A conference hosted by Reliance Security Services has revealed that corporate fraud is costing blue chip companies between 2% and 5% of their annual turnover
Corporate fraud is costing blue chip corporate companies anything between 2 and 5% of their annual turnover. Not only that, around 25% of employees try to defraud their employers, while the average corporate fraud passes by unnoticed for three or four years.

Despite these startling facts, most companies are still unaware of how their business is threatened by fraud, and are not implementing adequate security measures in terms of training, management and policy.

These findings have just been released by Reliance Security Services, the security company having hosted a major conference on the subject in Leeds.

Delivered by key industry figureheads, papers at 'The Changing Face of Security' event examined the extent of corporate fraud and computer misuse in the workplace, and looked at ways in which security managers might engage the thorny topic of conducting investigations into suspected fraudulent activity.

Speaking at the conference Allan McDonagh – managing director of fraud detection and prevention consultancy Hibis Europe – called on corporates to introduce policies that will deal effectively with fraud. One of the overriding concerns shared by many is procurement fraud.

"Responsibility for the prevention, detection and reporting of fraud lies with everyone through the organisation," said McDonagh. "Companies must implement a fraud response plan and policies, and run risk analysis workshops for all their managers."

McDonagh identified the "segregation of duties" – ie ensuring that no one person has too much ownership and control – as a means towards reducing the risk of internal fraud, and pressed a case for data mining and matching as a means of identifying fraud.

"Looking for acts of fraud in a company can be like searching for a needle in a haystack," he stressed. "You need to create a profile". Here, McDonagh pointed out that running searches against a profile makes it easier to identify a pattern for detecting any irregular dealings. "If you are looking for incidences of procurement fraud," added McDonagh, "you can run a search to find out which companies repeatedly bid for contracts but, for some reason, always lose them. You can also run checks on your invoices. Do any of them come from an Avenue or Close? Are any of them from offshore tax havens, and do any of them have consecutive numbers?"

Also speaking at the conference, Adrian Reid – managing director of computer forensics consultancy DataSec – argued that corporate security managers should adopt a "cohesive managerial approach" towards detecting computer-based crime/misuse.

"They must ensure that all members of staff are fully trained in the corporate policy on Internet and e-mail usage," commented Reid.

n Reliance is running a half-day seminar in Bristol on 27 November looking at computer fraud. Telephone 01454 617149 for details.