The risks of scams for small businesses

 How UK businesses are affected by scammers  • bank fraud alone costs the UK economy more than £1billion a year • more than eight out of 10 medium-sized businesses have been affected by fraud • almost a third of business fraud is committed by employees.  As well as dealing with the crime itself, you could also face significant fines from the Information Commissioner’s Office (ICO). At up to 4% of your annual worldwide turnover, this could ruin your business. 

 Common small business scams and frauds  When customers use payment cards to make online purchases you could unknowingly send goods to a scammer. You’ll only discover this when the genuine cardholder queries the purchase. If you run an ecommerce website it’s important to meet the requirements of the Payment Card Industry (PCI) data protection standard (DSS).  The amount of sensitive data your business uses might surprise you, including customer information and employee records. You need this information to run your business but it also has value for criminals. Simply sending or opening an email from the wrong person can introduce a virus that steals information.  Some businesses also have valuable or commercially sensitive information, such as research and development reports or product ingredients. If it’s valuable to your business, someone else might want it too.  Invoice fraud might involve an employee creating a fake supplier or changing the payment details of a genuine supplier. Fraudsters might contact you about a change of bank details for one of your suppliers, so always double-check. Payroll fraud involves creating false employee information to steal money from your business.  Ransomware attacks scramble your important data and hold it for ransom. You will only get the key to unscramble it again if you pay the criminals.  Official-looking emails and letters from trusted organisations like HMRC can easily mislead people. It’s always worth double-checking any correspondence like this by another route, just for safety. 

 How you can protect your business  Practical measures and staff training can make a big difference and are well worth the time and effort involved.  Careful data management is a good habit for all business owners. Secure physical and digital data storage is the first important step and will help you cope with emergencies too. Control access to sensitive information so it’s only seen by people who need it for their job. Make regular backups, code your data and protect it with strong passwords to deter thieves.  Take Five to Stop Fraud is a national campaign helping to protect everyone against fraud. It encourages everyone to stop, think and assess before acting. If you’re suspicious or something seems unusual, follow your instincts and be cautious.  You can’t do everything yourself, so train your staff to identify and manage fraud as well.  You would probably ask for references from your new employees. You can do the same for suppliers to make sure they’re legitimate. Simple things can help, like checking with Companies House, confirming their VAT number and registered address.  To avoid financial risks, make sure your processes involve more than one person. For example, only confirm contracts and payments if they are signed by two people. If you don’t have time to do this yourself, your bookkeeper or accountant can help set up reliable processes. To spot problems quickly, you can also ask them to regularly audit your assets and transactions. 

 Please get in touch if you would like to review the security of your financial processes.