As disruption across all industries continues to change how the world does business, two key areas of concern remain the focus of treasury and finance departments for enterprises and small and mid-sized businesses (SMBs) alike. The highest risks for almost all companies come from internal and external sources, and they threaten the financial security and consumer trust organizations are built on.
The highest risk any business runs relates to those participating in or running the business. The median loss from internal fraud is $150,000, according to the Report to the Nations prepared by the Association of Certified Fraud Examiners (ACFE), but 23% of cases result in a loss of more than $1 million. The same report notes that three types of fraud are the most likely to contribute to financial loss to an organization caused by someone within the organization:
- Asset misappropriation (present in 83% of incidents with a median loss of $125,000).
- Corruption cases (present in just over a third of cases with a median loss of $200,000).
- Financial statement fraud (present in less than 10% of cases with median losses of close to $1 million).
The person perpetrating the internal fraud also has a direct impact on how severe the losses are, as well as how long fraudulent activity goes undetected.
The average employee only manages to cause a median loss of around $65,000. At the managerial level, this figure nearly triples to $173,000 while owners and executives can get away with more than $700,000 in fraudulent takings. Most instances of fraud last around 18 months, with lower losses correlating to shorter time periods. Fraud lasting more than five years can rack up losses of more than $800,000.
Contributors to internal fraud
Lack of internal controls, or internal controls that could be easily overridden, are common factors in most internal fraud cases. In larger organizations, corruption cases are more prevalent, while skimming, cash larceny, payroll, and check tampering are more likely in smaller organizations. However, median losses are roughly the same regardless of the size of the company, although smaller businesses obviously have a harder time recovering.
The second looming risk for companies is the increased likelihood of data breaches as businesses scramble to improve cybersecurity in an age of distributed workforces. As employees, devices and networks become decentralized, more access points appear, allowing bad actors to work their way into an organization’s databases.
According to a study from Walden University, direct financial theft from an institution at the hands of hackers is much less likely than the theft of consumer data, which can then be leveraged for financial gain. Financial losses can be even larger when distributed across a wide swath of consumers, and the damage to the breached company can be even more significant than that caused by an internal breach.
Loss of consumer data can result in fines, but the bigger blow comes in the form of loss of consumer trust. PwC notes that only 1 out of 4 consumers think that businesses handle their data responsibly, and only 12% trust the companies that have their data more now than they did a year ago. More than 85% say they will take their business elsewhere if they think a company isn’t handling their data responsibly. This is particularly true for financial data, such as the information that passes through a point of sale (POS) system during a purchase in a store or online using a credit or debit card.
Protecting your company from internal and external threats
Treasury Risk Management Software from SK Global Software can help improve compliance and security within your organization, reducing your risk of internal fraud and protecting consumer data. Learn more about our banking and treasury solutions. Get in touch with us today.