In recent times, there has been a huge increase in the number of fraudsters maliciously scamming businesses of all shapes and sizes – and even their crimes seem more sophisticated. Throughout the Coronavirus outbreak, as many migrated their businesses online, the increase in fraudulence and general cyber-crime become a large cause for concern, and payroll fraud wasn’t an exception.
Payroll fraud is certainly costly and, on average, UK businesses lose a total of £12 billion every year to this type of crime, according to the recent research. Indeed, it is a common type of employee deception, along with fiddling with expenses, or ‘cooking’ reports, and stealing company data. Not all threats are external, and internal crime, from an in-house fraudster, can wrongfully drain your company of its profits.
What are the most common payroll fraud red flags? And, most importantly, what can your business do to prevent it?
Identifying payroll fraud
Typically, payroll fraud is an act of theft, whereby an employee frauds or cheats a payroll processing system. This requires both access to, and knowledge of, a business’ payroll system, which is normally protected internally.
Yet, it’s not always easy to identify red flags that would indicate payroll fraud. From prevention to identification, once payroll fraud has been spotted, it can become easier to manage. Understanding the common types of fraud can help your cyber-security, by anticipating the ways a crime can be committed against your business.
- Ghost employees
This describes how either a fictional or real employee is falsely paid through a business’ payroll, often at the expense of another (likely former) employee. Money is, then, siphoned away from the business to the advantage of a fraudster. This is often enabled by leftover details and information from former employees, which can be used as proxy accounts to siphon wages.
Yet, when ghosting old, former employees, commonly fraudsters use pension schemes to divert funds. Fraudulence, in payroll, can seem genuine, and these transactions can be hard to identify without regular auditing.
- False wages
Obtaining money dishonestly, fraudulence and falsified records can quickly become costly for businesses that fail to correctly identify payroll crime. Wages can be the target of fraud, along with taxes and unfairly boosted commissions or benefits.
- Expense reports
Perhaps the most widespread target for payroll fraudulence is falsified or factious expense reports. These often collate as falsified expenses, ranging from duplicated costs, to exaggerated ones or even inflated costs.
How to prevent payroll fraud
A multi-layered security plan should start with prevention and prepare for any future breaches, embracing staff training opportunities, and a reaction plan. Cybercrime prevention requires constant preparation and a layered plan in the scenario of a breach; with certain controls in place, businesses improve their resilience to costly crime.
Often, training and awareness is the best starting point for any business. Ensuring that your employees have the necessary knowledge and expertise, shared through regular training and policy, is considered an essential preventive step in building resilience to payroll fraud. When staff are knowledgeable about payroll fraud, not only does the likelihood of a costly breach decrease, but employees become more attuned to identifying crime.
If a workforce is remote, this training will need to anticipate how devices are used, access is granted and what information gets shared. Controlling access and information during remote work is still a top priority and can help limit the opportunity for a crime.
- Routine Audits
Fraudulence is often perceived as a victimless crime. Yet, it’s a costly risk that needs careful mitigation. Payroll crime detection should be a top priority for your strategy. Regular account auditing and evaluations can highlight anything abnormal in reporting, which could quickly detect fraudulence before it escalates, or becomes unmanageable.
Combing through information routinely, including payment and transactions monitoring, and updating employee data, limits the opportunity for payroll crime to occur. This process should scan for casual errors, which may be harmless, but also identify anything that may indicate maliciousness.
- Get Help Externally
An outsourced payroll solution, using a HMRC trusted agency, can help fortify your business. An external agency can pickup any irregularities, lapses, or abnormalities in pay cycles on your behalf. Many agencies are prepared to identify (and handle) payroll fraud, further securing your payroll with expertise and resources.
Your business can tackle payroll fraud through strategic partnerships with agencies, with training programmes, or even routine audits of payroll and employee information. During the COVID-19 crisis, the kinds of opportunities for cybercrime only grow, especially with more businesses going online. But, with tried and tested preventive measures, your business can resist the costly harm of payroll fraudulence.
Contributed by Steven Cox, Chief Evangelist at IRIS FMP