British Business has responded to the call from Matt Hancock back on 24th March to “Only go to your job if you cannot work from home” by adopting a new approach to work now with its own hashtag “remote working”.
Worldwide fraudsters have a new audience to attack, the virgin homeworker.
Management initially challenged by remote working productivity levels have, as productivity improved, started to face concerns over security.
Fraudsters seek out weaknesses in people, processes and systems, taking advantage of unprepared businesses. Prime candidates include those businesses who were not prepared pre lockdown. In this case, past performance is a reliable guide to future performance.
People are always the largest security risk so individuals working from home have also become a prime target.
Scammers are using sophisticated phishing techniques during the lockdown period to trick people into revealing personal details, purporting to be government bodies and the World Health Organisation.
Was your business prepared pre lockdown?
Despite the growing news flow about the risk, there has been little change since 2018 in the capability of businesses to combat fraud. One particular department targeted by fraudsters is the accounts payable department as it is the source of company payments to suppliers.
New research has shown that 70% of UK finance decision-makers have concerns about whether their company can prevent or detect fraud using current accounts payable processes. This is little change from a comparable survey carried out in 2018, where 71% reported the same concern.
Given that worries about financial fraud have been growing for the past few years, it is not only surprising but heavily concerning that finance decision-makers appear to be all talk and no action when it comes to protecting their business.
Worryingly, one in five (20%) decision-makers said their current financial processes made them uneasy and that they were not confident that their company could protect itself against fraud.
These concerns are not solely related to company size either, as finance bosses at medium and large companies stated they are equally worried about finance fraud and how their company can protect itself.
Accounting fraud in the UK has been a consistent presence in headlines in the last couple of years, with Patisserie Valerie being one of the most high-profile cases.
Fraudsters are taking advantage of the measures announced by the government to support people and businesses affected by coronavirus. The Home Secretary has reported that cases of fraud and scams have increased significantly since lockdown, so what more needs to happen before these issues are taken seriously addressed?
The false assumption that it was part of the auditors remit to deal with fraud has been blown away. Questions are also being asked about the effectiveness of the audit work of the Big Four – PwC, Deloitte, EY and KPMG, especially after the chief executive of Grant Thornton, David Dunckley, told MPs it was not the auditors’ job to look out for fraud.
Does remote working increase risk of finance fraud?
The lack of efficiency, visibility and control associated with paper-based systems is long established as both a productivity and a security (from fraud) concern. In a remote working environment, the lack of productivity and the risk of fraud is made worse by paper-based processes and systems.
Many businesses are still operating in this mode and are therefore worse off under a remote working regime.
Our survey identified that a third (32%) of respondents reported that invoices are still received in paper form (42% received as e-mail attachments, 21% via electronic data interchange EDI).
Without a central office to operate from, the fact that 72% of businesses have a process that requires employees to print invoices received as email attachments presents both a productivity and a security problem. Only 6% of respondents reported that they never do this. Either these invoices have to be printed centrally and distributed physically to the homes of staff, or staff need to print locally.
Additionally, 28% of UK finance decision-makers say audit trails of supplier invoices are still reliant on manual filing systems, with less than half (44%) saying that audit trails are viewable directly from the finance system. This gives rise to a productivity issue, having to access the documents from home could become a security issue as staff may be tempted to investigate less before passing invoices for payment.
Those who operate digitally using an automated accounts payable process are likely to be able to work both productively and securely. Documents are visible throughout the process without any physical transportation. These systems control the workflow so the right person is prompted to complete the next task. Physical location does not impact productivity. These systems are secure whether operated in the cloud or on-premise and accessed from home via a VPN.
The point of weakness with all systems is the employee. Whether working remotely or in the office, they need to be aware of phishing scams aimed at obtaining their credentials. The focus for management has to be on continually reinforcing the awareness of this risk.
If you’re concerned about the security of your businesses financial and accounts payable processes, we’d be happy to show you how Invu can help protect you from fraudulent activity. Book a demo with us to discover how we help our customers to optimise their processes, engage their teams and implement automated solutions.