The COVID-19 pandemic changed how Americans do things in their private lives, and it disrupted the US’ workday world. A year after the start of the pandemic, many businesses are hanging onto life by a thread, just trying to survive in this historic economic downturn. Keeping tabs on fraud has not been top of the mind for folks struggling to stay in business. And that is exactly how the fraudsters like it. They happily ply their grift against businesses.
You may not know it, but you need to beware of increased fraud as a result of COVID-19. The following paragraphs set out a pathway for increased vigilance with respect to your key business processes.
The “Fraud in the Wake of COVID-19” Report
In September 2020, the Association of Certified Fraud Examiners (ACFE) published its second gold standard report entitled “Fraud in the Wake of COVID-19.” ACFE compiled the conclusions from its survey of more than 2,000 Certified Fraud Examiners. The examiners worked across various industries and their responses to the survey indicated that fraud cases escalated during the pandemic. Here are a few of the conclusions drawn from survey respondents:
- 77% saw an increase in the level of fraud suffered;
- 34% saw a significant increase in the level of fraud; and
- 92% anticipate more fraud in the next year and the foreseeable future.
The survey respondents also said that preventing, detecting, and investigating fraud became more challenging as a result of COVID-19. These unanticipated challenges were brought on by business reforms intended to curb the global pandemic, such as:
- Remote interviewing procedures.
- Process tracking insufficiency.
- Travel limitations.
- Changes with respect to process controls; and
- Insufficient oversight over remote workers.
Take Heart: Here Are Some Steps Businesses You Can Take to Control Fraud in Your Business
Cyberfraud was an increasing problem for 83% of ACFE’s survey respondents. Cyberfraud is the art of using fake email messages to elicit sensitive personal information from internet users. Cybergrifters then use that ill-gotten information to commit identity theft or even to spread hate messages.
Remote workers face an even greater risk for cyberfraud due to the increased distractions they face at home. Many working parents are trying their best to carry out their occupations while juggling supervising virtual learning for their little ones. They function as daycare in the afternoon since many daycare businesses closed due to the pandemic. Those challenges make for a very disruptive workday.
It is unfortunate but true that many times employees become the gateway into businesses for cybercriminals. And the term employees means everybody at every level, from the mailroom to the C-suite.
Here are a few things businesses can try:
- Employee Training. Every business should amplify existing training and awareness programs to include the latest cyberfraud maneuvers and how to recognize them. Remind employees to think before opening or responding to an email or text message.
- Brainstorm with other business owners. Learn to identify the fraud risks inherent in your own working environment. This is especially important now that COVID-19 restrictions diminish in-person supervision of employees.
- Review Controls. Within days businesses in the US moved from in-person activities to, in some cases, almost 100% remote work environments. And it’s been that way for about a year now. Remote staffing and fewer in-person hours may not allow for segregation of duties or for the requisite review and approval processes in your working environment. Leaving too much control in the hands of a key employee may not be conducive to appropriate compliance and oversight.
A few of the business processes in which management should review controls are:
- PO Requisition Approvals
- Supplier Invoice Approvals
- Customer Sales Quote Approvals
- Financial Requests (i.e., Employee Expenses, Check Requests)
Your business met the challenges that COVID-19 threw at the world. It is imperative for you now to understand that fraudsters will continue to present an impactful set of challenges for every business owner. Take the steps now to be proactive. Consider the risks intrinsic to your business world and make changes to address them in today’s environment.
Some additional information
To learn more about cyberfraud, you may enjoy the February 2021 article from fortinet.com entitled “Why Threat Actors Continue to Rely on Cyberfraud”.
Moving Forward
To talk more about this topic, or anything else, please contact us. We invite you to learn more about our Data-Driven Approval Routing and Workflow data-driven capabilities.
Sources
Why Threat Actors Continue to Rely on Cyber Fraud | Fortinet
Free and Low Cost Online Cybersecurity Learning Content | NIST