The scale of invoice fraud was revealed in a study by UK Finance, which estimated these scams as costing close to £100m a year. There were 3,280 invoice and bank mandate scams during 2018, with an average loss per case of over £28,000.
To protect your company from this risk, you should double check account details with any long-term supplier (using details held on file), if you have recently received a request to amend payment details.
You should also provide immediate confirmation of a payment - including the beneficiary account - there may be more chance to recover funds if an error is reported to your bank early.
Consider whether the details of your company’s relationships with suppliers, or other organisations, are too public. If this information is easily accessible, it can be used by fraudsters.
Remember, if you’re ever in doubt, speak to the supplier directly using reliable contact details taken from file.
As the name suggests, this type of fraud involves the impersonation of senior executives or management at a company, relying on their ability and authority to make payment orders/requests on behalf of the company, to suppliers.
CEO fraud is a significant risk to all businesses - and large sums of money can be involved. Action Fraud reported a case of £18.5 million having been lost by a single company.
You should always seek confirmation from a senior colleague before making a payment, especially if you have the slightest of doubts. Having controls in place to ensure appropriate authorisation is imperative.
Employee fraud (also known as internal fraud)
Employee fraud can span several areas of a business, but tends to have most impact on business finances. Smaller companies are more likely to feel the immediate effects of employee fraud, which can put a serious strain on day to day operations.
Examples of internal fraud
This is a serious criminal offence with severe consequences. It carries the possibility of such significant losses that a business is no longer able to trade.
False accounting can involve an employee tampering with or altering an account, or alternatively, presenting business records which are inaccurate and not reflective of the true financial situation of the company or organisation.
But why would an employee do this and to what benefit?
A fraudster may use false accounting to gain access to additional lending or finance on behalf of the business, to inflate share prices, or for self-gain through an agreed performance bonus, or covering losses/theft.
To protect your business, always ensure an employee is suitably qualified and background checked before undertaking their role. Reconcile accounts regularly and ensure additional authorisation is required to proceed with significant payments.
It’s important to promote a culture of fraud awareness within your teams. Adopt a zero tolerance policy towards internal fraud and ensure access to records or buildings are controlled. Make sure that every audit process in place is appropriate.
False accounting can be hard to detect and catastrophic to a business when it isn’t spotted early. If you think you’ve been a victim of false accounting, you should report this to Action Fraud.
Simply put, payment fraud is the act of diverting legitimate payments or creating false payments. This method of internal fraud is not to be confused with Authorised Push Payment, or APP fraud, which frequently involves a fraudster using social engineering (impersonation) to request a payment.
Payment fraud can be achieved by falsifying the bank account details of customers, suppliers or intended beneficiaries to a different account, by colleagues who handle such payment requests.
Alternatively, another method is to process false claims or refunds - effectively issuing unauthorised payments on behalf of the business. These payments may be made directly to the colleague’s own account, or that of a relative or third party, often known to the employee.