Seven Fraud Schemes You Need to Watch For Right Now

February 25, 2020 | Article

You’ve probably heard it said: fraud is everywhere. The likelihood a business will encounter fraud is high. Over $7 billion of total losses has occurred globally due to fraud within the workplace alone.

What is your organization’s potential for fraud?

The range of fraud schemes is wide. Here are seven ways fraud could be impacting your organization right now and what you can do to control it.

1. Amazon Prime
For small businesses, Amazon Prime is a no-brainer. Shipping costs are included in the membership and products arrive in two days. This allows organizations to purchase products quickly and easily. It’s as easy as search, select items, check out, and soon, your package arrives.

This simple process is also how easy it can be for employees to steal from organizations through online vendors like Amazon. Once a profile is set up and linked to your email, you can add multiple delivery addresses and credit cards, including business credit cards. You can set any credit card as the “default” card for payment, which allows you to purchase online or with the app. Since it only requires a couple of clicks, over-purchasing and making purchases unrelated to the business is far too common.

Some business owners review company credit card statements as an internal control measure. However, charges to Amazon may appear to fit within their purchasing policies, allowing fraud to go undetected. Receipts are often not printed and included with statements, since many organizations are “going green” or employees simply do not include them.

Here are three keys to reducing fraud while using Amazon:

  1. Require business accounts (whether Amazon or another vendor) that you can access.
  2. Review transactions exports and other purchase information the vendor provides online.
  3. Reconcile the transactions to what was purchased on the company credit card.

2. Intellectual Property Theft
Intellectual property is a growing industry all over the world, making it high for fraud potential. Intellectual property theft’s impact on the global economy accounts for $500‐600 billion in lost sales each year, or 5‐7% of world trade.

Intellectual property theft can look like:

  • A disgruntled employee stealing company trademarks
  • A previous employee taking company lists and documents with them
  • Manufacturing processes and procedures changing hands with a competitor
  • Theft of highly sensitive information

If you feel that you are a victim of IP theft, here are a few things you may need to hire a professional (like Eide Bailly) to do:

  • Track user activity to see who has been accessing the system.
  • Examine external devices history to see if an employee has been copying files.
  • Malware analysis to see if a virus infected your network, which computers are infected, and what data could be affected.
  • Retrieve confidential files that you can’t trust anyone else with.
  • Examine cellphones for communications if an employee is a suspect of selling company information.
  • Examine remote access to see if someone has been accessing systems without proper authorization.
  • Examine employee computers using a predetermined set of keywords and date ranges to narrow down communication activity.

3. Too Much Control of One Employee
Countless fraud schemes begin because too much control is given to a seemingly trusted employee. Often, the employee has access to all financial documents with little supervision. This could include customer payments, checks, a signature stamp and accounting records.

Often these situations occur because organizations lack the proper internal controls.

Some common preventative internal controls include:

  • Check that stock and company credits cards are stored in a locked drawer.
  • Use dual authorization methods for electronic bank transfers.
  • Set up user restrictions on accounting and computer software to limit access.
  • Lock inventory to assure limited employee access.
  • Perform employee background checks.

The following detective controls can be helpful in identifying fraud. Make sure:

  • Bank reconciliations, including cancelled checks, are reviewed by someone independent of the accounts payable process.
  • Mandatory vacations or cross-training/job rotations are required for staff.
  • Inventory counts are done by someone other than the person ordering, receiving and recording inventory.
  • Credit card statements are received and reconciled by someone who does not have access to a company credit card. 
  • Audit trail from an organization’s accounting system is reviewed for unusual activity. 
  • Periodic surprise “audits” or request for invoices/supporting records are performed by someone independent of those handling the day-to-day accounting for an organization.

Fraud prevention begins with ensuring proper internal controls.
LEARN HOW TO REDUCE YOUR FRAUD RISK

4. Bring Your Own Device
One of the primary challenges of security in a mobile world is the blending of personal and professional data on a single device, owned by the employee. The emergence of Bring Your Own Device policies has ushered in a wave of IT challenges for corporations.

The good news for companies is that there are new software tools available that can help companies proactively monitor the use of unauthorized apps for business purposes. The best of these tools will locate potential information risks—such as unauthorized apps or data residing in unauthorized locations— so organizations can take inventory of software on connected computers and data repositories across the enterprise.

It's also important to implement proper strategies to manage risk:

  • Policies – Clearly defined rules for where and when use of a personal device for business use is acceptable.
  • Standards – A definition of what minimum standards the employee’s device must meet for use with company information and network access.
  • Tools – Implementation of a technical solution for mobile device management that allows for enforcement of company polices for security. For example, PIN requirement for unlocking the devices or support for remotely wiping data from the device.

5. Mobile Applications
On average, business professionals worldwide use 9.4 software applications for work purposes, including cloud storage, project-tracking apps and chat apps. The threat grows when these types of applications are not sanctioned by their company’s IT department.

The apps users install on their smartphones still pose a significant risk to personal and business data. The Android system with the Play Store from Google, the Apple iOS system with the Apple Store, and Windows OS with the Microsoft Store have built-in methods to help users identify apps and the security each offers; regardless, each still have their own associated risks. Some systems will allow you to authorize and approve the access and permissions for each app that is installed.

Implementing proper solutions for data encryption is a key strategy for management of mobile devices. Encryptions solutions are required for both data at rest on mobile devices (laptops, smartphones, tablets, etc.) One of the most common sources of HIPAA breaches continues to be laptop theft, which is a risk that can easily be managed with relatively simple mobile device data encryptions technologies.

6. Wireless Security
Free public WiFi seems like a great idea, but it can be a big risk for personal data theft. Most people believe that their information is secure if they type in their username and password. However, that’s not always the case on public WiFi or any network that is not known to be a trusted network.

The upsurge of mobile device usage has resulted in a significant increase in the use of these personal devices to do company business in public locations. One of the most effective cybersecurity risk management strategies includes training employees to be aware of their surroundings. Simple “shoulder surfing” frequently leads to significant breaches of sensitive company information.

7. Employee Embezzlement
Forensic accountants have discovered employees generally embezzle for at least one of the four “Bs”:

  • Bills – Employees may embezzle because they are having financial difficulties and need money to pay their bills.
  • Bets – Gambling addiction is a common reason employees steal funds to pay for their need to bet.
  • Booze – Employees may have a drug, alcohol or other addiction that causes them to embezzle to pay for these habits.
  • Bling – Living beyond one’s means or “keeping up with the Joneses” is another reason employees steal to live a lifestyle outside of their current means.

These signs, or red flags, let an employer know that an employee may be struggling and may need help. If you have an employee that is exhibiting some of these signs, it is important to examine the employee’s job duties and identify what risk/opportunity the employee may have to steal from the organization.

The Importance of Knowing Where to Look for Fraud
Fraud is everywhere, even in seemingly simple areas of your business. Understanding what to look for and ensuring proper controls and prevention mechanisms are in place can help minimize the risk of fraud in your organization.

Preventing fraud doesn’t have to be complicated.
LEARN MORE ABOUT HOW TO REDUCE YOUR FRAUD RISK

Fraud Detection Assessment

powered by Typeform

Stay current on your favorite topics

SUBSCRIBE

Applicable Services

Take a deeper dive into this Insight’s subject matter.

Litigation & Dispute Advisory Fraud & Forensic Advisory