The risk of fraud is inherent in everyday life, particularly, in the world of business.
Around the globe, organisations, both big and small, are finding themselves caught up and victims of fraudulent activity. In fact, new figures released by the annual Crime Survey of England and Wales (CSEW), have shown that in the UK alone, fraud and cyber crime have become the country's most common offences.
In November last year, Tesco bank reported that £2.5 million was stolen from 9,000 accounts by cyber criminals. Some customers received text messages from the company in the early hours, warning them of fraudulent activity on their account. The bank temporarily suspended online payments of 20,000 current account customers. No personal data was stolen and all affected accounts were refunded.
For businesses, it seems that the only way to stay one step ahead of the fraudsters is to implement a tough fraud risk assessment - but how do we go about doing this?
Follow these 4 steps to ensure a more robust fraud risk assessment in your firm:
- Identify the fraud risks inherent in operations and processes - This can be done by referring to historical data as well as emerging trends and patterns.
- Use the probability/impact matrix to gauge the likelihood and severity of different fraud attacks - Estimate the level of risk along with your risk exposure.
- Use the 4T's model (Terminate, Transfer, Treat, Tolerate) - This is used to identify suitable measures to mitigate the fraud risk. Ascertain whether additional measures are necessary to help reduce risk.
- Evaluate the residual fraud risk - Assess the risk that remains after appropriate controls are put in place and whether this meets your firm's overall risk appetite and strategy. You may need to step up your anti-fraud controls to ensure your overall residual fraud risk is within your stated risk appetite.