Coronavirus  

Fight fraud by staying alert

Companies will be taking an even more commercial view in 2020. With finances tight, it is likely the investigation of fraud will fall down the list of priorities as businesses fight to survive. 

This may increase the propensity for wrongdoing as fraudsters spot that managers are focused elsewhere and there is little chance of discovery, investigation or prosecution.

So what can financial businesses do to protect themselves from the escalating risk of fraud?

  1. Prepare for the worst: draft a fraud response plan and communicate it.
  2. Make your employees aware of the increased threat (including cyber).
  3. Protect vulnerable home networks: implement multifactor authentication.
  4. Be diligent: have a robust transaction approval process.
  5. Encourage whistle-blowers to step forwards.
  6. Use of temporary and contract staff should be monitored carefully.
  7. Complete a few basic checks when returning to office working.

Once normal life resumes and people return to the office, a few speedy checks will help to identify any suspicious activity:

  • Review physical security: has anyone entered the office who should not have?
  • Review IT access records: have there been any repeated failed attempts to access emails or systems?
  • Enforce password changes to reduce the risk of exposure and keep confidential data safe.
  • Review bank statements and perform any reconciliations as soon as possible.
  • Be alert to any changes on master files.
  • Follow up any unexplained absences: there may be a cover-up and the fraudster is merely putting distance between themselves and the scene of the crime.
  • Scrutinise all IT security settings before returning them to normal.

Experience also tells me there is a heightened threat in businesses that operate across different offices. 

The further away a site is from head office, the greater the risk. This is generally due to ‘out of sight, out of mind’. 

The further away, the less likely it is that senior management, internal auditors and others will visit. Hence, as the lockdown is lifted, management should focus on distant sites first and work closer to head office as time progresses.

Smaller businesses are also at higher risk. This may be counterintuitive. 

Although they have less to lose, they also have less effective segregation of duties and internal controls, and smaller compliance and internal audit functions.  This could leave an open door for the less ‘needy’ fraudster.

Nowadays there is, rightly, a lot of focus on cybercrime and how to prevent it. 

However, in my experience it is financial frauds that are most likely to bring down a business, and they are much more common than most people appreciate. 

The crime statistics will show us in a year or two if they have risen, as I expect they will, in 2020. By acting now, you can minimise your chances of being one ofthese victims.

Andrew Durant is head of the forensic & litigation consulting team at FTI Consulting

 

Fraud: taking action 

Once a fraud is discovered, taking the right steps quickly will ensure there is a higher chance of recovery of missing assets and a lower chance that losses will continue. Therefore:

DO

DO NOT

Keep an open mind

Immediately challenge suspects

Discuss this with as few people as possible

Make emotional or hasty decisions

Plan a course of action

Limit the scope of any investigation

Preserve all evidence by securing document and electronic evidence

Deface, annotate or damage any evidence

 

Remove access to computers and servers

 

Turn on computers, phones and personal devices potentially used by the fraudster (as this potentially invalidates any evidence on them)

Safeguard any assets that might be at risk

 

Ignore the possibility that losses may still be occurring

Andrew Durant is head of the forensic & litigation consulting team at FTI Consulting