Why Fraud Prevention (Always) Matters
Despite the prevalence of organizational fraud and its well-documented costs, businesses both large and small continue to operate without – or fail to review and test – systematic fraud prevention programs, running the risk of avoidable loss and reputational harm.
Being able to identify, avoid, and overcome social engineering, wire fraud, cyber hygiene, and physical security threats provide business owners and their teams real opportunities to scale effectively and pursue new opportunities to grow the business.
Why It Matters
Whether during the holidays, peak summer, or any time in between, the fall-out of reputational, operational, or financial fraud can be a gut punch to the integrity of any business. And while it may not always seem like an immediate catastrophe, the cumulative effects always are.
The truth is, as long as businesses compete fiercely on price in markets where consumers can purchase with the click of a button, tight margin conditions and the cost management of fighting fraud can – and often does – mean the difference between profit and loss.
The known/unknown paradox says that, just because a business does not know its risks, does not mean the risks do not exist. Because unless the business has designed and implemented a custom fraud prevention program informed by leading best practices, it cannot actually and accurately identify where its vulnerabilities are.
Below are a few of the standard arguments against fraud prevention programs we’ve heard (each are addressed in the subsequent sections of this blog):
- “With the probability of fraud so low, the cost outweighs the benefit of prevention.”
- “Spending time focused on prevention tactics detracts from real growth opportunities.”
- “The business is too small/too big to not notice fraud before it happens.”
- “Trusted employees would never commit fraud against their place of work.”
Key Data Points
Understanding how to manage risk provides a boost to any businesses bottom-line, and controlling fraud risks is a vital component:
- In September 2022, a U.S. Labor Department report estimated that $45.7 billion in federal unemployment insurance funds were stolen by fraudsters taking advantage of the COVID-19 pandemic.
- According to the Association of Certified Fraud Examiners (ACFE), a solitary case of occupational fraud costs the victim organization an average of more than $1.5 million.
- Certified Fraud Examiners (CFEs) estimate that organizations lose 5% of their revenues each year to fraud.
- In the ACFE’s 2020 Report to the Nations, a study of 2,504 cases of occupational fraud investigated by CFEs in 125 countries, the typical fraud lasted 14 months before it was detected and caused a median loss of $8,300 a month.
- In our connected world, digital fraud risks like BEC (business email compromise) have multiplied alongside ransomware, jumping from $1.8 billion to $2.4 billion (as many large companies have learned).
So, What’s at Stake?
The process of developing a fraud prevention program is beneficial because, in addition to helping prevent future fraud, it also kick-starts discovery. Often, fraud hides in plain sight (for example, interdepartmental dependencies and shared access points can create vulnerabilities).
High Reliability Organizations are not satisfied with convenience, remain inherently curious, and choose willingly to reduce the risk of fraud. This gives them numerous tactical and competitive advantages over those that don’t:
For Cash Handlers, this means:
Understanding and continually validating the Three P’s of fraud prevention – Policy, Process, Procedure – that are designed to reduce and control the likelihood and severity of loss relating to risk.
For Retailers, this means:
Specifically controlling points of access to key assets or functions integral to the business, deploying a system of checks and balances, utilizing employment background screening, and incorporating random audits.
For Brokers, this means:
Making sure clients have the correct infrastructure, training, and understanding of their policies, as well as the proper coverage to match the risk and associated collateral risks.
For Underwriters and Insurers, this means
Confirming that the insured’s risks are truly covered (with all third-party assessments adequate) and they can engage an incident response team.
In our research, we’ve found that most businesses we work with typically only consider the threats external entities pose (the flipside being that these external entities are, in turn, viewing the business as a risk). Clients often don’t consider this, ignoring their own internal threats.
When a business develops and regularly pressure-tests a strong fraud prevention program, it gains the ability to control its own fate. Those are qualities that give board members, investors, vendors, partners, and compliance auditors confidence.
During Fraud Week 2021, L&A President and expert witness Jon Groussman talked about preventing fraud:
Having a single point of contact – either in the form of a managed services agreement or simply knowing the right person to go to – creates efficiency and builds trust across the fraud prevention lifecycle.
Lowers & Associates offers the following services that can be scheduled, executed, and a report provided – on average – within 7 business days to help your organization reduce its risk of fraud immediately:
- Schedule a Risk Assessment: understand the risks to your business (externally and internally) and how much it could cost.
- Arrange a Compliance Audit: get deep insight into the behaviors and operational processes that keep you in compliance with your insurance policy.
- Set up a Business Continuity Plan Evaluation: build and maintain a foundation that keep your business moving in the event of fraud, a cyber breach, natural disaster, and more.
About Lowers & Associates
Lowers & Associates is a global risk management consulting firm, offering a full range of solutions from assessment to mitigation to recovery. We design, implement, and provide ongoing support to businesses across a wide array of industries, both long- and/or short-term programs, that are created to address the organization’s unique needs. From fraudulent-claims investigations, regulatory compliance audits, and BCP evaluations to cybersecurity policy development, litigation support, and due diligence, our experts draw upon decades of experience and expertise to provide tailored solutions that reduce risk and improve the bottom line.