Preventing business fraud - checklist


Preventing business fraud - checklistDuring the recession, levels of fraud rose, according to the National Fraud Authority, but small businesses may feel unable to justify investing in protection against it. These tips show you how to prevent fraud on a tight budget.

  • Beware of external fraud, such as phishing - when someone attempts to gain sensitive material such as credit card details by masquerading as a legitimate entity, often a bank. If in doubt, check directly with your bank. Hacking and corporate identity thefts are also threats.
  • Ensure that only the relevant employees have passwords to secure data or access to credit cards. Check that any expense claims are valid, and keep an eye on receipts from your petty cash tin. Take appropriate measures to deter fraud, and investigate any suspected instances.
  • Spot fraud by keeping an eye out for unauthorised payments, or for other companies impersonating your business or directors. Prevent corporate identity fraud by making sure that Companies House has the correct details for your business, or enrol for the more secure electronic PROOF scheme.
  • Set up and reassess internal control systems. Ensure that your finance team or accountant check bank and credit card statements thoroughly. Shred all sensitive documents before recycling them.
  • Validate new customers with credit agencies. Keep an eye on your current customers' accounts too, to look for trends such as delayed or slowing payments. If you think you may have a problem with a customer, get additional trade references or use credit insurers.
  • Conduct an internet search for common misspellings of your business name to check that no one is impersonating you online. Not only could businesses with a similar name poach your customers, but if their reputation is bad, yours could be damaged by association.
  • Review your IT security. Your business could be at risk from hackers or in breach of the General Data Protection Regulations if sensitive data such as your customers' details or your intellectual property is stored unprotected on your server. Make sure your virus software, password protection and firewalls are up to date and working.
  • If you discover internal fraud, ensure that it is clear who will lead the investigation, how to deal with the suspects and at what stage you will involve the police, if necessary. If you discover external fraud, consider getting legal advice before proceeding.