Research* has revealed that nearly two-thirds (63%) of decision makers in large UK businesses are worried that employees will be targeted by fraudsters, with 50% of respondents fearing staff will become an ‘insider threat’.
As many businesses prepare to recognise International Fraud Awareness Week (17-23 November), a recent Cifas survey showed leaders in charge of staff training are increasingly worried about the impact fraud could have on their organisations.
Employees are an attractive target for criminals who use different tactics to exploit their position and direct route into an organisation. Examples include phishing emails and fake documents to trick staff into downloading malicious software onto their systems or rush through payments before they have chance to challenge legitimacy.
Some fraudsters are also known to approach workers either in-person or online, promising cash in exchange for sensitive company information – data which is often used against the organisation or sold on the dark web.
The increase in hybrid and remote working also continues to pose challenges to businesses trying to reduce the threat from staff who are willing to put their companies at risk – often referred to as an ‘insider threat’ – and abuse their positions.
Rachael Tiffen, Director of Learning at Cifas, said: “Many organisations are fearful employees will become embroiled in the insidious world of fraud. When your workforce is your first line of defence, businesses must have robust procedures and policies in place to ensure security is not compromised and colleagues and customers are kept safe.
“Building counter-fraud skills and developing an anti-fraud culture can help to further protect businesses, ensure employees understand the dangers of criminal approaches or insider risks, and encourage workforces to report suspicious activity.”
8 ways organisations can improve internal controls to detect and prevent fraud
- Run fraud risk assessments to consistently review gaps and ensure vulnerabilities are remedied at the earliest opportunity.
- Implement counter-fraud measures that improve business safety, such as having a robust code of conduct and procedures and policies in place that cover device and data security.
- Invest in technology that enhances security controls on equipment, for example multifactor authentication and facial recognition.
- Roll-out proper vetting checks through an employee’s entire lifecycle and screen regularly – regardless of their job title.
- Provide specialist training consistently so employees continue to develop counter-fraud knowledge and upskill in how to spot and report signs of dishonest conduct.
- Create accessible ways for staff to escalate concerns confidentially such as through their managers and/or via a whistleblowing service.
- Be aware of any unusual patterns among staff. For example, are they now exhibiting a lifestyle that contradicts their salary? Are they suddenly disgruntled and/or reluctant to adhere to organisational controls? Look out for signs of behaviour changes.
- Prioritise employee welfare. When staff know support is available, that can often be the difference between them seeking help or feeling they have no other option but to be dishonest.
*Research from Cifas