All organisations and individuals are subject to fraud risk. It is therefore essential to prioritize fraud prevention and detection to protect every organisation’s and its stakeholders’ interests. Fraud can come in many forms, from simple company property theft to complex financial schemes. It can cause significant financial loss and damage to an organisation’s reputation, as well as legal and regulatory problems.
While most of clients do not commit fraud, some do, leading to losses for the defrauded. To prevent and detect fraud, it is important to establish strong internal controls and implement effective risk management practices Although it is impossible to eliminate all acts of fraud, one of the most effective ways to prevent such acts is to institute proactive and ongoing evaluation of a potentially fraudulent activity.
Since we can’t control and effectively manage what we don’t know or understand, so let us start by understanding what fraud is. Fraud may be classified into three categories.
- False representation-the deliberate falsification of information to result in a gain for self or others, or loss or risk to others
- Failure to disclose-the concealment of information to result in a gain for self or others, or loss or risk to others
- Abuse of position-the exploitation of position, or omission to act, resulting in a gain for self or others, or loss or risk to others. (Source: The UK Fraud Act 2006)
Common Frauds include;
- Financial Statement Fraud; This may manifest in many ways to inflate profits, conceal losses, flatter the business performance, extract cash or otherwise misrepresent the financial status of the company. This also includes where the customer/client’s auditor either fails to identify inappropriate accounting treatments leading to incorrect risk decisions made by the Bank or, in extreme cases, collaborates with clients to produce fraudulent financials.
- Material Misrepresentation: This manifests when a client misrepresents or fails to disclose material financial or non-financial information influencing the risk decisioning made by the lender or bank
- Known Bad: This occurs when an institution fails to identify the customer/client, or its directors are known within the sector, industry in which the client operates, public media or other sources to have previously been involved in fraud or other abuse of facilities. This is particularly a risk for conquest business (where new clients are acquired through the takeover of facilities from another institution).
- Trade for finance, not for trade: This manifests when a client trades with undisclosed but socially or legally related counterparties to obtain bank finance and siphon money for purposes other than the stated trade.
- Social engineering fraud: This includes:
- Phishing, which refers to emails with links containing malware that can access your personal information so always take note of the senders’ email addresses. Look out for changes such as johndoe@wahoo.com instead of johndoe@yahoo.com
- Vishing, which refers to calls impersonating banks or companies to obtain account details. To manage this always transact on safe websites with the lock icon or ‘secure and verified’ badge at the bottom of the page and never reveal personal or banking information to anyone over the phone or email.
- With SIM porting/Swapping: Here fraudsters may obtain a duplicate SIM from phone companies by impersonating you. The fraudster requests for a duplicate SIM on the pretext of lost phone, damaged or replacement SIM and activates the new SIM to gain access to OTP/notification from your bank. To manage this, always be alert to any notifications sent by your phone company on any unauthorised SIM change. Should you receive such a notification, always call them immediately for verification. Lastly, take note of long periods of a network outage on your mobile as this could be an indication of SIM deactivation.
- ATM Frauds: These involve your ATM card’s information being stolen while you are at the ATM through someone tampering with the card reader to trap the card, someone looking over your shoulder and observing your PIN or someone installing a false keypad to capture your PIN.
To prevent this fraud, it’s important to be wary of people around you while at the ATM, be observant and ensure the machine has not been tampered with, cover the keypad when keying in your PIN and shred or discard your receipts.
- Card Fraud: This involves the use of cards for unauthorised or unlawful transactions. To manage this type of fraud, never share your card details with anyone, always keep your card in sight when making payments over a counter and ensure the correct card is returned to you, always check your card statements for unknown transactions and always shred and discard card statements, receipts, and old and expired cards.
- Money Mule: A money mule, on the other hand, is someone who accepts and transfers money in return for a fee. To guard against this type of fraud, always be aware of people offering fees to receive and transfer money using your bank account and don’t open a bank account in your name to receive and transfer money for someone else.
Frauds can be hard to spot at times but together we can reduce the risk by spotting the warning signs. We need to always be vigilant and when in doubt, verify the source of the calls, emails and/or text messages before we act. We also need to curtail suspicious activity by not responding to requests for personal details from unknown sources and finally, we need to always report incidents for many reasons but mostly to create awareness and management. Organisations, therefore, need to put in place a mechanism to enable customers and clients who suspect any fraudulent activity to report it immediately. The quicker the fraud is reported, the higher the chances of recovery.