In the three years to 2016, almost 16,000 organisations across the globe had their IT systems breached – the equivalent of 17 cases of business email compromise every day, according to the US-based Internet Crime Complaint Center. Recent cyberattacks on companies around the world have rung alarm bells over how firms protect their business from criminals. A new report , Keeping Business Clean, tells business leaders how to crack the hackers on scams such as executive impersonation, where fraudsters dupe unwitting staff into transferring money from company accounts.
Tanya Barman (pictured), Associate Director of Ethics, the Association of International Certified Professional Accountants, said:
"The three main types of fraud and corruption affecting firms are theft or misuse of a company's assets; falsification of documents for financial gain; and bribery and improper use of confidential information. Professional accountants are trained to analyse financial and non-financial information, putting them in a good position to challenge any suspicious activity in their company. As well as the financial damage from a fraudulent act, corruption costs both the business affected by the initial crime and the supply chain, too."
A recent report, Keeping Business Clean, noted eight steps companies can follow to better protect themselves from the risks. They are:
- Leadership - Businesses are encouraged to establish an anti-fraud policy, and engage the board in talking to staff, customers and suppliers.
- Identify key risks - Check how fraud might happen in your company, such as through written-off stock or budget over-runs.
- Promote anti-fraud culture - Speak from the top. Executives should let staff know they have a strong process for weeding out scams. Employee reward schemes can also reduce attempted deception in companies.
- Develop anti-fraud controls - Put extra checks on admin procedures, such as a second signature, or avoid giving authority for a job over the phone.
- Encourage whistleblowing - Retain the employee-manager route for addressing initial concerns, but give staff access to free confidential advice, and discretion when raising concerns.
- Develop a response plan - Plan for fraud before it happens. The fraud itself might be outside your control, but how you respond is within your gift, from reporting lines to a PR strategy.
- Harness technology to fight fraud - the better the technology at your disposal, the easier it may be to spot fraudulent behaviour before it's too late.
- Develop or improve internal controls - Ensure invoices are linked to purchase orders, and remove as much as paperwork as possible, in favour of electronic systems.
Peter Van Veen, Director of the Business Integrity Programme for Transparency International UK, which tackles commercial corruption, said:
"The role of accountants and finance professionals in detecting, uncovering and preventing corrupt practices in organisations is critical. This publication shows the positive role they play in the fight against corruption."
