The increasing use of technology brings speed and efficiency to many processes, and business owners are right to leverage it. However, technology also provides opportunities for fraud.
And when times are challenging, fraud increases. In fact, a recent study by the Certified General Accountants Association showed that more than half the businesses operating in Canada today have experienced some form of fraud in the past five years.
And the losses for Canadian businesses, and Canada’s productivity overall, are huge. The same study estimates the collective losses to Canadian businesses were in excess of $3 billion in 2010. And they are felt in every industry, including agriculture. And the most costly occur in small businesses – companies with less than 100 employees.
From a banker’s perspective there are two main kinds of fraud: internal and external. They are both equally damaging, difficult to detect and rampant. But there are things you can do to protect your business (and yourself) from being victimized by criminals.
By its very nature, internal fraud is the most distressing because it is committed by the very people you need to trust the most – your employees. No one wants to think about it happening to their business, but you have to face the facts and do what you can to protect your business.
It’s also important to remember that when it comes to combating fraud, employees are your most important allies. So hire carefully and perform appropriate background and reference checks.
You can also create a fraud policy and ask each of your employees to read and sign it as a condition of employment. This is also a good opportunity to educate them about what to do if they observe any suspicious activities. After all, it’s in their best interest too, as employees of your business.
You should also have internal controls in place to verify what’s happening with cash flow. And try not to keep a significant amount of cash in the office – that’s simply a temptation.
Reconcile your bank accounts weekly and keep your cheques locked up. It is also prudent to establish a two-signature approval system for any expenses over a certain amount. And, at the very least, ensure that the employees responsible for purchasing cannot approve their own purchases.
These days, newspapers are full of stories about fraud. And while these are often sensationalized affairs, they do provide an opportunity to discuss everyday fraud. So take the opportunity to have frank discussions about the consequences of fraud with your employees at all levels.
Remember, cheque fraud is the number one way employees steal from their employers. So talk to your bank about ways you can safeguard against it. Cheque fraud is also the top of the list when it comes to external fraud because it is relatively low-tech – all the fraudster needs is a scanner and some off-the-shelf graphics software.
But again, even though cheque fraud is rampant, there are things you can do to protect your business. Keeping your cheques in a secure location is a good start. And performing regular reconciliations will help you keep a close eye on the cheques moving in and out of your accounts.
And if you do write a lot of cheques, consider a cheque verification system. Cheque verification can compare serial numbers, amounts and even payee names on cheques against an electronic file that you submit. And if there’s a discrepancy, your bank will notify you and you decide whether it’s a legitimate cheque or not.
You may also want to consider exploring other options for paying your regular suppliers, such as setting up individual accounts for them or using wire payments or commercial credit cards.
But of course cheque fraud isn’t the only form of external fraud. And our ever-expanding reliance on technology creates a host of new online opportunities.
We’ve all heard about viruses and Trojan Horses – these proliferate across the Internet, can lay dormant for months and give hackers remote access to your computer systems, customer files and banking information.
A form of online fraud that is becoming increasingly popular is phishing: This occurs when a fraudulent party poses as a legitimate company – maybe even one you already do business with – and asks you to verify your contact, financial or account information online.
A phishing attack can come in the form of an email, a phone call or a redirect from a legitimate website. And if you cooperate, the information you provide is used to access your accounts and redirect funds. And it can all happen in a few minutes.
As with internal fraud, educating your employees about online threats, computer viruses and phishing is your best defense. A good rule of thumb is: If you don’t recognize the sender, don’t open the email. And definitely not the attachment!
And don’t forget to keep your virus protection software up-to-date. You can set this up so it happens automatically with no disruptions to your business.
That way you are protected against new threats as they are detected. And make sure each of your employees only has access to the systems they need to do their jobs.
The bottom line is that fraud, whether internal or external, is a growing problem that costs the legitimate economy billions each year. But there are ways you can educate your employees and protect your business. And your bank can help. PD
References omitted due to space but available upon request.
- Craig Bremner
- VP Agriculture Services
- TD Business Banking