Fraud is one of the biggest risks to businesses in the UK, especially small businesses. It is becoming more cyber-enabled, giving fraudsters more opportunities to infiltrate companies.
“Small businesses aren’t getting the help and support that, say, the wider consumer public get,” says Alan Bryce, Business Fraud Campaign Manager for the Fraud Advisory Panel’s Love Business, Hate Fraud campaign. “Thankfully organisations like the Federation of Small Businesses (FSB) champion and raise the profile around this, but there’s still more to be done.”
Love Business, Hate Fraud is a one-year campaign focused primarily on smaller businesses, offering free online resources to help SMEs strengthen their fraud defences. Alongside the FSB, ICAEW, the City of London Police, the National Cyber Security Centre and other professional bodies have partnered with the Fraud Advisory Panel to help businesses make themselves more resilient to fraud.
Businesses can tailor the material in a way that works for them or their clients. The Fraud Advisory Panel is focusing on four quarterly themes throughout the campaign: procurement or purchasing fraud, insider fraud, cyber crime and managing fraud risks. In addition, every six weeks the campaign publishes a summary of current and emerging fraud and cyber threats faced by businesses.
Assess the threat
There are many different factors that make businesses vulnerable to fraud, including the nature of their services, and the prevention controls already in place. Fraud trends have not changed much over the past five years, but technology has enabled fraudsters to commit crimes more easily.
One of the most common external threats is authorised push-payment fraud, where fraudsters might impersonate a business partner and ask for bank details to be changed, for example. This often involves sophisticated phishing attacks or some form of social engineering. Insider fraud can be more varied, but can include things such as expenses fraud.
“I would always say, ‘think about where the fraud risks lie in your business’,” says Bryce. “Often, it is those in positions of greatest management authority or independence who are subject to little or no checks or oversights. That is often where fraud is more likely to occur. And, of course, the more senior the fraudster is in the business, the more damage that can be done.”
The first step in protecting your business is asking simple questions around your fraud and cyber risks: what cyber defences do you have in place, are you using any unsupported software, and what do your staff know about fraud risks and how SMEs tend to be targeted.
Speak up
The problem is that people are reluctant to talk about fraud, for many reasons. For example, many business owners don’t want to think that their employees could be fraud risks, or feel they don’t have time to discuss it.
“The only people who don’t want you to talk about fraud are fraudsters, because the more you talk about it, the more you’re going to learn about what the problem is and how to best prevent it,” says Bryce.
It’s about making yourself comfortable with the conversation, and making sure you’re having the conversation in the first place, Bryce explains. The Love Business, Hate Fraud campaign created a 90-second video that explains fraud for business owners to use as a conversation starter with their staff, or for accounting or consultancy firms to use with their clients.
Businesses are sometimes reluctant to talk about fraud, even when they’ve been a victim of it, for a variety of reasons such as perceived reputational damage. This is inadvertently detrimental for businesses. Business owners need to be more open about the impacts of fraud, which can be significant and go beyond the financial impact.
“A fraud is a traumatic experience for any organisation, but for a small business, it can completely ruin you. If a business is your family business and it is what you hold most dear, to see that be defrauded, as well as the potential financial loss, can cause significant personal trauma,” says Bryce.
“In one particular case discussed on one of our webinars, somebody went on to commit suicide as a result of being defrauded and what it meant to their business, their livelihood and their family.”
It’s relatively easy to understand the totality of the risk businesses face, says Bryce, but you need to drill down to where it could specifically have an impact on the business. Fraud won’t stop if it’s not addressed appropriately.
“We’re talking about things that you can do relatively easily, and most of this is completely free to do. The basics are relatively straightforward, as long as organisations are willing to accept the scale of the problem they face.”
For more information about the campaign and to access its free toolkit and events, visit Love Business, Hate Fraud