7 ways to help stop workplace fraud

What every employee should be doing to prevent fraud in the workplace

27 October 2016

Workplace fraud is probably more common than you think. No less than 57% of Australian businesses reported suffering some form of economic crime between 2012 and 2014. And scammers alone took almost $85 million from unsuspecting Australians in 2015.

As a business owner or manager, you should be empowering every employee to take responsibility for preventing fraud in your business.

Macquarie's Fraud Investigations Specialist, Jonathan Martin, shares tips on how all employees in the business can help to protect your business from fraud.

Exercise special caution where the request is urgent or where the client says they’re overseas.

1. Confirm instructions with clients

A scam may appear as a routine email from a client, asking you to transfer money on their behalf. But really, the scammer may have taken control of your client’s email address, diverting any email you send to your client to themselves.

Whenever anyone receives a request to transfer money, they should always ask: “Does this really sound like our client?”

They should also follow up with a phone call – preferably to a land line – whenever they’re in doubt or wherever there’s a reasonable amount of money involved. Exercise special caution where the request is urgent or where the client says they’re overseas.

2. Never click on suspicious links

Email scams don’t always appear as a client asking for money. More commonly, the scammer impersonates an organisation that needs you to take immediate action. For instance, it could be Australia Post with news of a parcel that needs collecting or the Office of State Revenue emailing about a speeding fine.

Either way, the scammer’s goal is exactly the same - they want you to click on a link which will start downloading ransomware or another type of malware onto your computer.

The results could be devastating for your business. So never click on a suspicious link.

3. Be careful about giving away bank details

One of the most effective ways scammers target unsuspecting businesses is by simply getting them to hand over their bank account details. This could be by setting up a fake bank login page and directing victims to it by email – under the ruse that they’ll receive some money or, otherwise, need to make a payment. Or it could be by posing as Microsoft and telling you that they’ve detected a problem on your computer network. Really, the scammer wants access to your bank account. Make sure everyone in your business is cautious about giving away account details. And never enter a PIN online, except on the bank’s website - and only then when you’ve navigated to the website yourself.

4. Update your security and anti-virus software

Constantly needing to update your security and anti-virus software can seem like a pain. But it’s vital if you want to have the best chance of stopping fraudsters from corrupting your system. Scammers are constantly creating new and more powerful forms of malware, which out of date antivirus software simply won’t detect. In other words, the less up-to-date your antivirus software is, the more vulnerable your business is. So make sure yours is always updated as a matter of routine and make sure your staff do the same.

A firewall (a barrier between your computer system and external network traffic) can also boost your computer’s security. Ensuring your computer’s operating system is up to date will also add a level of security.

The sad reality is that as much fraud happens as the result of internal factors (employees) as external ones.

5. Back-up your data

By backing up your data regularly, you’re putting your business in the best position to minimise any damage if fraudsters access your system. That’s because, if they try to ransom your files – or to destroy or corrupt them – you’ll have another up-to-date copy of the same file which you’ll still be able to use. The best way to make sure your files are safe is to use software that backs them up automatically. If your system isn’t capable of this, make sure everyone backs up their files as often as they can.

6. Understand your workplace protocols

Your efforts to stay vigilant about the threat of fraud will be sabotaged if others aren’t doing the same. So it’s important that your workplace has protocols in place to deal with the threat of fraud. These should cover such things as the correct use of the internet and what to do if you’re suspicious about an email, as well as processes such as how to deal with a client request to transfer. Even more importantly, it’s important that these protocols are communicated across the organisation and that everyone understands their responsibilities. If you don’t have comprehensive policies in place - work together with your staff to develop some now. And make sure everyone knows what they are.

7. Speak up

The sad reality is that as much fraud happens as the result of internal factors (employees) as external ones. And, where the perpetrator is a senior employee, the amount lost is likely to be 10 times as high. If you notice something suspicious, speak up and encourage all your employees to do the same. After all, there is no better safeguard to loss than a staff member who’s prepared to call others out for doing the wrong thing.

And finally...

These seven steps will go some way to protecting your business against fraud. But because fraudsters keep finding new ways to target business, the best solution is always to be vigilant about detecting fraud in everything you do.

To make sure your employees understand their personal responsibility for preventing fraud, share this article with them so they're aware of what they can do to help.

You might also like:

How to stop your business being held to ransom
Our guide to protecting against the latest craze in cybercrime.

How to protect yourself from email scams
Spotting a fake email isn’t always easy. Scammers are more sophisticated and better resourced than ever. We show you seven things to check when you receive an email.

Unless stated otherwise, this information has been prepared by Macquarie Bank Limited ABN 46 008 583 542 AFSL & Australian Credit Licence 237502 and does not take into account your objectives, financial situation or needs. Before making any financial investment decision or a decision about whether to acquire a credit or lending product, a person should obtain and review the terms and conditions relating to that product and also seek independent financial, legal and taxation advice. All applications are subject to Macquarie’s standard creditapproval criteria. Except for Macquarie Bank Limited ABN 46 008 583 542 AFSL and Australian Credit Licence 237502 (MBL), any Macquarie entity referred to on this page is not an authorised deposit-taking institution for the purposes of the Banking Act 1959 (Cth). That entity's obligations do not represent deposits or other liabilities of MBL. MBL does not guarantee or otherwise provide assurance in respect of the obligations of that entity, unless noted otherwise.