Your staff and fraud

 

To help keep your business safe, you and all of your staff should know about fraud. Fraudsters can target a business of any size and the costs can be very high. If your business is scammed, it can be very difficult to get the money back.

You also need to be aware of fraud inside the workplace, which is on the rise in the UK.

Has your business been targeted by fraudsters?

Has your business been targeted by fraudsters?

Contact us right away to report a scam. We can then guide you on what to do next.

Contact us now

Tips to beat fraud at work

  • If your staff know how to spot a scam, they can take action to avoid it.

    To start their training, you’ll need a:

    • Source of info - Find lots of content about scams on our Fraud Hub.
    • Learning plan - Your staff will need time to train and to keep up-to-date with the latest scams. 

    To get more guidance on how to protect your business, visit sites like the National Cyber Security Centre (NCSC), Take Five and Action Fraud. 

    Visit NCSC

    Visit Take Five

    Visit Action Fraud

  • You have to look after staff who may be more vulnerable to fraud. This may be an ongoing weakness or a life event that makes a person more at risk at that particular time.

    Consider if you need to provide additional support or alternative fraud training to any of your staff who feel vulnerable. This includes those who are responsible for making financial decisions and handling payments within your business.

  • If computers and other devices are used by your business, they need to be protected against fraud.

    Begin with a simple fraud policy that staff can follow. Write it down and cover things like:

    • Usage - How work devices should be used and who can use them.
    • Downloads - When it’s safe or not to download, and how to do it.
    • Links - When it’s safe or not to click on a link.

    Your devices also need to have the latest software to make them safe to use. Each device should have:

    • Anti-fraud software - Install web or email filtering. You may want to restrict the use of memory sticks and have risk alerts when using work devices.
    • Anti-virus software - Make sure all your devices have the latest protection.

    Learn more on how to Protect work devices.

    The last but not least thing is to use strong passwords for all devices and accounts.

    One way to do this is to pick three random words that aren’t personal to you or the business. Add numbers and special characters to make it harder to guess.

    Nobody outside of your work should know passwords for your business devices. 

    Find out more on Password security.

  • It’s possible for a member of staff to commit fraud. But there are steps you can take to help reduce this problem.

    • Use checks when hiring staff - Make sure your business has a robust hiring process that’s kept up-to-date. Do a proper background check on any new starters including criminal record and character checks.
    • Have a data security policy - Regularly check who can use your systems and view important or sensitive data. Senior members of staff could supervise any important actions.
    • Double-check all payments - Every payment needs to be checked and approved by at least one member of staff. Make sure staff who deal with finance are supervised by a senior colleague.
    • Allow problems to be reported - Your staff should be able to report any wrongdoing at work in confidence, without fear of losing their job. Set up an anonymous whistleblowing phone line or some other way to report. And make sure staff know it’s safe to talk about a problem. 
    • Have zero tolerance for fraud - If you want to deal with fraud at work, everyone needs to know that it won’t be tolerated.

    Examples of fraud

    There are many different ways that fraud can happen at work. Here are a few examples:

    • Timesheet - Declaring more hours on a timesheet than actually worked.
    • Sick Leave - Claiming sick pay while working in another job.
    • Units produced - Putting down more units than actually produced for more pay or commission.
    • False expenses - A claim for business expenses that are really personal costs. 
  • Staff with bank cards, or logon details, should memorise their PIN, password and other vital details. They should never write them down or share them with anyone else.

    Put cash in the bank - If your business deals with cash, make sure most of it is kept in the bank and not at work.

    Check your cheques - If your business uses a cheque book, make sure it's kept in a secure place at work.

    Keep a note of each cheque you use. Then look at the account to make sure it’s been cashed. Make sure you know how much has been spent and how many cheques are left.

    Treat cheque books and cards with the same level of security as cash. 

  • That's wrong!

    It’s better to memorise banking details than to write them down to stop others from using them.

    That’s right!

    Staff who have a bank card, or logon details, should learn their PIN, password and other vital details without writing them down. This helps to stop others from using them.

    That's wrong!

    If anyone you work or live with knows your banking details, change them right away.

    That's right!

    Keep your banking details to yourself. If you can, memorise them rather than write them down.

    That's right!

    We’d never ask you to share your Internet Banking password under any circumstances. Only fraudsters would ask you to do this.

    That's wrong!

    We’d never ask you to share your Internet Banking password. Only fraudsters would ask you to do this.

Previous topic

Next topic