Most small business owners don’t expect to become fraud victims and they often don’t know which fraud threats to guard against. But criminals know that small businesses usually make the easiest targets, so every small-business owner should have a clear understanding of the fraud landscape. Here are three major types of fraud and how to protect your business.
Insider fraud risks for small businesses
Insider fraud – – a scheme perpetrated by a company’s employees – is what many business owners are most concerned about. It’s not the most common type of fraud that small online businesses face, but it does happen and can be very expensive.
The median loss for a single case of occupational fraud is $150,000, according to 2016 figures from the Association of Certified Fraud Examiners. That figure is accurate for small businesses as well as enterprises, and in more than 8% of cases, the victim companies were also required to pay a fine for allowing the fraud to go undetected. Those numbers mean SMBs are at disproportionate financial risk from insider fraud like check tampering, payroll falsification, skimming, and simply stealing cash.
Resources to fight insider fraud
- No matter how few employees your company has, these fraud controls are important:
- Regular reconciliation of your books and payroll records
- A way for employees to report suspected fraud
- Proper employee training
- Random checks of accounts and payroll records
You may also decide to hire an outside accountant and payroll service rather than letting in-house employees handle those tasks. The Small Business Administration recommends purchasing business fraud insurance to protect you from occupational fraud losses.
Point-of-sale fraud risks for small businesses
Many SMB owners remember the days when a counterfeited mag-stripe credit card or a falsified paper check were big risks for point-of-sale transactions. These days, real-time check verification and the EMV liability shift have made it harder for crooks to use those tools. But EMV card-fraud liability protection only helps your business if your POS terminals are EMV compliant.
More than a year after the changeover in the US, only 38% of stores have switched to chip-card terminals, meaning that they are financially liable for any POS card fraud that happens in their stores. And as more businesses adopt EMV terminals, the remaining unprotected merchants become bigger targets for POS fraudsters.
Resources to fight SMB point-of-sale fraud
If your business is not yet EMV compliant, make compliance a priority, especially if you’ve been hit with POS fraud recently. Once you have EMV-compliant equipment and follow the card companies’ transaction security guidelines, your business is no longer liable for card fraud that takes place on your terminals.
E-commerce fraud risks for small businesses
As POS fraud tools have improved, fraudsters have shifted their focus on businesses that sell online. Typical scams include purchases made with stolen credit card numbers and “friendly fraud” orders placed by customers using their own payment data. In both cases, the transaction ends up being charged back to the merchant, either by the victim of the card theft or the “friendly” customer. E-commerce fraud costs online retailers more than 7% of their revenue, according to Javelin Strategy, in part because lost revenue isn’t the only cost of online fraud.
Why is online fraud so damaging? When a merchant falls victim to a fraudulent chargeback, they also pay a chargeback fee to their payment processor. Too many chargebacks can raise the merchant’s chargeback ratio, which leads to higher processing costs and potential account cancellation if the ratio rises too high or too fast.
As if that’s not enough, online fraud causes another kind of even more costly damage: false declines. Many times, online retailers tighten up fraud screening after a spate of losses, but they use an incomplete tool set or inflexible rules that end up screening out valid orders placed by real customers. In 2016, Business Insider reported that US merchants were on track to falsely decline more than $8.6 billion worth of valid orders. The cost of verified fraud during that time? $6.5 billion. To add insult to injury, nearly 1/3 of falsely declined customers choose never to shop with that merchant again – meaning every false decline costs you not just a transaction but the entire potential lifetime value (LTV) of that customer.
Resources to fight ecommerce fraud and chargebacks
Online fraud is a complex, hard to detect and constantly evolving type of crime with serious business consequences. Just as a small business may decide to rely on the expertise of an outside CPA and payroll processor, working with an independent fraud protection service may be the most time- and cost-effective option. The ideal fraud protection service will offer the latest technological tools to continually refine digital screening parameters, human intelligence and skilled customer service to reduce false declines, and a guarantee that the merchant won’t be liable for any fraudulent chargebacks that occur.
Setting up fraud controls and finding reliable outside providers takes time, something many small business owners don’t have enough of. But protecting your business from insider, point-of-sale and e-commerce fraud is a worthwhile and necessary investment.
Rafael Lourenco is the VP of US Operations at ClearSale, a Card-Not-Present fraud prevention operation that protects e-commerce merchants against chargebacks. The company’s flagship product, Total Guaranteed Protection, is an end-to-end outsourced fraud detection solution for online retailers. Follow on twitter at @ClearSaleUS or visit http://clear.sale/