Silent Crimes

Information Security & Fraud

by Ann Sibley, published courtesy of Payroll World

Infiltration of company systems and theft of employee identity can be far too easy for the determined individual. Ann Sibley, senior partner at the consultancy fpt and member of the Fraud Advisory Panel, issues the warning

Fraud in payroll and HR is often perceived to be internal manipulation by one or two employees for personal gain, usually for small regular returns over extended periods. This is merely the tip of the iceberg.

There is no precise legal definition for fraud, nor one single criminal offence. Commonly held definitions are forgery, deception, false pretence, false accounting and pecuniary advantage. Though it can take on many forms, fraud always has three separate elements:

  • Inducement - the bait, booty, prize.
  • Pretence - the deceit, falsehood.
  • Result - the definite practical effect.

Organised crime is involved with drugs, prostitution, benefit fraud, loan sharking, human trafficking, credit card and financial frauds.

Many of these crimes require the constant obtaining of fresh personal identities. Those involved have many means of obtaining these, by common theft of documentation, forgery and coercion. Those who become involved with organised crime, often unknowingly in the first instance, find that they are drawn into or are required to commit fraud to repay loans, debts of honour or to protect their loved ones or friends or their own reputation.

This is where your organisation becomes vulnerable and a possible source of a new false identity for their use.

Many think that it is only business which loses goods, services or profits to fraud and that they are the only victim in this crime. However there is also another victim, the person whose identity is stolen. If you have the misfortune to be this person you will appreciate how difficult it can sometimes be to prove your innocence and restore your good name.

To obtain goods or services through the Consumer Credit or Financial Services Acts, credit issuers will require that an applicant produces personal identification documents - often three or four forms are required. Commonly, in the financial services sector, an applicant will need to show proof of employment history and salary over a given previous period as well as proof of identity, such as driving licence, passport, birth certificate and proof of residence in the form of a utility bill or bank statement. Therefore all of these documents will be stolen from, or created to fit the profile of, the innocent victim of the identity fraud.

Creating false documentation for identity fraud is very simple. Anyone with access to company stationery, personnel records, CVs, tax and NI forms or just one sheet of blank company letterhead, may create any supporting proof document required to support a false application. Organised crime commonly will plant employees into a business purely and simply to obtain these documents, or to be at the end of an enquiry line should a reference for this false documentation be requested.

There is an increasing use of temporary or agency staff in UK business today, and while not wishing to cast any suspicion on any particular agency, you may wish to consider how easy it could be for organised crime to plant personnel within agencies with the intention of placement of their own foot soldiers into positions within business where easy access to company systems and documentation will be gained, also maybe to place permanent staff into positions of authority or influence.

The question to be answered is how do you protect your business from employing a fraudster, or ultimately protect your business reputation should false documentation bearing your company logo or endorsement become common currency in identity frauds? An internal risk assessment is the place to start; Do you:

  • Always ask for and insist on production of previous employment history for new employees?
  • Thoroughly check all references with former employers?
  • Only allow access to company documents to those directly responsible for process?
  • Keep control of access to blank HM Inland Revenue and National Insurance forms?
  • Randomly check details on employee CVs?
  • Ensure that no one person has full control of one particular process?
  • Ensure employees covering for colleagues on sickness or holiday leave are closely vetted for access to susceptible areas?
  • Ensure that a strong password policy requiring confidentiality and non-disclosure is adopted and adhered to by all employees?
  • Have a 'whistle-blowing' policy, encouraging the workforce to report anything suspicious, perhaps through a confidential help line?

Even the most secure Government departments can be susceptible. Keep in mind that fraudsters endeavour to be as successful at fraud as you are to succeed in your legitimate business. Never let your guard drop.

Ann Sibley is a fraud awareness and prevention training specialist.


Top Index of Payroll & HR Articles - International Relevance Send E-mail Home Page








Payroll & Human Resources - PayPerShop Logo For Payroll and Human Resource Professionals

UK Payroll & HR US Tax Resources Worldwide Payroll & HR
Google
Home Contact

Copyright © 2006 PayPerShop Ltd - Payroll, Human Resources (HR) & Payroll Taxes


Popular UK Pages:
UK Payroll News Categories | Payroll & HR Events - Photos | Payroll | UK Payroll Software A-Z | Payroll Software Downloads | Payroll Question | Payroll Search / Swicki | Deductions From Wages | UK Holiday Pay | National Insurance Numbers | Tax Codes | Employed or Self-Employed | Data Protection | Identity Fraud | BACS Payment - BACSTEL-IP

Popular US Pages:
US Payroll Software A-Z | Income Tax Withholding | Prevailing Wages and Hours | US Minimum Wage | US Workers' Compensation | US Labor Standards | US Unemployment Insurance | US State Holidays / Legal Holidays