Insureon Blog

Study: 80% of Employee Credit Card Fraud Happens at Businesses with <50 Workers

16. July 2015 08:15

employee running a credit card through a reader

Unthinkable – how could an employee possibly steal from your business? Someone you see and work with every day, no less. They might as well be filching from their own paychecks.

Sad to say, but a new survey from Hiscox reveals that the unthinkable is not only true, but it happens to small businesses more often than we could have guessed. Here are some shocking takeaways:

Couple these findings with research from ACE Group that shows 24 percent of insider misuse data breaches stem from former employees, and it looks like you have your work cut out for you.

This isn't to say all small-business employees are thieves. Rather, it's a reminder that given the means and opportunity, you can never be sure what people will or won't do. It also reinforces the fact that investing in data security isn't a lofty goal – it has measurable, short-term benefits that keep your finances in check.

Let's review how managing security can cut down not only your data breach exposures, but also your fraud risks.

Managing Risks, Taking Names

When devising your business's security strategy, it's imperative to think about who has access to sensitive data and to limit that access as much as possible. As we note in "Treat Your Data Like a Picnic Basket to Minimize Breach Damage," segmenting access ensures you can…

The Hiscox study does mention that the people you trust with this access may be the ones who ultimately exploit it. After all, employees with long tenure are the most likely to commit fraud. But the survey also notes that the creating the 'perception of detection' can be a formidable deterrent. Essentially, that means you ensure employees know that someone is watching and any schemes to pilfer the goods will be quickly thwarted.

How can you do that? Here are some tips:

  1. Create a formal fraud policy. This is key to increasing the perception of detection. Train your employees on this policy so they know you're on the lookout for suspicious activity and you have controls in place to catch it.
  2. Send bank statements directly to your home. That way, the statements can't be falsified later. Also, this gives you the chance to compare financial statements against the budget and investigate anomalies.
  3. Check payroll reports. You might want to compare cancelled checks to invoices just to be sure nothing fishy is happening.
  4. Personally sign all checks. Signature stamps can easily be swiped and misused. If you must use a stamp, keep it locked away where only you can access it.
  5. Create policies for credit purchases. This should outline how purchases are made and reported and acceptable expenditures. Be sure accounts have strict spending limits.

For more tips on how to keep your sensitive data under close guard, read "5 Business Events that Should Trigger Password Changes."

Tags:

Allied Health Insurance | Data Breach | Nonprofits | Retail | Risk Management | Small Business | Small Business Risk Management | Small Business Trends | Tips for All Small Businesses

Permalink | Comments (0)