Banjo Loans urges SMEs to stay vigilant as financial fraud costs rise
With latest ACCC data revealing losses from Australian financial crime exceeding $2.7 billion last year, leading non-bank SME lender Banjo Loans is encouraging small and medium business owners to remain alert to increasingly sophisticated financial fraud activity.
From doctored financial information and fake invoices to identity fraud, phishing emails and other online scams, Banjo Loans’ Head of Credit, Portfolio Management Christopher Cam said the types of fraud SMEs need to keep on their radar are continuing to grow in scope and complexity.
“Creating fake invoices to skim money out to different accounts and payroll fraud is increasing. And businesses need to ask themselves, where you have people dealing with customer data – are there enough internal controls to ensure that customer data is not leaked to the dark web?” Cam said.
Cam also points to another concerning trend – the prevalence of compromised business email addresses from executive teams.
“They usually have a flavour of urgency to them, saying something like the CEO saying they’re stuck at a conference so they can’t talk, but asking for gift cards to be bought for an upcoming function. The messages will often say the purchaser will be reimbursed for the expense, but it never happens.”
Cam says, in his experience, these kinds of email scams usually target new employees.
“They feel silly going to another colleague or HR to check that it’s legitimate. They just think, ‘Oh, well, it’s just buying gift cards, and the email itself seems very plausible’.”
Against this fast-evolving landscape, Cam highlights five strategies for SMEs that have been proven to detect fraud as soon as it occurs and minimise the chance of it happening again in the future.
- Find a reputable external auditor
“Appoint external fraud detection and prevention experts to conduct an audit of your business, including regular penetration testing. Not only will an external auditor be able to see if fraud is already happening, but they can also identify where it may be at risk of it occurring,” Cam said.
- Keep financial reports up to date and accurate
“Regularly reviewing accounting records and conducting random internal audits allows you to stay on top of your finances and spot either suspicious transactions, or regular payments being made to accounts where they should not be made.”
- Introduce an anti-fraud/ethical conduct policy
“An anti-fraud policy that outlines acceptable and unacceptable behaviour is fundamental to minimising fraud. It establishes clear processes across the business for how payments are disbursed and the procedures for handling reimbursements. This policy will typically include restricted access to financial data, expense reporting and stock/inventory in order make fraud detection — and the person(s) carrying it out — easier to identify.”
- Implement strong internal controls
“While it may be common for SMEs to have just one person responsible for handling ‘the books’ and financial reporting, this is also a common formula for fraud,” Cam cautioned.
“When the same person oversees payments and accounting, skimming or fake invoicing may go unnoticed. Assigning different duties to different employees improves oversight, as well as the likelihood of ‘irregularities’ being caught by another set of eyes.”
- Develop an action plan
“Knowing what to do when you spot fraud is critical. It clarifies a ‘chain of command’ for reporting a suspicion of fraudulent activity and it provides a strategy for minimising further losses,” Cam said.
“If related to a cybercrime attack, an action plan should outline the steps to follow to protect other sensitive data and ensure business continuity. For directors, it should also clarify who to speak to in terms of legal and professional advice.”