A concept image of a fraudster working on a laptop

Small Business: Protect your business against fraud

Learn how to recognise common fraud and protect your business.

A concept image of a fraudster working on a laptop
According to the National Crime Agency (NCA), the estimated annual cost of fraud in the UK is about £190 billion. Victims of fraud are varied – they could be individuals, major corporations, public sectors, and of course, small businesses, which make up 99.9% of the business population.

The NCA believes that private sector is hit the hardest, losing around £140 billion a year to fraudsters – this shouldn’t come as a surprise as many small business owners are regularly targeted by fraudsters who could be internal staff, customers, suppliers, or professional criminals.

Some examples of fraud committed by internal staff include an employee stealing and passing sensitive company data to third parties or a contractor deliberately fiddling their expenses. On the other hand, fraud involves external parties may include scammers selling counterfeit products to your company, requesting your business to pay fake invoices, or tricking you and your staff into installing software that allows criminals to access your files to steal information or lock your systems on purpose – which they then demand ransom from you.

Fraud affects us all, and when small business owners like you and I are being hit, we may see our profits being wiped out and reputations crumble, and the ripple effect may sadly lead to business closure.

An overview of fraud

The Fraud Act 2006 defines the three ways of committing fraud by:

  • False representation
  • Failing to disclose information
  • Abuse of position

The Act also covers a number of other offences relating to fraud, including:

  • Possession of articles for use in fraud
  • Making or supplying articles for use in frauds
  • Participation by a sole trader in fraudulent business
  • Obtaining services dishonestly
  • Liability of company officers for offences by company

Fraud covers every form of deception and it won’t disappear because there are always individuals looking to take advantage and make quick gains. There is no one solution to prevent all types of fraud too, and some also evolve quicker than the others. So let’s take a look at a few common types of fraud and discuss how we can protect our small business against them.

Fraud committed by internal staff

No business owner likes to think that they are being targeted by their trusted employees, but the sad truth is that fraud committed by internal staff is more common than we’d like to believe and many such cases have never been made public. In addition, research has shown that employees who hold positions of trust tend to be more dangerous as they can commit the crime longer and use various schemes to cover their tracks.

As chartered accountants for small businesses in London, Putney and Richmond, we do our best to help our clients uncover fraud committed by internal staff. For instance, when you’ve been tricked into signing off duplicate payments, especially on reoccurring charges, then we can spot and alert you when we go through the accounts. However, we must admit that sometimes it is impossible to tell if the transactions are genuine (or not) by looking at them alone.

Here’s an example – a business owner hires seasonal staff during busy periods, so when a manager authorises payments to temp staff, one can’t tell, without digging deeper, if these temp staffs are genuine or if the manager has committed payroll fraud, which is rather widespread.

Fraud committed by internal staff is often uncovered during an audit of a company’s annual accounts, which is burdensome and costly to most small businesses. In comparison, entrepreneurs may find it easier (and cheaper) to establish tighter internal controls and perform random checks.

It is also important to understand why an employee may choose to commit fraud against your company – usually it is driven by personal greed, to fund an expensive addiction like gambling or drug use, or in some case, they simply want to abuse the trust the company has placed on them. And after a while, the staff who has been defrauding the company is likely to show a change in their lifestyle habits, such as taking frequent holidays or showing off their knowledge about high-end brands.

Fraud committed by customers

If you run an eCommerce site or a retail shop, you may be familiar with card-not-present fraud committed by some customers. It happens when someone uses a fraudulent card to pay for goods over the phone or online, and the goods are picked up by courier to the customer right away. In the UK, which party should be responsible for the amount lost in a fraud case depends on the payment method. If the customer gives their fraudulent credit card over the phone or online (without using 3-D secure like Verified by Visa), then the merchant is often liable. But if the merchant uses 3-D secure for all online payment, then they are not liable.

On the other hand, if a customer walks into the shop and uses contactless or Chip & Pin to defraud the owner, in this case the owner is not liable. To minimise customer fraud, banks and credit card companies often encourage business owners to deploy 3-D secure online or have the customers pay in person.

Fraud committed by suppliers

Most small business owners tend to be careful when they first select their suppliers but after a while, they tend to let their guard down and do not notice if the supplier is over-changing them. Sometimes, business owners also comply when the supplier asks to be paid in cash and avoid VAT on a sale, which is also a type of fraud.

If you believe your supply chain is vulnerable to fraud, then it is good to review the process and conduct due diligence when necessary.

When seeking out a supplier like an accountant or a cybersecurity specialist, it is also worth checking their credentials. For example, we are ICAEW (Institute of Chartered Accountants in England and Wales) chartered accountants and this means we follow a set of principles such as integrity, objectivity, professional competence and due care, confidentiality, and professional behaviour. In other words, as our client, you will receive honest answers from our knowledgeable teams who keep abreast with the latest developments in practice, legislation and techniques. We also act diligently and respect confidentiality.

Fraud committed by criminals

Out of all the cases mentioned in this article, fraud committed by criminals is perhaps most widely encountered and reported, and phishing and malware (or ransomware) remain high on the agenda.

Phishing happens when scammers pretend to be from a trusted company and they trick you into giving out personal information, such as bank details. They often appear helpful, like alerting you to suspicious activity on your bank account, offering you financial rewards (including tax refunds from HMRC), or helping to verify and restore your records after a technical error. They are also good at manipulating your emotions, using words that can make you panic, fearful, or even curious and hopeful, so that you can divulge information quickly. The best thing to protect yourself against phishing is to take a step back and don’t respond to their requests. If you think the message could be genuine, then seek to verify the message yourself – by calling the authority or the company from a number listed on the website. Under no circumstances, you should use the contact you have been given over the phone or email.

Malware or ransomware, on the other hand, is about scammers trying to trick you into installing software that allows them to access your files or lock your systems unless you pay the ransom. It may come in an email or is attached to a file you have downloaded online. Sometimes it also involves a scammer impersonating as your IT provider and informing you that something isn’t working (like your software is compromised, broadband speed is reduced, etc). Their goal is to get you to install something so they can take over your system later. To protect yourself, be vigilant when you click on attachments, links in email, or access breaking news through an unknown link. Also, keep a back-up of your data offline.

Don’t let fraud ruin your business

Many small business owners work hard to create a successful business, so it is very unfortunate that fraud can cause a serious reputation and financial damage to businesses.

While prevention is key, entrepreneurs also know that the cost of fighting fraud can spiral out of control quickly and have a direct impact on your profit margin. If operating costs and profitability are a concern, perhaps you can talk to one of our small business accountants.

When we review your business finance, we can also help you with accounting & bookkeeping, tax, as well as payroll management.

Our approach is flexible and entirely depends on your business needs. You can hire our bookkeeping and tax services now, add payroll when your team grows, then use our management consultancy service when you are ready to take your business to new heights.

All of our services are competitively priced with no hidden charges. Call us today on 020 8108 0090, or use the contact us form to get in touch.

 

You may also like:

This blog is a general summary. It should not replace professional advice tailored to your specific circumstance.