In Q1 2021 Truist conducted nationwide research with 527 small business owners. One of the many topics examined in the survey is fraud. In this piece, we highlight steps you can take to combat fraud. Be sure to see the related articles on the sources of fraud and the financial tools you can use to reduce your company’s exposure to fraud.
For small business, the impact of fraud is wide ranging. It can create stress, needless distractions, and make you hesitant to take the risks required to advance your business.
You don’t have to become a fraud expert to protect your business, but a handful of steps can help you build critical defenses against fraud attack.
6 steps to help defend against fraud
1. Train your employees as your first line of defense. Training can range from discussions that raise fraud awareness in staff meetings to more formal training using outside resources such as online training modules, guest speakers, or companies that specialize in evaluating your vulnerability to phishing attacks.
You want to help your staff understand how to spot fraud, to trust their instincts when they do, and to ask them to report anything that seems off. Additionally, keep the topic of fraud top of mind—by talking about fraud risk openly and often, you can create a culture that makes your business less vulnerable.
2. Set up adequate internal process controls. Take measures like management reviews of financial accounts, dual signature requirements for certain types of transactions, and more. If your business is large enough, you should segregate functions as much as possible (namely separate accounts payable and receivable) to build in natural checks and balances. And make sure your financial policies and procedures are clear and complete.
3. Shore up your digital defenses. Protective measures include having a firewall in place, encrypting your wi-fi, and promptly updating software on all your systems and devices to take advantage of recent security updates. Taking time to set up multi-factor authentication (in which at least two steps are required to prove identity prior to login) wherever it’s available can go a long way toward thwarting attacks.
Technology can be a stressful, but critical, topic for business owners. Businesses who have experienced fraud firsthand are acutely aware of its role and spend a lot of time thinking about it, in many cases because the fraud has forced them to consider it. Our survey showed that businesses who experienced fraud are three time more stressed about the need to invest in technology as their peers who did not experience fraud.1 Attention to prevention and proactive measures can not only help protect your business from fraud but can protect you from the heightened stress and distraction that no business owner can afford.
4. Take care with mobile devices and other tools that enable remote working. As remote working arrangements have become more prevalent, businesses have become more dependent on mobile solutions.
Yet, just when their businesses need them to be exploring remote working and connectivity, business owners who have been attacked by fraud do the opposite—our survey shows that owners who have been stung by fraud are half as likely to optimize remote working and connectivity versus those who have not experienced fraud. Paralysis and fear can sap the risk-taking that small businesses need to keep from missing out on important opportunities.
The answer to mobile device fraud protection is straightforward: basic measures such as encryption, password protection, and a clear policy for reporting lost or stolen devices can make the core of a strong mobile device defense strategy.2
5. Have a proactive strategy for your financial accounts. Even modest protective measures around your financial accounts can go a long way. For example, segregate accounts to help improve control and transparency. Use tools that require active authorization of any outgoing payments and help you reconcile accounts daily so you can spot discrepancies quickly.
Checks make up for more than 60% of financial fraud, so shifting from paper-based processing to electronic is also a good move to protect against fraud. Today’s business credit card platforms are a great defense, with their built-in fraud detection and alert mechanisms. Our research shows that businesses who did not experience fraud take in 35% more of their payments by credit card and make 50% more payments by card than their counterparts who did experience fraud.1
6. Invest in cyberfraud insurance. While it is growing in popularity, there are still many businesses who should pause and evaluate cyberfraud coverage. In our survey, 30% of businesses reported experiencing some type of fraud, yet only 30% have invested in cyber insurance.1 That means plenty of businesses can and should seriously consider this type of coverage.
Businesses that do have cyberfraud insurance appear to be the most vigilant overall. They report taking a larger number of fraud prevention measures in general—signifying that the most fraud-aware businesses are thinking holistically and making insurance a part of their anti-fraud arsenal.