Learn

Business Resource Center
Back

The True Price of Fraud for Businesses

For small business owners, fraud is an ever-present risk that seems to increase every day. The proliferation of eCommerce and digital payments has only made the problem worse.

According to a recent report from the Association of Certified Fraud Examiners (ACFE), companies lose roughly 5% of their revenue to fraud each year.1 Small businesses tend to be especially hard-hit because they can't afford the same level of internal controls and fraud prevention technology that large companies can. That's why small business owners need to know about the common types of business fraud they might face — and how to take steps to stop them.

 

What Does Fraud Cost Businesses?

Here are common types of business fraud that can cost a small business.

 

1. Asset Misappropriation

According to the ACFE, asset misappropriation (an employee stealing or misusing company resources) is the most common type of fraud committed by employees. The median cost of fraud from asset misappropriation is $100,000 per case.

Asset misappropriation can take many forms,2 including:

  • Check forgery or check tampering: forging a signature on a company check or changing the payee or amount on a legitimate check for fraudulent purposes.
  • Inventory theft: stealing products from the company.
  • Theft of services: using company services without payment or permission. For example, a worker at a car wash might allow friends and family to wash their cars for free.
  • Expense reimbursement/account fraud: putting fake or inflated expenses on an expense report, or using a company expense account for personal expenses.

Payroll fraud

Another type of asset misappropriation scheme is payroll fraud. Payroll fraud includes any theft using the company's payroll system. Payroll fraud includes:

  • Inflating hours or claim overtime for hours the employee didn't work.
  • Adding fake employees to the payroll.
  • Stealing another employee's paycheck and cashing it.

According to the ACFE, the median cost of payroll fraud is $62,000.

Cash theft

Cash theft is another type of asset misappropriation. It's most common in retail stores, restaurants, bars, and other businesses where employees handle cash. The thief may:

  • Steal cash from a register or petty cash box.
  • Not register a sale and pocket the cash.
  • Collude with a third party to make fraudulent returns for a cash refund.

According to the ACFE, the average cost of fraud in cash-on-hand theft cases is $26,000.

 

2. Credit Card Scams

As more businesses sell their products and services online, credit card scams have grown.

When scammers use stolen credit cards, the loss goes beyond the dollar value of a chargeback for the product or service provided. It can also include:

  • Wasted time for the business as they resolve the problem.
  • Potential merchant account fees and penalties.
  • Damage to the company's reputation when the owner of the stolen credit card assumes the business is the one trying to scam them.

A 2021 study from Juniper Research predicted that small and medium-sized businesses will lose a combined $130 billion from online fraud from 2018 to 2023.3

Shield with dollar sign icon
Check references and perform background checks on potential new hires — especially those with access to cash or financial records.

3. Small Business Compromise

In business email compromise (BEC), scammers pose as company executives and send fraudulent emails to certain employees to trick them into making wire transfers to bank accounts controlled by the scammer.

BEC is a highly sophisticated form of business fraud because the perpetrators may gain control of the executive's email through malware and spend weeks or months studying the company's vendors, billing systems, travel schedules, and styles of communication to ensure the request appears real.

According to the FBI, in 2020, BEC scams cost U.S. businesses over $1.8 billion.4

 

Steps To Take To Prevent Or Reduce Business-Related Fraud

The first step in protecting your business is being aware of the types of fraud that can happen. Then you can also take steps to prevent business fraud or detect it early. This will help limit any potential loss.

To prevent internal fraud, SCORE, a non-profit organization that connects small business owners with mentors, recommends these employee fraud prevention steps.5

  • Know your employees. Check references and perform background checks on potential new hires — especially those with access to cash or financial records. Pay attention to potential fraud risk factors, such as substance abuse problems, financial troubles, or living well beyond their apparent means.
  • Supervise employees adequately. Nobody wants to be a micromanager, but it's important to supervise employees. Check to ensure they're accurately reporting hours and performing duties properly.
  • Segregate duties. Having only one person in charge of handling the company's finances makes it easy for fraud to go unnoticed. Whenever possible, have at least two employees handling accounting and bookkeeping tasks. If you need suggestions, GrowthForce has a helpful guide on how to separate duties.6
  • Restrict access to financial records. Restrict access to your accounting software and other systems to just the people who need it to perform their jobs. Each person in the system should have their own ID and password, and passwords should be changed regularly.
  • Track business checks. Always use pre-numbered checks and print check amounts and payees in permanent ink to prevent alteration. Lock up blank checks in a secure desk drawer or cabinet.
  • Monitor merchandise and inventory. Perform physical inventories annually and consider installing security systems to monitor inventory.

For external fraud threats:

  • Use an Address Verification Service (AVS) for online transactions. This allows you to confirm the cardholder's billing address7 matches the address on file with the credit card issuer. Consider contacting buyers to make sure the order is legitimate.
  • Educate employees who have access to company finances on the risks of business email compromise. You may want to create a policy for any wire transfer requests that company executives send by email. These should be verified by phone.8
  • Require employees to call customers or vendors to verify any email requests for wire payments that exceed a certain dollar amount. This prevents employees from accidentally sending money to scammers who've compromised the email accounts of other companies you do business with.

Any business can be a target for fraud. And fraud can impact a business in many ways — not just financially. Once you know how and where your company may be vulnerable, take steps to protect your business from future damage.

Important disclosure information

This content is general in nature and does not constitute legal, tax, accounting, financial or investment advice. You are encouraged to consult with competent legal, tax, accounting, financial or investment professionals based on your specific circumstances. We do not make any warranties as to accuracy or completeness of this information, do not endorse any third-party companies, products, or services described here, and take no liability for your use of this information.

  1. ACFE, “Report to the Nations: 2020 Global Study on Occupational Fraud and Abuse," accessed July 28, 2021. Back
  2. Dawn Lomer, “41 Types of Fraud and How to Detect and Prevent Them," i-Sight, published March 15, 2017, accessed July 29, 2021. Back
  3. Businesswire, "Juniper Research: Retailers to Lose $130bn Globally inCard-not-Present Fraud Over the Next 5 Years," published January 2, 2019, accessed August 5, 2021. Back
  4. Federal Bureau of Investigation, “Internet Crime Report 2020," accessed August 2, 2021. Back
  5. Daniel Kehrer, “10 Ways to Prevent Employee Theft and Fraud," SCORE, published May 15, 2014, accessed July 29, 2021 Back
  6. GrowthForce, “Separation of Duties," published 2017, accessed July 29, 2021. Back
  7. Elizabeth Gravier, "Here's What Your Business Should Look Out for to Prevent Payment Fraud During Coronavirus," CNBC, updated November 18, 2020, accessed August 2, 2021. Back
  8. Lance Whitney, "How to Protect Your Organization Against Business Email Compromise Attacks," published June 2, 2020, accessed August 2, 2021. Back