Did you know that fraud costs the UK economy £20 billion per year(1)?

Commercial fraud in particular is a growing phenomenon, with Companies House estimating that corporate ID theft alone could be costing British business as much as £50m per annum.

Fraud affects both the public sector and private companies alike, with a survey carried out by KPMG showing that 75% of companies surveyed had experienced at least one incident of fraud in the 12 months prior to the survey. According to ACFE(2), each incident of fraud costs an average of over £ 120k.

Surprisingly often overlooked, corporate fraud is a major risk faced by any business and it is therefore vital to an organisation’s long-term health that it manages that risk well. Fraud is particularly prevalent when there is an economic downturn and, as a result, the issue has come under closer scrutiny more recently. The term ‘fraud’ covers a multitude of sins but can largely be broken down into:

• External fraud, carried out by someone outside the organisation and
• Internal fraud, which accounts for approximately 60% of all corporate fraud(3), and is carried out by an employee.

Examples of external fraud include:

• credit card fraud, including ordering goods from your website or online with stolen credit cards or bogus account details
• identity fraud such as impersonating company directors and changing information about directors or the registered address of the business
• loan fraud
• website hacking or phishing attacks to steal confidential data/intellectual property or redirect orders to a different server
• social engineering or impersonation
• billing scams and bidding schemes
• customer/client fraud which might include Phoenix companies or Long firm fraud.

Internal fraud could include:

• embezzlement
• theft of confidential information
• inventory theft
• financial report fraud
• payroll schemes (ghost employees etc.)
• travel and expense fraud
• abuse of the Supplier Master File
• cheque tampering
• shell company schemes/invoicing fraud whereby fraudsters set up an account in your company’s name and accept orders for goods that they do not supply
• purchasing card (P-card) fraud or abuse
• kickbacks and back-handers in return for over-ordering goods for example
• management override of internal controls.

It is not surprising that fraud has risen over the past few years, as companies have had to become increasingly competitive to survive the global downturn. As a result, many have pursued higher-risk strategies in order to generate new revenue streams and this has sometimes entailed moving into unfamiliar territory, dealing with unfamiliar suppliers and partners, and in general creating a more complex structure within areas of the organisation such as the supply chain. This in turn provides greater opportunities for fraud throughout the entire business. At the same time, companies have been forced to cut their costs to stay in business and have therefore taken their eye off the ball when it comes to monitoring and mitigating the risks of fraud.

Added to this are the constant rapid developments in internet technology. Although this continues to open up opportunities for businesses to operate in a whole new way – think ‘in the cloud’, online ordering and payment, management of company data, social media even – it can also increase the risk of online fraud such as phishing and system hacking. This is an area which will only continue to grow.


Mitigating the risk

The good news is that there are many steps companies can take to mitigate the growing risk of fraud. Prevention is better than cure and much can be achieved just by establishing some simple but rigorous checking processes when dealing with new customers and suppliers, and training everyone within the organisation to use them and to be aware of the different risks associated with fraud.

It is also vital to keep a close eye on official company records, both on the company website and at Companies House, to ensure details have not been changed without the knowledge of someone within the company. You can file your company records using the Companies House WebFiling system which will help reduce the threat of identity theft. Shred any company documentation that has a letterhead or company signature and any bank account and company credit card details or invoices, and meticulously reconcile bank and company credit card statements.

Other prevention tactics include:

• setting clear guidelines and processes for ordering on behalf of the company
• using a formal purchase order system to prevent phony orders
• validating new customers with a credit agency, checking their contact details with a cold call and setting strict credit limits
• using a verification solution to validate a new customer if selling online.