Responsibility for Preventing Workplace Fraud
Recent statistics show that a fraud prevention strategy is more important than ever.
For several years now, the acknowledged cost of fraud to organisations has been 5% of revenues. But new UK research has shown the cost is rising.
According to the Financial Cost of Fraud 2017 report, the average loss caused by fraud and error in the workplace increased from 4.57% to 6.54% in the 2014 to 2016 period. The report showed that overall annual losses are up 43% since 2008.
The report by UK audit, tax and advisory firm Crowe Clark Whitehill and the Centre for Counter Fraud Studies at University of Portsmouth (CCFS) used research done in 10 countries including the UK and the United States.
The full range of percentage losses for companies since 1997 was between 0.02% and 27.15%, with average losses of 5.85% (68% of the exercises showed loss figures of more than 3%).
So who’s responsible for preventing fraud in the workplace?
Legislation can help. The Fraud Act 2006 makes provision for criminal liability for fraud and obtaining services dishonestly, while the Data Protection Act helps to prevent data from being used fraudulently. Solutions: Stay up-to-date with legislation. Organisations can also call on governments and industry bodies to enact legislation and guidelines that will help. For example, in the UK there’s been a call for legislation to ensure all businesses have a dedicated employee responsible for security issues in the workplace.
Senior management has a vital role to play in mitigating data breaches. In earlier research, almost half of small business owners admitted to having no employee responsible for data security. Solutions: Appoint a Data Security Officer who helps create a culture of security. Designate Security Ambassadors too. The Shred-it State of the Industry Report 2016 reported they can help strengthen commitment to information security at all levels and departments.
Employees are considered to be the first line of defence. Solutions: Ongoing security awareness training helps to empower employees to protect confidential information they handle in and outside of the workplace. Teach employees how to identify behaviours associated with workplace fraudsters, and provide a tips hotline. Conduct unscheduled workplace audits.
Businesses put themselves at risk if they are not prioritising data security in the workplace. Solutions: Create information security policies and procedures, and embed data security into the workplace. Schedule document disposal with a reliable destruction leader that provides services to securely destroy both paper and hard drives. Implement a Shred-it all Policy so that all documents are destroyed prior to disposal or recycling.
The first step in mitigating risks is identifying the threats. Find out how to better protect your organisation with this checklist.