Enterprise fraud and workplace policy abuse come in many forms, and every business is at risk.

 Unfortunately, it’s not always obvious when workplace fraud occurs. Perpetrators are often insiders – long-time employees or trusted staff members who have access to sensitive information.

 The very idea that these people would cheat you can be hard to accept. It may even be tempting to think, “It could never happen here.” But it could. And the less you do to prevent it, the more likely it is to occur.

 Workplace fraud could mean failed compliance audits, hefty fines, or irreparable damage to your brand. It could also mean a serious blow to your bottom line.

 So don’t let others profit unethically at your expense – take steps to stop them. Here are four common types of workplace fraud and some suggestions for avoiding an all-out fraud nightmare.

1. Accounting mischief

 If your accounts are vulnerable, employees can use them to their advantage. Think “skimming” small amounts of money from the tops of checks or taking unreported cash payments.

 When the amounts are small, this type of fraud can be hard to detect. And if you never perform any audits, it could be virtually untraceable. While internal audits are an option, they’re often difficult to conduct. Slinging together data in an attempt to create a complete audit trail can quickly become a nightmare.

 On the other hand, by bringing in external auditors, you’ll be able to keep your accounts in check. Make external audits routine, and you can prevent accounting fraud before it even starts.

2. Exchanged credentials

 Or falsified ones. With counterfeit documents, records, or licenses, scammers may seek employment at your organization. They may also use someone else’s credentials to gain access to your office or work facility.

 Don’t forget: In hiring, even one fake reference represents a serious case of fraud.

 Always call professional references, verify credentials, and conduct background checks of each new hire. After all, you should be confident in the employees who represent your organization, not suspicious of them.

3. Unauthorized data access

 The use of false credentials can also help employees access data that was never theirs to consume.

 When this happens, the privacy of your patients or customers – not to mention confidential business information – could be in jeopardy. And what if employees don’t even need to use false credentials? What if they’re accessing sensitive information because it’s already easy to do so without being caught?

 That’s why you must implement data-handling policies that specify who has access to what. Also establish a system for verification before anyone can access sensitive material. Things like passwords and account numbers should never be shared and, if possible, should be changed often.

4. The address swap

 This is what happens when an employee changes the address to which a check is sent – presumably to his or her own – and then changes it back.

 To combat this kind of fraud, conduct regular reviews of all purchases. Consistent audits of accounts and contracts will also help protect you. While you don’t want to create a culture of surveillance that makes employees feel like Big Brother is lurking behind every corner, audits and reviews should create an atmosphere of accountability.

 Because when employees are accountable for their actions, you’ll enjoy greater security.

 For more information about Enterprise Fraud Management, be sure to check back here on Insider Fraud Spotlight!

Enterprise fraud and misuse is on the rise.  A recent study by the Ponemon Institute found that of the organizations surveyed, on average respondents experienced more than one incident of employee-related fraud per week – about 53 in a year’s time. Twenty-four percent of respondents indicated that their organizations experienced more than 100 incidents in the past 12 months. I’ve been in this industry for a long time and even my jaded soul was shocked by the findings. But I guess I really shouldn’t have been surprised.

The reality is that our increasingly connected world provides boundless opportunities for employees to accidentally stumble into private realms of information—or to trespass with malicious intent.

Here are some typical problems we see out in the wild:

• An employee uses someone else’s credentials to access information he doesn’t have rights to.
• An employee changes the address in a customer record, and then reinstates the correct address after a check has been sent.
• A curious—or star-struck—employee casually accesses personal information about a neighbor or a celebrity.
• Organizations, caught be a breach or privacy mishap, find themselves scrambling to piece together incomplete data in a frustrating attempt to create a complete audit trail.

Financial loss, failed audits, regulatory fines, and brand damage—these are just a few of the devastating risks of being in the dark when it comes to fraud and misuse. We see it every day.

We also see that businesses are stuck trying to clearly distinguish between the legitimate work of their employees and suspicious activity because the evidence trail is often missing. Organizations seeking to be proactive about managing the risk of fraud within their enterprise should take pains to discover, capture, monitor and alert on the  following activities:

• After-hours access of information
• Employee change records in customer accounts—like changing an address and then changing it back
• Out of band transaction requests
• Multiple failed password attempts
• Account snooping—especially VIP accounts or dormant accounts

Watching out for fraud and misuse is a nuanced business. The activity is often hidden or obscured—and all too often the trail has gone
cold by the time you figure out the fraud occurred. When evaluating possible solutions to your enterprise fraud challenge, focus on the next generation of fraud technologies. They’ll get you farther faster and with the flexibility you need to really hone in on what’s right for your business.