Share Article

International Fraud Awareness Week – recognised from 15 to 21 November 2021 – is of particular relevance to South African small and medium enterprises (SMEs) considering the extent of economic crime in the country and the significant threat it poses to local businesses.

According to a recent report by Price Waterhouse Coopers, 77% of local organisations have experienced economic crime – a statistic that makes South Africa the country with the highest level of economic crime in the world.

Within the South African context, fraud is defined as: “The unlawful and intentional making of a misrepresentation which causes actual prejudice, or which is potentially prejudicial to another.”

The most common forms of occupational fraud in South Africa (according to the Anti-intimidation and Ethical Practices Forum) are corruption, asset misappropriation and financial statement fraud.

As highlighted by the most recent PwC Global Economic Crime and Fraud Survey, approximately 7% of South African companies who were defrauded in some way over the last 24 months lost in excess of R740 million, with 4% reporting direct losses of more than R1.5 billion.

Most recently, South Africa has faced its own pandemic above and beyond COVID19 – a cybercrime pandemic with a dramatic spike in internet-based offences and bank detail fraud. One of the most common forms of this kind of fraud is invoice fraud, where cybercriminals imitate suppliers to an SME and create a fake change of bank details letter which is emailed to the SME’s accounts department or financial manager to get bank details “updated.” This trend in cybercrime has increased substantially since the advent of remote working.

What is of particular concern, is that a recent survey conducted by Suzette Viviers of Stellenbosch University, and Danie Venter of Nelson Mandela University, showed that although respondents were cognisant of the seriousness of fraud and its impact on their bottom line, only 10% of respondents had made provision in their budgets for combating it. It would seem, for the most part, that rather than put preventative measures in place, the majority of SMEs either believe they cannot afford to put fraud prevention measures in place or they would rather take the “ostrich approach,” and put their head in the sand, hoping that their business won’t be targeted.

These are some of the basic fraud prevention strategies that SMEs can implement:

  • Conduct anti-fraud training

As an SME owner, your staff need to understand that no business is exempt from potentially being targeted by fraudsters. Employees who don’t know which signs to look out for make for easy targets. Likewise, a team that is aware and vigilant is your best defense against a possible intrusion. Set up a system where staff members are made aware of the most recent methods and mechanisms that fraudsters are using to target individuals and businesses. Also, unfortunately, as much as some don’t really want to admit it, there is also a very real internal threat of fraud by employees. Luckily, fraud awareness works in both ways – promoting vigilance amongst employees and deterring the chance of employees committing fraud themselves.

  • Diversify your financial controls

You may appoint a single individual as a financial manager, with all approvals, sign-offs and access control duties being assigned to that one individual. While this may aid in speeding up processes, it may not always be the safest way to prevent fraud. Depending on the size of your business, and whether you have the time and resources to do so, you may have to take dual responsibility as a business owner for the signing off of some aspects of your company’s payment process such as petty cash, approval of overtime pay, and expense claims. Some amounts may seem small but over time, they can add up and have a seriously detrimental effect on your bottom line.

  • Implement a fraud prevention process

There is much that can be solved with the implementation of an effective mandatory process which employees should agree to when they are onboarded. You could, for example, make it compulsory for employees to change their passwords on a regular basis; restrict the use of the internet on their company-owned devices to avoid external threats from untrusted websites; or implement multi-factor authentication. At a minimum, every SME should have a process document that stipulates how technology can be used (particularly with remote working) and which security measures need to be taken, with each employee being responsible.

ENDS

About the Author: Ben Bierman

Avatar photo
Ben Bierman has been our Managing Director since 2015. He joined our company in 1990 and has risen through the ranks occupying various positions ranging from being a management accountant, Head of Information Technology and Chief Financial Officer. Ben is an avid reader, enjoys classical music and being in the outdoors including for hunting trips. He is our go-to-spokesperson for our SME Confidence Index, SME sector policy and trend matters, and business leadership articles.