NHS ATTACK REMINDER TO STOP HACKS IN TRACKS

Recent cyber-attacks on the National Health Service and companies all over the world have rung alarm bells over how firms protect their business from being targeted by criminals.

A new report tells business leaders how to crack the hackers on scams such as executive impersonation, where fraudsters dupe unwitting staff into transferring money from company accounts.

In the three years to 2016, almost 16,000 organisations across the globe had their IT systems breached – or 17 cases of business e-mail compromise every day, according to the US-based Internet Crime Complaint Center.

Eight steps, ranging from better use of technology in preventing malpractice, to encouraging whistleblowers, are included in the report, Keeping Business Clean. In addition to fighting cyber security, the advice also covers how to counter theft of machinery, false invoicing and concealing activities such as forced or child labour.

Tanya Barman, Associate Director of Ethics, the Association of International Certified Professional Accountants, said:

“The three main types of fraud and corruption affecting firms are theft or misuse of a company’s assets; falsification of documents for financial gain; and bribery and improper use of confidential information.

“Professional accountants are trained to analyse financial and non-financial information, putting them in a good position to challenge any suspicious activity in their company.

“As well as the financial damage from a fraudulent act, corruption costs both the business affected by the initial crime and the supply chain, too.”

Peter Van Veen, Director of the Business Integrity Programme for Transparency International UK, which tackles commercial corruption, said:

“The role of accountants and finance professionals in detecting, uncovering and preventing corrupt practices in organisations is critical. This publication shows the positive role they play in the fight against corruption.”

Keeping Business Clean can be downloaded here, along with the Anti-Corruption Landscape 2017 report, co-produced with Transparency International UK.

EIGHT WAYS TO FIGHT THE FRAUDSTERS:

  • Leadership – Businesses are encouraged to establish an anti-fraud policy, and engage the board in talking to staff, customers and suppliers.
  • Identify key risks – Check how fraud might happen in your company, such as through written-off stock or budget over-runs.
  • Promote anti-fraud culture – Speak from the top. Executives should let staff know they have a strong process for weeding out scams. Employee reward schemes can also reduce attempted deception in companies.
  • Develop anti-fraud controls – Put extra checks on admin procedures, such as a second signature, or avoid giving authority for a job over the phone.
  • Encourage whistleblowing – Retain the employee-manager route for addressing initial concerns, but give staff access to free confidential advice, and discretion when raising concerns.
  • Develop a response plan – Plan for fraud before it happens. The fraud itself might be outside your control, but how you respond is within your gift, from reporting lines to a PR strategy.
  • Harness technology to fight fraud – the better the technology at your disposal, the easier it may be to spot fraudulent behaviour before it’s too late.
  • Develop or improve internal controls – Ensure invoices are linked to purchase orders, and remove as much as paperwork as possible, in favour of electronic systems.

NHS ATTACK REMINDER TO STOP HACKS IN TRACKS

Recent cyber-attacks on the National Health Service and companies all over the world have rung alarm bells over how firms protect their business from being targeted by criminals.

A new report tells business leaders how to crack the hackers on scams such as executive impersonation, where fraudsters dupe unwitting staff into transferring money from company accounts.

In the three years to 2016, almost 16,000 organisations across the globe had their IT systems breached – or 17 cases of business e-mail compromise every day, according to the US-based Internet Crime Complaint Center.

Eight steps, ranging from better use of technology in preventing malpractice, to encouraging whistleblowers, are included in the report, Keeping Business Clean. In addition to fighting cyber security, the advice also covers how to counter theft of machinery, false invoicing and concealing activities such as forced or child labour.

Tanya Barman, Associate Director of Ethics, the Association of International Certified Professional Accountants, said:

“The three main types of fraud and corruption affecting firms are theft or misuse of a company’s assets; falsification of documents for financial gain; and bribery and improper use of confidential information.

“Professional accountants are trained to analyse financial and non-financial information, putting them in a good position to challenge any suspicious activity in their company.

“As well as the financial damage from a fraudulent act, corruption costs both the business affected by the initial crime and the supply chain, too.”

Peter Van Veen, Director of the Business Integrity Programme for Transparency International UK, which tackles commercial corruption, said:

“The role of accountants and finance professionals in detecting, uncovering and preventing corrupt practices in organisations is critical. This publication shows the positive role they play in the fight against corruption.”

Keeping Business Clean can be downloaded here, along with the Anti-Corruption Landscape 2017 report, co-produced with Transparency International UK.

EIGHT WAYS TO FIGHT THE FRAUDSTERS:

  • Leadership – Businesses are encouraged to establish an anti-fraud policy, and engage the board in talking to staff, customers and suppliers.
  • Identify key risks – Check how fraud might happen in your company, such as through written-off stock or budget over-runs.
  • Promote anti-fraud culture – Speak from the top. Executives should let staff know they have a strong process for weeding out scams. Employee reward schemes can also reduce attempted deception in companies.
  • Develop anti-fraud controls – Put extra checks on admin procedures, such as a second signature, or avoid giving authority for a job over the phone.
  • Encourage whistleblowing – Retain the employee-manager route for addressing initial concerns, but give staff access to free confidential advice, and discretion when raising concerns.
  • Develop a response plan – Plan for fraud before it happens. The fraud itself might be outside your control, but how you respond is within your gift, from reporting lines to a PR strategy.
  • Harness technology to fight fraud – the better the technology at your disposal, the easier it may be to spot fraudulent behaviour before it’s too late.
  • Develop or improve internal controls – Ensure invoices are linked to purchase orders, and remove as much as paperwork as possible, in favour of electronic systems.