Whilst it’s not a risk you like to think about, the possibility of internal theft or fraud is one anyone who has employees or places trust in a contractor needs to take heed of.
There’s a variety of ways a worker might betray the trust they have been given, including:
- falsifying their qualifications and/or employment references;
- manipulation of invoices, receipts, bank account details and other financial documents;
- leaking exclusive data, sales leads and/or professional partnership terms which competitors have an interest in;
- misusing their official work hours or abusing flexible working time systems; and/or
- faking or exaggerating claims for travel expenses and client entertainment costs.
Many employees that commit fraud will do it for their own gain, but in some cases the organisation may be infiltrated by an organised criminal gang.
Key actions to prevent employee theft and fraud
- Understand what you have that may be targeted by a fraudster and design suitable measures to reduce the risk. For example, finance processes (including procurement and payments, accounts) should be overseen by senior employees to ensure one person can’t transfer assets by themselves.
- Perform regular checks and audits to ensure the fraud prevention measures are being followed so that access to key assets is effectively restricted.
- Ensure good key security and access code management practices for all external doors, safes, stock rooms, vehicles, storage containers, cupboards, etc.
- Don’t forget to consider who can access intruder alarm and CCTV systems.
- Obtain (and thoroughly check) at least two independent references for prospective employees.
- Take note of behavioural changes amongst your workers.
- Don’t allow lone working, as much as is possible, and set up whistleblowing methods that allow anonymous reporting and protection for those voicing their suspicions.
- Issue a clear anti-fraud policy statement and ensure all employees receive training on fraud prevention and that they know how to report any concerns they may have.
- Install tracking, telematics or other similar systems to your owned vehicles and have a robust key security system for other vehicles your business may be taking care of (i.e. in the motor trade industry).
- Set up various security precautions and measures for computer data and connected devices. Review our risk topic pages on cyber threats and data management for guidance regarding this.
- Enforce a ‘clean desk’ policy so confidential papers are locked away when not in use.
- Establish a system of recording issues and return of devices, tools and equipment.
- Put procedures in place for the exit of an employee who has access to confidential data and/or information. ‘Gardening leave’ is a common practice, where an employee whose employment has been terminated, or who has resigned, is immediately instructed to stay away from the premises during their notice period so they can’t obtain up-to-date sensitive information.
This article is adapted from an original post by Allianz which can be found here.