Fighting fraud with technology

gallery

Business fraud is on the up and is costing the UK economy £1.37bn, according to new figures from accountants BDO Stoy Hayward. But the organisation believes the real figure could be much higher.

The accountants found that the figure rose sharply from 2005, when fraud cost business £1bn. The research found that only 15 per cent of businesses actually bothered to report fraud to the police. It estimated the actual cost of fraud to UK companies was nearer £5bn.

BDO said that value of reported fraud in the UK has risen 314 per cent from 2003, much of the fraud reported was "carousel" - high-value VAT fraud. This happens when criminals obtain a VAT registration number to buy goods, such as processors or mobile devices, from other EU member states, then sell on the goods inclusive of VAT and then disappear without paying this VAT to HM Revenue and Customs.

The Midlands was the worse affected region with several carousel frauds committed there. London and the South East also reported rises in the amount of fraud. Nine prosecutions last year involving fraud cost the UK Treasury £372m in lost revenues.

Experts said that detecting fraud in the modern corporate environment is an increasing challenge and is usually met with ever more sophisticated technology.

"Computer systems that do automatic transaction analysis are commonly used by banks and credit card companies and data mining techniques help to search out 'what if' scenarios," said Chris Paley-Menzies, head of forensic technology at RGL Forensic Accountants & Consultants. "However, these should also be allied with strong control procedures and transparency in financial authorisations".

Dan Morrison, partner, Corporate Fraud and Asset Recovery Group at law firm Mishcon de Reya said that there are a number of straightforward steps companies can take to dramatically improve the security and efficacy of their response if the crooks do strike.

"Careful scrutiny of prospective employees who will have high level access to your IT and security systems - experience shows beyond doubt that the majority of these frauds are carried out by insiders or at least with some level of inside help," said Morrison.

He added that companies needed to make sure they have in place a company policy permitting monitoring of emails and telephone calls in order to detect and prevent fraud. Provided such a policy has been adopted and reasonable steps have been taken to draw it to the attention of employees, the monitoring will not fall foul of the interception rules under the Regulation of Investigatory Powers Act.

"Intelligent monitoring in risk areas may provide advance warning of a planned fraud and, at the least, makes the insider's job more difficult," he said.

Morrison said hardware and software needed to be set up so that only those who truly need such rights can install new software to any part of your network. He said that PCs should not have floppy, CD or DVD drives unless there is a genuine business need for the user of a particular unit.

"By the same token, remove or disable unnecessary USB (or equivalent) ports and thereby prevent the use the portable data storage devices that are now readily and inexpensively available to the public," he said.

Jarrod Haggerty, forensic technology director, PricewaterhouseCoopers LLP said that robust risk management systems can go a long way to mitigate the likelihood of economic crime.

Email to a friend

Print this page