COMMERCIAL CRIME
The estimated cost of fraud to Charities in 2017 was £2.3Billion (Source – Annual Fraud Indicator 2017). This doesn’t just impact the larger concerns – fraud is impacting small businesses, not for profit organisations and registered Charities.
In addition to employee-led frauds, organisations are increasingly at risk from sophisticated fraud mechanics perpetrated by outside actors, often as part of organised criminal activity. Frauds such as procurement fraud, invoice fraud, fund diversion, not to mention new Cyber Crime has placed increasing pressure on organisations to review their risk management and financial protections, whilst training staff to understand methodologies often referred to as ‘Social Engineering’ (the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes).
Organisations can provide themselves with some protection through a strong corporate culture with embedded systems of Check and Control – this will help to detect and counteract fraudulent activities. But there will always be incidents that are beyond management influence.
In order to improve protection against losses, organisations should consider insurance cover. A “Commercial Crime” policy will help protect an organisation’s balance sheet should they be impacted by a fraud.
Can your organisation afford not to be covered? Here are a few examples of Commercial Frauds.
Invoice fraud
A large private limited company was the victim of a fraud perpetrated by a sophisticated criminal network. Using a series of written, telephone and email contacts, fraudsters conned the company into believing a third-party contractor had changed their bank details. The company then sent payments to the “new” account and the fraudulent third party vanished, leaving the company with a loss.
Employee Fraud
It was suggested that a key member of the finance team had been syphoning cash from the company for years. After putting in place an audit, the company found that payments had been sent to the personal accounts of an employee and his wife. While check and control systems had been in place, the amounts transferred fell within the employee’s authority. The loss had been carried out over six years and was estimated as running into millions of pounds.
Email cloaking
A large UK multinational centralised their finance function. This finance team collated all payments to third parties. Part of their role was to collect payments from other divisions, which would then be settled. Hackers shadowed the financial controller’s account, contacted five business contacts and conned them into sending over a million pounds to a fraudulent bank account.
Fishing or phishing?
An organisation received an e-mail purporting to be from one of the major banks. The email appeared genuine but contained a link through which the organisation logged in, unknowingly providing fraudsters with their account details. The fraudsters used this to transfer £130,000 out of the organisation’s account.
For more information, advice or a commercial crime quote, contact us.
