Date last updated: 11/1/2022
National Fraud Awareness Week: Nine tips for small businesses to stay vigilant.
While every business is susceptible to fraud, small businesses need to be on especially high alert. Having less resources than larger corporations, it can be common for them to take fewer anti-fraud precautions, leading to a larger number of “weak links” that can be exploited.
According to the American Association of Certified Fraud Examiners, check and payment tampering was four times more likely in organizations with fewer than one hundred employees and twice as likely to experience billing and payroll fraud.
When fraud occurs, the impact can be devastating. Whether it’s a Business Email Compromise (BEC) scam, a ransomware attack or internal theft, the good news is there are many things small businesses can do to protect themselves. Here are a few things to keep an eye on:
1. Conduct regular internal audits.
An internal audit of your accounting department should focus on identifying the types of fraud that could occur and how they might be concealed. Check tampering, falsified expense reports, credit card fraud and “skimming,” i.e., taking cash and reporting lower receipts, are a few common offenses.
2. Establish loss prevention procedures.
Once you have identified areas where your business is vulnerable, take a closer look at who is responsible for each step, then set up internal controls that eliminate opportunities for fraud. These can include everything from requiring two or more signatures on checks if you haven’t yet digitized your accounts payable and accounts receivable functions, to implementing policies for purchase order authorization.
3. Separate duties.
Some small businesses unintentionally make fraud possible by allowing the same person to authorize, record and process a financial transaction. For example, an employee who updates vendor addresses should not be allowed to pay vendor bills. Dividing those functions removes the temptation to alter information and divert funds where they do not belong.
4. Secure your data.
When a virus infects a computer, it can allow a hacker to access company bank accounts and wire money before anyone suspects a thing. One way to combat cyber-attacks is by limiting online financial transactions to a dedicated “offline” PC that only a tightly controlled group of users can access.
5. Protect home computers, too.
A company’s fraud control measures are only as good as those used by employees, customers and vendors. If employees are allowed to do work from a home computer, make sure they are running updated antivirus software. You may consider preventing employees from accessing company systems from home or instituting a virtual private network (VPN) to direct internet traffic through a more secure tunnel.
6. Screen your employees and suppliers.
Most businesses try to hire honest employees and partner with ethical vendors. But when faced with financial pressures, even principled, hard-working people can be tempted to commit fraud. Checking references ─ and in some cases, criminal records ─ is important, especially for people who will be managing payments, accounts or cash. Simply letting others know that you review account activity and conduct random audits can help curb fraud attempts.
7. Train employees to identify and prevent fraud.
Employees working in fraud-prone areas should be taught common warning signs of fraud and what they can do to prevent it. You’ll want to educate them on the latest fraud techniques such as smishing. This new practice involves scammers sending text messages that appear to be from reputable companies in hopes of persuading staff to reveal account information, passwords or credit card numbers. Criminal activities like this are constantly growing more sophisticated and difficult to detect, requiring constant employee vigilance and awareness.
8. Go paperless when possible.
Every check or invoice sitting on a desk is a fraud risk. Companies that use electronic billing and payment solutions reduce the risk of tampering and information theft. Receiving (and making) payments electronically also helps prevent against deposits into unauthorized accounts. You’ll also create an audit trail that tells you who has viewed or changed a bill or invoice. Receiving electronic payments not only saves on trips to the bank, it also protects against improper deposits.
9. Talk to your banker.
Banks typically offer multiple low-cost tools that help further reduce fraud. Using services such as mobile or remote deposit to scan and digitally transmit checks to your bank account, or Automated Clearing House (ACH) to electronically move money between accounts will increase your efficiency and decrease the risk of fraud.
As fraud techniques continue to evolve, it’s more important than ever for small businesses to be proactive in protecting their assets. It may be Fraud Prevention Week, but playing defense is a year-round job.