<img src="https://certify.alexametrics.com/atrk.gif?account=b2hlr1ah9W20em" style="display:none" height="1" width="1" alt="">

Last year, Tesco Bank reported that £2.5 million was stolen from 9,000 accounts by cyber criminals. Some customers received text messages from the company in the early hours, warning them of fraudulently activity on their account.

The bank temporarily suspended online payments of 20,000 current account customers. Luckily,  no personal data was stolen and all affected accounts were refunded.

Follow these 10 steps to prevent the risk of fraud:

  1. Be vigilant - conduct due diligence on all business associates and third parties so you know who you're dealing with. Watch out for tell-tale signs (red flags) of suspected fraud - including employee fraud, cybercrime, customer or corporate fraud.
  2. Act ethically with integrity and honesty - only make honest declarations (about your credentials, qualifications and expenses); avoid giving unauthorised people access to your company's data, systems, or information.
  3. Only share information on a 'need to know' basis - to prevent identity fraud.
  4. Make sure you don't become an unwitting accomplice - to unscrupulous employees, customers, or suppliers or others in acts of fraud.
  5. Keep anti-virus software up-to-date - don't disable it and make sure updates are installed as soon as they become available to plug known vulnerabilities.
  6. Follow your company's information security rules - for example, make regular backups of data, avoid sharing prevent the risk of fraud passwords, ignore unsolicited emails or phone calls requesting information (don't be pressured into breaching company rules), encrypt or password-protect data which is sensitive or personal, don't click on links in unsolicited emails, avoid using public WiFi hotspots to link to your firms' network, and don't connect personal devices or download unauthorised apps.
  7. Co-operate fully and immediately with any guidance provided by IT which is designed to prevent fraud - for example, on using firewalls, updating anti-virus software, avoiding malware, and so on.
  8. Watch out for possible signs of a DDoS attack - for example, uncharacteristically slow response or network performance when opening or accessing files, unavailable websites or an inability to access your firm's website, or a dramatic increase in the amount of junk mail you receive.
  9. Report any knowledge, suspicions or concerns about fraud or suspected fraud immediately - inform your manager or IT immediately of anything suspicious or of any errors.
  10. Don't try to hide your mistakes - the sooner you report them, the quicker your company will be able to limit its losses.

Leave a comment

Tick

eBook: Essential Uncovered

Skillcast Essentials is our best-selling library and there's a reason for that. Essentials library provides comprehensive coverage of the key compliance / conduct issues that companies in the UK face today.

Download now

How to Manage the Compliance Personas in Your Company

Rory has no time for rules, especially the pointless ones that add a lot of work for no apparent benefit. When he encounters such rules, his first thought is to find a work-around. Andy doesn't mind ...

Read More
FCA Compliance News - November 2018

An overview of the most recent and upcoming changes to FCA guidelines for senior managers...   Regulatory Update The last six weeks have been a very busy time for the UK regulators, with both the ...

Read More
Compliance Essentials News - November 2018

This blog is dedicated to bringing you the news that touches the people dimension of regulatory compliance. It's not only about regulations, policies, procedures and systems. It's also about people, ...

Read More
Getting personal: five ways to engage staff with compliance training

It's an on-going struggle for most companies to engage their staff with compliance training. There's a constant stream of new regulations and tweaks to existing ones. And many of these require ...

Read More