The cost of fraud to UK businesses
Fraud is an issue for every business in every sector, including manufacturing. It is not a question of whether fraud affects a business, it is a question of how much fraud costs and what type of fraud.
Fraud and cybercrime now accounts for over half of all crime in England and Wales. Crowe’s 2017 Annual Fraud Indicator reveals the total cost to the UK is £190 billion a year, which includes £140 billion lost in the private sector. The amount lost to fraud varies by area of expenditure, with procurement fraud (expenditure on goods and services) accounting for £121 billion and payroll fraud accounting for £13 billion. For individual companies the running 20 year average loss rate is now 5.85% of expenditure up from less than 4.6% ten years ago.
The government’s Office for National Statistics (ONS) tell us that the value of UK manufacturers’ product sales was £384.5 billion in 2017, so, given the well-established percentage loss rate to fraud, very large sums of money are lost which translates into lost profit, lost resources for investment and lost margins for competitive advantage.
Reputational damage is also an important factor where a significant fraud takes place and this becomes widely known. This leads back again to financial damage, because suppliers and clients can be affected by the news.
How does fraud typically manifest itself?
The vast majority of fraud is high volume and low value. Not the high value and low volume incidents that make it into the news. Because of this, it is difficult to detect and if detected, the financial burden often appears much smaller than it is in reality. Research shows that detected fraud typically equates to one thirtieth of the total fraud affecting an organisation.
Fraud is never static. It is like a clinical virus, evolving all the time. The rate of evolution has been turbocharged by cyber technology. New processes and systems present new opportunities for fraudsters, as does the emergence of new technologies. Fraudsters react to controls as they are introduced so small businesses need to be on top of their counter fraud arrangements to ensure they stay well protected.
How fraudsters target manufacturing businesses
Fraudsters target organisations to steal and extort money, and potentially to take personal and financial information about employees, clients and suppliers. Because of the multiple and complex supply chains which are often present in the manufacturing sector, sometimes with a high volume of low-ish value transactions taking place and numerous sub-contractors involved, the sector can be attractive to fraudsters who will wish to obscure and hide their activities.
Fraud is a particular issue for manufacturers as owners, managers and staff are typically busy running a business and find it difficult to make time for issues unrelated to income generation and immediate operational issues. This can result in poor protection against fraud. Fraudsters know that fraud protection may be overlooked and target manufacturing accordingly.
Fraudsters can be employees of a company, those who provide goods and services to them or clients. This dishonest minority undertake fraud that is mostly high volume and low value, and even where large total sums are involved these usually comprise many smaller amounts over a period of time. Their aim is, of course, not to be noticed and they hope that if a small discrepancy is found it will not be considered to be significant because the company will be unaware of the volume of similar incidents.
How businesses can prevent and deter cybercrime and fraud from impacting their companies
The key factors in managing and minimising fraud are a strong anti-fraud culture where the honest majority and where all those who work for or with a company understand their responsibility to protect it. A clear ‘tone from the top’ is required.
Secondly, a strong deterrent effect is needed where the dishonest minority believe that the risk of undertaking fraud outweighs any potential financial gains. This means taking very seriously any and all incidents of fraud which are found to have occurred, such as dismissing fraudsters, cancelling contracts, referring suspected incidents to the police and, if the sums involved are large enough, using the civil law to freeze and recover assets. Making it clear that the company will react in this way is a key part of deterring fraud.
Thirdly, designing the weaknesses out of processes and systems which provide the opportunities for fraud is important. Often those using those systems and processes on a day to day basis will know what the weaknesses are; it is important to involve them so that they can be identified and removed.
Crowe assesses each of these factors for clients both in respect of fraud and cybercrime. We learn from and apply the latest information about new types of fraud and cybercrime and successful responses. Because these problems evolve so rapidly, getting expert, specialist help can be key to avoiding becoming a victim.
Jim Gee, National Head of Forensic Services at leading audit, tax, advisory and risk firm, Crowe.