2020 was a year like no other. As the COVID-19 pandemic spread throughout the world, forcing many organizations to suspend or cease business, transition online, or pivot in one way or another, it unleashed a perfect storm for fraud and new threats.
This perfect storm: opportunity, motivation, and rationalization (aka the fraud triangle) mean that companies must be vigilant now more than ever.
In 2021 and beyond, as new fraud schemes arise out of our new “normal,” businesses will need to continue to find ways to improve their fraud detection odds by understanding how and why it occurs and rethinking their practices to tackle it.
This article examines some of the opportunities that allow fraud to occur, the motivation and rationalization for committing it, and how best to position your company to mitigate the top five fraud risks in 2021.
1. Cyber fraud
At the top of the fraud risks to watch for in 2021 is cyber fraud. Spurred on by the global pandemic and record growth in digital commerce, small and medium-sized businesses will continue to be more vulnerable to cyberattacks.
The Canadian Federation of Independent Business (CFIB) recently reported that around 61,000 small and mid-sized businesses had experienced cyberattacks since March 2020. More than 80% of those businesses said it came through email scams and phishing attempts, and 50% encountered malicious software. Companies most at risk were:
- Those with 20 or more employees
- Those who allowed their employees to work remotely or made any changes to their online presence
- Those in the manufacturing, wholesale trade, business services and enterprise, and administration management sectors
One of the best ways to mitigate cyber fraud is to secure your IT infrastructure. Whether you choose to outsource your computer networks or keep them in-house, being aware of what is happening on the network and recognizing suspicious activity when it occurs will boost your company's cyber resilience. The more knowledge you have about the risks involved in your business, the better security measures you will be able to take. An excellent place to start is with a cyber risk assessment of your organization, and BDO's Cybersecurity and Digital Forensics team can help you in this regard.
2. Employee fraud
As we have seen, working in this new environment poses numerous challenges and opportunities for fraud, especially employee fraud and misconduct. With more employees trading their corporate desk for their dining table, working from home can make it easier to abuse time-tracking controls, falsify signatures on digital documents, and forgo asking questions when something does not look right.
Management oversight of employees under the work from home conditions is significantly more challenging, and with less management on location, the risk of fraudulent activity increases. Employees who exhibit excessive control tendencies while at work, those who insist on doing everything themselves and lack segregation of duties could signal that something suspicious is afoot. Employee fraud includes payroll fraud schemes such as payment to fictitious employees, fraudulently clocking in for an absent worker, inflating hours on timesheets, not recording vacation time, and misclassifying an employee as an independent contractor.
At the very least, companies should raise organizational awareness about combating fraud by establishing clear policies for working remotely and onsite, provide mandatory annual training courses related to best practices for all staff, and, if necessary, implement an ethics hotline. According to the Association of Certified Fraud Examiners (ACFE), employees’ tips identify 43% of fraud schemes. In today’s virtual environment, companies should also consider remote timesheet management and automated payroll software.
3. Procurement fraud
In responding to the COVID-19 pandemic, many organizations and government agencies made fast decisions about issuing loans, subsidies, and awarding contracts to potential business partners. As a result, time-consuming public procurement processes and legal frameworks were increasingly sidestepped, leading to inferior procured goods, price gouging, inflated invoicing, inexperienced suppliers, and a general inability to source.
In 2021, procurement leaders will need to broaden their strategic partnerships and accelerate digital innovation to drive results throughout the broader value chain. To find out how, please read our article on procurement and supply chain strategies during COVID-19.
4. Insurance fraud
With financial pressures mounting due to COVID-19, insurance fraud will be on high alert in 2021. Some companies looking for ways to survive might provide inaccurate or misleading information to obtain insurance cover. Insurance companies could see an increase in fake accidents occurring at a place of business or home, staged car accidents, and billing scams, according to the 2020 Friss Insurance Fraud Report. Physical distancing measures and remote working also restrict investigators' ability to collect evidence and interview claimants face-to-face. Therefore, the insurance industry will need to accelerate and innovate how they prevent, detect, and investigate fraudulent activity with a keen eye on AI and digitization.
5. Government benefits related fraud
Given the financial crises that COVID-19 has brought about for many industries, particularly the hospitality and tourism industries, governments including the Government of Canada, have developed assistance programs for its businesses and residents who qualify for financial support. As a result, individuals and companies are falsifying applications for support payments to receive Canadian Emergency Response Benefit (CERB) or other benefits when they don’t qualify based on the various programs’ conditions. The financial risks (other than the actual CERB funds received) associated with these false claims are not yet clear as the CRA evaluates 2020 tax returns.
Many fraud schemes in Canada are perpetrated by fraudsters claiming to be representatives of the CRA to access personal information, to steal money directly from them, or to steal their identity and claim their CERB on their behalf. These put companies and their employees at risk for these types of schemes. The CRA has listed over 30 scams that have been reported to date.
Given the continuing state of the pandemic, it’s likely these types of schemes will continue. Companies and individuals can mitigate these risks by being aware of these schemes' prevalence and implementing the IT infrastructure noted earlier. For further information, BDO has put together a Fraud and Cybersecurity Resource Hub focusing on protection against fraud and cyberattacks.
How BDO can help
At BDO, we're committed to helping business owners understand where fraudulent activity may be occurring in their organization, quantify any potential losses a business may have suffered, and discuss the mitigating measures they can implement to combat it. For more information about fraud protection and detection for your organization, contact:
Mike Macdonald, Senior Manager, Forensics
Chetan Sehgal, Partner, Forensic Disputes & Investigations