Coronavirus: managing internal fraud in a pandemic

In these extraordinary times many organisations are in uncharted waters and coming to terms with their new day-to-day.  It's important employers stay mindful of how employees are coping and are aware of potential internal fraud risks and threats.

We sat down with our leading internal fraud expert, Tracey Carpenter, whom is one of our Member Relationship Managers here at Cifas to pick her brain on internal fraud risks and management:

Q: With the ongoing Coronavirus pandemic organisations are facing major impacts in how they operate day to day. Have these circumstances caused organisations to see internal fraud to increase?

A: We may not physically see internal fraud increasing at the moment but we will certainly see the knock on effects of this pandemic at a later date. This could be from data which is being harvested by employees taking card payments over the phone at home or having access to a customer’s personal information at home. 

We can also expect to see the knock on effects even when this pandemic is long over.  It is no surprise that people will lose their jobs and partners who continue to work may feel increased pressure to keep a roof over their families head and food on the table, therefore employees may be tempted to steal or commit fraud at a later date, once the country returns to BAU. They may be offered sums of money to make unauthorised transfers or divulge personal or company data or they may just take the opportunity to steal from the till and may even rationalise the fraud as they need to provide for their family.  

In the early days we heard of employees pretending they were self-isolating due to COVID-19 symptoms when they were in reality going about their normal lives minus having to go in to work, it is hard to tell whether we will see a decrease in this now that there is nowhere to go and nobody to go out with however those that fancy a week on the sofa in their pyjamas may well take the chance for a week off.  

I have no doubt that there will be some dishonest people who via work had access to the items which you could not find anywhere such as toilet rolls, hand sanitiser and soap who were able to steal those items from their place of work to use themselves or sell to the public.

Q: If organisations are dealing with internal fraud, what does this look like?

A: In a very short space of time, we have seen huge numbers of employees from various organisations, covering multiple grades and roles, moving from office working to home working. Most with access to the same data and the same information as they had in the office just now from the comfort of their own home. We hear all the time about how much more relaxed working from home is. There is not the same level of scrutiny as there is in the office which can make people forget that they need to carry the same level as integrity as they would working from the office. There is nobody to see what you are doing and no cctv watching your every move and generally a lot less supervision but the level of trust that is expected of you does not drop.

It is not just those working from home that we will see turning to fraud though. It is those who are still working as normal and may feel motivated to commit fraud as they feel too much is being asked of them. Employees often commit fraud when they feel they are owed something. Those continuing to put themselves at risk by having to go to work each day while others may be receiving 80% of their salary from the Government may feel aggrieved and feel they are owed more.  

Organisations that are open for business with a much reduced head count makes it inevitable that there will be adjustments made to processes. What is usually always dual control may need to be sole control, and this paves the way for there to be an increase in opportunistic thefts.

Q: For organisations dealing with internal fraud, how are employers discovering that their employees may be committing fraud?

A: It is common for some employees who have been committing fraud for several years to never take time off. They need to be in work every day so that they can continue to conceal their wrongdoing. We can expect to see an increase in this type of fraud being identified due to sickness and also a reduction in staff, for example, in a bank due to social distancing measures.  Elderly and vulnerable customers who are usually the target of this type of fraud are less likely to visit a branch during this time due to self-isolation and more likely to report any discrepancies via a different channel such as telephone.  

Q: How can employers stop the increase of their employees committing internal fraud?

A: Employers should be monitoring activity such as;

If there is a high number of discrepancies, mistakes, or other issues, can any of it be tied back to a particular individual?

Monitoring day to day activity: How do we ensure employees are actually working from home and not on a games console all day? Ask employees to log their hours working from home on a time sheet and to provide a document detailing their work. It is also important to allow employees the flexibility to set their own hours whilst working from home. Allowing additional breaks and home schooling time to be included in the time sheets, as falsified time sheets are still classed as fraud. 

Clear expectations: Ensure employees know that whilst working policies may be more relaxed at the moment, conduct is still being monitored and additional checks are being undertaken. Re-emphasise what is expected of employees and what is not acceptable such as sharing personal data, taking photos of screens, conducting a conference call with sensitive commercial data in front of others and let employees know that the whistleblowing line is still available should they have any concerns regarding a colleague.   

WFH audit checks: If end of day audit checks have slipped by the way side in the office, they need to be re-established, now more than ever employers need to be able to monitor what their employees are doing.  Some organisations have exception reports which monitor employee activity, these should be utilised and employers should think about the types of fraud that could be carried out from home and ensure there are additional reports put in place to identify this type of activity.

Employers should look to support employees who have been impacted in any way. This can be from a partner losing their job, getting sick, etc. Employees can be impacted in so many ways during these times and could end up in financial difficulty – some may see no way out other than to steal or commit fraud.

Working from home safely

It is important that during these times we remain vigilant about protecting ourselves and others from scams and misinformation connected to the coronavirus.

We have set up a dedicated Coronavirus advice webpage for home workers, businesses and self-isolators. This page includes a daily ‘What’s new’ update from our intelligence team outlining coronavirus related scams and fraud threats.

Stopping internal fraud before it happens

Strong walls are no barrier if you have a key to the door. Many organisations invest time and money protecting their business from external threats but fail to tackle internal vulnerabilities.

Joining the Internal Fraud Database will help you create a strong anti-fraud culture in your workplace and protect your business, staff and customers from fraud threats. By recording and sharing your fraud data with some of the UK's largest organisations across the public and the private sectors, you'll also help make the UK a safer place to do business.