Fraud levels keep on rising world-wide, there is no respite as fraud in: payments, e-commerce, A/P and A/R, systems - stand-alone or cloud based, etc. keeps on growing, for example:
- Organised crime now cost the UK at least £24bn a year, according to the Home Office
- Trade-based money laundering (TBML): “Is worth up to £1.5 trillion a year, with the value of global TBML being estimated at hundreds of billions,” according to Rahman Ravelli solicitors.
In the corporate treasury department
Fraud prevention starts with some very basic questions:
- Do we have any fraud today? No - are you sure? How have you checked?
- Have we previously had any fraud - when and why? If so, have the causes been removed?
- Do we have any legacy systems that are inherently vulnerable, e.g. our TMS? our payment platform?
- When did you last have the security of your TMS and other systems checked?
- Internal processes: how do we ensure that no one single person can enter and approve a payment? How do we ensure that a single device IS NOT used for the whole payment process?
- How do we use biometrics to immediately identify strangers on our systems and in our processes?
- Have all our staff been trained in fraud prevention? Annual updates? Are new staff automatically sent on fraud prevention courses?
- Have we adopted the ICC key security principles - see below?
- Have we taken the six ICC essential security actions - see below?
- What is your long term strategy and plan to prevent cyberfraud?
ICC Cyber Security Guide For Business
The International Chamber of Commerce’s Cybersecurity Guide published in 2015 contains important advice on Key Security Principles and the Essential Security Actions that companies should adopt and put into practice to prevent cyberfraud:
- Five Key Security Principles
- 1: Focus on the information, not on the technology
- 2: Make resilience a mind-set
- 3: Prepare to respond
- 4: Demonstrate a leadership commitment
- 5: Act on your vision
- Six Essential Security Actions
- 1: Back up business information; validate restore process
- 2: Update information technology systems
- 3: Invest in training
- 4: Monitor your information environment
- 5: Layer defences to reduce risk
- 6: Prepare for when the breach occurs.
CTMfile take: Complete the ICC CyberSecurity Self-Assmement questionnaire (pages 20-36 in the ICC Guide) and then see how you feel: Relaxed? Worried? Terrified?
Like this item? Get our Weekly Update newsletter. Subscribe today