Are Canadian businesses over-confident about their ability to stop all kinds of fraud? Yes, says a tax and business consulting firm after surveying owners or executives of a range of companies.
There could be a “dangerous combination of overconfidence and naiveté when it comes to fraud detection and prevention,” MNP LLP said in releasing survey results last week.
The online survey in January of two groups — 1,000 small business owners of firms up to 99 employees, and 100 C-suite execs of larger companies — found that half of respondents either suspect or know for certain that their business has experienced fraud or scams in the last year. But also an overwhelming majority (eight in 10) were confident in their organization’s ability to prevent such incidents. Another almost 90 per cent feel at least somewhat equipped to deal with it.
Survey respondents were twice as likely to identify fraud as a serious issue in the wider industry in which they work than in their own place of business.
Nearly 60 per cent of respondents said they either suspect or know for certain that they were victimized by external hackers in the last year. Of the C-suite respondents, half indicated that they know for sure they experienced a breach.
At the same time eight in ten of all respondents were confident their business can prevent an external online hacker attempting to obtain or block access to confidential information. An overwhelming majority (93 per cent) of survey respondents feel confident that they are effectively protecting customer data
“This kind of ‘it won’t happen to me’ optimism puts the advantage in the hands of criminals and makes Canadian businesses tremendously vulnerable,” says Greg Draper, who leads a national team of specialists at MNP in workplace fraud mitigation. “The reality is that no organization is immune from either internal or external fraud.”
Draper adds there is a “giant denial” among Canadian businesses when it comes to preventing fraud. Two thirds of survey respondents describe their businesses attitude to fraud and scams as proactive.
“Often times we see businesses who come to us after they have been compromised but they don’t know how or why it has happened,” says Draper. “They may have had security awareness and fraud training processes in place but sophisticated scammers or even internal employees can find points of vulnerability. They realize they were not as equipped to deal with it after the dollars go out the door.”
Among the findings:
–Confidence in businesses’ ability to detect fraud and scams is high, though nearly one in four say they aren’t confident about detecting external threats from online hackers. Forty per cent are ‘very confident’, leaving 60 per cent recognizing there’s room for improvement;
–The vast majority claim they are confident their business can prevent frauds and scams from internal sources like internal employees creating false business transactions (86 per cent), an internal employee stealing money or materials (84 per cent) or an internal employee stealing confidential business data (81 per cent). Confidence is slightly weaker in the face of external fraud sources like external online hackers but still eight in ten (80 per cent) say they are confident in their business’ ability to prevent this type of threat.