One of the top-ten phrases used in email conversations among employees engaged in corporate fraud is “they owe it to me”.
It’s a state of mind that in part accounts for the scale of corporate travel and subsistence fraud, one of the commonest ways of cheating. Who hasn’t added a few miles to their expenses? Doesn’t everyone get an extra blank receipt from a taxi driver and put in a claim or two for journeys that haven’t been made?
“People don’t think it’s fraud when it’s little and often,” says Adam Reynolds, chief executive of Webexpenses, an expense management software company.
Part of the problem is that historically expenses are claimed retrospectively. Mr Reynolds says: “Employees are quite frustrated by the expense management process; they spend their own money, but claiming it back can be arduous and slow, stapling a receipt to a spreadsheet, getting it authorised by a line manager, posting it off to head office. It can take weeks and, if there’s a query on one item, it can delay a whole claim.”
Shifting expense responsibility away from employees
Many companies are surprisingly willing to turn a blind eye. What line manager wants to risk antagonising an otherwise excellent employee by arguing over a few pounds here and there? But not only do the numbers add up surprisingly quickly, but a lumbering expenses process can also have an impact on more than the bottom line.
“Relying on the ‘Bank of Employees’ impacts the perception an employee has of the business. In today’s competitive market for talent, that can be a real issue,” says Paul Raymond, director of strategic relationships at Conferma, a fintech company specialising in virtual payments. He adds that we have to start seeing overinflated claims as an overhead that can be reduced, instead of accepting it as a cost of having employees out on the road.
Technology being developed in the card payment industry can help. Mr Reynolds says companies can see a 30 per cent reduction in travel spending through more efficient systems for charging and reconciling travel claims.
A first step is to have a clear expenses policy, with big-ticket items such as flights or hotels booked through a centrally managed system. A lodge card, where one credit card is lodged with your travel management provider and all expenditure is charged to the card, helps cut fraud, but still requires a lot of post-event reconciliation and offers little individual freedom.
How does a corporate card work?
A corporate card, which pre-sets spending according to the company’s expenses policy, gives a measure of control over those out on the road. Corporate cards offer a high level of granularity as you can control where the card is used by setting merchant codes or when it is used by setting time limits.
Yet, according to Paul Spelman, managing director of AirPlus International, which provides business travel payment solutions, many companies mistakenly still fear abuse. “The misuse spend on corporate cards is just €72 per €1 million,” he says. That may in part be due to the level of oversight; spending can be monitored in real time, so irregular spending patterns can be spotted quickly and the card instantly cancelled.
Some help for companies using physical cards will be provided by new legislation coming in September that will demand two-factor authentication for online purchases of more than €30. Security can be further improved by using mobile payments, which can use a biometric confirmation such as fingerprint or face ID.
“Mobile payments are likely to skyrocket,” says Mr Reynolds. “We all have a phone in our pocket now and you can easily integrate home and work spend through technology.”
Mobile payments cut fraud opportunities
The most secure solution for many companies is the virtual card, which is a digital online purchase process that links back to a single central account. Each single-use “card” is simply a 16-number code that is used in the same way as a physical card, but with precisely targeted limits, such as a spending limit of between £300 and £380, between September 10 and 14 on a hotel, for example.
Virtual cards can be easily linked to back-office systems and cannot be stolen or used for anything other than what they are intended for.
“It makes the whole process about as secure as you can get,” says John Makin, chief information security officer at Conferma. “All the data is available centrally and you can see exactly what’s being spent and where.
“You don’t have to carry a card or cash. You can push a virtual card to a mobile device. The trick is to make it easy to use, then an employee doesn’t have the ability to behave inappropriately.”
How big is the problem?
Employee fraud is big business. Last August, Action Fraud, the UK’s national fraud and cybercrime reporting centre, revealed businesses reported £88 million in losses from corporate employee fraud in 2017-18, more than double the reported £40 million lost
Of course, travel and subsistence is only one way for a crooked employee to defraud a company. Although, according to the US Association of Certified Fraud Examiners’ 2018 Report to the Nations, expense reimbursement fraud accounted for nearly a quarter (21 per cent) of fraud in small businesses with fewer than 100 employees and 11 per cent in large businesses with 100 or more employees.
But the surge in Action Fraud’s numbers suggests companies are not only finally taking employee fraud more seriously, but also getting much better at detecting it and prosecuting. In total, businesses submitted more than 1,400 reports to the police about corporate employee fraud in 2017-18, a rise of 76 per cent on the previous year.
The average loss per report in 2017-18 exceeded £62,000, up from £50,000 in the previous year. Action Fraud says nearly one in five businesses have been defrauded by an employee at some point.