Internet traffic, mobile data use and the cloud are forecast to grow exponentially, which exposes systems to additional security risks. More than half of the sensitive digital information flowing today does not have adequate protections.
A comprehensive fraud prevention plan acts as a padlock for creating greater online and offline security.
Most of us take precautions every day to protect our belongings. We lock our cars, our homes and our smartphones. Those same good habits are necessary to protect any business operating in the digital world. Business bank accounts and business data are frequent targets of fraud and theft by a growing number of domestic and international cybercriminals. Yet many businesses leave their "virtual doors" wide open to thieves because they may be unaware of the growing risks.
Worldwide, theft as the result of fraud cost companies an estimated £2.5 trillion in 2013 alone1. This equates to a typical business losing 5% of revenues each year to fraud. Once funds have been stolen, they are rarely recovered.
At Silicon Valley Bank, we are committed to helping our clients protect their assets, including funds, intellectual property, and non-public customer information. To help protect assets, we encourage our clients to create a comprehensive fraud prevention plan to secure all valuable assets and prevent and detect theft. A comprehensive plan addresses all potential security risks facing your company and is an essential tool to prepare for future growth, an IPO or acquisition.
Formulating a plan
A comprehensive fraud prevention plan establishes individual roles, responsibilities, and oversight of key risk areas. Just as locking your car is a matter of habit; protections must be integrated into a company's routine activities and practices. Some actions that are part of a plan may be simple, such as separation of duties for invoice approvals and payment initiation. Other actions may require added technology, such as adopting out-of-band authentication or employing protection solutions to secure your online network. The plan should also provide a roadmap of steps to take when fraud or loss is suspected or discovered. Businesses at different stages of growth face different security risks, so it's important to create a fraud prevention plan based on the unique needs of your business, based on your life stage and corporate structure. Be sure to update these as your business grows and changes.
To start, identify areas and corporate practices that create the greatest risks. The key areas for most companies include those where company funds, strategic corporate information, non-public customer information, and intellectual property are most vulnerable to cybercriminals and fraudsters. Some potential risk areas include:
- Accounts payable and payments processes
- Accounts receivable and collections processes
- Company operations
- Employee fraud and misconduct
- Network security
- Desktop and hardware security
Communicating and Overseeing Policies
A comprehensive fraud prevention plan should be cross-functional, encompassing accounting, operations, IT, and other critical areas. While everyone has a role to play in minimizing fraud, one person should be appointed for creating and implementing the plan. In most cases, an executive-level leader or founder is best positioned to oversee development of the plan, as well as regular review and revision. This person should communicate the plan broadly, reviewing key components and responsibilities with new and existing employees, optimally on an annual basis. Communicating the plan effectively creates awareness within a business that a plan has been developed and can be actioned if needed.
Once established, a comprehensive fraud prevention plan will help your business better understand and respond to the primary forms of risk and loss. For your plan to be most effective, it must be communicated and adopted across your entire business. Employees at all levels and executives alike will appreciate having well-defined ground rules for enhancing security and practical guidelines for conducting their daily activities, including specific steps for responding to loss or theft.
Have questions on how to develop or enhance your company's fraud prevention plan? We are here to help. Contact your Silicon Valley Bank Relationship Advisor or the UK Financial Crime Team to start a conversation about fraud prevention.
1 Source: Association of Certified Fraud Examiners 2014 Global Fraud Study
This material is provided for informational purposes only.