Financing and Capital Markets

3 Ways to Combat Fraud in the Public Sector

3 Ways to Combat Fraud in the Public Sector
 

The Association of Certified Fraud Examiners estimates organizations around the world lose 5 percent of their annual revenue to fraud each year.1 That level of loss is staggering for any organization, but it’s especially problematic in the public sector, where taxpayers’ funds and information can be compromised. 

Here are a few tips to keep in mind when it comes to preventing fraud in your public entity.

Only allow vendors access to necessary information

When Target got hacked in 2013, it wasn’t because their security system was insufficient: it was because Fazio Mechanical Services, a vendor the company had hired to do some minor HVAC work, had access to the entire network. The hackers were able to penetrate that smaller organization, and used its access to steal the information of roughly 40 million debit and credit card accounts.

The same security principle applies to public departments.

“As a public sector agency, you need to be diligent about the security between you and your vendors, and also ensure that their organization has the right safety precautions in place,” says T.C. Kennedy, SunTrust senior vice president of Technical Product Consulting in Treasury and Payment Solutions.

Kennedy advises taking the time to perform an in-depth audit of any outside vendors you conduct business with to make sure their systems are secure. Pay verification systems like Positive Pay are effective in preventing loss due to attempted fraud, so it makes sense to protect your own information by verifying the safety of theirs upfront.

Apply internal security safeguards

Security from outside dangers is essential, but the majority of attempted fraud actually comes from within an organization.

“When this happens, the people committing fraud are almost always the most trusted person at the employing entity,” says Tiffany Couch, principal at Acuity Forensics, a forensic accounting firm based in Vancouver, Washington. “And they are often given too much access and blanket control as a result of that trust.”

To avoid this, implement multiple layers of security. Require dual approval for transactions that involve a large amount of money, verify the validity of check payees, and follow up with unexpected emails that request an urgent-sounding monetary transaction.

To avoid this, implement multiple layers of security. Require dual approval for transactions that involve a large amount of money, verify the validity of check payees, and follow up with unexpected emails that request an urgent-sounding monetary transaction.

Additionally, consider instating a whistleblower hotline. Forty percent of fraud detection originates from tips, and more than half of all tips come from employees, so providing an outlet for that information is vital.2

“If you can’t afford a hotline service, make sure employees know where to blow the whistle,” Couch says. “Consider your attorney or your outside CPA as potential outlets for employees.”

Advocate for the prioritization of security

Public entities face particular obstacles when it comes to attaining the necessary funds and resources to implement security measures. As Kennedy explains, public sector entities measure their success not by revenue, but by the delivery of services to citizens.

“It’s true that if you’re protecting your server, you’re not delivering your services to your citizens,” Kennedy says. “But you have to realize that if you don’t protect your server, you could be putting every single one of those citizens in jeopardy of identity theft.”

The knowledge of that safety is its own service, and it’s in the best interest of public agencies to give it precedence.

To keep your citizens’ information as safe as possible, contact your SunTrust Relationship Manager for more individualized help securing your public entity.

“ACFE Report Estimates Organizations Worldwide Lose 5 Percent of Revenues to Fraud,” ACFE

2 “Report to the Nations on Occupational Fraud and Abuse,” 2012, ACFE

This content does not constitute legal, tax, accounting, financial or investment advice. You are encouraged to consult with competent legal, tax, accounting, financial or investment professionals based on your specific circumstances. We do not make any warranties as to accuracy or completeness of this information, do not endorse any third-party companies, products, or services described here, and take no liability for your use of this information.

Related