Understanding the Impact of Fraud on Businesses

Think your bookkeeper couldn’t possibly steal from you? So did the U.S. State Department. A recent case involving a former State Department budget analyst who embezzled over $650,000 serves as a stark reminder that even trusted insiders can become threats. Over two years, this individual exploited her position, manipulating financial systems to divert funds undetected. How did she do it? Over the course of two years, she wrote 60 checks to herself and three more to a close personal friend. That equates to over $10K per check. Then she changed the payee information in #Quickbooks to cover her tracks. How did the #USGovernment let this happen? 1️⃣ Unchecked Authority: Granting unchecked access to financial accounts can lead to significant vulnerabilities. 2️⃣ System Manipulation: Altering accounting entries to mask fraudulent activities highlights the need for robust audit trails. 3️⃣ Delayed Detection: The prolonged duration of the fraud underscores potential gaps in oversight and monitoring. Action Steps for Businesses: ✅ Implement Segregation of Duties: Ensure that no single individual has control over all aspects of financial transactions. ✅ Regular Audits: Conduct periodic internal and external audits to detect and deter fraudulent activities. ✅ Enhance Transparency: Maintain clear and accessible records, and encourage a culture where anomalies can be reported without fear. ✅ Invest in Training: Educate employees about ethical standards and the consequences of fraudulent behavior. Internal fraud can have devastating financial and reputational impacts. It's imperative for organizations to proactively establish and enforce comprehensive internal controls. If your business has been a victim of embezzlement or internal theft, DM me. We can implement a plan to keep your business safe. Follow Fraud Hero to stay informed about fraud and scams. #fraud #fraudprevention #embezzlement #government #fraudhero

The Role of Accountants in Fraud Prevention Day 2: The Cost of Missing Fraud Fraud is one of the most underestimated risks for small businesses, yet its consequences can be devastating. Many businesses don’t realize the true cost of ignoring fraud until it’s too late! Some of those costs are: ➡️ Financial Losses: according to the ACFE, businesses lose an average of 5% of their annual revenue to fraud. This can amount to tens of thousands of dollars - or even more. ➡️ Reputational Damage: beyond the money, reputational damage is another major consequence. Once customers or clients hear about financial mismanagement or theft, it’s incredibly difficult to rebuild trust. ➡️ Operational Disruptions: the operational disruptions caused by fraud investigations can pull attention and resources away from critical day-to-day tasks. As accountants, we have the tools and knowledge to help our clients mitigate these risks. Proactive fraud prevention can save businesses from financial disaster, safeguard their reputations, and ensure smoother operations. ----------------- I'm Anna. I post content on how accounting firms can protect their clients from fraud using traditional prevention tactics, financial analytics, and AI. Follow me to learn how you can keep your business clients safe from fraud! #FraudFighters #CPAs #AccountingandAccountants #SmallBusinessAccounting #FraudAwareness #FraudDetection #FraudPrevention

Fraud should be a genuine concern for business buyers. The mergers and acquisitions market is currently in an interesting place. It is tough to definitively say whether it is a buyer’s or seller’s market. While more businesses are coming to market as more of the boomer generation looks to retire, purchase prices for good businesses remain strong. At the same time, sellers of not-so-great companies struggle to find successful exit partners. It is common for a seller to boast or inflate the truth about their business. While this is generally innocent (we all have the cutest baby, don’t we?), it can occasionally push the envelope of deceitfulness. This is especially true when the buyer isn’t experienced enough to see through the fluff and find the truth. Based on the current state of the market, sellers are under increased pressure to get into that tier of good businesses. The gap between the demand and valuations for these types of businesses compared to SMBs not prepared for sale seems to be widening. Buyers should always be concerned about fraud, even more so when they see trends like the one we are currently in. As the pressure grows for sellers to have strong cash flows, future work under contract, and highly valued equipment, superficial representations will not be enough to keep buyers interested. This is when actual fraud can creep in. It may seem improbable, but sellers will add fake revenue (even depositing funds into the business to give the appearance of real income), not book expenses, underbid new business to get it under contract, and so much more. The result is an SMB that appears to have all the right characteristics buyers want. I am not saying that there are not con artists out there who will be able to cover up all the fraud they commit until it is too late. However, thorough due diligence should uncover most of this fraud. Bank deposits, invoices, and COGS not matching should raise questions about the legitimacy of claimed financial performance. A buyer who doesn’t conduct a thorough investigation into the business they are acquiring (often under the theory that the purchase agreement will protect them) won’t see the disconnect between the dots. Those who do will be able to spot the issues, potentially saving themselves from a disastrous deal. What do you do when you spot fraud? Run away from the deal as fast as possible. Who knows what other types of things the seller is covering up or has doctored up within the business? Buyers must balance keeping a watchful eye for fraud with not ostracizing and interrogating the seller. While it is a real issue, most SMB sellers are not fraudsters.

What if I told you there are entire YouTube channels and Twitch streaming groups dedicated to teaching people how to defraud businesses? As a Senior Risk Intelligence Analyst at Signifyd, Vito is part of a Risk Intelligence (RI) team that's constantly monitoring the evolving landscape of fraud tactics. Recently, our RI team observed some troubling trends that are reshaping the way we think about fraud prevention. First, there's an alarming proliferation of scam "playbooks" on popular social media platforms. These aren't hidden in dark corners of the web; they're openly shared and celebrated on YouTube, Facebook, and Instagram. We've seen how quickly these tactics can spread, like the recent Citibank incident where people attempted to exploit a perceived loophole in checking accounts. Secondly, peoples' increasing willingness to share data with third parties is inadvertently fueling fraud. As we provide more information about ourselves online, we're expanding the pool of data available for bad actors to exploit. Perhaps most concerning is the rise of first-party fraud, often misleadingly called "friendly fraud." This isn't just about supply chain issues causing legitimate disputes. We're seeing a growing disillusionment among typically law-abiding citizens who are rationalizing fraudulent behavior against large corporations. These trends point to a significant increase in fraud pressure, potentially even beyond the 19% rise we've observed. As fraud fighters, we must stay vigilant and adaptive in our strategies to protect both businesses and consumers in this rapidly changing environment.

I’ve spent decades investigating financial crimes—first as an FBI Special Agent, now as a licensed private investigator. One issue I still see too often? Companies giving one person too much financial control. Here’s a simple but critical example: The person who has access to your company’s bank account should not be the same person maintaining your accounting records. When one individual can move money and cover their tracks in the books, that’s a recipe for fraud. It’s not about mistrusting your team—it’s about protecting your business and the people who depend on it. Segregation of duties is one of the most effective ways to reduce risk. It’s a basic internal control, but it’s often overlooked—until it’s too late. Now’s a good time to ask: Who has access to what in your organization? #FraudPrevention #InternalControls #SmallBusinessTips #Accounting #PrivateInvestigator #SegregationOfDuties #FinancialIntegrity

In the U.S. alone, individuals and organizations lose more than $12 billion each year due to cyber fraud. In many cases, victims find themselves with no recourse from their banks or their insurance carriers. Cyber criminals play on the emotions of their victims to trick them into providing account information or to change transfer information. Because social engineering requires an action by the victim, that intervening act generally absolves banks of liability under the Electronic Finds Transfer Act and disqualifies many from insurance coverage. And the criminals are only becoming more clever in their efforts to bypass security controls. While anti-phishing tools provide protection from traditional phishing attacks, criminals are again attempting to compromise the weakest link in security: the human. In a recent trend in phishing, criminals are using a simple trick. To access the embedded URL, victims are instructed to hold down the Ctrl key and click — a subtle yet highly effective action designed to evade email security scanners and automated detection tools. By asking for this human interaction, the attackers hope to bypass automated systems that don’t expect such a behavior in an attack. The following six categories of fraud need to be on your awareness list: Cyber Fraud: The use of phishing, malware, and ransomware remains prevalent. Cybercriminals target sensitive data and disrupt business operations. Internal Fraud: A significant threat from within, internal fraud involves fraudulent actions by employees, including document falsification, embezzlement, and theft. Invoice Fraud: Fraudsters send fake invoices to businesses, hoping they’ll be processed without scrutiny. CEO Fraud: Often referred to as business email compromise (BEC), fraudsters pose as high-ranking executives to trick employees into transferring funds or sharing sensitive information Return Fraud: Especially common in retail, return fraud occurs when customers exploit return policies for financial gain. Payroll Fraud: When employees manipulate payroll systems for personal gain, it can lead to unexpected financial losses. #cyber #cybersecurity #fraud Buchanan Ingersoll & Rooney PC AmTrust Financial Services, Inc. Amy Pines, JD, RPLU, CPLP Kevin Neslage, CIPP/C/US Barricade Cyber Solutions Surefire Cyber Inc. Pondurance Trend Micro Arctic Wolf Kivu Consulting Inc MOXFIVE Ankura NetDiligence®Alexandra Bretschneider CYPFER Sheldon Prescott Intellinetic Cyber Consultants Johnny Jordan CYBIR

One thing that surprises most people. Most fraud and compliance risk comes from fully verified customers. For example, 42% of “Gen Z” consumers admit to committing friendly (first-party) fraud. Consumers are submitting chargebacks despite being perfectly happy with the products. Sometimes, it’s when a teenager is using a parent's card, but much of the time, it’s trying to get an item for free. This is now a $100bn problem for business. 👉 Many in GenZ have become convinced this is a “hack” and the loss is absorbed by banks. That’s not true, it’s most often the merchant who loses. 👉 “Greed-flation” has also seen companies rise prices dramatically and is seen by some as a justification for issuing chargebacks It’s hard for businesses to educate their customers, but they can focus on transparent comms about how returns work. 🐟🐟🐟 One thing I’m seeing? Merchants are increasingly looking for more data to detect the risk of a first-party fraudster before the transaction. 👉 Passively looking at the email, device or user behavior can signal risk before a transaction.  👉 On mobile we can also be confident of a users age based on their device behavior. These plus 1000s of other signals help merchants create proactive interventions before a transaction, or before a chargeback. It’s never too late to communicate #fraud #compliance #transactionmonitoring

$12,272 💰was stolen from me today! This is actually the 3rd time this year one of my companies has experienced fraud….that I am aware of. 1) Employee embezzlement (Accounting) 2) Contract Fraud (Customer) 3) Check Fraud (see picture below) Its not surprising that 71% of business will experience some sort of business bank fraud this year and if you are a small to medium sized company, the stakes are actually higher. This is the scariest part…….you only have 24 hours to catch the fraud, report it to the bank and have it refunded. If you don’t catch the fraud within the 24 hour window your business may liable for the amount. Don’t believe me? Google it. So what can we do as business owners to protect our companies from this theft? Here are my top 5 lessons I have learned so far: 1) Call your bank’s iTreasury department and pay for their extra services. Trust me, they have them and you’re probably not aware they’re available. 2) Contact your insurance agent and make sure you are specifically insured for bank and wire fraud. You would be surprised what’s excluded with most policies. 3) Create internal controls to review online bank transactions every day, including viewing check images. 4) Call to verify all vendor ACH information and changes. Don't trust email communication. 5) Don’t be careless with credit cards, fuel cards, or timesheets. This is easily the most common abuse. You need to have someone reviewing and questioning these expenses weekly. If you aren't questioning regularly then you’re being stolen from often. Bottom line is that theft has and will always exist and its constantly evolving. Theives are resourceful and are often one step ahead of us business owners. I have learned these lessons from my losses, not my wins. Today we caught this attempted theft whithin 6 hours and got the charges reversed thanks to my bank. I guess its a win for the little guys, but I need to keep learning and evolving. What tips would you suggest based on what your company has experienced?

🛍️I talked last week a bit about risk and fraud let’s breakdown the Macy’s incident: 🚨 𝗪𝗵𝗮𝘁 𝗵𝗮𝗽𝗽𝗲𝗻𝗲𝗱? • Macy’s discovered that a single employee 𝗰𝗼𝗻𝗰𝗲𝗮𝗹𝗲𝗱 $𝟭𝟱𝟭 𝗺𝗶𝗹𝗹𝗶𝗼𝗻 𝗶𝗻 𝗱𝗲𝗹𝗶𝘃𝗲𝗿𝘆 𝗲𝘅𝗽𝗲𝗻𝘀𝗲𝘀 over the course of 3 years • The employee was responsible for small-package delivery costs, manipulated accounting entries in an attempt to cover up an initial accounting error • Macy’s was forced to delay its Q3 earnings release and the 𝘀𝘁𝗼𝗰𝗸 𝗳𝗲𝗹𝗹 𝟯.𝟱%  🔍 𝗪𝗵𝘆 𝗶𝘁 𝘄𝗲𝗻𝘁 𝘂𝗻𝗻𝗼𝘁𝗶𝗰𝗲𝗱? • 𝗦𝗺𝗮𝗹𝗹 𝗯𝘂𝘁 𝘀𝗶𝗴𝗻𝗶𝗳𝗶𝗰𝗮𝗻𝘁: while $151 million is a substantial amount, it accounted for only 3.5% of Macy’s total delivery expenses, making it easier to go unnoticed within a much larger freight budget. • 𝗖𝗼𝗺𝗽𝗹𝗲𝘅𝗶𝘁𝘆 𝗲𝗻𝗮𝗯𝗹𝗲𝘀 𝗳𝗿𝗮𝘂𝗱: as businesses and systems grow more complex, fraud becomes easier to conceal—especially when manual workflows and legacy ERP systems are in place. These outdated systems aren’t designed to detect such discrepancies, making incidents like this less surprising. • 𝗔𝗰𝗰𝗿𝘂𝗮𝗹 𝗮𝗰𝗰𝗼𝘂𝗻𝘁𝗶𝗻𝗴 𝗿𝗶𝘀𝗸𝘀: Certain areas of accrual accounting are vulnerable to manipulation since they often rely on estimates and human judgment, creating opportunities for financial misstatements. ⚠️ 𝗛𝗼𝘄 𝘁𝗼 𝗺𝗶𝘁𝗶𝗴𝗮𝘁𝗲 𝗶𝘁? • 𝗔𝘂𝘁𝗼𝗺𝗮𝘁𝗲𝗱 𝗕𝗼𝗼𝗸𝗶𝗻𝗴𝘀: implementing tools that automate bookings removes human intervention, reducing the risk of errors—whether accidental or intentional. • 𝗧𝗿𝗮𝗻𝘀𝗮𝗰𝘁𝗶𝗼𝗻-𝗟𝗲𝘃𝗲𝗹 𝗥𝗲𝗰𝗼𝗻𝗰𝗶𝗹𝗶𝗮𝘁𝗶𝗼𝗻: establishing a clear audit trail by tracing transactions across all systems and automating reconciliations enhances accuracy and transparency.