With it being tax time, be wary of fraudsters

The Australian Taxation Office (ATO) has estimated more than $800 million of fraudulent refund claims have been made, with fraudsters relying on the self-assessment process in the BAS lodgement system to claim and be paid for false GST refunds, all before the fraudulent return is picked up by the ATO.

The attempted fraud involves an individual, often with stolen ID:

• inventing a fake business
• lodging a fraudulent Australian business number (ABN) application, and
• submitting fictitious business activity statements (BAS) to attempt to gain a false GST refund

As part of this increased scrutiny and investigation, the ATO has introduced protocols to closely review all GST refund claims, both legitimate and false, and are putting extra controls in place, such as reviewing bank accounts and requesting further information on specific BAS statement items, to ensure the legitimacy of the claims being made.

For businesses that may rely on the GST refund claim coming in to purchase goods, pay other bills or otherwise be reliant on the cash flow for business purposes, this fraud activity is understandably causing some concern.

If you are concerned about a potential impact on your cashflow or see anything suspicious that may indicate GST refund fraud, please reach out to the MGI team.

Fraud is a serious threat to businesses of all sizes, causing significant financial losses and damaging the reputation of the affected company. Corporate fraud costs Australian businesses hundreds of thousands of dollars each year – and these are just the instances we know about. Fraudsters use various tactics to deceive businesses, including embezzlement, identity theft, financial statement fraud, and billing scams. As a business owner or manager, it is crucial to be aware of the risks to your business and take proactive steps to prevent them. In this post, we will discuss the most common types of fraud in the workplace and provide actionable tips to reduce the risks of fraud.

Types of Frauds In Business

Payroll Fraud

Payroll fraud, as the name suggests, involves the theft of funds from an employer via the payroll system. There are several ways that employees can commit payroll fraud in the workplace, including but not limited to, creating fake employees, stealing employee data, and manipulating time sheets or pay rates. While the payroll manager / team may have the easiest access to commit this type of business fraud, it is also possible for your payroll system to be hacked. Common types of payroll fraud include timesheet fraud, ghost employee fraud, and employee misclassification. Payroll fraud is a serious offense that can result in significant financial losses for the business.

Asset Misappropriation

Asset misappropriation is a type of business fraud where an employee steals or misuses company assets for personal gain. This can include theft of cash, inventory, or other company resources. Asset misappropriation is the most common type of fraud and can occur in any type of organization, from small businesses to large corporations. This type of workplace fraud can have a significant financial impact on a business, leading to losses and damage to the company’s reputation.

An example of asset misappropriation is an employee who steals cash from the company’s cash register and uses it for personal expenses. Another example is an employee who takes inventory from the company and sells it for personal profit. Asset misappropriation can be difficult to detect, as the perpetrator may cover their tracks by altering records or falsifying documents.

Businesses can prevent asset misappropriation by implementing internal controls, such as segregation of duties and regular audits, to detect and prevent fraudulent activities. Conducting background checks on employees and training them on fraud prevention can also help reduce the risk of asset misappropriation.

Identity Theft

Identity theft is a complex type of fraud where a criminal steals an individual’s personal information, such as their name, address, driver’s license number, or credit card information, to commit fraudulent activities. In the context of businesses, identity theft can occur when a fraudster uses an employee’s or customer’s personal information to access confidential data or make unauthorized transactions.

Financial Statement Fraud

Financial statement fraud is a type of fraud where a company misrepresents its financial performance or condition to investors, creditors, or other stakeholders. This type of fraud can involve manipulating financial records, inflating revenues, understating expenses or hiding losses. Financial statement fraud can have severe consequences for a company, including legal penalties, loss of credibility, and financial losses.

Billing Scams

Billing scams are a type of fraud in the workplace where a company receives a fraudulent invoice or bill for goods or services that they did not order or receive. Billing scams can be perpetrated by scammers posing as legitimate vendors or suppliers, or by employees who collude with outside parties to generate false invoices.

Preventing Business Fraud

Preventing business fraud in the workplace requires a combination of proactive measures, including implementing internal controls, conducting background checks and training employees on fraud prevention.

Implement Internal Controls

Internal controls are policies and procedures designed to prevent and detect fraud. These controls can include segregation of duties, regular audits, and oversight by management or a board of directors. By implementing internal controls, businesses can reduce the risk of fraud and ensure that fraudulent activities are detected and addressed promptly.

Conduct Background Checks

Conducting background checks on employees, vendors, and suppliers can help businesses identify potential red flags, such as criminal records or financial problems. Background checks can be conducted through third-party providers or by using online tools to verify credentials, employment history, and other relevant information.

Train Employees on Fraud Prevention

Training employees on fraud prevention can help them recognize potential fraud schemes and take appropriate actions to prevent them. This training can include topics such as identifying phishing scams, safeguarding confidential information, and reporting suspicious activities to management or law enforcement.

So what is your best form of protection against becoming one of the business fraud statistics?

We recommend every business undertakes a few vital steps:

1) Stay abreast of actual business fraud cases

The best way to know where the threat lies is to learn from other organisation’s misfortunes. Did you know that 36% of frauds in Australia last year were carried out by an organisation’s own management? Clearly having strong internal controls is critical in your bid to reduce the risk of undetected fraud occurring in your business.

2) Audit your fraud risk and implement strategies to reduce the chance of undetected fraud

The good news is that there are a number of strategies to reduce the risk of fraud occurring and going undetected in your business. Some strategies include having the proper internal controls in place, ensuring segregation of duties and spot checks and strengthening IT security.

MGI’s have developed a quick and easy fraud risk quiz that helps you understand your potential exposure to business frauds.

3) Have a disaster recovery plan

Particularly when it comes to cyber security you need to have a back-up plan to minimise the impact if you do end up the victim of a business fraud attack.

Some of Australia’s largest organisations are now facing fraud attacks as frequently as every four seconds (Sydney Morning Herald). While the threat to SMEs is not at this level, the threat is still very real.

Conclusion

How confident are you that your company or organisation is not exposed to the risk of fraud occurring?

Complete this quick, easy fraud risk assessment to identify the likelihood for fraud to occur and whether your current internal control environment is likely to identify this.

Business fraud is a serious threat that can have significant financial and reputational consequences for businesses. By understanding the most common types of fraud and taking proactive steps to prevent them, businesses can reduce their risk of falling victim to fraudulent activities. Remember to implement internal controls, conduct background checks, and train employees on fraud prevention. If you suspect fraud, report it promptly and seek legal assistance to protect your business and its stakeholders.

MGI South Queensland’s audit and assurance team works with clients to help them stay abreast of current fraud threats and implement controls and safeguards to reduce the risk and impact of fraud. We conduct internal controls reviews, which can provide a summary of areas your organisation may be more prone to fraud attempts. Avoid becoming one of the business fraud statistics and contact us now on 07 3002 4800 to start protecting your business today.

Business fraud statistics show that while 90% of Australian businesses were targeted by cyber fraud in 2017, as many as 72% of SMEs do not believe cyber fraud is a considerable risk to their business (MGI Fraud Review 2017). This is an alarming statistic which highlights how underprepared Australian small and medium businesses are to deal with a business fraud attack.

So why is there such a disparity?

Perhaps smaller businesses believe that they will fly under the radar of fraudsters who will be drawn to larger, more lucrative organisations.

But that’s not actually the case. Reserve Bank’s Cyber Security Chief Andrew Pade has said that fraudsters are now turning their attention to ‘easier prey’ at the smaller end of town.

Cyber fraud is of course not the only form of business fraud that you need to be on the lookout for.

Fraud currently costs Australian businesses hundreds of thousands of dollars each year, and this is just the instances that have been accounted for.

Fraud can occur in any organisation, no matter what size, industry or sector.

So what is your best form of protection against becoming one of the business fraud statistics?

We recommend every business undertakes a few vital steps:

1) Stay abreast of actual business fraud cases

The best way to know where the threat lies is to learn from other organisation’s misfortunes. Did you know that 36% of frauds in Australia last year were carried out by an organisation’s own management? Clearly having strong internal controls is critical in your bid to reduce the risk of undetected fraud occurring in your business.

MGI produces an annual fraud report which highlights recent cases of business fraud.

2) Audit your fraud risk and implement strategies to reduce the chance of undetected fraud

The good news is that there are a number of strategies to reduce the risk of fraud occurring and going undetected in your business. Some strategies include having the proper internal controls in place, ensuring segregation of duties and spot checks and strengthening IT security.

MGI’s  annual fraud report provides a number of recommended actions to prevent fraud from occurring in your workplace.

3) Have a disaster recovery plan

Particularly when it comes to cyber security you need to have a back-up plan to minimise the impact if you do end up the victim of a business fraud attack.

Some of Australia’s largest organisations are now facing fraud attacks as frequently as every four seconds (Sydney Morning Herald). While the threat to SMEs is not at this level, the threat is still very real.

MGI South Queensland’s audit and assurance team works with clients to help them stay abreast of current fraud threats and implement controls and safeguards to reduce the risk and impact of fraud. Avoid becoming one of the business fraud statistics and contact us now on 07 3002 4800 to start protecting your business today.

It seems like almost every week that you read about a new email virus making its way around town.

While some of these emails are easy to spot others are more sophisticated and can easily be mistaken as legitimate communication if you don’t know how to spot a dangerous email.

There are four key steps that every business should know to help determine if an email is safe. Make sure everyone in your organisation is aware of these steps and follows them vigorously to help prevent your business from being infected by a virus.

How to identify a dangerous email

Step one: check the senders email address

Specifically look for an unusual address or .com values. If you see something unexpected here, treat the email as dangerous and avoid its links/attachments.

Step two: hover your mouse over the link (DON’T CLICK). This will reveal its true address.

If you see ‘garbage’ here or unrelated words consider the email high risk and avoid clicking the link.

Step three: look for something in the body that is not generic and would be hard to guess/fake

Information like your business name, a known order number, or a valid account number would be hard to fake. Dangerous emails usually only have generic information in them. If you cannot find anything specific to you or the subject of the email then treat the email with caution and avoid its links/attachments.

Step four: If it is unexpected, verify the email by other means

For example if the email claims to be dropbox, verify it by logging into your dropbox account to see if you have this invite. If it is an ASIC renewal, contact ASIC or check with us to confirm if a renewal is due. If you cannot verify the email, it would be safest to treat the email as dangerous and avoid any links/attachments.

Remember viruses can be costly for business. These tips might add a few more seconds to your analysis of a new email however we all know prevention is better than cure and these tips could see you avoiding a very costly virus infection.

As a last line of defence please also ensure you have a reputable AntiVirus solution on your computers. This can offer strong protection in the unfortunate event something does get past you.

MGI Techology Services

If you have questions about this or would like us to review your current IT Security setup to ensure you have strong levels of protection in place, please reach out to us at the following email address: Technology@mgisq.com.au or call 3002 4800.

News that a Seven Network senior manager has admitted to falsifying invoices is a timely reminder for all businesses of the prevalence of business fraud.

While the amount of the alleged fraud hasn’t been quantified the Seven Network has revealed that the uncovered payments go back over a number of years.

MGI Audit Manager Stephen Greene said fraud is a real risk for any business from large corporations like Seven Network to SME businesses.

“Every year in Australia instances of fraud cost businesses hundreds of thousands of dollars and these are only the ones we know about,” Stephen said.

“47% of Australian organisations experienced in excess of 10 fraud incidents in the last 24 months according to the latest reports,” he said.

MGI has released a report that analyses specific cases of fraud in 2015 and provides key strategies that can implemented by businesses to deter and detect similar fraud situations.

To download the full MGI report click here.

Every year in Australia, instances of fraud cost businesses hundreds of thousands of dollars, and these are only the ones we know about.

Fraud doesn’t just happen on a large scale. Fraud cases can be minor in isolation, but have a surprisingly large impact on your business’ finances if left unresolved over time.

Key fraud findings

A recent report by auditors MGI indicated 47 per cent of Australian organisations experienced in excess of 10 fraud incidents in the past 24 months.

51% of all corporate frauds that occurred in 2015 were committed by internal fraudsters.

MGI Audit Manager Stephen Greene said it was concerning that economic crimes in Australia continued to increase and is higher than the global average.

“In the last 12 months we have seen clients uncover incidences of accounting fraud, fraud by trusted people within senior management and external fraud,” Stephen said.

“In some of these instances the fraud went undetected for multiple years and accumulated to a significant cost to the business,” he said.

What can businesses do to protect against fraud?

The good news is that there are certain strategies that businesses can adopt to reduce the likelihood of fraud going unnoticed within their business.

MGI has released a report that analyses specific cases of fraud in 2015 and provides key strategies that can implemented by businesses to deter and detect similar fraud situations.

To download the full MGI report click here.