Article:

What does modern workplace fraud look like in 2021?

15 April 2021

Stan Gallo, Partner, Forensic Services |
Quin Rijnders, Executive Director, Forensic Services |

Fraud has been, is being, and will always be committed, even as the avenues for theft and what is stolen evolves. We continue to see a vicious circle between opportunities and vulnerabilities being revealed, and internal controls and technological adaptation being implemented to seal the gaps. But as the bad actors get smarter and circumvent the latest protections, the cycle continues.

While the original goal may have been to defraud organisations out of physical money, the landscape of workplace fraud has shifted, and today’s target is as likely to be physical / system access or data exfiltration as it is direct financial leeching. Data can be readily converted to dollars, making the end result just as lucrative, if not more.

By targeting IP or personal data through highly technical cyber-attacks, threat actors can often cover their tracks for weeks, months or years, making fraud a long game that keeps paying dividends since breaches are virtual.

Workplace fraud has increased since the onset of the pandemic

The advent of the global pandemic sent millions of people out of the traditional workplace and into their homes, where the potential for fraud increases.

Labour theft

In addition to the vastly expanded number of access points and challenges of securing personal devices and networks, one avenue of fraud that was trending upward, was revealed: that of labour.

Unlike financial fraud, which is often perpetrated by higher-level employees with access to bank accounts and routing numbers, or data theft, which is often committed by threat actors from outside an organisation, labour theft can be readily perpetrated by any employee working from home who is capable of falsifying their work hours.

This habit of inflating productivity when working from a home environment can be as simple as heavily overstating the hours worked. Organisations have been forced to re-evaluate how they measure performance, matching hours worked to productivity and demanding stricter accounting of how each employee spends their time.

Invoicing fraud

False invoicing has also seen a spike, as pandemic assistance payments and early access to super is facilitated. Threat actors can redirect funds away from intended recipients in environments where new and unfamiliar processes are taking place, and blame bureaucratic red tape.

Fraudulent invoicing can take place through cyber-attacks such as business email compromise, or through fraudulent invoicing. Conflicts of interest provide yet another ready path to this type of fraud, as internal actors can leverage connections with vendors and fake subcontractor accounts to divert funds into a fraudster’s pockets.

Data leaks

Outside scammers have significantly upped their phishing game to target those most vulnerable and steal pandemic assistance payments, bank balances and early super access funds. It only takes one lapse by one employee unthinkingly clicking on links, opening attachments or providing sensitive information as ‘confirmation’ to open a door into your organisation’s data.

Continual vigilance and ongoing training is a critical component in preventing these types of common cyberattacks. This includes both training on securing devices and networks (backed by a zero trust policy), and continual refreshers on social interactions to highlight warning signs of fraud via email or online platforms.

Workplace fraud is more common than anyone realises

The idea of having a fraudulent employee on your team sounds terribly foreign, and no one thinks this could possibly happen at their own organisation — until it does.

Larger incidences of fraud are what make the news outlets, but for every ‘newsworthy’ instance of fraud, there are dozens of smaller cases that were handled simply by terminating an at-fault employee to minimise public perception and maximise damage control.

Unfortunately, this only enhances the problem; the fraudster learns from their mistakes and moves on to perform the same or more advanced fraud at another company. If their behaviour was never reported to authorities, it is unlikely that even background due diligence will pick up on the risk.

Another area of impact when it comes to workplace fraud is the negative effects on co-workers. It’s almost always an employee everyone assumed they could trust, often a person who has been with the company for years. This employee may have leveraged their co-workers’ trust, manipulating them into allowing use of their own work terminals to complete acts of fraud.

Trust can lead to laxness in organisational policies, due to managers and executives worrying about how controls will be received. The concern is that by instituting controls, trust will be damaged. In practice, the reverse can be accomplished, if implementation is carried out correctly. The controls are there to re-assure employees - they are for their own safety, to protect them from fraud occurring and also reduce risk of being unjustly accused if fraud should occur.

The profile of a white collar fraudster is changing

The original stereotype of ‘pale, male, and stale’ is slowly beginning to shift. While traditionally the image of a fraudster was an older, more established man in a position of authority, with access to high-level financial information, in reality fraud is as likely to be committed by junior organisational members of any gender or ethnicity.

Financial pressures are typically higher in older demographics, while resentment is a more likely motivator with younger generations. These ‘get even’ fraudsters may feel they are not being adequately compensated and desire to remedy their situation, or may hold some other type of grudge against the organisation.

Taking action in the event of suspected workplace fraud

Ideally, organisations will implement strong educational programs, policies, processes and controls for the prevention and detection of and response to fraud. Protocols can be established to guide staff in reporting suspicious activity. Once fraud is reported, forensics should be alerted before any electronic devices are touched, to avoid accidental deletion or overwriting of evidence.

Just like any crime, motive, means and opportunity must be identified. There is no foolproof or one-size-fits-all roadmap to identifying and unveiling fraud. Locking down of high risk physical areas, assets and data is recommended, until forensic professionals or authorities can investigate and determine whether fraud occurred, and if so, how and by whom it was perpetrated.

Awareness, training and controls are the key to preventing workplace fraud. For more insights into how, when and by whom workplace fraud may be committed, listen to our Podcast on White Collar Crime.