The Impact of COVID-19 on Fraud and Cyber Crime
Be Aware of the Top Five Fraud Schemes
Corporate fraud and personal identity theft were known risks well before the COVID-19 pandemic. As with other disasters and national emergencies, though, cases of fraud have risen exponentially in the past year directly resulting from COVID-19. Criminals use opportunities like this to take advantage of weak systems and controls. The best offense? Always a good defense … and that includes awareness of the top COVID-related fraud schemes, what they are, and how fraudsters operate.
The Impact of Fraud in 2020
Thanks to data from the Association of Certified Fraud Examiners’ (ACFE) 2020 Report to the Nations, we know that fraud causes about a five percent revenue loss every year. Every business is at risk for fraud, but small businesses are two to four times more likely to be a victim of fraud. Why? Answers vary, but generally, it leads back to a lack of budget and resources to implement stronger controls.
Men are more likely to inflict larger financial damage in fraud cases compared to women. But what’s the one characteristic that most fraudsters do have in common? Many were living beyond their means. This is a major red flag to be aware of.
Across all industries, the average financial loss in a single fraud case is $125,000. Can your company afford to lose $125,000 this year, or five percent of revenue? Probably not. That’s why it’s so important to understand how fraud happens – and how to prevent it.
COVID-19 and the Top Five Fraud Schemes
Because of COVID-19, the fraud landscape is changing. This is a natural extension of the changing operating environment and economic uncertainty we’ve become accustomed to. When entire companies went remote in 2020, there were more opportunities for fraudsters to commit crimes. As more people were stretched to their limit, it has become easier for people to rationalize stealing from their company; with less oversight, theft becomes easier, too.
In the past year, ACFE, in a survey to almost 85,000 members, observed a 79 percent increase in fraud occurrences, and 90 percent expect fraud to rise in the next 12 months. About three-quarters of ACFE respondents find it harder to detect and prevent fraud post-COVID, due to travel and in-person meeting restrictions, lack of access to evidence, and more. Although fraud has sort of always been a “when, not if” scenario, the rising risk creates a higher stakes environment that every business should be prepared for.
COVID-19 has affected fraud schemes differently; in the wake of the pandemic, some types of fraud are affecting businesses more significantly than ever before. The top five fraud schemes affected by COVD-19 are (in reverse order):
- Identity Theft
- Payment Fraud
- Vendor/Seller Fraud
- Unemployment Fraud
- Cyber Fraud
#5 Identity Theft
There are two main types of identity theft: traditional and synthetic. In traditional identity theft, a criminal uses someone’s real information and exploits it, whereas synthetic Identity theft requires a fraudster to combine real and fake information in an attempt to create a brand new identity.
The best ways to prevent identity theft are to:
- Shred personal documentation
- Monitor credit scores and financial records
- Securely store information
- Don’t share personal information with unknown individuals
#3 Fraud by Vendors and Sellers
In vendor fraud cases, a bad actor falsifies company accounts payable and payment systems through billing schemes, check tampering, and/or bribery and extortion. Also look for fictitious sales or product misrepresentation. Employees are typically to blame, either in full or in part, with either of these fraud schemes.
Vendor and seller fraud can be prevented through:
- Internal controls and segregation of duties
- Updated reporting systems
- Verified vendor or seller relationships
#4 Payment Fraud
Payment fraud happens when someone uses another person’s financial information to complete a transaction. In the case of a business, payment fraud happens during any type of transaction, whether it’s a credit card or check payment. Payment fraud can also look like bounced or returned checks, fraudulent refund requests or returned merchandise, or lost or stolen merchandise.
Two primary methods of preventing payment fraud are:
- Using current credit card processing technology like EMV cards and tokenization
- Monitoring spending habits and account transactions
#2 Unemployment Fraud
Unemployment fraud has skyrocketed due to COVID-19. This type of fraud can be perpetrated either by the employee or employer.
Generally, unemployment fraud can be prevented or detected through:
- Reporting system
- Monitoring of notices
- Unusual reporting
If a crime is committed via a computer with the intent to corrupt, it is cyberfraud. Keywords like malware, phishing, and dDos attacks all refer to cyberfraud. Given the rise in remote work environments, it’s little surprise that cyber crime has increased in the past year. Employee education can go a long way in preventing unauthorized access to company or personal devices.
Other ways to prevent cyberfraud are to:
- Be aware of phishing schemes and online scams
- Only use trusted sites
- Monitor communications/online posting to limit personal data
- Use strong passwords
- Use only secure internet connection (beware of public connections)
How to Combat Corporate Fraud
Most companies probably need to take extra steps to safeguard their systems and data from would-be criminals – especially small businesses. The top three anti-fraud programs that companies plan to dedicate significantly more resources to in 2021 are anti-fraud technology, overall increased budget for an anti-fraud program, and use of fraud-related consultants or external resources.
Fraud prevention really begins with educating company leaders and staff about what fraud is, how to spot it, and how to report it. Establishing a culture around fraud education and awareness is the best foundation for success. It’s probably also advisable to evaluate and update internal controls for the changing fraud landscape. Controls that were in place last year might not make sense in a remote environment.
Conducting a fraud assessment is one way to understand the full scope of fraud risk in an organization. A fraud assessment is like a financial statement audit, except on specific processes and controls. The goal is to strengthen controls to effectively mitigate fraud risk – and save the time, money, and hassle of undergoing a formal fraud investigation down the road.
Do you have questions about fraud prevention in your organization? Contact your Adams Brown advisor to review potential fraud risks and how to implement a fraud prevention program.