March 2022
It is often said that “desperate times lead to desperate measures” and in times of financial hardship, there always seem to be plenty people who will take advantage of a situation to the detriment of others. One often reads about theft of money through fraud or other means, and given the financial challenges that we see all around us at the moment, it would not be surprising to think that more businesses will suffer loss through no direct fault of their own.
One common definition of theft is taking something without consent of the owner with the intent of depriving such owner of that property permanently, whilst fraud might be described as either wrongful or criminal deception which is intended to provide financial gain to the fraudster.
Many readers are familiar with reports of those who have lost money through so-called pyramid schemes e.g. Ponzi scheme, an overseas contact offering a substantial sum of money arising from a newly-identified inheritance, companies selling a product that is knowingly unfit for purpose and profiting from other people’s ignorance, or “boiler-room scams” where unscrupulous salesmen would sell fictitious investments for what appeared to be amazing financial returns. These still happen but tend to be dwarfed by the gains to be made by more modern cyber-orientated fraud.
Howsoever perpetrated, any type of fraud sucks cash from a business in an unintended way. Based upon the traditional view that cash is the lifeblood of any business, financial failure is often the result of a company that has been defrauded because of the cash loss sustained.
Of course, fraud can occur internally when, for example, someone with access to the bank account seeks to embezzle monies to fund a personal lifestyle choice. One of the problems with embezzlement is that, for the thief, it tends to be relatively short term and the person has to become ever more creative in attempts to cover the theft. Former employees are often able to extract cash from a company e.g. where a former employee is perhaps aggrieved at the way in which employment terminated and their password and other security measures were not cancelled when they left.
Some examples of bounce-back loan fraud have already been reported in the media e.g. directors claiming cash through the Covid-19 scheme and then withdrawing the money to use for personal purposes. For some companies, this has been hard to spot because the person responsible for the bounce-back claim has been the beneficiary of the loan proceeds. Howsoever it occurs, it is stealing from the taxpayer. Last month, The Rating (Coronavirus) and Directors Disqualification (Dissolved Companies) Bill came into force which means that a director who claims a bounce-back loan and uses it for improper purposes, may find himself on the wrong side of an Insolvency Service investigation even after the company has been dissolved : no escape ! Diverting money from the primary business purpose may well lead to financial collapse and the liquidator reporting a director’s conduct to the director disqualification unit.
A professional firm might experience a financial challenge when those involved with the finance function seek to borrow from client accounts e.g. to fund a gambling or drug habit, leaving the other partners to reimburse the client account from their own resources in order to avoid financial collapse of the firm and/or a forensic visit from their governing body. In some cases, a fraud is identified before it causes financial distress, but the reputational issues can be such that there is a long term loss of clients and fee income.
Cyber crime can affect anyone. We now read regularly of a large ransom being demanded by a cyber-criminal who has encrypted the target company’s computer system and won’t allow access to the data without payment. One risk in refusing to pay is the destruction of the computer system and loss of data, whilst another is the concern that confidential information could be circulated publicly e.g. over the internet. Even trying to pay a ransom may cripple a company and result in an insolvency event.
Consider a professional firm being held to cyber-ransom. Imagine the disastrous scenario of a law firm’s clients being published on the internet together with all of their personal details, or an accountant’s client bank being made available on the internet which shows each person’s income disclosed to HMRC. A negligence claim alone could signal the demise of such professional practice and thus, if possible, a ransom is paid in order to steady the ship. When cash flow is throttled, even the most healthy of businesses can become subject to a formal insolvency process : hard to accept if one has been running a business successfully for many years and finds that fraud is the cause of closure.
Every business should have the most robust defences available against both internal and external fraud, but when that proves insufficient protection and financial failure occurs, the insolvency practitioner will work with the company, police and other relevant authorities in order to try and recover the money. However, by that time the damage has been done and the business will have closed.
It is never too early to review internal procedures and IT protocols. If you don’t and leave a window of opportunity either the casual thief or the sophisticated fraudster will find a way to cause you financial distress………and perhaps even business collapse.
The views in this article are those of Michael J M Reid, licensed insolvency practitioner and partner of Meston Reid & Co, chartered accountants, Aberdeen. They do not purport to represent those of the firm in general.