide.
- Anonymous Tip Line. The ACFE report showed that over 40% of occupational fraud is detected because of tips, mostly from employees but also from customers, vendors and competitors.
- Anti-Fraud Training. Train employees to recognize tell-tale signs of occupational fraudsters – the most frequent signs are living beyond their means, financial difficulties, and having unusually close associations with vendors.
- Online Fraud Training. Train employees to spot and avoid internet scams too, such as phishing, fake antivirus offers, and untrustworthy links.
- Technical Defenses. Create layers of security on all electronic devices. The FCC Small Biz Cyber Planning Guide recommends safeguards such as security passwords, firewalls, intrusion detection systems, content filtering, and encryption.
- Physical Safeguards. Control and monitor all access to the workplace, documents, and IT systems. Other cyber security tips are at National Cyber Security Awareness Month.
Learn more about how to protect your business from security breaches and fraud.