Fraud prevention

Rachel Tiffen, Director of Public Sector & Learning at fraud prevention service Cifas, lists the four main fraud trends impacting the FM industry and how to combat them

The daily life of a facilities manager comes with huge responsibilities. Whether implementing security controls to keep a space and staff protected, being trusted to handle large contracts or ensuring the smooth-running of a project, building these solid, professional foundations requires a multitude of skills and attention to detail.

As was recently noted in FMJ, a strong FM is “innovative, trustworthy and understands and mirrors the client’s values and priorities. Ensuring the build, technology, people, and processes are at their strongest, is critical”.

But when the pressure is on and so many plates need to be kept spinning, what happens when an incident of fraud threatens to derail a project or impact the workforce?

No organisation is completely immune to fraud. When FMs prioritise risk prevention, they put themselves, their colleagues, and suppliers in a stronger position to not only protect finances and reputations but add a critical layer of security to any site. With fraud accounting for around 40 per cent of all reported crime in England and Wales and costing the economy around £219bn annually, it’s important not to ignore the very real threat that fraud poses.

Here are four frauds every FM should be aware of and tips on how to manage and mitigate the risks.

INSIDER THREAT

An insider threat is someone who intentionally harms their own organisation. In 2023, Cifas data revealed cases of insider threat were 14 per cent higher than in 2022. The types of dishonest action are wide-ranging. FMs keen to strengthen their internal defences should consider these three key questions:

• Could a member of staff have the opportunity to become an insider threat?
• What is the motivation for a member of the team to turn against their employer?
• How would an employee rationalise their dishonest behaviour?

Some red flags for FMs to spot involve changes in staff behaviour. For example, are they showing signs they are living beyond their means? Are they uncharacteristically disgruntled at work? Have they tried to access systems that aren’t part of their role?

It’s important to ensure there are robust measures in place to deter dishonest conduct. Providing sufficient financial and wellbeing support services can bolster internal defences too. Specialist training can also help staff understand how to identify incidents of dishonest conduct and confidentially report concerns.

EMPLOYEES BEING TARGETED

Staff are incredibly attractive targets for fraudsters because they’re a direct route into an organisation. Promising money to employees in exchange for sensitive company information is a tactic favoured by many criminals.

But what about when staff don’t even know they have been targeted? Emails from fraudsters posing as a trusted source – such as a boss or supplier – are an increasingly common way of infiltrating businesses. These communications are intended to create urgency so the recipient is not able to stop and think before clicking on a link that might download malicious software onto their systems.

It’s vital that facilities have systems in place to detect and deter viruses. Educating staff about the dangers of criminal approaches and how to spot rogue messages can add a further layer of safety. Plus, ensuring company processes and policies are updated – and staff are made aware – to manage security and the ever-evolving threat of fraud is always important.

SUPPLIER FRAUD

Fraudsters exploit trust. That’s why they typically pretend to be a supplier, contractor or third-party vendor when targeting organisations. They might send fake invoices or use techniques to deceive staff and redirect payments. Even genuine suppliers might inflate costs and exaggerate time spent on projects to charge more, so, it’s critical to carry out the necessary due diligence.

The key is to be consistent. Regularly conducting fraud risk assessments and audits mean gaps can be identified and tackled early. Third parties must also be properly vetted throughout the relationship, not only during onboarding.

Verifying information is imperative. Investment in counter-fraud data and intelligence solutions that track patterns, augment checks, and enable managers to identify and record incidents of fraud and risk can help to stop criminals at the source.

CYBER-ATTACKS

Cyber-crime remains a high priority for many leaders to tackle. Recent research from Cifas shows 83 per cent of large UK organisations are concerned about cyber-attacks. The rise in hybrid and remote working has added further challenges. It’s therefore critical to invest in security measures that protect staff irrespective of where they’re working. For example, keeping software updated and implementing multifactor authentication as part of the staff log-in process. Equipping employees with counter-fraud knowledge and providing them with the tools to detect and report risks are vital too.

Fraud is everyone’s business. FMs that prioritise preventative solutions and rollout ways to provide an additional layer of crucial protection are better placed to create a robust defence system that mitigates risk and keeps people and sites safe.