Fraud Prevention: Are You Doing This in Your Workplace?
You can never have too many reminders about the importance of fraud prevention and information security.
In the U.S., it’s National Consumer Protection Week. The campaign provides consumers and businesses with resources and other information to help improve data security.
In Canada, March is Fraud Prevention Month, and the public awareness campaign is encouraging everyone to be cautious and smart about protecting confidential information.
The fact is that combating fraud before a security breach occurs has never been more important.
Consumers and merchants are increasingly on the hook for fraud, according to the 2014 LexisNexis True Cost of Fraud Study. It shows that as breaches increase, so does identity fraud – with one in three data breach victims suffering identity fraud in 2013.
Fraud is costly in the workplace too. Research by the Association of Certified Fraud Examiners estimates that most organizations lose 5% percent of their revenues to fraud annually.
Also, according to statistics in this Data Security video, the average security breach exposes 29,000 records and costs an organization $5.85 million including $3.3 million in lost business.
How can you reduce the risk of a security breach in your workplace?
- Hotlines. Hotlines have been high on the list of anti-fraud measures for a while. According to an ACFE blogger, they are typically associated with a 54.5% reduction in fraud losses. A hotline allows employees to share information about suspicious behavior in the workplace.
- Data Monitoring. According to ACFE’s 2014 Report to the Nations on Occupational Fraud and Abuse, proactive data monitoring and analysis can significantly reduce the cost of fraud – by up to 60%.
- Employee Training. Fraud training for managers, executives, and employees is a very effective way to reduce the risk of a security breach. But three out of 10 U.S. businesses don’t provide employee education, according to this information security infographic.
- Mandatory Vacation. “The profile of a typical fraudster is a long serving, trusted employee, who works long hours and is reluctant to take their annual leave,” according to this report. When employees suspected of fraud go on vacation, bosses and co-workers can finally investigate – and often discover discrepancies.
- Document Management Policy. Having a protocol for storing and disposing of confidential information is important. All confidential documents must be identified, labeled and securely stored until no longer needed.
- Surprise Audits. In research, internal audits detected illegal activity in 14% of cases. But ACFE reports only 29% of American companies who were victims of fraud used surprise audits.
- Secure Workplace. Physically secure the workplace with visitor sign-in and locked doors as well as data security policies such as a Shred-all policy, locked consoles for documents that are no longer needed, and a Clean Desk Policy.
- Proper Information Disposal. Privacy laws stipulate that when a business is ready to dispose of confidential material they are legally obliged to shred or otherwise destroy records before throwing them away. Partner with a trusted shredding company.
An information destruction provider can bring a secure chain of custody to your workplace. This infographic shows how security should be front and center from start (installing locked consoles throughout the office) to finish (customers receive a certificate of destruction after every shred).