You’ve probably heard it said: fraud is everywhere. The likelihood a business will encounter fraud is high. Over $7 billion of total losses has occurred globally due to fraud within the workplace alone.
What is your organization’s potential for fraud?
The range of fraud schemes is wide. Here are seven ways fraud could be impacting your organization right now and what you can do to control it.
1. Amazon Prime
For small businesses, Amazon Prime is a no-brainer. Shipping costs are included in the membership and products arrive in two days. This allows organizations to purchase products quickly and easily. It’s as easy as search, select items, check out, and soon, your package arrives.
This simple process is also how easy it can be for employees to steal from organizations through online vendors like Amazon. Once a profile is set up and linked to your email, you can add multiple delivery addresses and credit cards, including business credit cards. You can set any credit card as the “default” card for payment, which allows you to purchase online or with the app. Since it only requires a couple of clicks, over-purchasing and making purchases unrelated to the business is far too common.
Some business owners review company credit card statements as an internal control measure. However, charges to Amazon may appear to fit within their purchasing policies, allowing fraud to go undetected. Receipts are often not printed and included with statements, since many organizations are “going green” or employees simply do not include them.
Here are three keys to reducing fraud while using Amazon:
2. Intellectual Property Theft
Intellectual property is a growing industry all over the world, making it high for fraud potential. Intellectual property theft’s impact on the global economy accounts for $500‐600 billion in lost sales each year, or 5‐7% of world trade.
Intellectual property theft can look like:
If you feel that you are a victim of IP theft, here are a few things you may need to hire a professional (like Eide Bailly) to do:
3. Too Much Control of One Employee
Countless fraud schemes begin because too much control is given to a seemingly trusted employee. Often, the employee has access to all financial documents with little supervision. This could include customer payments, checks, a signature stamp and accounting records.
Often these situations occur because organizations lack the proper internal controls.
Some common preventative internal controls include:
The following detective controls can be helpful in identifying fraud. Make sure:
Fraud prevention begins with ensuring proper internal controls.
LEARN HOW TO REDUCE YOUR FRAUD RISK
4. Bring Your Own Device
One of the primary challenges of security in a mobile world is the blending of personal and professional data on a single device, owned by the employee. The emergence of Bring Your Own Device policies has ushered in a wave of IT challenges for corporations.
The good news for companies is that there are new software tools available that can help companies proactively monitor the use of unauthorized apps for business purposes. The best of these tools will locate potential information risks—such as unauthorized apps or data residing in unauthorized locations— so organizations can take inventory of software on connected computers and data repositories across the enterprise.
It's also important to implement proper strategies to manage risk:
5. Mobile Applications
On average, business professionals worldwide use 9.4 software applications for work purposes, including cloud storage, project-tracking apps and chat apps. The threat grows when these types of applications are not sanctioned by their company’s IT department.
The apps users install on their smartphones still pose a significant risk to personal and business data. The Android system with the Play Store from Google, the Apple iOS system with the Apple Store, and Windows OS with the Microsoft Store have built-in methods to help users identify apps and the security each offers; regardless, each still have their own associated risks. Some systems will allow you to authorize and approve the access and permissions for each app that is installed.
Implementing proper solutions for data encryption is a key strategy for management of mobile devices. Encryptions solutions are required for both data at rest on mobile devices (laptops, smartphones, tablets, etc.) One of the most common sources of HIPAA breaches continues to be laptop theft, which is a risk that can easily be managed with relatively simple mobile device data encryptions technologies.
6. Wireless Security
Free public WiFi seems like a great idea, but it can be a big risk for personal data theft. Most people believe that their information is secure if they type in their username and password. However, that’s not always the case on public WiFi or any network that is not known to be a trusted network.
The upsurge of mobile device usage has resulted in a significant increase in the use of these personal devices to do company business in public locations. One of the most effective cybersecurity risk management strategies includes training employees to be aware of their surroundings. Simple “shoulder surfing” frequently leads to significant breaches of sensitive company information.
7. Employee Embezzlement
Forensic accountants have discovered employees generally embezzle for at least one of the four “Bs”:
These signs, or red flags, let an employer know that an employee may be struggling and may need help. If you have an employee that is exhibiting some of these signs, it is important to examine the employee’s job duties and identify what risk/opportunity the employee may have to steal from the organization.
The Importance of Knowing Where to Look for Fraud
Fraud is everywhere, even in seemingly simple areas of your business. Understanding what to look for and ensuring proper controls and prevention mechanisms are in place can help minimize the risk of fraud in your organization.
Preventing fraud doesn’t have to be complicated.
LEARN MORE ABOUT HOW TO REDUCE YOUR FRAUD RISK
Take a deeper dive into this Insight’s subject matter.Fraud & Forensic Advisory