02 Feb Stop, Challenge, Protect
In the first half of 2021 businesses lost £59.2 million to scams and frauds; an increase of a third over the same period in 2020. Not that that’s necessarily an indictment on businesses. As an article by Small Business Commissioner Liz Barclay comments: “scams are becoming more sophisticated” with “constant vigilance” now being required “to spot the baddies.”
Liz Barclay’s comments came in an article on the ‘Take Five to Stop Fraud’ website. Her article is part of a campaign to encourage businesses to take three simple steps to reduce the risk of scam attempts being successful. It comes on the back of a study which revealed that, despite an increased awareness of fraud amongst businesses, sixteen percent would not challenge an unsolicited phone call. Given that 80% of SMEs reported receiving unsolicited texts and 64% unsolicited phone calls asking for payment or sensitive information, that sixteen percent represents a potentially significant fraudulent impact on businesses.
With that in mind what are the three steps recommended by the Take Five to Stop Fraud campaign? The first is simply to take a moment to stop and think whenever an out of the ordinary request arrives. For example, a supplier may make a request for an urgent payment, perhaps linked to a change of bank details. Alternatively a phone call might ask for business sensitive information such as details of contracts, payment details or even employee information.
So whenever something feels wrong, stop and think and then take time out to challenge. Reputable businesses won’t mind if you take time to call back and verify requests. However, it is important to ensure that the number you call is either one already known to you or is independently verified. Simply calling the number on the invoice request could leave you speaking to the scammers.
Finally, if you think a fraudster might have got through, take action immediately to protect your business. That means contacting banks to stop or recall payments and reporting scam attempts to Action Fraud.
The Companies Act 2006 requires directors to exercise reasonable care, skill and diligence; and actions such as those described above certainly come under that remit. However, whilst the responsibility may stop at the top, the requirement to act on potential scams should permeate the entire organisation. Directors can set a culture of risk awareness, one in which everyone is aware of and empowered to act on any suspicions.
When the entire organisation is focused on combating fraud, the chances of success are higher. As Liz Barclay, Small Business Commissioner, said:
“It would be very easy to get sucked in by an email which looks genuine when you’re in a rush. Please, please take nothing at face value and check with anyone you need to pay before responding to texts, emails or calls. We need to make it impossible for the scammers to scam us.”