Is fraud on the rise? The experts think so. In a poll taken at the Association of Certified Fraud Examiners (ACFE) global conference, 20% of attendees reported a significant increase in the amount of fraud detected, and 71% of them said they expected the level of fraud impacting their organizations to increase. More than half said their organizations had detected more fraud since the emergence of the pandemic.
The ACFE identified two top fraud risk factors in the coming year:
Shifts in business operations: Remote work has made it harder for companies to carefully control access to their networks, including their financial and accounting systems. For many, it was difficult to collect and issue payments, keep up with internal controls, and conduct audits in person during the pandemic, so oversight was loose. These risks continue.
Changing consumer behavior: Similarly, the increase in online transactions opened the door to fraudsters accessing business networks.
Given these risk factors, it’s no surprise that the types of fraud expected to rise include cyber fraud, such as business email compromise, hacking, ransomware, and malware; and social engineering, such as phishing, brandjacking, and baiting. In fact, more than 80 percent of the ACFE survey respondents are anticipating growth in these two fraud arenas.
Other notable areas of concern include identity crimes, such as identity theft, synthetic identity schemes, and account takeovers; unemployment fraud; and payment fraud such as credit card fraud and fraudulent mobile payments.
In response to fraud unease, a little over a third of organizations have increased their budgets for anti-fraud technology, and 80 percent have already implemented anti-fraud program changes. Enhanced fraud risk awareness tops the list of how to make anti-fraud programs more robust in the future, followed by increased collaboration across the organization. Updating or conducting a fraud risk assessment is also a commonly anticipated adjustment.
With several extremely expensive and debilitating ransomware attacks making recent headlines, executives are even more highly motivated to avoid virtual private network (VPN) and similar breaches. Best practices against them include the following:
Keeping software up to date. Antivirus software and operational software packages must be kept current. Regular software updates—sometimes ignored by harried executives—often contain security patches.
Using security alerts. A security package provides insight about network traffic, intrusion attempts, and anomalies. With employees working from home and portals available for suppliers and customers, companies are at risk for backdoor entry. Segmenting networks can reduce risk.
Watching emails. Don’t click links. Don’t open unknown attachments. Don’t respond to emails from an untrusted source. No matter how many times the company reminds employees to use smart email protocols, it’s never enough. Regular training is a must.
Changing passwords. Until there’s a stronger and universally adopted system for gaining access to networks and files, passwords are a necessary evil. Changing them regularly is inconvenient but mandatory. Also, consider two-factor authentication to augment your password security.
Fraud Kills Value
Business leaders can no longer hope to “luck out” and avoid a potentially devastating incident of fraud. Now is the time to be proactive. Fraud can undermine your operations, cause serious financial damage, and chase off potential partners and buyers. Take the proper precautions and make the most of the post-pandemic economic expansion.
Whether you suspect you’ve been a victim of fraud or want to build the proper anti-fraud controls, Dembo Jones can help. Our experts hold the Certified Fraud Examiner (CFE) credential and can provide practice-proven ideas and solutions to protect your business and assets.