Starling’s financial crime specialist Laurie Hood explains how you can help protect your business from fraud.

You’ve set up your business, re-mortgaged your house and lined up your first customers. Everything is going well - your dream of being a successful entrepreneur is in sight. Then the fraudsters arrive. How do you protect your business and what should you look out for? Here, I’ll run through some of the most common threats and what you can do to help stay safe.

Invoice fraud

Fraudsters may attempt to amend bank/payment details for suppliers, in order to defraud your business. To do this, the unscrupulous individual may impersonate a legitimate employee of your company, or a supplier. Such a request could come in a variety of forms, including via telephone, letter or email. Sometimes these can be very well-worded and convincing.

Alternatively, fraudsters may also try to infect company computers with malware, or spoof an email address to appear legitimate.

A woman sits at her desk working on her iMac.

The scale of invoice fraud was revealed in a study by UK Finance, which estimated these scams as costing close to £100m a year. There were 3,280 invoice and bank mandate scams during 2018, with an average loss per case of over £28,000.

To protect your company from this risk, you should double check account details with any long-term supplier (using details held on file), if you have recently received a request to amend payment details.

You should also provide immediate confirmation of a payment - including the beneficiary account - there may be more chance to recover funds if an error is reported to your bank early.

Consider whether the details of your company’s relationships with suppliers, or other organisations, are too public. If this information is easily accessible, it can be used by fraudsters.

Remember, if you’re ever in doubt, speak to the supplier directly using reliable contact details taken from file.

CEO fraud

As the name suggests, this type of fraud involves the impersonation of senior executives or management at a company, relying on their ability and authority to make payment orders/requests on behalf of the company, to suppliers.

CEO fraud is a significant risk to all businesses - and large sums of money can be involved. Action Fraud reported a case of £18.5 million having been lost by a single company.

You should always seek confirmation from a senior colleague before making a payment, especially if you have the slightest of doubts. Having controls in place to ensure appropriate authorisation is imperative.

Employee fraud (also known as internal fraud)

Employee fraud can span several areas of a business, but tends to have most impact on business finances. Smaller companies are more likely to feel the immediate effects of employee fraud, which can put a serious strain on day to day operations.

Examples of internal fraud

False accounting

This is a serious criminal offence with severe consequences. It carries the possibility of such significant losses that a business is no longer able to trade.

False accounting can involve an employee tampering with or altering an account, or alternatively, presenting business records which are inaccurate and not reflective of the true financial situation of the company or organisation.

But why would an employee do this and to what benefit?

A fraudster may use false accounting to gain access to additional lending or finance on behalf of the business, to inflate share prices, or for self-gain through an agreed performance bonus, or covering losses/theft.

To protect your business, always ensure an employee is suitably qualified and background checked before undertaking their role. Reconcile accounts regularly and ensure additional authorisation is required to proceed with significant payments.

It’s important to promote a culture of fraud awareness within your teams. Adopt a zero tolerance policy towards internal fraud and ensure access to records or buildings are controlled. Make sure that every audit process in place is appropriate.

False accounting can be hard to detect and catastrophic to a business when it isn’t spotted early. If you think you’ve been a victim of false accounting, you should report this to Action Fraud.


Simply put, payment fraud is the act of diverting legitimate payments or creating false payments. This method of internal fraud is not to be confused with Authorised Push Payment, or APP fraud, which frequently involves a fraudster using social engineering (impersonation) to request a payment.

Payment fraud can be achieved by falsifying the bank account details of customers, suppliers or intended beneficiaries to a different account, by colleagues who handle such payment requests.

Alternatively, another method is to process false claims or refunds - effectively issuing unauthorised payments on behalf of the business. These payments may be made directly to the colleague’s own account, or that of a relative or third party, often known to the employee.

Two coworkers sit at a desk in front of a computer.

Additionally, cheques can be intercepted and altered, in an attempt to cash these for self-gain.


False claims for travel, costs, accommodation and client engagement can all add up, if an employee is being dishonest with their expenses. This can also include timesheets.

You should always ensure any authorisation of such expenses, such as a senior colleague signature or email, is genuine, as these can be easily forged.

Protect your business from fraud

I’ve shared just a handful of examples of the financial crime threats targeted towards businesses, highlighting why a strong control and audit culture is vital.

Remember, if you think you’ve been a victim of fraud, you should report it right away to your bank and also to Action Fraud.

If you want to learn more about protecting yourself and your business, you can find lots of helpful articles on our blog.

Keep an eye out for my future blog posts! Until the next time.

Subscribeto blog updatesarrow-rightGrow your businessHelpful free business guidesarrow-right

Related stories

Latest posts