Topics: Finance and Accounting Transformation
Posted on July 07, 2016
Written By Mahesh Jain
It’s a horror story for any CEO or MD. The very thought can bring beads of nervous sweat to the forehead of any CFO or FD. You come back to your office to find out that millions have been wired from your company to an unknown account on the ‘urgent instructions of the CEO.’ That’s you, right? Wrong.
This nightmare scenario has played out too many times over the last few years, destroying careers and wounding businesses. Variously known as the CEO fraud email scam, bogus email scam, CEO email scam, business email scam and the boss email scam, this method of fraud is lethal in its simplicity. The Financial Times notes that:
“A scam in which criminals impersonate the email accounts of chief executives has cost businesses around the globe more than $2bn in little over two years, according to the US Federal Bureau of Investigation. The FBI has seen a sharp increase in “business email crime,” a simple scam that is also known as “CEO fraud”, with more than 12,000 victims affected globally.”
A typical case in point is the story of Carole Gratzmuller, the Chief Executive of a medium-sized French company named Etna Industrie. Her accountant got a call on a Friday with instructions to conduct a very confidential transaction based on an email that she would get from the President of the company.
The email to the accountant said that she would get the instructions to wire the money from a consultant working with the lawyer, and that she was to keep the transaction confidential. The urgency around the whole exercise forced the accountant to move quickly – without thinking – and she transferred 500,000 euros to foreign bank accounts. While three of the banks held up the transfers, 100,000 euros had already gone. The bank that let that money go was found at fault, so Etna Industrie might get their money back, but only after a court battle.
Another frightening example is a ‘boss email’ scam that cost the Australian aerospace parts maker FACC 47 million euros. The fraudsters used the common technique of establishing a bogus email in the name of the CEO and instructing a subordinate in the finance department through emails to wire €52.8 million over a number of transactions. Not only did this made the company’s stocks plunge by 38%, but it also led to the sacking of the Financial Officer. A few weeks later, Walter Stephan, the CEO who had led the company for over 17 years was also fired – although his fault in the whole fiasco was not outlined.
Accounting departments cannot afford to make a single mistake – just one can be more than enough to do irreparable damage. The first step in inching closer towards 100% security is to understand how email scams work. Let’s take a close look at the most common and successful email scam methods and identify ways of blunting the sharpest tricks in the fraudsters’ bag.
A well-trained accounts staff that is aware of the techniques deployed by the fraudsters is in a strong position to detect and avoid fraud. Along with awareness, training in fraud prevention techniques is also essential. Here are some of the preventive measures we take to avoid fraud (these are to be used in combination with the other security measures that the organisation has in place):
In order to take the above steps and become more effective at fraud prevention, you need to answer the following questions:
By training our staff in fraud awareness and preventive techniques, we have been able to provide highly reliable and secure accounting services to a wide range of clients spread across geographies since 2004. While fraud prevention training and measures demand extra effort from accounts departments, their importance cannot be overstated.
We hope that this article will also help you strengthen your fraud prevention measures. Be on your guard and stay safe!
Originally published Jul 07, 2016 05:07:34, updated Jul 24 2024
Topics: Finance and Accounting Transformation