Risk Insider: Erin O'Brien Link

Combating External Fraud Scams

By: | October 28, 2014

Erin O'Brien Link is the vice president of risk management for CGG, a geophysical services company. She is responsible for enterprise risk management, group insurance globally, special projects and guidance in contract reviews. She can be reached at [email protected].

The risk of fraud cannot be eliminated completely, but the opportunities to commit fraud can be reduced through effective awareness and internal training initiatives by risk managers.

Multiple surveys have highlighted that companies may be losing as much as 7 percent of their annual turnover as a result of fraud. There have been multiple “false CEO/President scams” and other attempts to defraud multinational companies.

In France, over 160 companies were victims of fraud scams in 2013. Some examples of successful frauds scams are:

• Payment by one company of over $2M to a fraudulent international transport company.

• Another company was targeted to transfer money “to buy urgent raw materials for business needs” resulting in a loss of $14M!

By training managers to be aware of the scams, avoidance of the risk can be achieved. Having better awareness and training in place can also help a company decrease insurance premiums for financial risk insurance.

These are red flags of the risk:

• Frequent calls: One international company was called 33 times by the same supplier in four days.

• Demands for payment are always urgent.

• Demands are exceptions outside of normal business procedures.

Fraudsters have developed creative schemes in order to obtain unjust enrichment. The external fraud success is the professional and legitimate appearance of the demand.

The most typical external fraud scams involve four steps:

• The fraudster obtains information about Company Y via the Internet or a publicly advertised conference.

• The fraudster calls Company Y pretending to be a supplier.  The fraudster, acting as Supplier Z demands payment, stating that they are upset, and that Company Y owes them past due money. Often, multiple managers are targeted at the same time within Company Y.

• The fraudster obtains the logo and letterhead of the Supplier Z.  Using this, the fraudster writes a demand for payment and sends it to Company Y.

• The fraudster then pretends to work in Company Y’s finance department and targets an actual financial controller within Company Y by emailing the forged supplier Z letter.  An urgent wire transfer is requested to wire funds to countries like Switzerland, the Far East (China, India, Hong Kong), or Israel. When the funds are wired, the fraud scam is successful.

Preventing the wire transfer is the key to risk prevention. Prevention focuses on the elimination of one of the following:

• Pressure – Where the pressure felt by individuals is greater, the risk of fraud occurring is increased.

• Opportunity – If opportunity is removed altogether, there will be no fraud.

• Rationalization – Rationalization can generally be linked to a lack of ethical leadership within the organization.

If strict controls are not in place, increasing awareness of the risk is essential. Risk managers should consider adapting and applying practices used by global corporations in promoting awareness. These good practices are successful.

More from Risk & Insurance