12/08/2014

By Peter Whittam, Forensic Accounting Associate, DTE Business Advisers


The normal business and commercial risks associated with running an SME are challenging enough, but unfortunately SME’s can also be ripe pickings for fraudsters and are often targeted. It is best to be forewarned of the dangers and here we set out the most common fraud scenarios, together with tips on how to avoid them.

1. The HMRC Phishing Scam.

The Scenario: You have just submitted a tax return or VAT return and are expecting a tax refund. Shortly afterwards you receive an e-mail from HMRC telling you that the refund has been processed and asking you to follow the embedded link to process the refund.

The Scam: This is just another in a long line of phishing scams. The added catch, however, is that you are expecting a refund. In fact the timing is likely to be pure coincidence due to the number of phishing e-mails sent out. The e-mails can be very convincing and may appear very similar to genuine e-mails you have had from HMRC and can use credible e-mail addresses such as ‘refund@hmrc.gov.uk’ (a long list of examples is available on the HMRC website).

Protection: Do not click on the links! HMRC state specifically that they will never send notifications of a tax rebate / refund by email, or ask you to disclose personal or payment information by email. If you receive such an e-mail contact HMRC directly by another means or contact your accountant.

2. The Expensive Free Sample.

The Scenario: You receive a marketing phone call offering a free sample of goods as a trial. This can involve, for example, products such as office stationery supplies, printer consumables or similar items. You agree to take the sample on a trial basis.

The Scam: You later start to receive frequent supplies and invoices for goods you have not ordered and do not want or need. If your purchase controls are weak you may pay these without realising. If you do not pay, the supplier claims that in accepting the free trial you also signed up to a regular long term repeat order (say monthly or quarterly) and aggressively chases for payment of the invoices, possibly threatening legal action.

Protection: Be wary. Check any paperwork associated with such an offer for ‘small print’ that might attempt to tie you in to a deal you are not happy with. Make sure you have adequate purchase order, purchase invoice and payment authorisation controls.

3. The large order

The Scenario: You gain a new customer who places a couple of modest orders. They appear model customers and pay very promptly. They then place a very substantially larger order. You are happy about the increased sales and relaxed about payment due to the previous trading with the customer.

The Scam: Having supplied the order, when you chase the customer for payment they have disappeared and cannot be contacted or traced. You are left with a significant bad debt.

Protection: Ensure you have adequate credit control procedures, including obtaining credit references and setting credit limits. Do not be tempted to circumvent these in chasing that large order!

4. Intellectual property fraud and corporate identity theft.

The Scenario: You find that your corporate website has been copied, but with different contact details, your registered office has been changed without your knowledge. You receive invoices for goods you have not ordered or customers insist they have paid you when you have received no money from them.

The Scam: We are familiar with criminals stealing the identities of individuals, but it is less well known that companies are also targeted. Criminals can potentially use your corporate identity to open bank accounts, launder funds, steal your assets or order goods. In addition such actions have the potential to significantly damage the reputation of your business.

Protection: Ensure you have adequate systems and controls in place to pick up any anomalous transactions at an early stage.

The above represent just a small sample of the potential frauds being targeted at SME’s. The overriding message must be to remain vigilant, and never assume it can’t happen to you and your business.