Watch out, watch out, there’s a fraudster about

The good old “Fraud triangle” of “pressure, opportunity, rationalisation” remains equally valid today as it always has been, but seems more of an inward-thinking tool which is becoming outdated in today’s business world.

It could be hoped, arguably in ignorance, that the increased use of automatic transaction processing would allow more checks and balances to be put in place within accounting and banking systems; however the opposite seems to be the case with more and more frauds being suffered on the business rather than within it.

 

In recent months we have seen a number of external attacks on businesses increase, with on-line fraudsters pretending to be members of senior management and persuading more junior members of staff to make electronic bank transfers – so how does it work?

  1. The financial controller or purchase ledger clerk receives an email that looks like it comes from the owner manager/MD/FD – can be sent from either a personal or company email account, and more often than not is when the individual is out of the country,
  2. The email asks for an urgent direct bank transfer, usually of a round sum, to a designated bank account,
  3. The emails sometimes refer to other staff members in the organisation, suggesting familiarity and validating the request,
  4. The email normally mentions another transaction that will happen in the next day or so.

Obviously a simple call to the owner-manager would stop the fraud in its tracks, but the language used in the emails and the email addresses can be very convincing and we are seeing more and more multiple-payment frauds being suffered in this way.

 

What can you do to prevent this?

  1. Make your staff aware of this potential fraud and what to look out for,
  2. Review processes and controls around direct bank transfers – ensure they are approved by more than one individual,
  3. Do not use personal email addresses to send company emails – always ensure they come from dedicated company email addresses,
  4. Speak to the owner manager and confirm the validity of the request.

 

At Bennett Brooks we have a dedicated forensic team who are currently supporting clients in all aspects of anti-fraud awareness, reviews of processes and controls, investigations and cyber-security.

Please call Jason Leach on 01606 721 300, tweet me @jleach005 or email me at Jason.leach@bennettbrooks.co.uk.