Earlier this week, our Controller, Jeff LaCrosse, and I attended “The Art of the Steal,” a fraud seminar hosted by Frank Abagnale. A reformed con man and international cybercrime fighter, Abagnale was an engaging speaker that kept both Jeff and I on the edge of our seats for the entire seminar. Fraud is big business for those who prey on small companies: because many small businesses have no prevention tools in place, they are often disproportionately victimized. While larger companies usually have more sophisticated software and dedicated teams, many small businesses don’t, making them ripe for the picking.
The seminar made us aware of cybercrime against small businesses, and provided insightful tips about protecting ourselves. Here are some tips that we learned:
- Screen your employees. More often than not, fraud is the result of an inside job. This includes employee theft or misuse of cash, equipment or other company resources. Minimizing risks through steps such as background checks, credit checks, audits, and clearly outlined policies for personal use of computers can mitigate your exposure. Additionally, carefully select and monitor the employees responsible for handling revenue and expenses. Ideally, there should always be a second set of eyes to review account statements and procedures in place to detect and deter fraud.
- Purchase insurance. Some insurance companies can offer network security, forgery, or privacy loss policies, which can help cover the loss. In some cases, these policies can also related expenses such as the cost of notifying affected parties, research to investigate the incident, and legal costs. There is a growing market of crime insurance policies that specifically cover digital theft and fraudulent transfers in order to reimburse the company for all or part of any financial loss from a cybercrime theft. For small businesses, the cost of these insurance policies will more than offset the peace of mind received from knowing that your business is protected.
- Reduce your checks. A single check contains every piece of information needed to access the financial information of your business. Consider getting rid of paper checks entirely and switching to ACH transfers. By implementing this switch, you can protect your business account numbers and eliminate the risk of lost, stolen or manipulated checks. By receiving payments electronically, you can prevent unnecessary trips to the bank and protect against checks being improperly deposited or otherwise compromised.
- Have a code. A Code of Ethics can be a difficult concept for small business owners. Ideally, all employees have shared values that don’t need to be written down for all to see. However, writing down and having all employees agree to the same ground rules is necessary in two vital ways. First, sharing a Code of Ethics sets clear expectations. Writing it down protects you and the business from misunderstandings and protects your employees from saying one thing, yet doing another. Additionally, having a Code of Ethics in place is a critical component of establishing a paper trial in the event of serious misconduct. If legal action needs to be taken, documentation can make or break your case. As vulnerable as small businesses are to fraud, they are even more susceptible to wrongful dismissal suits.
In today’s technologically savvy society, the responsibility is largely on the small business owner to protect their company from financial attacks by cyber criminals. Thanks to Frank Abagnale and BMO Harris, we learned that prevention includes regularly screening employees, purchasing specific insurance policies, implementing a Code of Ethics, and reducing paper checks. Running a small business is challenging enough without having to worry about everyone trying to rob you blind. Fortunately, you don’t have to abandon all your faith in humanity – you just need to take the steps outlined above to mitigate your exposure.
Usually Mr. Abagnale speaks to an audience that is comprised of bank employees, government officials, or executives from Fortune 500 companies. Yet this seminar, hosted by BMO Harris, specifically targeted small businesses, which are the least equipped and most vulnerable to this kind of attack. We are honored to be a part of this event.